Security researchers warn that some PC and server manufacturers are using insecure cryptographic keys as the root of trust for Secure Boot, an important security feature in modern computers that prevents malware from injecting itself early into the boot process. One of those keys has been leaked accidentally, potentially breaking Secure Boot guarantees for hundreds of computer models from seven manufacturers. However, almost 900 models produced over the past 12 years are using keys that were likely generated for testing purposes and should have never been used in production, according to a re ..read more

As eye-popping estimates emerge for the cost to enterprises of dealing with aftermath of last week’s CrowdStrike-induced outages, it’s crucial to break down the sources of these expenses and understand how much of the financial burden will be absorbed by cyber insurance. Parametrix, known for its cloud monitoring and insurance solutions, has pegged the total loss for the 25% of Fortune 500 companies affected (excluding Microsoft) at a staggering $5.4 billion. They’ll be covering most of that bill themselves, Parametrix said: “The portion of the loss covered under cyber insurance policies is l ..read more

From the editors of our sister publication Computerworld, this enterprise buyer’s guide helps IT staff understand what the various unified endpoint management (UEM) platforms can do for their organizations and how to choose the right solution ..read more

Empirical evidence shows that global cyber threats have increased twofold in the past few years. The IMF study,“Rising Cyber Threats Pose Serious Concerns for Financial Stability” (the title itself is ominous), outlined $12 billion dollars of losses from 20,000 malicious cyber incidents against the financial sector alone in the past 20 years. Unfortunately, this rising cyber threat environment coincides with a well-documented cyber talent gap. The World Economic Forum, for example, estimates that collectively we are nearly 4 million cyber professionals short for global requirements. The ISC2 ..read more

What is DNSSEC? The Domain Name System Security Extensions (DNSSEC) is a set of specifications that extend the Domain Name System (DNS) protocol by adding cryptographic authentication for responses received from authoritative DNS servers. Its goal is to defend against attack techniques such as DNS spoofing and hijacking attacks that direct computers to rogue websites and servers. Although DNSSEC has already been deployed for many generic and country-level top-level domains (TLDs), adoption at the individual domain level and end-user level has lagged. What is the Domain Name System? The DNS pro ..read more

Open source containerization platform Docker has urged users to patch a critical vulnerability affecting certain versions of the Docker Engine that allows privilege escalation using specially crafted API requests. Tagged as CVE-2024-41110, the vulnerability was first discovered in 2018 and was assigned a CVSS score of 10/10. Although the flaw was fixed by Docker shortly, later versions did not receive the patch, according to a Docker security advisory. “In 2018, a security issue was discovered where an attacker could bypass authorization plugins (AuthZ),” said Docker’s Gabriela Georgia in a b ..read more

The Heritage Foundation’s nearly 1,000-page Project 2025 report is what the conservative DC-based think tank hails as a game plan for Donald Trump to follow in running the US government if he wins in November. Among the thirty-four authors of the document, more than half are appointees and staff from his government, and six are cabinet secretaries from his former administration. All told, more than 140 workers in the Trump administration reportedly had a hand in the Project 2025 report. “It’s no secret that many people in Trump’s orbit were intimately involved with Project 2025,” Lawrence Nor ..read more

A recent global survey noted that CISOs and their organizations may be too reliant on endpoint detection and response (EDR) and extended detection and response (XDR) systems, as attackers are increasingly evaded them. That’s due in part to the fact that evading EDR/XDR systems has been and will continue to be a fundamental requirement for most modern adversaries. “Evasion” has been used generically to describe instances where a defensive response has not been observed. While technically accurate, this lack of specificity hinders cybersecurity professionals from accurately targeting remediatio ..read more

An actively exploited security bypass vulnerability in Microsoft Defender SmartScreen is being exploited in a new stealer campaign to download malicious executables on the victim’s system. Tracked as CVE-2024-21412, the vulnerability allows threat actors to bypass SmartScreen warnings using specially crafted internet shortcut files, leading to the execution of malware without user intervention. “FortiGuard Labs has observed a stealer campaign spreading multiple files that exploit CVE-2024-21412 to download malicious executable files,” Fortinet’s threat intelligence and research arm, said in a ..read more

CrowdStrike has blamed a hole in its testing software for the release of a defective content update that hobbled millions of Windows computers worldwide on Friday, July 19. The hole caused CrowdStrike’s Content Validator tool to miss a flaw in an update for the security vendor’s Falcon Sensor endpoint protection technology, causing Windows machines that received the update to crash with the infamous Blue Screen of Death (BSOD) before forcing them into a repetitive boot-loop that left them unusable. In its preliminary post-incident review, CrowdStrike confirmed that the crashing of its custome ..read more