July 19, 2024: It appears that the major global tech outages we’ve been seeing today are being caused by an issue with CrowdStrike’s endpoint agent running on Windows. It does not appear to be cyber attack related. The issue has been identified and a fix is available through CrowdStrike. The issue only impacts Windows users and does not impact Mac and Linux hosts. The issue affecting Windows users cannot be updated remotely and must be resolved manually. Impacted users should check CrowdStrike’s support portal for updates and resolutions.
CrowdStrike is recommending the following steps:
1. Boot your computer into Safe Mode.
2. Navigate to the folder c:windowssystem32driverscrowdstrike.
3. Rename the “crowdstrike” folder to something else.
4. Reboot your PC.
https://www.crowdstrike.com/blog/statement-on-windows-sensor-update/
SecuLore™ CyberSight provides management of your attack surface and monitoring through our patented Paladin technology to detect vulnerabilities and anomalous behavior. The technology passively captures all traffic on your network, and unlike CrowdStrike, is 100% agentless, so it’s not a threat to your operations. The packet captures are sent to our Security Operations Center to be processed via a unique behavioral analysis that is constantly reviewed by our team of CEH (Certified Ethical Hackers).
Contact SecuLore for more information to get started with a monitoring option to detect malicious traffic attempting to exploit vulnerabilities on your network security. .
Stay cyber-safe,
SecuLore Support Team
Other Resources
- Threat Detection and Response: A Case Study in Human Expertise
- Why SOAR Isn’t the Right Cybersecurity Fit for Public Safety
- World Backup Day: Essential Backup Strategies for Public Safety & Government
- Managed Detection and Response FAQ: Everything Public Safety Agencies Need to Know
- What is Deep Packet Inspection (DPI)?
