Claroty’s Post

Crowdstrike BSOD, Falcon Sensor BSOD, fix The results of improper testing and QA. The fix requires booting into safe mode and deleting a file. You may be wondering what does this file I'm deleting do? This file is actually filled with a bunch of zeros, meaning it is a blank/empty file, freaking the system out. If bitlocker is enabled, you’ll need your recovery key. It looks as if each of the millions of devices will manually need to be fixed, of which will be very time consuming.. This is not a good look for Crowdstrike. I’ll attach a screenshot of how to fix your device if you have permission and are technically inclined.

With so many software agents in today’s IT ecosystems, epic fails like CrowdStrike’s are an inevitability. Make sure your teams are prepared by investing in preparation and rethinking dependencies. The dust is largely settled from the global blue-screen-of-death (BSD) CrowdStrike inflicted on over 8.5 million Windows devices by its flawed delivery of a channel file in its Falcon Sensor update, crippling businesses worldwide. And now that nearly all those devices have been restored, it’s time for CISOs to pick up the pieces and contemplate lessons learned. Much has been bantered about the magnitude of this event — and how it underscores how dependent enterprises have become on single points of failure. https://lnkd.in/geex2RAM

AV pros, are you ready to level up your skills and knowledge? I'll be sharing insights on AV Security at Tech Talks this year. This conference is a must-attend for anyone serious about staying competitive in our rapidly evolving industry. Grab your ticket now with code INT20OFFSPEAK for 20% off. Let's push the boundaries of what's possible in AV together! https://bit.ly/3Laqbkr #INT24 #AVprofs

I guess already all are aware but, there is massive outage world-wide caused by Crowdstrike Update. Devices will end in endless boot loop with Blue screen. There is no automatic remediation but, booting into safe mode and deleting/ renaming folder or specific file matching “C-00000291*.sys” in C:\Windows\System32\drivers\CrowdStrike directory will allow boot again. Even if you are not impacted, there might be some 3d party solution or service you use and this is expected to last for some time.

Never worry about exposing your endpoint again. In this video Sahil will walk you through step by step on how to enable endpoint armor, and why you should even care! https://lnkd.in/eYXvuEGz

With the Face Searching and Sharing on the SecureGuard Dashboard®, you can instantly search for a face from any recorder and seamlessly share it across all your systems. No more repetitive updates or syncing hassles. Learn more about the SecureGuard Dashboard®: https://hubs.ly/Q02PGdlL0

Dealing with the Crowdstrike BSOD? Here's how to fix it: https://lnkd.in/gTdJub5R

Secrets expose your organization to significant risk and can go undetected for months, or even years, without the proper tools to detect them. Check out this quick demo of our secret scanning capabilities to see what sets Legit’s secret scanning apart from other solutions on the market. https://hubs.li/Q02l0wZm0 #AppSec #secretsincode #secretscanning #softwaresupplychainsecurity

If you're affected by the defective CrowdStrike driver update, you can run the following as a temporary workaround to apply the fix to your endpoints as soon as possible. This workaround requires bitlocker to be *disabled*: 1. Click See Advanced Repair Options 2. Click Troubleshoot 3. Click Command prompt and enter the following: "pushd C:\Windows\System32\drivers\CrowdStrike del 'C-00000291*.sys' exit" 4. Click continue. After a reboot, your endpoints should boot up. Apply the latest CrowdStrike fix as soon a possible.

🚨 CrowdStrike BSOD Fix 🚨 If you're dealing with a BSOD due to CrowdStrike’s Falcon sensor, Here is the solution. From obtaining your BitLocker recovery key to deleting affected files, find the full guide here.