“Resilience is no longer defined by whether an incident occurs. It’s defined by how fast and how well you respond and contain when it does.“ levelblue.com/blogs/levelblu… via @levelbluecyber

Some of these appear to have leveraged a multitude of CVEs chained together to include at least one new exploit now documented as CVE-2025-61882 with a CVSS score of 9.8 which can be exploited without requiring user credentials. linkedin.com/posts/devonacke…

Understanding the path cyber intrusions take can help organizations detect them and mitigate the damage. Learn more about each step in this interview between NetDiligence’s Mark Greisiger and Cybereason’s Devon Ackerman. hubs.la/Q030kH4K0

thebinaryhick.blog/2024/09/1… #DFIR

87.120.241.2 - hammering away looking for vulnerabilities against internet facing webservers, specifically trying known CVEs in broad runs.

65.108.99.115 is just having fun hammering away looking for vulnerabilities. #naughtyIPs

12-hour timelapse of American Airlines, Delta, and United plane traffic after what was likely the biggest IT outage in history forced a nationwide ground stop of the three airlines.

Crowdstrike just put out steps to remediate the current outage on the end users side. They've emailed them out to every customer and partner. Go check your inboxes! For those that don't understand what is going on there is a major outage of tons of services and businesses going on globally right now. There is a work around but it is more difficult for companies that encrypted their drives with tools like bitlocker. Some stuff won't work today and it may take a while to fix it all. Steps are in the image attached:

Fixing the #Crowdstrike issue

ICYMI: Kroll Cyber Risk won 5 awards at #RSA this week! Come to booth 2239 to say hello and learn more about us. 📸: @aboutdfir, Global Head of Incident Response at Kroll

Join cybersecurity experts at this year's virtual Incident Response Forum Masterclass on April 18, 10:25 a.m. EDT. @aboutdfir will be interviewing Joshua Blanchard from the FBI as part of the law enforcement spotlight. Use code KROLL77 to register now: ms.spr.ly/6018c4cCg

Tomorrow at @The_WSIA Insurtech. Panel discussion about cyber threats and how the insurance industry can protect insureds. Panelists are - @aboutdfir @KrollWire; Pasha Sternberg @Polsinelli; and Garrett Sprowls @TowerstoneInc. Major news from Sayata after the panel!

Join cybersecurity experts at this year's virtual Incident Response Forum Masterclass on April 18, 10:25 a.m. EDT. @aboutdfir will be interviewing Joshua Blanchard from the FBI as part of the law enforcement spotlight. Use code KROLL77 to register now: ms.spr.ly/6013c2ief

In @WSJ’s coverage of the #cyberattack on UnitedHealth Group, @aboutdfir discussed this important post-incident question: "what happened?" Recovering operations after an attack is important, and so too is ensuring that evidence of the intrusion is intact: ms.spr.ly/6015coCaU

“A problem has occurred…” Please add to the list of things I don’t want to see when boarding my flight.

Kroll is proud to present the first-ever Charleston School of Law Foundation Data Privacy scholarship to Chloe Duger, an impressive 2L law student. Chloe is determined to have a deeper understanding of privacy rights in the age of evolving technology. Congrats, Chloe!

We're revealing details of an obscure debugging feature in the Apple A12-A16 SoC’s that bypasses all of the hard-to-hack hardware-based memory protections on new iPhones. Its not used by the firmware and we don't know how the attackers found out about it. securelist.com/operation-tri…