Security News

The Top 4 CrowdStrike Alternatives & Competitors in 2024
2024-07-29 20:21

While CrowdStrike has since deployed a fix, it's understandable for businesses to be wary of CrowdStrike as a viable EDR provider given the scale of the incident. In this article, we take a look at the best CrowdStrike alternatives and competitors for you and your organization.

Some good may come out of the CrowdStrike outage
2024-07-29 16:30

Estimated financial losses due to the recent massive IT outage triggered by the faulty CrowdStrike update are counted in billions, but the unfortunate incident is having several positive effects, as well. As CrowdStrike was forced to explain, in great detail, how they roll out updates for its Falcon Sensors, what testing they perform beforehand, and how they plan to improve the whole process to prevent similar accidents from happening in the future, other cybersecurity vendors - such as Fortinet, Secureworks, and Bitdefender - have spelled out their own software and content update release processes.

Post-CrowdStrike, Microsoft to discourage use of kernel drivers by security tools
2024-07-29 06:30

Redmond shared a technical incident response write-up on Saturday - titled "Windows Security best practices for integrating and managing security tools" - in which veep for enterprise and OS security David Weston explained how Microsoft measured the impact of the disaster: By accessing crash reports shared by customers. Weston's post justifies how Windows performed, on the grounds that kernel-level drivers - like those employed by CrowdStrike - can improve performance and prevent tampering with security software.

Post-CrowdStrike, Microsoft to discourage use of kernel drivers by security tools
2024-07-29 06:30

Microsoft has admitted that its estimate of 8.5 million machines crashed by CrowdStrike's faulty software update was almost certainly too low, and vowed to reduce infosec vendors' reliance on the kernel drivers at the heart of the issue. Redmond posted an incident response blog on Saturday - titled "Windows Security best practices for integrating and managing security tools" - in which veep for enterprise and OS security David Weston explained how Microsoft measured the impact of the incident: by accessing crash reports shared by customers.

Week in review: CrowdStrike-triggered outage insights, recovery, and measuring cybersecurity ROI
2024-07-28 08:00

Cloud security threats CISOs need to know aboutIn this Help Net Security interview, Ava Chawla, Head of Cloud Security at AlgoSec, discusses the most significant cloud security threats CISOs must be aware of in 2024. Cybersecurity ROI: Top metrics and KPIsIn this Help Net Security interview, Karthik Swarnam, Chief Security and Trust Officer at ArmorCode, discusses key metrics and KPIs to measure cybersecurity ROI. Confidential AI: Enabling secure processing of sensitive dataIn this Help Net Security interview, Anand Pashupathy, VP & GM, Security Software & Services Division at Intel, explains how Intel's approach to confidential computing, particularly at the silicon level, enhances data protection for AI applications and how collaborations with technology leaders like Google Cloud, Microsoft, and Nvidia contribute to the security of AI solutions.

CrowdStrike meets Murphy's Law: Anything that can go wrong will
2024-07-26 18:36

Opinion CrowdStrike's recent Windows debacle will surely earn a prominent place in the annals of epic tech failures. In the beginning, Microsoft enabled CrowdStrike's Falcon security software to run at the zero level of the Windows kernel.

CrowdStrike Warns of New Phishing Scam Targeting German Customers
2024-07-26 05:52

CrowdStrike is alerting about an unfamiliar threat actor attempting to capitalize on the Falcon Sensor update fiasco to distribute dubious installers targeting German customers as part of a highly targeted campaign. The cybersecurity company said it identified what it described as an unattributed spear-phishing attempt on July 24, 2024, distributing an inauthentic CrowdStrike Crash Reporter installer via a website impersonating an unnamed German entity.

CrowdStrike update blunder may cost world billions – and insurance ain't covering it all
2024-07-26 00:35

The cost of CrowdStrike's apocalyptic Falcon update that brought down millions of Windows computers last week may be in the billions of dollars, and insurance isn't covering most of that. Parametrix says insurance might only pay out about $540 million to $1.1 billion of that hit for the Fortune 500, or between 10 and 20 percent.

Beware of fake CrowdStrike domains pumping out Lumma infostealing malware
2024-07-25 22:30

CrowdStrike is the latest lure being used to trick Windows users into downloading and running the notorious Lumma infostealing malware, according to the security shop's threat intel team, which spotted the scam just days after the Falcon sensor update fiasco. Lumma is a relatively popular stealer that has been in high demand among ransomware crews since 2022.

The CrowdStrike Outage and Market-Driven Brittleness
2024-07-25 18:37

The market rewards short-term profit-maximizing systems, and doesn't sufficiently penalize such companies for the impact their mistakes can have. The asymmetry of costs is largely due to our complex interdependency on so many systems and technologies, any one of which can cause major failures.