Tag: update

Navigating the Cyber Tempest: The CrowdStrike and Microsoft Outage of July 2024

Posted on by Greg Price in Articles

Ahoy, digital navigators! Batten down the hatches and grab your keyboards, because we’re diving into the deep waters of the recent cyber tempest that rocked the tech world. On July 19, 2024, a software update gone awry sent waves through the digital seas, causing widespread chaos across Microsoft’s services and showcasing the intricate dance of technology – sometimes it’s a waltz, and sometimes it’s a full-blown mosh pit.

What Happened?

Picture this: It’s a calm Friday morning when suddenly, like a scene from a cyber horror flick, blue screens of death (BSOD) start popping up everywhere. The culprit? A botched update from CrowdStrike, a leading cybersecurity firm, which caused Windows systems worldwide to crash, resulting in unprecedented outages.

The Details

CrowdStrike released an update to its Falcon Sensor software, but a critical error in the update caused a faulty kernel driver to be deployed. This driver, csagent.sys, was supposed to bolster security but ended up causing systems to crash with the dreaded BSOD. The issue arose from a missing null check in the code, which led to attempts to access invalid memory locations. Think of it as trying to read a note you never actually wrote – chaos ensues.

The impact was monumental. From grounded flights to disrupted cellular networks, the ripple effects of this snafu were felt globally. Airports, banks, hospitals, and countless businesses found themselves in the digital dark.

The Aftermath

CrowdStrike and Microsoft sprang into action to mitigate the damage. CrowdStrike released a statement acknowledging the issue and provided a workaround solution. They advised affected users to boot their systems into Safe Mode and delete the faulty driver manually.

Microsoft, on the other hand, offered technical guidance and support to help users restore functionality. They also worked closely with CrowdStrike to expedite a permanent fix.

How to Protect Yourself

While we hope you weren’t caught in this particular storm, it serves as a poignant reminder of the importance of robust cyber hygiene. Here are some steps to keep your digital ship afloat:

  1. Keep Software Updated: Regularly update your software to ensure you have the latest security patches. But, always verify the update source.
  2. Enable Two-Factor Authentication (2FA): This adds an extra layer of security, making it harder for cyber pirates to plunder your data.
  3. Regular Backups: Ensure you have regular backups of your critical data. If a storm hits, you’ll be able to restore your system without losing valuable information.
  4. Stay Informed: Keep up with the latest cybersecurity news. Knowledge is your best defense against the ever-evolving tactics of cybercriminals.

Final Thoughts

The CrowdStrike-Microsoft outage of July 2024 is a stark reminder of how interconnected and vulnerable our digital world can be. As we continue to sail through these cyber seas, it’s crucial to stay vigilant and prepared. Remember, in the world of cybersecurity, it’s always better to be a step ahead than a step behind.

Stay safe, stay informed, and may your digital voyages be smooth and secure!

New Year, New Cyber Habits: Top 10 Cyber Hygiene Resolutions for 2023

Posted on by Greg Price in Articles

As the year’s first rays dawned, many of us uncorked the champagne, reflected on the past, and scribbled down those classic New Year’s resolutions. From hitting the gym (or at least stretching once in a while) to finally reading that book gathering dust on the shelf – the New Year has always been a beacon of fresh starts and renewed commitments. But why not add a resolution that can protect something incredibly valuable yet often overlooked? Your digital well-being.

Given that more of our lives are entwined with the digital realm, ensuring your cyber hygiene is as refreshed and revitalized as your new workout plan becomes crucial. Let’s dive into the top 10 cyber resolutions you should consider adopting this 2023:

