Huntress’ Post

I think it is important to understand what happens when you compromise an account like this that is associated to RMM tools, and the adverse effect it has on all the profiles associated with platform that is being used. Specially when you start looking at it from an MSPs perspective.

In VNC’s Zero Trust Onion principle, ‘Level 7’ refers to Container Host OS protection, critical to assure workload isolation and run-time integrity. With the integration of BedRock Systems' foundational run-time security layer, this new level of protection is now possible for VNClagoon customers. Learn more: https://lnkd.in/eN2usSYf #secureSoftware #ITSecurity #VNClagoon #zeroTrust

It’s been quite a while since I originally wrote this article... Back when, I was deeply involved in working with telephones and telecommunication systems. This piece is about finding a way to manage IP telephone devices, even when faced with a lack of cooperation from network administrators (not the network or phone system owners). It’s a bit of a workaround to get around restrictive network policies and ensure remote management remains possible. The link I’m sharing leads to a Hackaday article that discusses this topic, but within it, you’ll also find a detailed "how-to" for implementing the solution yourself. Though it’s an older piece, I’ve noticed that many of you who follow me have a strong interest in security. I hope this article may still spark new ideas or offer some useful insights. https://lnkd.in/dfTEE5Bg

There are different "DX" (Digital Experience) tools these days that are focused on figuring out if a person has a good enough connection to do his job ❓ Can he access the websites he needs? ❓ Is the connection of high quality? ❓ Are there any configuration issues in packets routing? ❓ Do firewalls block anything? Essentially, what IT managers used to deal with in the office - now done remotely for every employee in any location What many of these tools miss is #VoIP and #WebRTC Why? Because these use UDP and not TCP for connectivity And they need different handling Here's why 👉 https://lnkd.in/dg5cV9TN

Just a quick service message in regard to the CrowdStrike issue... A faulty update from CrowdStrike Falcon sensor has rendered thousands to millions of Windows computers and servers worldwide inoperable, leading to widespread outages in various industries. The issue, initially mistaken for a Microsoft problem, has caused Windows hosts to enter a blue-screen-of-death (BSOD) loop. Manual intervention using a local admin account is required for remediation. Windows computers and servers worldwide have been made inoperable due to a faulty update of CrowdStrike Falcon sensors. The outage has significantly affected transport, broadcast, financial, retail, and other organizations, resulting in widespread operational disruptions. Major incidents include Sky News being off-the-air in the UK and airlines such as Delta, United, and American Airlines pausing flights globally. Initially presumed to be a Microsoft issue, the root cause was later confirmed as a malfunctioning update from CrowdStrike's endpoint security agent, leaving Windows hosts in a BSOD loop. CrowdStrike has suggested that manual intervention using a local admin account is necessary to interrupt the BSOD loop. 1. Booting Windows into Safe Mode or the Windows Recovery Environment 2. Navigating to the C:\Windows\System32\drivers\CrowdStrike directory 3. Locating the file matching “C-00000291*.sys” and deleting it, then 4. Booting the host normally. Given the scale of the issue, restoring operability in companies with large fleets of Windows PCs will be time-consuming. Security researchers and CrowdStrike are currently investigating the update to determine the exact cause, which is believed to be a coding error rather than deliberate sabotage. References: https://lnkd.in/dNFNNfvr https://lnkd.in/dJb8XNkx #restassured #crowdstrike #madsomware #threatinsights

When your employees are working remotely, they’re at risk until they connect to your corporate VPN. Beam® eliminates the potential for human error and exposure to threats. Read our latest blog to learn more about how Beam® can help you connect from anywhere with confidence: https://lnkd.in/evzX6JxC #beam #remotework #vpn #secureconnection #hypervisor #secureaccess

