A week ago, Cloudstrike push a software update that will forever change business as usual at the Cybersecurity giant… and the fallout will most likely result in a decade of litigation. The suspected cause of the error by Cloudstrike may be found in the incorrect application of standard CI/CD controls.
Reports indicate that (Globally) bad actors are already discussing the cause and effect of this vulnerability on the dark web, sharing lists of customers known to use CrowdStrike, and taking advantage of those who might be seeking resolution to the Blue Screen of Death. Technical adversaries have begun creating fake websites related to this issue, some designed for phishing and others to distribute malicious content. Use caution and avoid visiting any web pages that cannot be confirmed as authentic, such activity could result in the exploitation of computers that might lead to an account takeover. We are actively assessing these risks, system by system, and are in a position to supply critical information.
Common concerns and questions:
What happens when systems are back online but still vulnerable?
Some organizations may consider removing the CloudStrike solution entirely, but doing so without an alternative protection in place could leave them exposed to further attacks.
Threat actors are always looking for such opportunities to exploit. It is crucial to:
- Follow effective Policies & Procedures
- Communicate through your customer, and employees through directive issued through your legal team.
- All communication about this issue should come directly from your internal team or the official vendor website.
- It’s important to inform all staff that CrowdStrike has not set up any new domains related to this issue and that visiting such sites could result in phishing attempts, malware infections, or worse.
- Consider the adoption of Anamo CDM which provides a layer of Cybersecurity protection against for Zero-Day-Exploits.
If you have further questions or concerns, do not hesitate to reach out to US ProTech
###