Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week to cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
CrowdStrike is facing legal challenges from both customers and investors following a problematic update that led to widespread system failures on approximately 8.5 million Windows devices. The update, which caused a "Blue Screen of Death" error, affected industries such as aviation and healthcare, with Delta Airlines experiencing significant disruptions and financial losses between $350 million and $500 million. The Plymouth County Retirement Association has filed a class-action lawsuit against CrowdStrike, alleging misleading statements about product reliability. Despite these issues, CrowdStrike's liability might be limited by software licenses and insurance policies.
For more details, you can read the full article here.
By securityweek.com
A ransomware attack has disrupted services for nearly 300 small banks in India by targeting C-Edge Technologies, a key banking technology service provider. This attack, which occurred on July 24, forced banks to suspend ATM and online services, affecting customers across the country. C-Edge Technologies, a banking software provider, handles essential banking operations such as check clearing and online transactions. Authorities are working to restore services, while C-Edge is reportedly collaborating with cybersecurity experts to resolve the issue.
By reuters.com
On July 30, 2024, a subset of Microsoft's global customers experienced connectivity issues with certain services, including Azure App Services, Application Insights, Azure IoT Central, Azure Log Search Alerts, Azure Policy, the Azure portal, and parts of Microsoft 365 and Microsoft Purview. The root cause was an unexpected usage spike stemming from a Distributed Denial-of-Service (DDoS) attack, which resulted in Azure Front Door (AFD) and Azure Content Delivery Network (CDN) components underperforming. Microsoft's initial defense mechanisms against the DDoS attack inadvertently worsened the situation due to an implementation error in their defensive strategy.
After identifying the issue, Microsoft made network configuration changes to bolster DDoS protection. These changes mitigated the majority of the impact, though some customers still faced reduced service availability. An updated approach was adopted to aid the remaining affected customers and, as of 20:48 on July 30th, the issue was reported as fully mitigated.
By azure.status.microsoft.com
A new Android malware named BingoMod has been identified, which can wipe devices after stealing money from victims' bank accounts. The malware is distributed via SMS phishing, posing as a legitimate security app, and is capable of stealing up to 15,000 EUR per transaction. It uses Accessibility Services to gain control, intercepting login credentials and SMS messages. BingoMod's on-device fraud technique uses real-time remote access to bypass security systems. It also has capabilities to remove security apps and wipe data remotely.
You can read more in the full article here.
By bleepingcomputer.com
Google Chrome has introduced app-bound encryption to enhance cookie protection on Windows, addressing vulnerabilities where information-stealing malware could exploit cookies. Unlike the existing Data Protection API, which doesn't safeguard against malicious apps executing code, this new approach tightly binds an app's identity to encrypted data, preventing unauthorized access by other applications. This change, which applies to cookies with Chrome 127, aims to be expanded to other data types. Although beneficial, the update does not support environments with roaming profiles, prompting organizations to adjust accordingly.
By thehackernews.com
Stay Safe, Secure and Healthy!
Edition #280 – 2nd August 2024
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