  1. Password Perfect: No, “password123” is not a secure choice. Commit to strengthening and diversifying your passwords. Consider using a password manager, so you only need to remember one master password. With cyberattacks on the rise, this is akin to changing the locks on your front door.
  2. Two Steps Ahead: If you’re not using two-factor authentication (2FA) on your crucial accounts, it’s time to embrace it. Yes, it’s an extra step, but it’s also an extra layer between your data and potential hackers.
  3. Update and Elevate: Remember that pesky notification you’ve been swiping away for months? Updates aren’t just about introducing fancy new features; they often patch security vulnerabilities. Regular updates can be the difference between a smoothly running device and a malware-riddled one.
  4. Declutter Digital Desks: Much like that closet you’re vowing to clean, your digital space likely needs some tidying. Delete apps you no longer use, especially if they have permissions that access your personal data. A leaner device is often a safer device.
  5. Back It Up: Imagine spilling coffee on your device and realizing you’ve lost everything? Nightmare-ish, right? Regularly back up essential files to an external hard drive or cloud storage. If disaster strikes, you’ll have a digital safety net.
  6. Wi-Fi Wisdom: Free public Wi-Fi is tempting, especially when you’re sipping a latte and browsing. However, they’re also a playground for snoopers. If you must use one, avoid accessing sensitive accounts or use a VPN to cloak your activities.
  7. Email Enlightenment: Phishing scams are ever-evolving, but a touch of skepticism can go a long way. Questionable sender? Unsolicited attachments? When in doubt, don’t click. Think of it as digital stranger danger.
  8. Social Media Savviness: We love sharing, but oversharing can be perilous. From vacation plans to your pet’s name (often used as security answers), be wary of what you post. And while we’re on the topic, review those privacy settings.
  9. Educate and Advocate: Keep abreast of the latest in cyber threats and safety measures. Consider subscribing to a cybersecurity news outlet, the one you’re one is a good start. The more you know, the better you can protect yourself. And share the knowledge; after all, caring is sharing.
  10. E-Commerce Caution: Online shopping is a delight, but not when your credit card details end up in the wrong hands. Use trusted websites, always look for the ‘https’ in the URL, and consider using a credit card over a debit card for better fraud protection.

Tying it up with a bit of cheer – while cyber threats might sound like the plot of a sci-fi thriller, with proactive steps and awareness, they don’t stand a chance against you. Let’s raise our glasses (or coffee mugs) to not just a year of personal growth and achievements but also to a year of robust digital health and fortified cyber barriers.

So, go on, adjust those New Year’s resolutions. Slide in a few from the list above. Here’s to making 2023 not just prosperous and fulfilling, but cyber safe!

Stay updated, stay secure, and remember – a moment of prevention in the cyber world can save hours of digital heartbreak. Cheers to a cyber-smart 2023!

Ransomware Strikes Again

Posted on by Greg Price in Articles
Greg Price

Various Federal and cybersecurity advocates have released numerous announcements this year, highlighting the increase in ransomware attacks in the United States. Many of the notices indicate that the rise in ransomware attacks is directly related to attacks on enterprises: the large targets are paying substantial amounts of money to regain access to their data. And, as a result, the cybercriminals are expanding their “business”.

While the increase in attacks is likely correct, the troubling issue is the continued increase in successful attacks. The bad guys are winning and gathering financial gain in the process.

On November 18, Louisiana found itself, once again, in a painful situation. Ransomware struck the state networks and resulted in a decision to shutter various agencies in order to reduce the spread of the ransomware. The governor’s office indicated that the Departments of Health, Children and Family Services, Motor Vehicles, Transportation and Governor John Edwards were closed as a result of the attack.

The state’s cybersecurity response team was activated and moved quickly to contain the ransomware. Based on various reports, the team isolated the malware and began an aggressive server restore process.

A statement indicated that no data loss occurred and no ransom was paid.

Several researchers revealed that the attack was similar to one on Louisiana’s public school systems in July. The ransomware was a variant of the popular Ryuk malware.

The real story here is Louisiana’s response: no ransom payment. The team was able to contain the situation, and, due to a careful eye to proper backups, restored operations. The disruption may have been annoying, perhaps inconvenient, but the message was very clear: the disaster recovery plans worked. As a result, the bad guys’ efforts were wasted. Chalk one for the good guys and adhering to good computing hygiene.

