Quotidien Shaarli

I want to sincerely apologize directly to all of you for today’s outage. All of CrowdStrike understands the gravity and impact of the situation. We quickly identified the issue and deployed a fix, allowing us to focus diligently on restoring customer systems as our highest priority.

The outage was caused by a defect found in a Falcon content update for Windows hosts. Mac and Linux hosts are not impacted. This was not a cyberattack.

The West Midlands Police said U.K. agencies — in coordination with the FBI — arrested a 17-year-old suspect in a breach that upended MGM's operations last year on the Las Vegas Strip.

The leaked April 2024 documents, obtained and verified by 404 Media, show Cellebrite could not unlock a large chunk of modern iPhones.

Cascading and catastrophic IT outages have hit thousands of organizations worldwide after CrowdStrike issued a faulty update in its Falcon Sensor product that caused Windows operating systems to crash.

• In collaboration with Google’s Threat Analysis Group (TAG), Mandiant has observed a sustained campaign by the advanced persistent threat group APT41 targeting and successfully compromising multiple organizations operating within the global shipping and logistics, media and entertainment, technology, and automotive sectors. The majority of organizations were operating in Italy, Spain, Taiwan, Thailand, Turkey, and the United Kingdom.
• APT41 successfully infiltrated and maintained prolonged, unauthorized access to numerous victims' networks since 2023, enabling them to extract sensitive data over an extended period.
• APT41 used a combination of ANTSWORD and BLUEBEAM web shells for the execution of DUSTPAN to execute BEACON backdoor for command-and-control communication. Later in the intrusion, APT41 leveraged DUSTTRAP, which would lead to hands-on keyboard activity. APT41 used publicly available tools SQLULDR2 for copying data from databases and PINEGROVE to exfiltrate data to Microsoft OneDrive

Businesses worldwide are experiencing outages, including Windows "blue screen of death" errors on their computers, in what has already become one of the

Two foreign nationals pleaded guilty today to participating in the LockBit ransomware group—at various times the most prolific ransomware variant in the world—and to deploying LockBit attacks against victims in the United States and worldwide.

An operation labeled TAG-100 by Insikt Group researchers deploys two types of backdoor malware — SparkRAT and Pantegana — that have only been spotted in limited ways previously.

Cisco has fixed a critical severity vulnerability that lets attackers add new users with root privileges and permanently crash Security Email Gateway (SEG) appliances using emails with malicious attachments.

Tracked as CVE-2024-20401, this arbitrary file write security flaw in the SEG content scanning and message filtering features is caused by an absolute path traversal weakness that allows replacing any file on the underlying operating system.