What Happened? On July 19, 2024 at 04:09 UTC, as part of ongoing operations, CrowdStrike released a sensor configuration update to Windows systems. Sensor configuration updates are an ongoing part of the protection mechanisms of the Falcon platform. This configuration update triggered a logic error resulting in a system crash and blue screen (BSOD) on impacted systems. The … [Read more...] about Technical Details: Falcon Update for Windows Hosts
update
Threat Actor Distributes Python-Based Info Stealer Using Fake Update
Summary On July 23, 2024, CrowdStrike Intelligence identified a malicious ZIP file containing a Python-based information stealer now tracked as Connecio. A threat actor distributed this file days after the July 19, 2024, single content update for CrowdStrike’s Falcon sensor — which impacted Windows operating systems — was identified and a fix was deployed. The ZIP file uses the … [Read more...] about Threat Actor Distributes Python-Based Info Stealer Using Fake Update
Falcon Content Update Preliminary Post Incident Report
Updated 2024-07-25 1900 UTC Executive Summary PDF This is CrowdStrike’s preliminary Post Incident Review (PIR). We will be detailing our full investigation in the forthcoming Root Cause Analysis that will be released publicly. Throughout this PIR, we have used generalized terminology to describe the Falcon platform for improved readability. Terminology in other documentation … [Read more...] about Falcon Content Update Preliminary Post Incident Report
Malware Distributed Using Falcon Sensor Update Phishing Lure
Summary On July 23, 2024, CrowdStrike Intelligence identified the phishing domain crowdstrike-office365[.]com, which impersonates CrowdStrike and delivers malicious ZIP and RAR files containing a Microsoft Installer (MSI) loader. The loader ultimately executes Lumma Stealer packed with CypherIt. The domain was registered on July 23, 2024, days after July 19, 2024, when an issue … [Read more...] about Malware Distributed Using Falcon Sensor Update Phishing Lure
Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware
Jul 20, 2024NewsroomMalware / IT Outage Cybersecurity firm CrowdStrike, which is facing the heat for causing worldwide IT disruptions by pushing out a flawed update to Windows devices, is now warning that threat actors are exploiting the situation to distribute Remcos RAT to its customers in Latin America under the guise of a providing a hotfix. The attack chains involve … [Read more...] about Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware
Global outage of Microsoft clients due to CrowdStrike update
Ever heard the unspoken rule: “Never release on Friday”? We have, but CrowdStrike hasn’t. They released a tiny driver on an ordinary Friday morning, which became the cause of a huge outage all over the world. An incorrect update for CrowdStrike’s EDR (Endpoint Detection and Response) solution has affected Windows devices around the world — giving corporate users the Blue Screen … [Read more...] about Global outage of Microsoft clients due to CrowdStrike update
Faulty CrowdStrike Update Crashes Windows Systems, Impacting Businesses Worldwide
Businesses across the world have been hit by widespread disruptions to their Windows workstations stemming from a faulty update pushed out by cybersecurity company CrowdStrike. "CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts," the company's CEO George Kurtz said in a statement. "Mac and Linux hosts are not … [Read more...] about Faulty CrowdStrike Update Crashes Windows Systems, Impacting Businesses Worldwide
North Korean Hackers Update BeaverTail Malware to Target MacOS Users
Jul 17, 2024NewsroomCyber Espionage / Cryptocurrency Cybersecurity researchers have discovered an updated variant of a known stealer malware that attackers affiliated with the Democratic People's Republic of Korea (DPRK) have delivered as part of prior cyber espionage campaigns targeting job seekers. The artifact in question is an Apple macOS disk image (DMG) file named … [Read more...] about North Korean Hackers Update BeaverTail Malware to Target MacOS Users
What’s New in Open 360? January 2024 Update
At Logz.io, we recently announced the release of App 360, a new solution that aims to shift the paradigm around application performance monitoring (APM) systems. To better give our customers a look at the new solution within the Logz.io Open 360™ platform for essential observability, we recently hosted a webinar explaining App 360 in greater depth and provided a detailed … [Read more...] about What’s New in Open 360? January 2024 Update
Update Google Chrome (and other Chromium-based browsers)
Another day – another browser vulnerability discovered! Indeed, the number of dangerous security holes has doubled within a week! Only recently we highlighted the urgent need to update iOS and macOS due to a major bug in Apple WebKit (the engine inside Safari and other browsers in iOS). And now, due to a similar threat in terms of exploitability, you need to update other … [Read more...] about Update Google Chrome (and other Chromium-based browsers)