This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest DJ Schleen, distinguished security architect, Yahoo
Cyber Security Headlines – Week in Review is live every Friday at 12:30pm PT/3:30pm ET. Join us each week by registering for the open discussion at CISOSeries.com
CrowdStrike sued by investors following update failure
The lawsuit claims that the company “provided false claims about its Falcon platform,” this following the massive failure of its security update on July 19. The failure caused its stock price to fall by almost 38%. Furthermore,, the plaintiffs claim that the outage “proves CrowdStrike’s claims that their cybersecurity platform is thoroughly tested and validated are false.” This particular action is a class action lawsuit submitted by the Plymouth County Retirement Association in the U.S. District Court of Austin. The group is seeking compensatory damages for its losses.
Jerico Pictures faces class action regarding breach of PII of 3 billion people
This suit follows a hack that occurred in April in which a threat actor with the name USDoD offered to sell a database belonging to the background check company National Public Data on a dark web forum. Jerico Pictures Inc. is the company that operates as National Public Data. Experts state that this data breach could be among the biggest ever. National Public Data “gathers data on billions of individuals by scraping their personally identifying information from non-public sources. The plaintiff and class members state they did not knowingly provide their PII to the defendant.”
Researchers find flaws in Georgia voter portal
Security researcher Jason Parker alerted ProPublica and Atlanta News First of a flaw in a portal run by the Georgia Secretary of State’s Office. This would allow someone to submit a voter cancellation request for anyone in the state. Parker said they attempted to contact the Secretary of State’s Office but did not receive a response. The portal launched on July 29th and already garnered attention for exposing driver’s license numbers. Parker found that by inspecting the portal’s source HTML, anyone could delete code requiring them to submit a driver’s license number and proceed to request a voter cancellation. The state eventually patched the issues, but security researcher Zach Edwards told ProPublica “It’s shocking to have one of these bugs occur on a serious website.”
Thanks to today’s episode sponsor, Vanta
CrowdStrike to give customers control over Falcon sensor updates
Following CrowdStrike’s root cause analysis (RCA) of the July 19 faulty sensor update incident that wreaked havoc on Windows systems worldwide, the company has announced that they plan to give customers more control over how they deploy Falcon endpoint security updates. Additionally, CrowdStrike indicated it has implemented new test procedures, deployment layers, acceptance checks for content configuration, and new update validation checks. CrowdStrike has also asked two third-party security vendors to evaluate its code along with its quality control and release processes. CrowdStrike CEO George Kurtz said, “We are using the lessons learned from this incident to better serve our customers.”
Law would make ransomware a terrorist threat
A bill sponsored by Senate Intelligence Committee chair Mark Warner contains language that would brand ransomware groups named in it as “hostile foreign cyber actors” and impose sanctions on counties harboring them as “state sponsors of ransomware.” The bill would also place ransomware as a national intelligence priority, giving the intelligence community greater legal latitude to pursue operators. Currently, the bill lists 18 ransomware groups. Experts speaking to Cyberscoop questioned whether the fluid nature of ransomware organizations would make enforcing any specific list feasible long-term.