EDPO (European Data Protection Office)’s Post

DYK: Wow Development Quality Assurance so Testing: CyberSecurity: is must: SAN FRANCISCO, July 19 (Reuters) - Security experts said CrowdStrike's (CRWD.O), opens new tab routine update of its widely used cybersecurity software, which caused clients' computer systems to crash globally on Friday, apparently did not undergo adequate quality checks before it was deployed. The latest version of its Falcon sensor software was meant to make CrowdStrike clients' systems more secure against hacking by updating the threats it defends against. But faulty code in the update files resulted in one of the most widespread tech outages in recent years for companies using Microsoft's (MSFT.O), opens new tab Windows operating system. https://lnkd.in/dzWafF-B

Legacy systems are not immune to attacks just because they are old or forgotten! Hackers will abuse the lack of security coverage to escalate privileges and exploit data within these old systems. Remember to keep your software and hardware up-to-date and in service! #cybersecurityawareness #Microsoft #MidnightBlizzard #APT29 #Nobelium #ActiveDirectory #AD #mfa #vulnerabilityscanning #zeroday #policyenforcement #scanning #hackers #passwordspraying The Hacker News https://lnkd.in/d8E4hjyc

At Bastionne, we've developed Bastionne Sdi, a robust endpoint security solution known as secure digital interaction. Our technology establishes an impervious network connection that remains unbreachable and uncompromised. Curious about its security? We invite you to take on the challenge and attempt to breach a Bastionne secure network. We dare you. #cybersecurity #hacker #ICScybersecurity www.bastionne.com/hack

CyberProtonics' quantum-resistant encryption works seamlessly with existing VPNs and security solutions to add a layer of protection and protect when these types of breaches happen, to render data useless to hackers. get more info at www.cyperprotonics.com #cyberattacks #databreach #quantumcomputing #vpn

#Cybersecurity professionals: If you saw a "high" rather than "critical" security advisory from #SolarWinds and no sign of it being exploited in the wild, do NOT rest easy. It deserves prompt attention. Hussein Daher, the security researcher who identified the bug in SolarWinds file transfer software told The Stack that it is "incredibly easy [to exploit]; unauthenticated; one single request – no chain" and security researchers at Rapid7 agreed, saying they expect attacks to follow. Patches are available. https://lnkd.in/ekeddH4C

Major IT issues around the globe with the CrowdStrike outage!!! If you or your business has been affected then maybe its time to have a refresh on your Cyber Security strategy and practices. Please reach out and see what Logiq can do for you:- #logiqconsulting #DISX #cybersecurity

The XZ Backdoor Attack   Hi everyone,   Last week something important happened in the cybersecurity world called the "XZ backdoor". I want to share what it is, how it happened and why we should all take a moment to understand its importance as simply as possible.   What is the XZ backdoor? Basically someone who contributed to the open source Linux world added in the "XZ Utils" package a security flaw, which allowed an attacker to gain control over the SSH protocol (used to manage almost every server in the world).   In a few words, imagine if someone secretly made an extra key to your house and could get in whenever they wanted without you knowing about it. The XZ backdoor is similar, but it occurs on computers and online services. It's a hidden way for hackers to get into systems and access information they shouldn't have.   They realized because someone noticed that it took 0.8 seconds to log into their server instead of the usual 0.3, so this person started investigating what was going on.   And here's the key. This time someone noticed. But it is a well-known behavior that many intelligence agencies, cybercriminal groups, etc. contribute to open source just to put some minor but powerful backdoors there that they can use in the future.   Can you imagine how much money someone would pay to access any server in the world?   This is something that happened in the past and will happen again in the future.   Even if we are not tech experts, understanding these incidents helps us to better protect ourselves. We don't need to be afraid, but being informed means we can take smarter steps to protect ourselves.   And also, please be patient with the cybersecurity department in your company. We all know how annoying the extra steps, limitations, and any and all things they force us to do are.   But they do it to protect all of us.   Have a great week. #DigitalSafety #InfoSec #OnlineSecurity #DataProtection #TechNews

The recent arrest of an individual believed to be a key player in the Conti and LockBit ransomware attacks showcases the persistent cloud security threats businesses encounter daily. It underscores the crucial need for robust cybersecurity measures within the public cloud landscape. 1. Threat Intelligence: Stay current with the latest cybersecurity threats, attackers, and their methodologies. Implement a proactive approach to identifying possible risks. 2. Employee Training: Educate employees about the dangers of phishing, social engineering, and other common attack vectors. Encourage secure practices. 3. Regular Updates: Keep software, systems, and applications updated to protect against known vulnerabilities which ransomware often exploits. #CyberSecurity #CloudThreats #Ransomware #DataProtection #ThreatIntelligence

Russian Hackers Breach Microsoft’s “Keys to the Kingdom” SecureSphere (NZ) has been following this story with interest to see where it goes, and unfortunately the news only keeps getting worse. Although Microsoft has said that any customer-facing systems haven't been affected along with day-to-day operations at Microsoft, the news that the hackers may have taken source code alongside cryptographic secrets such as passwords, certificates, and authentication keys, is very concerning. Due to the nature of the hack and the possible information stolen, it will affect not just businesses / corporates but also home users. SecureSphere (NZ) is continuing to follow this event and any fall-out from it. https://lnkd.in/gjemApkV #cybersecurity #cybersecurityawareness #hacking #cyberbreach

Were you impacted by the CrowdStrike outage? Unsure of what to do next? Our expert security team is here to provide guidance and support in finding the right solution for your business. Let us help you navigate through the options. #CyberSecurity #DataProtection #SecuritySolutions #ITSupport