A nice article, there certainly is some vendor-hype here. I think what you should take away from this article is the VPN attack surface. This is something I spend some time talking about! While these 5 VPN "issues" are things to consider, there are certainly a lot of Zero Trust considerations. ·      VPNs Typically Provide All-or-Nothing Network-Level Access  ·      VPNs Lack Access, Connectivity, and Supervisory Controls ·      VPNs Require an Internet Connection, Limiting Their Utility in OT Environments ·      VPNs Enable Insecure Protocol Access ·      VPNs Have Limited Ability to Provide Third-Party Access Take a few minutes. #zerotrust #thetalent

CrowdStrike and the Windows Blue Screen of Death problem: Recently, we observed a major IT outage resulting from a faulty update released by CrowdStrike, which caused worldwide disruptions. Despite these difficulties, it's comforting to know that CrowdStrike's CEO stated that the outage was not caused by a security breach or cyberattack - flights were suspended, broadcasters were taken off the air, and many Windows computers experienced the well-known blue screen of death (BSOD). As a cybersecurity GRC officer, this incident highlights several key lessons for enhancing our overall security posture: 1- Reliable Update Management: Even authorized updates can lead to extensive disturbances. Having strict testing and rollback procedures in place is crucial to reduce the impact. 2- Being well-prepared for incident response guarantees quick recovery and communication in emergencies. This outage underscores the significance of being ready and acting quickly. 3- Communication and Transparency: CrowdStrike's transparency in verifying the cause of the disruption helps uphold trust and handle stakeholder expectations. Effective communication is crucial for preserving credibility. 4- Ongoing improvement: Each incident presents a chance to enhance our procedures. Evaluating and gaining knowledge from disturbances can enhance our ability to face future challenges. Our goal in the field of GRC is to help businesses overcome challenges with minimal interruption. This event is a strong indication of the significance of staying alert, being ready, and always striving to enhance our security. Stay Resilient 💪

Companies continue to see an increase in the diversity of operating systems used to connect to their IT environments, with a particular growth in macOS. As financially motivated threat actors increasingly focus their efforts on finding and stealing sensitive data, protecting users and their devices against data loss across a range of operating systems is pivotal. Read More: 👉 https://lnkd.in/dhNZ5TBd #DataLossPrevention #DataProtection #macOS

🔆 Microsoft outage !! 📴 What is CrowdStrike !! Microsoft Windows users worldwide including India, Australia, Germany, the United States, the UK and more are seeing a blue screen issue on their laptops. This has made their systems restart or shut down automatically. Companies like Dell Technologies have stated that this crash has been caused due to a recent CrowdStrike update. ⏩ So what is CrowdStricke ? What it is do with Microsoft? CrowdSrike is a cybersecurity platform that provides security solutions to users and businesses. Using a single sensor and unified threat interface with attack correlation across endpoints, workloads, and identity, Falcon Identity Threat Protection stops identity-driven breaches in real time.It has been reported that the buggy update is caused by CrowdStrike’s Falcon Sensor to malfunction and conflict with the Windows system. CrowdStrike has acknowledged the error and said, “Our Engineers are actively working to resolve this issue and there is no need to open a support ticket.” The company will update the users once this issue is resolved. Microsoft confirmed the Azure ✅ outage was resolved early Friday, but the disruption served as a stark reminder of the potential consequences when critical infrastructure relies heavily on cloud services. This outage has affected airlines, banks, supermarkets, media outlets and other businesses. ✳ What is Blue Screen of Death? The Blue Screen of Death (BSOD) is a critical error screen that shows up on Windows operating systems. It happens when the system crashes due to a severe issue that prevents it from working safely. When this error occurs, the computer restarts unexpectedly, and unsaved data is likely to be lost. 😫 But There is no Reason to warry as microsoft is already deploy teams for active solution and complete recovery . The solution was also provided by CrowdStrike's CEO, George Kurtz For more info , check out this article : https://lnkd.in/gYcbVq8G #Windos10 #WindosOS #CrowdStrike #FalconSensor #MicrosoftOutage #MicrosoftIndia #BSOD