Security News

Shuffle is an open-source automation platform designed by and for security professionals. While security operations are inherently complex, Shuffle simplifies the process.

Cybersecurity researchers have discovered a new Linux variant of a ransomware strain known as Play that's designed to target VMWare ESXi environments. Manufacturing, professional services, construction, IT, retail, financial services, transportation, media, legal services, and real estate are some of the top industries affected by the Play ransomware during the time period.

Infosec in brief Unable to access the Samsung smartphone of the deceased Trump shooter for clues, the FBI turned to a familiar - if controversial - source to achieve its goal: digital forensics tools vendor Cellebrite. Cellebrite has been used for years by law enforcement to break into locked smartphones.

Digitalization has evolved into a systemic risk for organizations - and cyber insurers. With the global cost of cybercrime skyrocketing, something has to change.

ESET Research has discovered a sophisticated Chinese browser injector: a signed, vulnerable, ad-injecting driver from a mysterious Chinese company. An attacker with a non-privileged account could leverage the vulnerable driver to obtain SYSTEM privileges or inject libraries into remote processes to cause further damage, all while using a legitimate and signed driver.

Microsoft has released a custom WinPE recovery tool to find and remove the faulty CrowdStrike update that crashed an estimated 8.5 million Windows devices on Friday. [...]

CrowdStrike's now-infamous Falcon Sensor software, which last week led to widespread outages of Windows-powered computers, has also caused crashes of Linux machines. A second issue titled "System crashed at cshook network ops inet6 sockraw release+0x171a9" advised users "For assistance with troubleshooting potential issues with the falcon lsm serviceable kernel module provided from the CrowdStrike Falcon Sensor/Agent security software suite." Red Hat also advised that "Disabling the CrowdStrike Falcon Sensor/Agent software suite will mitigate the crashes and provide temporary stability to the system in question while the issue is investigated." The issue was "Observed but not limited to release 6 and 7.".

Threat actors are exploiting the massive business disruption from CrowdStrike's glitchy update on Friday to target companies with data wipers and remote access tools. [...]

Threat actors are exploiting the massive business disruption from CrowdStrike's glitchy update on Friday to target companies with data wipers and remote access tools. In an update today, CrowdStrike says that it "Is actively assisting customers" impacted by the recent content update that crashed millions of Windows hosts worldwide.

Faulty CrowdStrike update takes out Windows machines worldwideThousands and possibly millions of Windows computers and servers worldwide have been made inoperable by a faulty update of Crowdstrike Falcon Sensors, and the outage affected transport, broadcast, financial, retail and other organizations in Europe, Australia, the US and elsewhere. Critical Splunk flaw can be exploited to grab passwordsA recently fixed vulnerability affecting Splunk Enterprise on Windows "Is more severe than it initially appeared," according to SonicWall's threat researchers.