IronVest ’s Post

LastPass Charts New Independent Path with Security Vision: https://lnkd.in/er35Edw7

Making good for the global IT environment today. Our tools can detect more than just vulnerabilities

The faulty update from CrowdStrike today caused widespread disruptions, displaying the dreaded 'Blue Screen of Death' and preventing PCs from booting up. "This is similar to a supply chain attack. If an attacker had backdoored such an update to open systems to attacks or to encrypt them, the exact same systems would have been impacted. This is why supply chain attacks and defence has been increasingly important." - Martin Jartelius, Chief Security Officer at Outpost24. Although Outpost24 is unimpacted by this incident, our team is dedicated to helping customers with detection. It’s a long weekend for IT security teams and we have their backs. “This incident serves as a crucial reminder of the importance of the robustness of our security and availability, which hinge on the reliability of our service providers,” said Martin. For more information on the outage, read here: https://gag.gl/WRcbQT #cybersecurity #crowdstrike

The faulty update from CrowdStrike today caused widespread disruptions, displaying the dreaded 'Blue Screen of Death' and preventing PCs from booting up. "This is similar to a supply chain attack. If an attacker had backdoored such an update to open systems to attacks or to encrypt them, the exact same systems would have been impacted. This is why supply chain attacks and defence has been increasingly important." - Martin Jartelius, Chief Security Officer at Outpost24. Although Outpost24 is unimpacted by this incident, our team is dedicated to helping customers with detection. It’s a long weekend for IT security teams and we have their backs. “This incident serves as a crucial reminder of the importance of the robustness of our security and availability, which hinge on the reliability of our service providers,” said Martin. For more information on the outage, read here: https://lnkd.in/eCubVD47 #cybersecurity #crowdstrike

In today’s digital age, businesses of all sizes face increasing risks from cyberattacks. Hackers are constantly evolving their tactics, looking for vulnerabilities to exploit for financial gain, data theft, or simply to cause disruption. Understanding the most common methods hackers use to target businesses is the first step in strengthening your organization’s defenses. https://lnkd.in/gmk8P7Pu Dave Alicia Giovanni Mike Darren Adam David David

The Flipper Zero reveals how insecure our security really is https://lnkd.in/dXt-K2AX

The CrowdStrike incident highlights just how vulnerable our IT infrastructures can be to even seemingly routine updates. It’s a wake-up call for all of us in the cybersecurity field to double down on our efforts to secure the supply chain. The potential for such disruptions to be weaponized is a real and present danger. At Outpost24, we’re dedicated to helping our clients navigate these challenges and maintain robust defenses. This incident serves as a powerful reminder that in cybersecurity, vigilance and preparedness are our best allies.

Combining the words 'Hack' and 'Activism', "Hacktivism" is the act of hacking, or breaking into a computer system, for politically or socially motivated purposes... Ongoing Hacktivist activity threatens operational systems across North America and Europe. See what's going on from 1898 & Co. blog and read the fact sheet below. Key points: 1. CISA, along with the FBI, NSA, and other agencies, has issued a joint fact sheet detailing the threats posed by pro-Russia hacktivists targeting operational technology (OT) systems. 2. The fact sheet highlights how vulnerabilities in internet-exposed OT systems, such as default passwords and outdated software, are being exploited. Recommendations include creating secure DMZs, conducting asset inventories, assessing vulnerabilities, and establishing monitoring mechanisms. 3. OT device manufacturers are urged to eliminate default passwords and implement multifactor authentication. Properly securing OT systems is essential to protect operations in critical infrastructure sectors. https://lnkd.in/ggz7zqED

Cybersecurity researchers at Huntress have claimed LexiCom, VLTransfer, and Harmony were all vulnerable to CVE-2024-50623, an unrestricted file upload and download vulnerability that could lead to remote code execution. All three tools were built by the same company, Cleo, which published a patch for the bug in late October 2024 - however, Huntress claims that the patch doesn’t work well and doesn’t protect the users from threat actors. https://lnkd.in/gMKQQvXu

The attack, from a group security firm Volexity calls GruesomeLarch, shows the boundless lengths well-resourced hackers will go to hack high-value targets, presumably only after earlier hack attempts haven’t worked. When the GruesomeLarch cabal couldn’t get into the target network using easier methods, they hacked a Wi-Fi-enabled device in a nearby building and used it to breach the target’s network next door. After the first neighbor’s network was disinfected, the hackers successfully performed the same attack on a device of a second neighbor. GruesomeLarch performed credential-stuffing attacks that compromised the passwords of several accounts on a web service platform used by the organization's employees. Two-factor authentication enforced on the platform, however, prevented the attackers from compromising the accounts. So GruesomeLarch found devices in physically adjacent locations, compromised them, and used them to probe the target’s Wi-Fi network. It turned out credentials for the compromised web services accounts also worked for accounts on the Wi-Fi network, only no 2FA was required. Adding further flourish, the attackers hacked one of the neighboring Wi-Fi-enabled devices by exploiting what in early 2022 was a zero-day vulnerability in the Microsoft Windows Print Spooler. The 2022 hack demonstrates how a single faulty assumption can undo an otherwise effective defense. For whatever reason—likely an assumption that 2FA on the Wi-Fi network was unnecessary because attacks required close proximity—the target deployed 2FA on the Internet-connecting web services platform (Adair isn’t saying what type) but not on the Wi-Fi network. That one oversight ultimately torpedoed a robust security practice. #APT https://lnkd.in/eqfiFrC6