Version 1.1: October 18, 2024
On October 16, 2024, Radiant Capital experienced a security breach resulting in the loss of approximately $50 million USD. The attack compromised three Radiant developers, all of whom are…
MITRE’s AI Incident Sharing initiative helps organizations receive and hand out data on real-world AI incidents.
Non-profit technology and R&D company MITRE has introduced a new mechanism that enables organizations to share intelligence on real-world AI-related incidents.
Shaped in collaboration with over 15 companies, the new AI Incident Sharing initiative aims to increase community knowledge of threats and defenses involving AI-enabled systems.
CrowdStrike says it has revamped several testing, validation, and update rollout processes to prevent a repeat of the embarrassing July outage that caused widespread disruption on Windows systems around the world.
Mobile Guardian experienced a security incident that involved unauthorized access to the iOS and ChromeOS devices enrolled to the Mobile Guardian platform on the 4th of August.
We have halted servers in order to prevent further disruption by the perpetrator.
This is not related to an error in configuration that occurred on the 30th of July which affected Mobile Guardian iPads on our Singapore instance only.
DigiCert will be revoking certificates that did not have proper Domain Control Verification (DCV). Before issuing a certificate to a customer, DigiCert validates the customer’s control or ownership over the domain name for which they are requesting a certificate using one of several methods approved by the CA/Browser Forum (CABF). One of these methods relies on the customer adding a DNS CNAME record which includes a random value provided to them by DigiCert. DigiCert then does a DNS lookup for the domain and verifies the same random value, thereby proving domain control by the customer..
A cyberattack has hit a blood-donation nonprofit that serves hundreds of hospitals in the southeastern US.
The hack, which was first reported by CNN, has raised concerns about potential impacts on OneBlood’s service to some hospitals, multiple sources familiar with the matter said, and the incident is being investigated as a potential ransomware attack.
Just after midnight Eastern Time on July 19, 2024, the enterprise cybersecurity company CrowdStrike YOLOed a software update to millions of Windows machines. Or as they put it:
On July 19, 2024 at 04:09 UTC, as part of ongoing operations, CrowdStrike released a sensor configuration update to Windows systems.
That sensor configuration update caused the largest IT outage in history.
In this blog post, we examine the recent CrowdStrike outage and provide a technical overview of the root cause. We also explain why security products use kernel-mode drivers today and the safety measures Windows provides for third-party solutions. In addition, we share how customers and security vendors can better leverage the integrated security capabilities of Windows for increased security and reliability. Lastly, we provide a look into how Windows will enhance extensibility for future security products.
Shares of CrowdStrike plunged 13% on Monday, extending their loss-making streak, after Wall Street analysts downgraded the stock on concerns over the financial fallout from a global cyber outage last week.
On July 19, 2024 at 04:09 UTC, as part of ongoing operations, CrowdStrike released a sensor configuration update to Windows systems. Sensor configuration updates are an ongoing part of the protection mechanisms of the Falcon platform. This configuration update triggered a logic error resulting in a system crash and blue screen (BSOD) on impacted systems.
The sensor configuration update that caused the system crash was remediated on Friday, July 19, 2024 05:27 UTC.
This issue is not the result of or related to a cyberattack.
On July 18, CrowdStrike, an independent cybersecurity company, released a software update that began impacting IT systems globally. Although this was not a Microsoft incident, given it impacts our ecosystem, we want to provide an update on the steps we’ve taken with CrowdStrike and others to remediate and support our customers.
I want to sincerely apologize directly to all of you for today’s outage. All of CrowdStrike understands the gravity and impact of the situation. We quickly identified the issue and deployed a fix, allowing us to focus diligently on restoring customer systems as our highest priority.
The outage was caused by a defect found in a Falcon content update for Windows hosts. Mac and Linux hosts are not impacted. This was not a cyberattack.
Delaying security updates and neglecting regular reviews created vulnerabilities that were exploited by attackers, resulting in severe ransomware consequences.