Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

17 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 17 most recent headlines Filtered view

Windows 11 Revamp Means No Kernel Access Required for Third-Party Security ToolsNearly one year after a faulty CrowdStrike software update disrupted 8.5 million Windows hosts, causing global IT chaos, Microsoft is previewing multiple resilience changes to Windows, including enabling third-party endpoint security tools to do their magic without needing kernel-level access.

Loss of 5% of Staff Is Cybersecurity Industry's Second-Largest Workforce ReductionCrowdStrike plans to ax 500 employees as the endpoint security behemoth looks to operate more efficiently and uses artificial intelligence to "flatten[s] our hiring curve. The company revealed plans to reduce its nearly 10,000-person staff by 5% to scale its business with more focus and discipline.

CrowdStrike's Adam Meyers on Cybercriminals Moving From Endpoints to Softer TargetsWith EDR making it difficult for cybercriminal to carry out attacks, they are now shifting focus to exploit vulnerabilities in compromised identities and unmanaged devices to move laterally across organizations, said Adam Meyers, senior vice president of counter adversary operations at CrowdStrike.

Bank Info Security 1 year, 3 months ago

Medusa Ransomware Brings Its Own Vulnerable Driver

Hackers Use Stolen Certificates to Bypass Endpoint Detection and ResponseA Russian-speaking ransomware group has been deploying a malicious Windows PE driver that imitates a legitimate CrowdStrike Falcon driver to bypass endpoint security, warn researchers. The driver disables endpoint detection and response software by stripping process protections.

Vendors Consolidate Endpoint, Managed Offerings to Combat Major Industry PlayersRising competition from CrowdStrike and Microsoft is driving MDR and EDR providers to consolidate. Companies such as Sophos and Arctic Wolf are acquiring endpoint or managing security technology to enhance detection and response capabilities, signaling a shift toward full-stack security solutions.

Bank Info Security 1 year, 5 months ago

Why Private Equity Is Now Kicking the Tires on Trend Micro

Sluggish Sales Growth and Lower Relevance in Endpoint Could Make Trend AttractiveEndpoint security vendors are changing up their ownership or business models as Microsoft and CrowdStrike increasingly blot out the sun in this rapidly consolidating market. Reuters said that Advent International, Bain Capital, EQT AB and KKR have expressed interest in taking Trend Micro private.

Bank Info Security 1 year, 8 months ago

Delta Air Lines Sues CrowdStrike Over July System Meltdown

Lawsuit Compares Botched Software Update to HackingDelta Air Lines filed an acerbic lawsuit Friday afternoon against CrowdStrike that likens the endpoint security vendor's botched July 19 update to hacking. The suit accuses the cybersecurity company of "installing an exploit in Delta systems" by automatically rolling out an update.

Not Yet Compatible: Many Third-Party Endpoint Security, Authentication, VPN ToolsMultiple makers of third-party Apple security tools, including CrowdStrike and SentinelOne, are warning users not to upgrade to the new macOS 15 Sequoia, pending needed OS bug fixes. Users have also reported seeing problems with third-party VPNs crashing and single sign-on tools failing.

Bank Info Security 1 year, 10 months ago

ISMG Editors: Will Microsoft Rethink Windows Security?

Also: Mastercard's Big Acquisition and US Election Security EffortsIn the latest weekly update, ISMG editors discussed the fallout from the CrowdStrike global IT outage on endpoint security tools, Mastercard's monumental acquisition of Recorded Future to bolster its cybersecurity portfolio, and the latest efforts by U.S. officials to secure the 2024 election.

Bank Info Security 1 year, 10 months ago

Kernel Mode Under the Microscope at Windows Security Summit

Company Focused on Safe Deployment Practices, Reducing Kernel Mode DependenciesCutting kernel mode dependencies and adopting safe deployment practices will make endpoint systems more resilient and secure for Windows customers. Tuesday's meeting came two months after a faulty CrowdStrike update disrupted 8.5 million Windows machines and caused $5.4 billion in direct losses.

CrowdStrike, other vendors, friendly govt reps…but not anyone would can tell you what happened op-ed Microsoft will host a security summit next month with CrowdStrike and other "key" endpoint security partners joining the fun — and during which the CrowdStrike-induced outage that borked millions of Windows machines will undoubtedly be a top-line agenda item. …

'In the short term, they're going to have to do a lot of groveling' Analysis The great irony of the CrowdStrike fiasco is that a cybersecurity company caused the exact sort of massive global outage it was supposed to prevent. And it all started with an effort to make life more difficult for criminals and their malware, with an update to its endpoint detection and response tool Falcon.…

Bank Info Security 2 years, 4 months ago

CrowdStrike to Buy Israeli Data Defense Vendor Flow Security

Data Security Posture Management Deal Will Help CrowdStrike Guard Endpoints, CloudsCrowdStrike plans to purchase a data security posture management startup led by an Israeli Defense Forces team leader to safeguard information across endpoints and clouds. The proposed Flow Security deal will give CrowdStrike visibility into cloud data flows and how data interacts with applications.