Security News

Filter by:

BreachForums v1 database leak is an OPSEC test for hackers

The entire database for the notorious BreachForums v1 hacking forum was released on Telegram Tuesday night, exposing a treasure trove of data, including members' information, private messages, cryptocurrency addresses, and every post on the forum. [...]
Bleepingcomputer 24 Jul 2024 2221 Views

CrowdStrike: 'Content Validator' bug let faulty update pass checks

CrowdStrike released a Preliminary Post Incident Review (PIR) on the faulty Falcon update explaining that a bug allowed bad data to pass its Content Validator and cause millions of Windows systems to crash on July 19, 2024. [...]
Bleepingcomputer 24 Jul 2024 2264 Views

Goodbye? Attackers Can Bypass 'Windows Hello' Strong Authentication

Accenture researcher undercut WHfB's default authentication using open source Evilginx adversary-in-the-middle (AitM) reverse-proxy attack framework.
Dark Reading 24 Jul 2024 2496 Views

Likely eCrime Actor Uses Filenames Capitalizing on July 19, 2024, Falcon Sensor Content Issues in Operation Targeting LATAM-Based CrowdStrike Customers

On July 19, 2024, an issue present in a single content update for the CrowdStrike Falcon® sensor impacting Windows operating systems was identified, and a fix was deployed. [...]
CrowdStrike 24 Jul 2024 2500 Views

Lumma Stealer Packed with CypherIt Distributed Using Falcon Sensor Update Phishing Lure

On July 23, 2024, CrowdStrike Intelligence identified the phishing domain crowdstrike-office365[.]com, which impersonates CrowdStrike and delivers malicious ZIP and RAR files containing a Microsoft Installer (MSI) loader. The loader ultimately executes Lumma Stealer packed with CypherIt...
CrowdStrike 24 Jul 2024 2409 Views

Threat Actor Distributes Python-Based Information Stealer Using a Fake Falcon Sensor Update Lure

On July 23, 2024, CrowdStrike Intelligence identified a malicious ZIP file containing a Python-based information stealer now tracked as Connecio. [...]
CrowdStrike 24 Jul 2024 2025 Views

Cybercriminals Exploit CrowdStrike Outage Chaos

Cybercriminals are leveraging the ongoing mass global IT outage to launch phishing campaigns, according to reports. [...]
CrowdStrike 23 Jul 2024 1908 Views

Threat Actor Uses Fake CrowdStrike Recovery Manual to Deliver Unidentified Stealer

On July 22, 2024, CrowdStrike Intelligence identified a Word document containing macros that download an unidentified stealer now tracked as Daolpu. The document impersonates a Microsoft recovery manual.1 Initial analysis suggests the activity is likely criminal. [...]
CrowdStrike 23 Jul 2024 2248 Views

Fake CrowdStrike fixes target companies with malware, data wipers

Threat actors are exploiting the massive business disruption from CrowdStrike's glitchy update on Friday to target companies with data wipers and remote access tools.
Bleeping Computer 22 Jul 2024 2511 Views

Falcon Sensor Content Issue from July 19, 2024, Likely Used to Target CrowdStrike Customers

On July 19, 2024, an issue present in a single content update for the CrowdStrike Falcon® sensor impacting Windows operating systems was identified, and a fix was deployed.
CrowdStrike 22 Jul 2024 2441 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY