Week in review: CrowdStrike-triggered outage insights, recovery, and measuring cybersecurity ROI


Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update
By now, most people are aware of – or have been personally affected by – the largest IT outage the world have ever witnessed, courtesy of a defective update for Crowdstrike Falcon Sensors that threw Windows hosts into a blue-screen-of-death (BSOD) loop.

Vulnerability in Telegram app for Android allows sending malicious files disguised as videos
ESET researchers discovered a zero-day exploit, which targets the Telegram app for Android, that appeared for sale for an unspecified price in an underground forum post from June 2024.

CrowdStrike blames buggy testing software for disastrous update
A bug in the Content Validator – a software element CrowdStrike relies on for testing and validating Rapid Response Content updates for its Falcon Sensors – is (partly) why the faulty update wasn’t caught in time, the company said.

Learning from CrowdStrike’s quality assurance failures
CrowdStrike has released a preliminary Post Incident Review (PIR) of how the flawed Falcon Sensor update made its way to millions of Windows systems and pushed them into a “Blue Screen of Death” loop.

Cloud security threats CISOs need to know about
In this Help Net Security interview, Ava Chawla, Head of Cloud Security at AlgoSec, discusses the most significant cloud security threats CISOs must be aware of in 2024.

Cybersecurity ROI: Top metrics and KPIs
In this Help Net Security interview, Karthik Swarnam, Chief Security and Trust Officer at ArmorCode, discusses key metrics and KPIs to measure cybersecurity ROI.

Confidential AI: Enabling secure processing of sensitive data
In this Help Net Security interview, Anand Pashupathy, VP & GM, Security Software & Services Division at Intel, explains how Intel’s approach to confidential computing, particularly at the silicon level, enhances data protection for AI applications and how collaborations with technology leaders like Google Cloud, Microsoft, and Nvidia contribute to the security of AI solutions.

Cross-industry standards for data provenance in AI
In this Help Net Security interview, Saira Jesani, Executive Director of the Data & Trust Alliance, discusses the role of data provenance in AI trustworthiness and its impact on AI models’ performance and reliability.

Shuffle Automation: Open-source security automation platform
Shuffle is an open-source automation platform designed by and for security professionals.

Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
Progress Software has fixed a critical vulnerability (CVE-2024-6327) in its Telerik Report Server solution and is urging users to upgrade as soon as possible.

Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
A critical-severity Docker Engine vulnerability (CVE-2024-41110) may be exploited by attackers to bypass authorization plugins (AuthZ) via specially crafted API request, allowing them to perform unauthorized actions, including privilege escalation.

Network of ghost GitHub accounts successfully distributes malware
Check Point researchers have unearthed an extensive network of GitHub accounts that they believe provides malware and phishing link Distribution-as-a-Service.

The changes in the cyber threat landscape in the last 12 months
When it comes to the cyber threat landscape, change is the only constant: the inevitable interplay between cybercriminals and law enforcement agencies makes it inevitable.

How CISOs enable ITDR approach through the principle of least privilege
Somewhere, right now, a CISO is in a boardroom making their best case for stronger identity threat detection and response (ITDR) initiatives to lower the risk of intrusion.

Despite economic uncertainty, organizations are prioritizing SaaS security investments
In this Help Net Security video, Maor Bin, CEO and Co-Founder of Adaptive Shield, discusses the key findings of their recent annual SaaS Security Survey Report, conducted in partnership with the Cloud Security Alliance (CSA).

Cybersecurity jobs available right now: July 24, 2024
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.

The CISO’s approach to AI: Balancing transformation with trust
As organizations increasingly adopt third-party AI tools to streamline operations and gain a competitive edge, they also invite a host of new risks.

Researchers expose GitHub Actions workflows as risky and exploitable
In this Help Net Security video, Roy Blit, Head of Research at Legit Security, discusses a new Legit Security State of GitHub Actions Security report.

Infisical: Open-source secret management platform
Infisical is an open-source secret management platform developers use to centralize application configurations and secrets, such as API keys and database credentials, while also managing their internal PKI.

Cyber insurance 2.0: The systemic changes required for future security
In this Help Net Security video, Vishaal Hariprasad, CEO at Resilience, discusses how cyber insurance needs to evolve to prepare companies better to manage their cyber risk.

Infisical: Open-source secret management platform
Infisical is an open-source secret management platform developers use to centralize application configurations and secrets, such as API keys and database credentials, while also managing their internal PKI.

Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver
ESET Research has discovered a sophisticated Chinese browser injector: a signed, vulnerable, ad-injecting driver from a mysterious Chinese company.

10 fintech companies to watch in 2024
Amidst economic pressures and fierce competition across nearly all sectors, fintech vendors must prioritize solutions that address critical pain points and deliver tangible benefits rather than relying on speculative advancements. Here’s our list of 10 companies with big plans.

New infosec products of the week: July 26, 2024
Here’s a look at the most interesting products from the past week, featuring releases from GitGuardian, LOKKER, Permit.io, Secure Code Warrior, and Strata Identity.



Source link