Falcon Customers Can Enable Network Vulnerability Assessment in Minutes If you’re already using the Falcon unified agent, activating Network Vulnerability Assessment takes just minutes — no extra scanners, agents, or hardware required. Within hours, you’ll uncover unmanaged devices, prioritize risks with AI-driven intelligence, and automate remediation — all seamlessly … [Read more...] about CrowdStrike Expands Security to Unmanaged Network Assets
News
Lossless audio and ultra-low latency audio come to AirPods Max
March 24, 2025 UPDATE Lossless audio and ultra‑low latency audio come to AirPods Max Next month, AirPods Max will become the only :br(m)::br(l)::br(xl):headphones that enable musicians to both create and :br(m)::br(l)::br(xl):mix in Personalized Spatial Audio with head tracking Next month, a new software update will bring lossless audio and ultra-low latency audio to … [Read more...] about Lossless audio and ultra-low latency audio come to AirPods Max
What is the value of AI-driven security analytics?
Quantifying economic impact with Enterprise Strategy GroupSecurity is a complicated industry, with constant changes coming at a breakneck pace. The attack surface, stakeholder needs, adversary tactics, and the very tools you wield are constantly evolving — leaving many security teams unsure whether they’re prepared. In the unending fight, you deserve tools you can trust that … [Read more...] about What is the value of AI-driven security analytics?
Cisco Co-Authors Update to NIST Adversarial Machine Learning Taxonomy
The rapid evolution and enterprise adoption of AI has motivated bad actors to target these systems with greater frequency and sophistication. Many security leaders recognize the importance and urgency of AI security, but don’t yet have processes in place to effectively manage and mitigate emerging AI risks with comprehensive coverage of the entire adversarial AI threat … [Read more...] about Cisco Co-Authors Update to NIST Adversarial Machine Learning Taxonomy
Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication
Mar 24, 2025Ravie LakshmananVulnerability / Cloud Security A set of five critical security shortcomings have been disclosed in the Ingress NGINX Controller for Kubernetes that could result in unauthenticated remote code execution, putting over 6,500 clusters at immediate risk by exposing the component to the public internet. The vulnerabilities (CVE-2025-24513, … [Read more...] about Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication
Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories’ CI/CD Secrets Exposed
The supply chain attack involving the GitHub Action "tj-actions/changed-files" started as a highly-targeted attack against one of Coinbase's open-source projects, before evolving into something more widespread in scope. "The payload was focused on exploiting the public CI/CD flow of one of their open source projects – agentkit, probably with the purpose of leveraging it for … [Read more...] about Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories’ CI/CD Secrets Exposed
Elastic and Tines partner to orchestrate and automate team workflows
Automate your security and observability workflows with Tines Workflow Automation, now available directly from ElasticElastic and Tines are unveiling an integrated product offering to transform the crucial work of security and observability teams. We’re excited to introduce Tines Workflow Automation, available directly through Elastic. This seamless package extends Elastic with … [Read more...] about Elastic and Tines partner to orchestrate and automate team workflows
U.S. Treasury Lifts Tornado Cash Sanctions Amid North Korea Money Laundering Probe
Mar 22, 2025Ravie LakshmananFinancial Security / Cryptocurrency The U.S. Treasury Department has announced that it's removing sanctions against Tornado Cash, a cryptocurrency mixer service that has been accused of aiding the North Korea-linked Lazarus Group to launder their ill-gotten proceeds. "Based on the Administration's review of the novel legal and policy issues raised … [Read more...] about U.S. Treasury Lifts Tornado Cash Sanctions Amid North Korea Money Laundering Probe
UAT-5918 Targets Taiwan’s Critical Infrastructure Using Web Shells and Open-Source Tools
Mar 21, 2025Ravie LakshmananThreat Hunting / Vulnerability Threat hunters have uncovered a new threat actor named UAT-5918 that has been attacking critical infrastructure entities in Taiwan since at least 2023. "UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to … [Read more...] about UAT-5918 Targets Taiwan’s Critical Infrastructure Using Web Shells and Open-Source Tools
Announcing the CrowdStrike 2025 Global Crowd Tour
Cybersecurity leaders today face relentless threats — breaches happen in seconds, adversaries constantly evolve, and security teams must adapt faster than ever. CrowdTour 2025 is built for you — the security professionals on the front lines who use CrowdStrike every day — coming together to learn from peers, share real-world defense strategies, and strengthen the community’s … [Read more...] about Announcing the CrowdStrike 2025 Global Crowd Tour