A smorgasbord of knowledge and news -

View this email in your browser (IN)SECURE Newsletter July 30, 2024 A smorgasbord of knowledge and news What's new?   On July 19, 2024, American cybersecurity firm CrowdStrike delivered a defective update to around 8.5 million Windows systems, and triggered a massive worldwide IT outage. To help IT admins speed up recovery of borked systems, Microsoft has released a recovery tool, and CrowdStrike has provided a way for remediating affected systems more quickly. In the aftermath, CrowdStrike detailed their sensor update process and committed to improving it. Other EDR vendors followed suit, and Microsoft has pledged to work with third-party vendors to reduce the need for kernel drivers to access important security data on Windows systems. In unrelated news: AI shows a significant potential in enhancing cybersecurity by efficiently processing and analyzing vast, unstructured data from the dark web, thus helping to decode cybercriminal strategies. A recap of the major data breaches that have rocked organizations in 2024 includes incidents involving Trello, AnyDesk, France Travail, Nissan, MITRE, Dropbox, BBC Pension Scheme, TeamViewer, Advance Auto Parts, and AT&T. Ideas to consider, practices to implement Cybersecurity ROI: Top metrics and KPIs Overlooked essentials: API security best practices ChatGPTriage: How can CISOs see and control employees' AI use? Managing exam pressure: Tips for certification preparation How to design a third-party risk management framework Strengthening cybersecurity preparedness with defense in depth Open-source tools you should check out Cirrus - A tool that streamlines Google Cloud forensic evidence collection Infisical - A secret management platform Shuffle Automation - A security automation platform Grype - A vulnerability scanner for container images, filesystems SubSnipe - A tool for finding subdomains vulnerable to takeover Realm - An adversary emulation framework BunkerWeb - A Web Application Firewall (WAF) Get these whitepapers and eBooks to broaden your knowledge and resolve issues (registration may be required): eBook: How CISSP turns career goals into reality Whitepaper: DevSecOps Blueprint eBook: 20 tips for secure cloud migration Copyright © 2024 Help Net Security (Astus d.o.o.), All rights reserved. You are receiving (IN)SECURE Newsletter because you opted in at our web site located on https://www.helpnetsecurity.com. Note: Sometimes we send promotional maildrops to our list. We never share your details with anyone! We really send a limited number of maildrops per year, so we hope you won't unsbscribe because of them. Thanks in advance! Our mailing address is: Help Net Security (Astus d.o.o.) Kastav Kastav 51215 Croatia Add us to your address book Want to change how you receive these emails? You can update your preferences or unsubscribe from this list.