CrowdStrike has a new guidance hub for dealing with the Windows outage

Share via:


The page includes technical information on what caused the outage, what systems are affected, and CEO George Kurtz’s statement. It contains links to Bitlocker key recovery processes and to various third-party vendor pages about dealing with the outage, as well.

The page points to a knowledge base article (which only logged-in customers can access) for using a bootable USB key. Microsoft released such a tool yesterday that automatically deletes the problematic channel file that caused machines to blue screen.

CrowdStrike also published a blog yesterday warning that threat actors have been taking advantage of the situation to distribute malware, using “a malicious ZIP archive named crowdstrike-hotfix.zip.”

The ZIP archive contains a HijackLoader payload that, when executed, loads RemCos. Notably, Spanish filenames and instructions within the ZIP archive indicate this campaign is likely targeting Latin America-based (LATAM) CrowdStrike customers.

Following the content update issue, several typosquatting domains impersonating CrowdStrike have been identified. This campaign marks the first observed instance in which a threat actor has capitalized on the Falcon content issue to distribute malicious files targeting LATAM-based CrowdStrike customers.  

CrowdStrike says organizations should only be working directly with CrowdStrike’s representatives using official channels, and should use only the guidance its support team provides.



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Popular

More Like this

CrowdStrike has a new guidance hub for dealing with the Windows outage


The page includes technical information on what caused the outage, what systems are affected, and CEO George Kurtz’s statement. It contains links to Bitlocker key recovery processes and to various third-party vendor pages about dealing with the outage, as well.

The page points to a knowledge base article (which only logged-in customers can access) for using a bootable USB key. Microsoft released such a tool yesterday that automatically deletes the problematic channel file that caused machines to blue screen.

CrowdStrike also published a blog yesterday warning that threat actors have been taking advantage of the situation to distribute malware, using “a malicious ZIP archive named crowdstrike-hotfix.zip.”

The ZIP archive contains a HijackLoader payload that, when executed, loads RemCos. Notably, Spanish filenames and instructions within the ZIP archive indicate this campaign is likely targeting Latin America-based (LATAM) CrowdStrike customers.

Following the content update issue, several typosquatting domains impersonating CrowdStrike have been identified. This campaign marks the first observed instance in which a threat actor has capitalized on the Falcon content issue to distribute malicious files targeting LATAM-based CrowdStrike customers.  

CrowdStrike says organizations should only be working directly with CrowdStrike’s representatives using official channels, and should use only the guidance its support team provides.



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

More like this

UK seeks collaboration for security research lab to counter...

The U.K. is seeking collaboration for a new...

Swiggy Hires Flipkart Veteran In Instamart Revenue Push

SUMMARY Swiggy has hired former Flipkart executive Kanika Tiwari...

PlayAI clones voices on command

Back in 2016, Hammad Syed and Mahmoud Felfel,...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!