Security News

Redmond shared a technical incident response write-up on Saturday - titled "Windows Security best practices for integrating and managing security tools" - in which veep for enterprise and OS security David Weston explained how Microsoft measured the impact of the disaster: By accessing crash reports shared by customers. Weston's post justifies how Windows performed, on the grounds that kernel-level drivers - like those employed by CrowdStrike - can improve performance and prevent tampering with security software.

Microsoft has admitted that its estimate of 8.5 million machines crashed by CrowdStrike's faulty software update was almost certainly too low, and vowed to reduce infosec vendors' reliance on the kernel drivers at the heart of the issue. Redmond posted an incident response blog on Saturday - titled "Windows Security best practices for integrating and managing security tools" - in which veep for enterprise and OS security David Weston explained how Microsoft measured the impact of the incident: by accessing crash reports shared by customers.

Unknown threat actors have been observed leveraging open-source tools as part of a suspected cyber espionage campaign targeting global government and private sector organizations. Recorded Future's Insikt Group is tracking the activity under the temporary moniker TAG-100, noting that the adversary likely compromised organizations in at least ten countries across Africa, Asia, North America, South America, and Oceania, including two unnamed Asia-Pacific intergovernmental organizations.

If you're ready to learn how GRC software can enhance your business's risk and compliance operations, you've come to the right place. This article compares the top GRC tools available in 2024.

Over the past six months, there has been a notable surge in Android financial threats - malware targeting victims' mobile banking funds, whether in the form of 'traditional' banking malware or, more recently, cryptostealers, according to ESET. Vidar infostealer targets Windows users. Infostealing malware can now be found impersonating generative AI tools, and new mobile malware GoldPickaxe is capable of stealing facial recognition data to create deepfake videos used by the malware's operators to authenticate fraudulent financial transactions.

Highlights Complex Tool Landscape: Explore the wide array of cybersecurity tools used by MSPs, highlighting the common challenge of managing multiple systems that may overlap in functionality but...

It includes future package compatibility for 32-bit platforms, improvements to GNOME 46 and Xfce, and 18 new tools. Kali 2024.2 introduces GNOME 46, offering a refined experience that builds on the enhancements from previous versions.

Kali Linux has released version 2024.2, the first version of 2024, with eighteen new tools and fixes for the Y2038 bug.As is typical for the year's first version, the Kali Team has released new visual elements, including wallpapers and updates to the boot menu and login display.

Cisco's acquisition of Splunk is playing out with a new full-stack observability product, the Unified Observability Experience, Cisco announced at the Cisco Live conference on June 5. As part of the same suite of conference announcements, Cisco also showed off the initial availability of a free trial version of Motific, a generative AI delivery platform made in concert with Mistral AI. Unified Observability Experience creates easy connections between AppDynamics and Splunk Platform.

Free, open-source cybersecurity tools have become indispensable to protecting individuals, organizations, and critical infrastructure from cyber threats. Cloud Console Cartographer: Open-source tool helps security teams transcribe log activity.