Trellix

📣 Let’s hear it for CIO Kimberly Anstett, who has been chosen as a 2024 TITAN 100, distinguishing her as one of Tampa’s top C-level executives. ✨ In the wake of the global tech outage, we thank all CIOs and leaders stepping up around the world to help their organizations recover. Your contributions are more invaluable than ever! https://bit.ly/4fkiQg7

Threat actor group Handala was observed sending lure emails containing malware to Israeli targets following the CrowdStrike outage. The malware is a wiper that has a single purpose: to destroy files on the machine it runs on. Max Kersten, Mathanraj TK, and Tomer Shloman provide the full run-down of Handala’s previous actions, attack chains, and the inner workings of the wiper in the latest blog. ➡️ https://bit.ly/4d0ri2A

One week after the CrowdStrike outage, #TeamTrellix continues to work around the clock to stay ahead of threats stemming from the event. From fake domains to wipers, Head of Threat Intelligence John Fokker and Malware Analyst Max Kersten explain several key trends.

Threat actors have moved quickly to take advantage of the CrowdStrike outage with tactics like gift card scams, outage-themed malware, the potential leak of the entire CrowdStrike threat actor library, and more. Our Advanced Research Center keeps you in the know. 👇 Get more details via the blog. https://bit.ly/4bLCmze  

#TeamTrellix is here to help organizations recover from the CrowdStrike global outage and provide educational resources to avoid future incidents. 🔒💪 In Part 2 of our series, discover how Trellix ePO, EDR, and ENS enhance control and reduce risks associated with software and content updates. https://bit.ly/3YlGbYO

As attackers take advantage of the chaos elicited by the CrowdStrike global outage, now is the time to implement additional guardrails aimed at minimizing supply chain risk, maximize phishing protection, and prioritizing SecOps. Click through to uncover 3️⃣ tips for staying secure now and after the crisis. Plus, keep an eye on global outage related indicators that our Advanced Research Center updates daily. https://bit.ly/3zUxL0k

Our Advanced Research Center observed new indicators as part of a targeted phishing campaign by the Iranian threat actor group Handala. It targets Israeli customers with a seemingly legitimate CrowdStrike software installation package to deliver malware. Keep up with the latest updates here. ⬇️ https://bit.ly/4bLCmze

Now is the time to increase security education in the aftermath of the CrowdStrike outage. 💪 #TeamTrellix is kicking off a multi-part blog series by sharing best practices and explaining the protective power of due diligence and consistent testing. Learn more. https://bit.ly/4cZa45F Thank you to Liberty Williams, Mo Cashman, Zak Krider, and Aaron Yarnal for swiftly packaging insights to reduce risk for organizations.

Malicious actors leverage times of crisis, chaos, and uncertainty to spread misinformation. Viral, conspiratorial social posts about the July 19, 2024, CrowdStrike outage aim to drive traffic to explicit websites. Learn more and stay informed from our Advanced Research Center. ➡️ https://bit.ly/4bLCmze

🚨 LIVE tomorrow: Rob Labbé, one of our CISO Council members, will host a thought-provoking discussion about the recent CrowdStrike-Microsoft outage. Hear stories from those who faced the crisis head-on and distill industry-wide lessons to take with you. You don’t want to miss this. ⬇️