If you have any direct connections to #IngramMicro as a vendor, or supply chain partner, might want to check your systems: https://ir.ingrammicro.com/press-releases/detail/945/ingram-micro-issues-statement-regarding-cybersecurity-incident

I heard on a #pod this morning that they claim no customer or other external systems were compromised, and that it seems to be a "vanilla attack" rather than a nation-state (which would have been far worse). Still doesn't hurt to check with your IT teams to see if there are any indirect effects.

#CyberWarefare #Ransomware #Hacking #StayCyberSafe #BeCyberAware

In all seriousness, let's review the facts of the #CrowdStrike situation:

As reported across global news outlets and the internets today, a security company called CrowdStrike caused some chaos. There are cascading impacts across many industries.

We are already seeing external impacts:
 courier service delays (UPS, FedEx, DHL, etc.)
 flight delays/cancellations at the airport
 small business closing for the day
 websites being inaccessible
 hospitals cancelling surgeries/treatments
 municipalities being closed
 government services being delayed
among many other cascading effects that could last days.

While a major inconvenience, the bug has already been resolved within CrowdStrike's system. Recovery will be slow and tedious, especially for larger networks, but the world will recover from this.

What happened? As is being reported, a bug introduced during a routine update of their Falcon EDR software (anti-virus software run by millions and millions of customers) caused what is known as a kernel panic within the Windows operating system - we are seeing this manifest as a "bugcheck error" (aka - the Blue Screen Of Death , or #BSOD) on Windows machines. It does not affect #Apple or #Linux devices. Note: It is NOT a #Microsoft problem.

How can we prevent this? Short answer, WE as users can't. However, this isn't the first time a large global tech vendor has caused major outages across the globe, and it won't be the last.

This is a good example of why you should backup your critical data frequently: whether to an external device, or a cloud storage facility (Google Drive, Dropbox, OneDrive, etc.). You should do this personally as often as you feel is necessary.

For my enterprise admins reading this, I hope you have a solid (and tested) backup methodology in place.

#StayCyberSecure #BeCyberAware

⚠️ #BOLO for a new #Smishing campaign ⚠️

This one leverages #AWS for bulk smishing attacks. The scam often takes the guise of a message from the US Postal Service (#USPS) regarding a missed package delivery. It's a malicious #python script known as #SNSSender

Here's an article with deets: https://thehackernews.com/2024/02/malicious-sns-sender-script-abuses-aws.html?_m=3n%2e009a%2e3281%2evo0ao07ax6%2e2a0q

#CyberAwareness #BeCyberAware #StayCyberSafe

This is a #FunFact (not): #DDoS against Environmental Services Industry surged by 61,839% in 2023. 🤯

As the article notes, I too have noticed a trend for longer and stronger DDoS attacks lately, as well as enhanced sophistication with techniques. A lot of the uptick has to do with the active wars in #Gaza and the #Ukraine, but not all of it.

""This recurring pattern underscores the growing intersection between environmental issues and #cybersecurity, a nexus that is increasingly becoming a focal point for #attackers in the digital age," the researchers said."

#CyberWarfare has been in full effect for a while now, and isn't going anywhere. It will only get worse.

Limit your #DigitalFootprint Make sure your #OpSec is on point at all times. Keep up with #EmergingTechnologies in the space so you can #secure yourself as much as you can. #BeCyberAware #StayCyberSafe

https://thehackernews.com/2024/01/ddos-attacks-on-environmental-services.html

And awaaayyy we go! #5Ghoul is a collection of 14 vulnerabilities that affect #5G modems from a small collection of vendors, which also affect 714 phone models from a dozen manufacturers. We're looking at #DoS attacks and #Downgrade attacks against cell networks and devices running the at-risk #firmware. If properly exploited, I see a cascading effect of failure for personal phones and IoT devices alike, and cell tower modems, resulting in a complete breakdown of #CriticalInfrastructure. Talk about potential for #MassChaos.

Remember, most countries on our planet rely heavily on cellular networks rather than landlines anymore for pretty much everything, including emergency alert systems and OTA data transmission.

I recommend you #CheckForUodates regularly on your phones and tablets to ensure you can be as protected as possible from this, and the millions of other threats, that are circulating out there.

#DontGetPhished #BeCyberAware #StayCyberSecure #CyberWarfare #Hacking

https://thehackernews.com/2023/12/new-5g-modems-flaws-affect-ios-devices.html

Segunda parte del video del hacker

https://youtu.be/BwILBFbGxJM

#HackerAlert #Cybersecurity #OnlineSafety #ProtectYourData #StaySafeOnline #CyberThreats #DigitalSecurity #SecureYourAccounts #StayVigilant #BeCyberAware

#DarkAI is a thing. I've talked about it before, and this article supports every theory I've mentioned over the years. #CyberCriminals are using #GenerativeAI to create sophisticated #BEC campaigns, #NovelMalware, and lowers the entry for new cyber criminals and especially #ScriptKiddies or people with zero technical experience to create and commit malicious fraud campaigns against a much wider swath of targets than ever before. The ONLY way to combat these emerging threats is through user awareness trainings and a #DefenseInDepth approach to your security platform for #EnterpriseSecurity. For yourselves personally - invest in a solid #antivirus solution, whether that's Microsoft's #Defender (consumer version), or a platform like #Avast who is affordable, very good, and works on desktop and mobile. You also want to look into a #VPN to protect your data streams. These DarkAI's aren't here to play, they are here to cause chaos. #BeCyberAware #BeCyberSafe and #DontGetPhished!!

https://www.darkreading.com/application-security/gpt-based-malware-trains-dark-web