As I’ve mentioned before, sometimes the best practice is a solid, tested defense. Louisiana could have poured millions of dollars into the latest shiny object or expensive consultants. Instead, they created a method for containing cyber attacks and built a strong cyber hygiene program, all of which are predicated on two things: updating software and following a rigorous backup routine.

So, speaking of updates, the would-be bad guys are actively impersonating Microsoft.

According to online reports, a spam campaign has been launched, offering a Windows 10 update.

The malware is disguised within the fake Windows 10 update, likely the Cyborg ransomware. When installed, instead of Windows 10, you will have a locked PC and a demand for ransom.

Given that Microsoft releases patches routinely and aggressively pushes the Windows 10 platform, impersonating a Windows 10 update is a clever way to trick users.

But, here’s the thing. Microsoft never announces updates or provides downloads to its software through email links.

What should you do if you receive one of the Microsoft Windows 10 update email messages?

Delete it. Don’t forward it, don’t preview it, don’t open with your mobile device. Just delete it.

Despite the increased attacks to large enterprises, the largest volume of successful ransomware attacks continue to occur with individual users and small businesses.

So, how do you build a solid defense to ransomware?

Start with some basic computer hygiene.

Pay attention to email, avoid opening unsolicited attachments, don’t click on emailed links. Additionally, stop sharing data via fistfuls of thumb drives. There are many efficient and secure methods for sharing files: consider Microsoft’s OneDrive, Google Drive, Dropbox, as examples.

Next, avoid running pirated, or, stolen software.

If you download files via torrent sites or enjoy “borrowing” software from pirated software sites, you’re not only likely breaking many laws, but, you’re exposing yourself to untrusted software, all of which could be loaded with malware. Use licensed software or download open source tools from trusted sites.

And, of course, keep your software updated.

Backup your files frequently and properly. Most modern devices include an online backup service – enable the service for your devices and review that all of your important files are backing up correctly.

Despite all of our efforts to have a good defense and adhere to best practices, there is still a chance that we all can fall victim to a scam and end up with an infected or broken device. Having your files backed up properly is the best way to avoid losing your data or having to run the risk of paying a hefty ransom.

As the holiday season approaches, the scammers will be more vibrant than ever. Below are a few items to help you increase your awareness and hygiene to avoid the most common of email scams.

First, be cautious, even paranoid with links.

Don’t click on email links, especially if you find the content questionable or suspicious. Hover over the link and see if the link’s actual address matches its display name. Also, open a web browser and visit the site directly: type the link into the browser and avoid clicking the link completely.

Second, watch for grammar and typographical issues.

Since the beginning of phishing and scam messages, typos and grammar problems have drawn attention to the legitimacy of the messages. Old, or, dated images often suggest problems as well. Reputable companies don’t send poorly-written inquiries.

Lastly, use multi-factor authentication.

If you fall victim to an impersonation attack and offer your credentials, at least with two-factor, you will have a parachute, of sorts. If two-factor is available use it and pay close attention to the requests you receive for the second form of verification. If you receive one and you didn’t initiate the request, don’t approve it.
Pay attention to the basics and enjoy a safer computing experience.

Be safe.

Ten habits to avoid data loss

Posted on by Greg Price in Articles

This article was originally published in The Troy Messenger on September 20, 2019.

Greg Price

Recently, I worked with a group who suffered an enormous data breach. The company realized something odd was afoot when payroll checks began to bounce.

In the security world, we often describe this type of breach discovery as “third-party” notification. In other words, someone not directly involved in the company’s operations informed the company of an issue. Also, many of us call this a resume-building opportunity.

I took a quick look at the core operations and assisted the IT team with a hasty inspection. In short, the company owned many security products, employed lots of tools. The board of directors wanted a single variable to surface as the reason for the loss of funds. However, a single smoking gun didn’t exist. The motive was simple: steal money. The success of the theft revealed numerous issues in the company’s execution of technology and associated protective measures. Below, I offer a list of the most common issues that I observe from similar events.

Let’s call these our top 10 habits to avoid data loss.

Continue reading “Ten habits to avoid data loss”