Security News

Learning from CrowdStrike’s quality assurance failures
2024-07-25 09:52

The PIR is a bit confusing to read and parse, because it attempts to assure readers that the company carefully and comprehensively tests their products - even though the company's failures on that front are obvious. CrowdStrike has implemented an update architecture that only rigorously tests some of the updates sent to clients.

How a cheap barcode scanner helped fix CrowdStrike'd Windows PCs in a flash
2024-07-25 02:29

Not long after Windows PCs and servers at the Australian limb of audit and tax advisory Grant Thornton started BSODing last Friday, senior systems engineer Rob Woltz remembered a small but important fact: When PCs boot, they consider barcode scanners no differently to keyboards. That knowledge nugget became important as the firm tried to figure out how to respond to the mess CrowdStrike created, which at Grant Thornton Australia threw hundreds of PCs and no fewer than 100 servers into the doomloop that CrowdStrike's shoddy testing software made possible.

The months and days before and after CrowdStrike's fatal Friday
2024-07-25 00:17

As far as we're aware - and let us know any other details you may have - the security snafu started way back on February 28, when CrowdStrike developed and distributed a sensor update for Falcon intended to detect an emerging novel attack technique that abuses named pipes on Windows. At 0409 UTC on Friday, July 19, CrowdStrike pushed the ill-fated update to its Falcon endpoint security product.

Uncle Sam opens probe into CrowdStrike turbulence at Delta Air Lines
2024-07-24 17:02

The US Department of Transportation is investigating Delta Air Lines over its handling of the global IT outage caused by CrowdStrike's content update. Delta has had a particularly rough time since Friday, consistently cancelling hundreds of flights a day.

CrowdStrike: Buggy Validator Started Massive Outage
2024-07-24 15:15

A major disruption to Windows PCs in the U.S., U.K., Australia, South Africa and other countries was caused by an error in a CrowdStrike update, the cloud security company announced on Friday. Blue Screen of Death widespread due to CrowdStrike outage.

CrowdStrike: 'Content Validator' bug let faulty update pass checks
2024-07-24 14:16

CrowdStrike released a Preliminary Post Incident Review (PIR) on the faulty Falcon update explaining that a bug allowed bad data to pass its Content Validator and cause millions of Windows systems...

CrowdStrike blames buggy testing software for disastrous update
2024-07-24 12:20

A bug in the Content Validator – a software element CrowdStrike relies on for testing and validating Rapid Response Content updates for its Falcon Sensors – is (partly) why the faulty update...

CrowdStrike Explains Friday Incident Crashing Millions of Windows Devices
2024-07-24 08:32

Cybersecurity firm CrowdStrike on Wednesday blamed an issue in its validation system for causing millions of Windows devices to crash as part of a widespread outage late last week. "On Friday,...

CrowdStrike blames a test software bug for that giant global mess it made
2024-07-24 05:17

CrowdStrike has blamed a bug in its own test software for the mass-crash-event it caused last week. Rapid response content is delivered in those channel files as so-called "Template instances," which CrowdStrike describes as "Instantiations of a given template type." Thus, the rapid response content relies on template code defined by the base sensor content, and each piece of this response content is a template instance.

CrowdStrike blames a test software bug for that giant global mess it made
2024-07-24 05:17

Something called 'Content Validator' did not validate the content, and the rest is history CrowdStrike has blamed a bug in its own test software for the mass-crash-event it caused last week.…