After a significant cyber incident that disrupts business operations, organizations often take steps to improve their cybersecurity and resilience, which sometimes includes switching cybersecurity providers. The recent massive global outage caused by a faulty CrowdStrike sensor update has had this exact impact on many companies in Germany. According to a report by the German Federal Office for Information Security (BSI) and Germany's digital association Bitkom, this outage has caused many organizations to reconsider their cybersecurity strategies and partners.
On Saturday, MoneyGram revealed on social media that a network outage was disrupting several of its systems. By Monday, the company acknowledged it was dealing with a cybersecurity breach affecting certain systems.
On September 16, 2024, DeltaPrime, a notable decentralized finance (DeFi) platform, announced a significant security breach on its Arbitrum-based protocol, DeltaPrime Blue. The cyberattack, which took place around 6:14 AM CET, resulted in the loss of approximately $5.98 million. DeltaPrime revealed that the exploit was due to a compromised private key.
SpyCloud's latest research highlights the growing threat of infostealers—malware designed to steal digital identity data, login credentials, and session cookies. According to the report, infostealers were involved in 61% of all data breaches in the past year, resulting in the theft of 343.78 million credentials. This data often ends up on the dark web, fueling further attacks. Alarmingly, one in five individuals has been affected by an infostealer infection, each exposing 10-25 third-party business application credentials, creating opportunities for ransomware operators to exploit.
Mastercard has announced a significant expansion of its cybersecurity services by acquiring global threat intelligence company Recorded Future for $2.65 billion from Insight Partners. This move aims to enhance the tools and insights necessary to secure the digital economy, not just within the payments ecosystem but across various industries.
The FBI, Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense Cyber Crime Center (DC3) have issued a joint Cybersecurity Advisory (CSA) to alert network defenders that Iran-based cyber actors continue to target organizations in the U.S. and abroad as of August 2024. These attacks have impacted a wide range of sectors, including education, finance, healthcare, defense, and local governments in the U.S., as well as organizations in Israel, Azerbaijan, and the United Arab Emirates.
The White House’s cybersecurity office is urging network operators to bolster the security of the Border Gateway Protocol (BGP), a crucial yet vulnerable technology that routes internet traffic.
In a startling development in the cybersecurity landscape, researchers have uncovered a highly sophisticated malware campaign, aptly named "Voldemort," that has already compromised over 70 organizations worldwide. This campaign, distinguished by its advanced techniques and stealthy execution, is believed to be primarily focused on espionage and intelligence gathering rather than financial theft.