Security researchers have identified new Mac malware that disguises itself as the legitimate and popular browser, Arc. This malware is distributed through Google Ads that redirect users to a fake download site, prompting users to bypass Mac security measures to install it. Once installed, the malware, named Poseidon, steals sensitive data like passwords and cryptocurrency wallets and sends it to a control panel accessible to cybercriminals. Despite Google's verification processes, bad actors managed to exploit Google Ads to spread this malware. Users are advised to follow security best practices such as bookmarking trusted sites and using strong antivirus protection. In response, Google has suspended the offending advertiser's account for policy violations.

Google Ads spread Mac malware disguised as popular browser Fox News

CrowdStrike experienced a significant issue with a software update for its Falcon sensor, which was live for 78 minutes on July 19, 2024. The faulty update caused widespread IT network disruptions and system crashes on Windows devices running versions 7.11 and above. Despite quickly reverting the update, many systems were already affected, necessitating manual remediation efforts across various sectors. CrowdStrike clarified that the issue was not due to a cyberattack and provided remediation guidance on its blog. This incident highlighted vulnerabilities in automated software deployment and its expansive impact on businesses worldwide.

CrowdStrike says flawed update was live for 78 minutes publication

Warren Buffett's Berkshire Hathaway expressed caution at its annual investor meeting about cyber insurance, advising agents to sell such policies only when necessary due to the unpredictable scale of potential losses. This caution was underscored by a recent global IT outage caused by a CrowdStrike quality control issue, which affected various sectors including transportation and healthcare. While some experts like Gerald Glombicki of Fitch Ratings believe that the industry has largely priced in such risks and can manage the losses, others such as Josephine Wolff of Tufts University foresee significant business interruption claims and potential litigation arising from such incidents. The episode highlights the complexities and evolving nature of the cyber insurance market, emphasizing the need for better risk assessment and potentially more standardized policies.

CrowdStrike losses may be biggest test yet of cybersecurity insurance risk warning from Warren Buffett NBC News

The CrowdStrike outage on Friday caused significant disruptions globally, affecting airlines, delivery services, stores, and amusement parks, with potential economic damages reaching tens of billions of dollars. CrowdStrike is liable only for refunding subscription fees and not for business interruption losses. Companies are turning to their cyber insurance policies, though payouts may be slow and less than the actual losses incurred. The incident underscores the increased reliance on and potential risks of cyber insurance, especially for large businesses with negotiated terms. Observers note the irony of the outage resulting from protective software updates and anticipate lasting impacts on the cyber insurance industry.

Here comes the wave of insurance claims for the CrowdStrike outage Business Insider

Security researchers have identified new Mac malware that disguises itself as the legitimate and popular browser, Arc. This malware is distributed through Google Ads that redirect users to a fake download site, prompting users to bypass Mac security measures to install it. Once installed, the malware, named Poseidon, steals sensitive data like passwords and cryptocurrency wallets and sends it to a control panel accessible to cybercriminals. Despite Google's verification processes, bad actors managed to exploit Google Ads to spread this malware. Users are advised to follow security best practices such as bookmarking trusted sites and using strong antivirus protection. In response, Google has suspended the offending advertiser's account for policy violations.

Google Ads spread Mac malware disguised as popular browser Fox News

CrowdStrike experienced a significant issue with a software update for its Falcon sensor, which was live for 78 minutes on July 19, 2024. The faulty update caused widespread IT network disruptions and system crashes on Windows devices running versions 7.11 and above. Despite quickly reverting the update, many systems were already affected, necessitating manual remediation efforts across various sectors. CrowdStrike clarified that the issue was not due to a cyberattack and provided remediation guidance on its blog. This incident highlighted vulnerabilities in automated software deployment and its expansive impact on businesses worldwide.

CrowdStrike says flawed update was live for 78 minutes publication

Warren Buffett's Berkshire Hathaway expressed caution at its annual investor meeting about cyber insurance, advising agents to sell such policies only when necessary due to the unpredictable scale of potential losses. This caution was underscored by a recent global IT outage caused by a CrowdStrike quality control issue, which affected various sectors including transportation and healthcare. While some experts like Gerald Glombicki of Fitch Ratings believe that the industry has largely priced in such risks and can manage the losses, others such as Josephine Wolff of Tufts University foresee significant business interruption claims and potential litigation arising from such incidents. The episode highlights the complexities and evolving nature of the cyber insurance market, emphasizing the need for better risk assessment and potentially more standardized policies.

CrowdStrike losses may be biggest test yet of cybersecurity insurance risk warning from Warren Buffett NBC News

The CrowdStrike outage on Friday caused significant disruptions globally, affecting airlines, delivery services, stores, and amusement parks, with potential economic damages reaching tens of billions of dollars. CrowdStrike is liable only for refunding subscription fees and not for business interruption losses. Companies are turning to their cyber insurance policies, though payouts may be slow and less than the actual losses incurred. The incident underscores the increased reliance on and potential risks of cyber insurance, especially for large businesses with negotiated terms. Observers note the irony of the outage resulting from protective software updates and anticipate lasting impacts on the cyber insurance industry.

Here comes the wave of insurance claims for the CrowdStrike outage Business Insider