Security Bulletin

Intrusions involved the use of the domain, crowdstrike-office365[.]com, to lure users into downloading a recovery tool purportedly addressing update-related boot loop issues but delivers a malware loader.

Attacks against defense and government organizations worldwide have enabled APT45 to steal information regarding missiles and missile defense systems, nuclear power plants, radar systems, fighter aircraft and unmanned aerial vehicles, and satellites...

Ransoms extorted by Rim and his co-conspirators from healthcare providers across the U.S. have been leveraged to support additional attacks against the country's government organizations and foreign defense contractors.

Some simple PowerShell scripts might deliver nasty content if executed by the target. I found a very simple one (with a low VT score of 8/65):

Authorities expect even more API attacks on businesses working the Summer Olympics in Paris this year – here’s how to mitigate the impact.

A 2024. 30. hetére vonatkozó hírválogatás, amely az NBSZ NKI által 2024.07.19. és 2024.07.25. között kezelt incidensek statisztikai adatait is tartalmazza.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The high-severity vulnerability could enable denial of service, code execution and privilege escalation.

Mimecast's acquisition of Code42 helps the company move into insider risk management, joining key rival Proofpoint and others in the space.

CrowdStrike CEO Kurtz majority of systems back online and he is "deeply sorry" for those still impacted.

The fake updates are part of a phishing and fraud surge that is both more voluminous and more targeted that the usual activity around national news stories.