Top 5 Cybersecurity News Stories of Last Week (July 14th – 20th, 2024)

This week saw a mix of cybercrime and industry news, with some events highlighting the ever-present threat landscape and others showcasing progress in the fight for online safety. Let’s dive into the top 5 stories:

1. CrowdStrike Outage Exploited by Malicious Actors: A major incident occurred when a software update from cybersecurity giant CrowdStrike caused a global outage, impacting businesses and travel. While the outage itself wasn’t malicious, it created an opportunity for cybercriminals. CISA (Cybersecurity and Infrastructure Security Agency) warned of a rise in phishing attempts and other scams capitalizing on the confusion. This highlights the importance of user vigilance and cybersecurity awareness, even during seemingly unrelated events. US Cybersecurity Agency warns of phishing attempts after CrowdStrike outage [Read More].
2. Life360 Data Breach Exposes User Information: Personal data belonging to nearly half a million Life360 users, including names, emails, and phone numbers, was leaked on the dark web. This incident serves as a reminder of the risks associated with location-sharing apps and the importance of choosing reputable services with robust security practices. Users should also consider privacy settings and limit the amount of data they share. Nearly 500K Life360 users have data leaked following the breach [Read More].
3. Arrest Made in Connection with MGM Resorts Ransomware Attack: A positive development came with the arrest of a 17-year-old in the UK believed to be involved in a large-scale hacking group responsible for a ransomware attack against MGM Resorts International last year. International cooperation between law enforcement agencies demonstrates progress in tracking down cyber criminals and holding them accountable. U.K. police arrest 17-year-old in connection with last year’s MGM cyberattack
4. Microsoft Warns of Millions of Windows Devices Impacted by CrowdStrike Incident: The fallout from the CrowdStrike outage extended to Windows users. Millions of devices were potentially exposed due to the disruption. Microsoft released a recovery tool and urged users to update their systems. This incident underlines the interconnectedness of the cybersecurity landscape and the need for collaboration between security vendors and operating system providers. Microsoft Says 8.5 Million Windows Devices Impacted by CrowdStrike Incident, Publishes Recovery Tool [Read More].
5. Researchers Discover New Phishing Kit on the Dark Web: Security researchers identified a new phishing kit readily available on the dark web. This kit allows cybercriminals to easily create customized phishing campaigns, highlighting the evolving tactics used by malicious actors. Organizations should prioritize employee training on phishing awareness and implement robust email filtering systems. [Read More].

Staying informed about cybersecurity threats is crucial for individuals and organizations alike. By keeping up with the latest news and adopting best practices, we can create a safer online environment for everyone.