On July 19, 2024, as part of regular operations, CrowdStrike released a content configuration update (via channel files) for the Windows sensor that resulted in a widespread outage. We apologize unreservedly. View the Channel File 291 Incident Executive Summary We acknowledge the incredible round-the-clock efforts of our customers and partners who, working alongside our teams, … [Read more...] about Channel File 291 Incident RCA is Available
Incident
Enabling Cybersecurity Incident Response – Cisco Blogs
Tune into our webinar with Jesse Beauman, Deputy CIO, and Tim Burns, Interim CISO, from the University of North Carolina at Charlotte to discuss the importance of an XDR solution in the world of higher education: Building a secure future: Cybersecurity strategies for higher educationSeptember 5th at 2pm EST Research universities require advanced security architectures that … [Read more...] about Enabling Cybersecurity Incident Response – Cisco Blogs
Falcon Content Update Preliminary Post Incident Report
Updated 2024-07-25 1900 UTC Executive Summary PDF This is CrowdStrike’s preliminary Post Incident Review (PIR). We will be detailing our full investigation in the forthcoming Root Cause Analysis that will be released publicly. Throughout this PIR, we have used generalized terminology to describe the Falcon platform for improved readability. Terminology in other documentation … [Read more...] about Falcon Content Update Preliminary Post Incident Report
Enhancing AI Security Incident Response Through Collaborative Exercises
I had the privilege of participating in an AI Security Incident tabletop exercise led by the Cybersecurity and Infrastructure Security Agency’s (CISA) Joint Cyber Defense Collaborative (JCDC). This exercise, which brought together industry leaders and government agencies, is a significant step toward enhancing our collective ability to respond to AI-related security incidents … [Read more...] about Enhancing AI Security Incident Response Through Collaborative Exercises
Cloud Security Incident Response Guidance
In our first-ever Cloud Threat Summit, CrowdStrike’s Senior Vice President of Intelligence and Senior Director of Consulting Services discussed the most common ways adversaries breach the cloud and the steps organizations can take to stay safe. An insightful and engaging conversation during last week’s Cloud Threat Summit featured Adam Meyers, Senior Vice President of … [Read more...] about Cloud Security Incident Response Guidance
Malware Attack on CircleCI Engineer’s Laptop Leads to Recent Security Incident
Jan 14, 2023Ravie LakshmananDevOps / Data Security DevOps platform CircleCI on Friday disclosed that unidentified threat actors compromised an employee's laptop and leveraged malware to steal their two-factor authentication-backed credentials to breach the company's systems and data last month. The CI/CD service CircleCI said the "sophisticated attack" took place on December … [Read more...] about Malware Attack on CircleCI Engineer’s Laptop Leads to Recent Security Incident
ThreatWise TV: Exploring Recent Incident Response Trends
Today we’re examining some of the revelations in the Q3 Cisco Talos Incident Response Trends Report. This document is an anonymized look at of all the engagements that the Cisco Talos Incident Response team have been involved in over the previous three months. It also features threat intelligence from our team of researchers and analysts. To start, take a watch of this … [Read more...] about ThreatWise TV: Exploring Recent Incident Response Trends
CrowdStrike Services Releases Free Incident Response Tracker
The CrowdStrike Incident Response Tracker is a convenient spreadsheet that includes sections to document indicators of compromise, affected accounts, compromised systems and a timeline of significant events CrowdStrike incident response teams have leveraged this type of tracker in thousands of investigations Download the CrowdStrike Incident Response Tracker Template During a … [Read more...] about CrowdStrike Services Releases Free Incident Response Tracker
Cyber Hygiene: An ounce of prevention is worth a pound of incident response
Today’s incident response teams operate like hospital emergency rooms (ERs). When an alert comes in—malware infection, intrusion, anomalous behavior, etc.—a specialist is called in for diagnosis and remediation. In cybersecurity, as in healthcare, good preventive care can improve outcomes and reduce costs. At Cisco, I’ve been a part of a team responsible for imagining a … [Read more...] about Cyber Hygiene: An ounce of prevention is worth a pound of incident response
Report to Your Management with the Definitive ‘Incident Response for Management’ Presentation Template
Security incidents occur. It's not a matter of 'if' but of 'when.' There are security products and procedures that were implemented to optimize the IR process, so from the 'security-professional' angle, things are taken care of.However, many security pros who are doing an excellent job in handling incidents find effectively communicating the ongoing process with their … [Read more...] about Report to Your Management with the Definitive ‘Incident Response for Management’ Presentation Template