Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The faulty Rapid Response Content CrowdStrike update that disabled millions of Windows machines across the globe on 7/19/2024 was any IT professional’s nightmare. Having to manually visit and restore each affected machine (further complicated by BitLocker) severely limited the recovery speed, especially for businesses with remote locations, TVs, kiosks, etc.

SecOps teams at midsize companies face a unique set of challenges when it comes to managing organizational cybersecurity. Midsize companies (those with 100-999 employees and $50 million-$1 billion in annual revenue, according to Gartner) possess significant financial resources and valuable data that may be targeted by digital adversaries.

We made our WAF Machine Learning models 5.5x faster, reducing execution time by approximately 82%, from 1519 to 275 microseconds! Read on to find out how we achieved this remarkable improvement. WAF Attack Score is Cloudflare's machine learning (ML)-powered layer built on top of our Web Application Firewall (WAF). Its goal is to complement the WAF and detect attack bypasses that we haven't encountered before.

One of the recent email scams of the past few months is the Geek Squad scam. Similar to other phishing scams, this scam involves cybercriminals impersonating Geek Squad - a trusted tech support team from the American company Best Buy. As we learn more about the Geek Squad scam, including what it is and how to spot and prevent it, you will be able to protect yourself from it and learn techniques to defend yourself against present and future scams.

Enterprises today face significant challenges in managing, governing, and securing corporate data. Data moves and is shared more ubiquitously than we likely recognize. Through the use of large language models (LLMs), shared with third-party vendors, or exposed on the dark web, there are blind spots that hinder the security and IT teams’ visibility into where data resides and how and by whom it’s accessed.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! I’m sure some of you out are still dealing with the last week’s issue and never want to hear the word CrowdStrike again, well this might have helped.

Local administrator rights provide users with unrestricted access to their machines, enabling them to install applications, modify system settings and perform other administrative tasks. While this level of freedom can enhance productivity and flexibility, it also poses significant threats to security, compliance and business continuity. Accordingly, best practices recommend strictly limiting local admin rights.