BSI confirms workaround for CrowdStrike and Azure outages
According to the BSI, manually deleting a file fixes startup problems on Windows computers with CrowdStrike software. Microsoft Azure is also causing problems.
ICYMI: on the latest #TechstrongTV I join the Gang to go deep on #Google #acquisition of #CNAP (#cloud #cybersecurity) with #Wiz, esp. how it hits #AWS, #Azure, #Cisco, #Splunk, #Crowdstrike, #PANW, ++. Just don't call it #DevSecOps!
Plus, #AI is failing, even for religion!
https://techstrong.tv/videos/videos/techstrong-gang-march-19-2025
ICYMI, on the latest #TechstrongTV I join the Gang to go deep on #Google #acquisition of #CNAP (#cloud #cybersecurity) with #Wiz, esp. how it hits #AWS, #Azure, #Cisco, #Splunk, #Crowdstrike, #PANW, ++. Just don't call it #DevSecOps!
Plus, #AI is failing, even for religion!
https://techstrong.tv/videos/videos/techstrong-gang-march-19-2025
Shedding light on the ABYSSWORKER driver
The ABYSSWORKER driver is a malicious tool used in conjunction with MEDUSA ransomware to disable anti-malware systems. It employs a HEARTCRYPT-packed loader and a revoked certificate-signed driver to target and silence EDR vendors. The driver imitates a legitimate CrowdStrike Falcon driver and uses obfuscation techniques to hinder analysis. It provides various functionalities including file manipulation, process and driver termination, and EDR system disabling. The driver's capabilities include removing callbacks, replacing driver functions, killing system threads, and detaching mini-filter devices. It uses unconventional methods like creating IRPs from scratch to perform file operations. The malware's sophisticated approach demonstrates the evolving tactics of cybercriminals in evading detection and disabling security measures.
Pulse ID: 67dc31a079ea6b0ac92136ae
Pulse Link: https://otx.alienvault.com/pulse/67dc31a079ea6b0ac92136ae
Pulse Author: AlienVault
Created: 2025-03-20 15:17:52
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
ICYMI, on the latest #TechstrongTV I join the Gang to go deep on #Google #acquisition of #CNAP (#cloud #cybersecurity) with #Wiz, esp. how it hits #AWS, #Azure, #Cisco, #Splunk, #Crowdstrike, #PANW, ++. Just don't call it #DevSecOps!
Plus, #AI is failing, even for religion!
https://techstrong.tv/videos/videos/techstrong-gang-march-19-2025
Super new drop from #TechstrongTV! I join the Gang to go deep on #Google #acquisition of #CNAP (#cloud #cybersecurity) with #Wiz, esp. how it hits #AWS, #Azure, #Cisco, #Splunk, #Crowdstrike, #PANW, ++. Just don't call it #DevSecOps!
Plus, #AI is failing, even for religion!
https://techstrong.tv/videos/videos/techstrong-gang-march-19-2025
CrowdStrike makes a mistake, Windows Servers BSOD and fail to boot, Linux users observe...
https://video.fosshq.org/videos/watch/8afb970e-3127-4482-82b5-31b603df974a
@FritzAdalis @jerry "Baghdad Bob" gets put into cold storage and is brought out on occasions where his level of obliviousness is appropriate. For example - explaining the #CrowdStrike incident which was neither cyber, nor a security incident as it turns out.
@ceotech Only proof that people make mistakes, especially in stressful situations.
Did you know that there is an immense threat of making followup misyakes or REALLY getting #hacked while you're going through an incident? Saw that with #crowdstrike
#cybersecurity is about #people at least as much if not more so than it is about #tech
Also a good reason to use services like simplelogin.io or buy your own domain and set up a #catchall so you can use a different mail address for each account
Friday's used to be relaxing. Now they're spent wondering how to build adhoc tables in logscale so I can explain why cmd - leads to a multi-stage malware deployment.
#crowdstrike #threathunting
CrowdStrike shares plunge 10% after a disappointing earnings forecast. CEO George Kurtz reveals the impact of a severe global IT outage on projected earnings, with estimates significantly below analyst expectations. While the current financials show a net loss of $92.3 billion, there’s optimism for recovery as experts predict a return to growth. Dive into the full analysis and future outlook from the insightful reporting by Samantha Subin. [Read more here](https://www.cnbc.com/2025/03/05/crowdstrike-shares-slump-on-weak-earnings-outlook.html). #CrowdStrike #EarningsReport #TechStocks #MarketNews
Cyberbro has now a #crowdstrike engine to get device count and #CTI data
Just explored Falcon RTR (Real Time Response) and it’s super fun to use with Powershell scripts!
2024: 79% of cyber intrusions were malware-free, up from 40% in 2019. Voice phishing has overtaken phishing as the top first access method. #CyberSecurity #CrowdStrike #VoicePhishing #MalwareFree #Phishing #CyberTrends #DataSecurity #ThreatDetection #TechNews
@ip6li @heiseonline
Wenn #crowdstrike das kann, dann kann #russland das sicher auch.
#windowsfree
Nach den weltweiten Computerstörungen, die im Sommer 2024 durch ein fehlerhaftes Update einer Cybersicherheitslösung verursacht wurden, haben wir als BSI gemeinsam mit #Crowdstrike und #Microsoft den Vorfall aufgearbeitet.
Mehr dazu in unserer Pressemitteilung: 
https://www.bsi.bund.de/dok/1138130
- Arbeitsrechner an.
- "Wir steigen auf #crowdstrike um, das ist kostengünstiger"
*roflnd gesendet
@emag @roknrol malicious compliance is the way to go. Was accused by HR of cheating on my timesheet, and that "the rules apply to everyone" (i entered the building at 8 am, not 7:57), thus I made sure to also leave on time when #CrowdStrike crowdfucked the company
Fiddling around with jamfnow and crowdstrike. Is there any way to install falcon automatically? Maybe via profiles? I tried to find one, but the crowdstrike docs seem to be incomplete.
Could anyone push me in the right direction?
| wörk 
