Security News

EU gave CrowdStrike the keys to the Windows kernel, claims Microsoft
2024-07-22 13:00

Did the EU force Microsoft to let third parties like CrowdStrike run riot in the Windows kernel as a result of a 2009 undertaking? This is the implication being peddled by the Redmond-based cloud and software titan. As the tech industry deals with the fallout from the CrowdStrike incident, Microsoft is facing questions.

Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update
2024-07-22 12:08

By now, most people are aware of – or have been personally affected by – the largest IT outage the world have ever witnessed, courtesy of a defective update for Crowdstrike Falcon Sensors that...

Microsoft releases Windows repair tool to remove CrowdStrike driver
2024-07-22 01:22

Microsoft has released a custom WinPE recovery tool to find and remove the faulty CrowdStrike update that crashed an estimated 8.5 million Windows devices on Friday. [...]

CrowdStrike's Falcon Sensor also linked to Linux kernel panics and crashes
2024-07-21 23:51

CrowdStrike's now-infamous Falcon Sensor software, which last week led to widespread outages of Windows-powered computers, has also caused crashes of Linux machines. A second issue titled "System crashed at cshook network ops inet6 sockraw release+0x171a9" advised users "For assistance with troubleshooting potential issues with the falcon lsm serviceable kernel module provided from the CrowdStrike Falcon Sensor/Agent security software suite." Red Hat also advised that "Disabling the CrowdStrike Falcon Sensor/Agent software suite will mitigate the crashes and provide temporary stability to the system in question while the issue is investigated." The issue was "Observed but not limited to release 6 and 7.".

Fake CrowdStrike fixes target companies with malware, data wipers
2024-07-21 19:31

Threat actors are exploiting the massive business disruption from CrowdStrike's glitchy update on Friday to target companies with data wipers and remote access tools. [...]

Fake CrowdStrike updates target companies with malware, data wipers
2024-07-21 19:31

Threat actors are exploiting the massive business disruption from CrowdStrike's glitchy update on Friday to target companies with data wipers and remote access tools. In an update today, CrowdStrike says that it "Is actively assisting customers" impacted by the recent content update that crashed millions of Windows hosts worldwide.

Week in review: CrowdStrike update causes widespread IT outage, critical Splunk Enterprise flaw
2024-07-21 08:00

Faulty CrowdStrike update takes out Windows machines worldwideThousands and possibly millions of Windows computers and servers worldwide have been made inoperable by a faulty update of Crowdstrike Falcon Sensors, and the outage affected transport, broadcast, financial, retail and other organizations in Europe, Australia, the US and elsewhere. Critical Splunk flaw can be exploited to grab passwordsA recently fixed vulnerability affecting Splunk Enterprise on Windows "Is more severe than it initially appeared," according to SonicWall's threat researchers.

Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware
2024-07-20 16:01

Cybersecurity firm CrowdStrike, which is facing the heat for causing worldwide IT disruptions by pushing out a flawed update to Windows devices, is now warning that threat actors are exploiting the situation to distribute Remcos RAT to its customers in Latin America under the guise of a providing a hotfix. The attack chains involve distributing a ZIP archive file named "Crowdstrike-hotfix.zip," which contains a malware loader named Hijack Loader that, in turn, launches the Remcos RAT payload. Specifically, the archive file also includes a text file with Spanish-language instructions that urges targets to run an executable file to recover from the issue.

Microsoft confirms CrowdStrike update also hit Windows 365 PCs
2024-07-20 15:24

Microsoft says a faulty CrowdStrike Falcon update, which caused widespread outages by crashing Windows systems worldwide, also resulted in Windows 365 Cloud PCs getting stuck in reboot loops, rendering them unusable. "We have been made aware of an issue impacting Virtual Machines running Windows Client and Windows Server, running the CrowdStrike Falcon agent, which may encounter a bug check and get stuck in a restarting state," Microsoft said on its Service Health Status page.

CrowdStrike Windows patchpocalypse could take weeks to fix, IT admins fear
2024-07-19 17:54

Kettle If you're an IT administrator with Windows boxes on your network, Friday can't have been a lot of fun. What's likely millions of systems were or still are stuck in blue-screen boot loop hell, mostly requiring manual intervention to fix.