Security News

Faulty CrowdStrike update takes out Windows machines worldwideThousands and possibly millions of Windows computers and servers worldwide have been made inoperable by a faulty update of Crowdstrike Falcon Sensors, and the outage affected transport, broadcast, financial, retail and other organizations in Europe, Australia, the US and elsewhere. Critical Splunk flaw can be exploited to grab passwordsA recently fixed vulnerability affecting Splunk Enterprise on Windows "Is more severe than it initially appeared," according to SonicWall's threat researchers.

Cybersecurity firm CrowdStrike, which is facing the heat for causing worldwide IT disruptions by pushing out a flawed update to Windows devices, is now warning that threat actors are exploiting the situation to distribute Remcos RAT to its customers in Latin America under the guise of a providing a hotfix. The attack chains involve distributing a ZIP archive file named "Crowdstrike-hotfix.zip," which contains a malware loader named Hijack Loader that, in turn, launches the Remcos RAT payload. Specifically, the archive file also includes a text file with Spanish-language instructions that urges targets to run an executable file to recover from the issue.

Microsoft says a faulty CrowdStrike Falcon update, which caused widespread outages by crashing Windows systems worldwide, also resulted in Windows 365 Cloud PCs getting stuck in reboot loops, rendering them unusable. "We have been made aware of an issue impacting Virtual Machines running Windows Client and Windows Server, running the CrowdStrike Falcon agent, which may encounter a bug check and get stuck in a restarting state," Microsoft said on its Service Health Status page.

Kettle If you're an IT administrator with Windows boxes on your network, Friday can't have been a lot of fun. What's likely millions of systems were or still are stuck in blue-screen boot loop hell, mostly requiring manual intervention to fix.

The world is 16+ hours into what looks like the biggest IT outage in history, triggered by a defective update for Crowdstrike endpoint security software for Windows machines. Crowdstrike has warned organizations to make sure to communicate with the company's representatives through official channels.

Businesses across the world have been hit by widespread disruptions to their Windows workstations stemming from a faulty update pushed out by cybersecurity company CrowdStrike. "CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts," the company's CEO George Kurtz said in a statement.

VMware's Carbon Black EDR and CrowdStrike's Falcon products are two top EDR solutions with features that can help to improve an organization's security posture. For pricing, VMWare doesn't explicitly provide pricing for its Carbon Black EDR products.

As leaders within the endpoint detection and response industry, CrowdStrike and Sophos provide high-quality EDR for organizations of all sizes. CrowdStrike Falcon XDR and Sophos Intercept X both build upon their EDR solutions with enhanced detection and response, known as XDR. In this comparison, we explain which EDR solution is best for you and your organization.

A faulty component in the latest CrowdStrike Falcon update is crashing Windows systems, impacting various organizations and services across the world, including airports, TV stations, and hospitals. [...]

CrowdStrike and Trellix are two of the top EDR software options on the market. CrowdStrike is a cloud-based EDR tool that protects endpoints from critical vulnerabilities such as malware, phishing, and ransomware and DDoS attacks.