IMPACT Technology Group’s Post

Did you experience an outage last week, too?😧 Thanks to 47 ABC - WMDT for your coverage of the major outage affecting the world last week - and for reaching out to a LOCAL Technology Consultant to shed light on how something like this can affect individuals and businesses alike. See our interview here: https://lnkd.in/eBEgV5ww Maybe it's time for your business to work with a tech expert to ensure minimal downtime and maximum cybersecurity protection! Contact us today for peace of mind!📲 #BecauseLocalMatters #impacttg #Cybersecurity #crowdstrikeoutage #MicrosoftOutage #downtime

I feel sorry for any IT teams dealing with CrowdStrike outages this morning. An automatic update is causing Windows PCs and servers to immediately crash on boot. It’s taken out airlines, NHS GPs, banks, supermarkets, and emergency services. As the affected PCs wont boot they can’t be updated remotely; the likelihood is IT staff are going to need to visit each affected machine, boot safe mode and remove a file – if you have thousands of servers and workstations this isn’t going to be a quick fix. It makes me worry how many of us really understand where our single points of failure are in software systems? CrowdStrike’s selling points are simple maintenance and quick reactions by always being connected to the cloud – that doesn’t sound so great in retrospect. The National Cyber Security Centre has been advising organisations to patch and update as soon as possible, which is great advice until something like today happens. But another way you can reduce risk from ransomware and viruses is by distributing your data (don’t make a honeypot) and fewer interdependencies. If you’re up for giving data back to your customers – that doesn’t mean you can’t still offer the same services – then talk to us, we’d like to do some pilots with MyArk.

Heads up, security professionals! There's a critical security vulnerability in BitLocker that could allow attackers to bypass encryption (link to the article). Microsoft recently released a fix, but unfortunately had to disable it due to causing some devices to enter BitLocker recovery mode. While a permanent solution is awaited, Microsoft recommends a complex 4-stage manual mitigation process that involves restarting your device multiple times. Here's a quick breakdown of the steps: * Identify affected devices: Use a script provided by Microsoft to check if your device is vulnerable. * Backup your data: This is crucial in case something goes wrong during the mitigation process. * Follow the manual mitigation steps: These involve enabling Group Policy settings and configuring BitLocker. * Restart your device: After completing the steps, restart your device to ensure the changes take effect. Important to note: This mitigation process is permanent, even after reformatting the disk. For further details and the complete mitigation instructions, refer to the official Microsoft advisory. Let's stay vigilant and protect our data! #cybersecurity #bitlocker #vulnerability #microsoft #infosec https://lnkd.in/gqbTYm-3

Microsoft Edge for Business just got even better with new data leak controls. Safeguard your financial records, client details, and other sensitive info from falling into the wrong hands. Why risk 💸 financial loss, ⚖️ legal trouble, and a 👎 hit to your reputation? Microsoft Edge's AI-powered tools proactively detect threats and alert you before a leak happens. Plus, seamless integration with Microsoft 365 and Teams makes setup a breeze. Don't wait for disaster to strike. Our St. Louis IT support team can help you implement Microsoft Edge for Business and keep your data secure. Contact us today! https://lnkd.in/ebtRsn6n #MicrosoftEdge #DataSecurity #Cybersecurity #ITSupport #StLouis

https://buff.ly/4aY4ONV Patch Tuesday, June 2024 “Recall” Edition The latest from Brian Krebs...: Microsoft today released updates to fix more than 50 security vulnerabilities in Windows and related software, a relatively light Patch Tuesday this month for Windows users. The software giant also responded to a torrent of negative feedback on a new feature of Redmond’s flagship operating system that constantly takes screenshots of whatever users are doing on their computers, saying the feature would no longer be enabled by default. Last month, Microsoft debuted Copilot+ PCs, an AI-enabled version of Windows. Copilot+ ships with a feature nobody asked for that Redmond has aptly dubbed Recall (https://buff.ly/45hCepD), which constantly takes screenshots of what the user is doing on their PC. Security experts roundly trashed Recall as a fancy keylogger, noting that it would be a gold mine of information for attackers if the user’s PC was compromised with malware. Microsoft countered that Recall snapshots never leave the user’s system, and that even if attackers managed to hack a Copilot+ PC they would not be able to exfiltrate on-device Recall data. But that claim rang hollow after former Microsoft threat analyst Kevin Beaumont detailed on his blog (https://buff.ly/3KrHSvO) how any user on the system (even a non-administrator) can export Recall data, which is just stored in an SQLite database locally. “I’m not being hyperbolic when I say this is the dumbest cybersecurity move in a decade,” Beaumont said on Mastodon (https://buff.ly/3VinjXz). In a recent Risky Business podcast (https://buff.ly/3yVBxWX), host Patrick Gray noted that the screenshots created and indexed by Recall would be a boon to any attacker who suddenly finds himself in an unfamiliar environment. “The first thing you want to do when you get on a machine if you’re up to no good is to figure out how someone did their job,” Gray said. “We saw that in the case of the SWIFT attacks against central banks years ago. Attackers had to do screen recordings to figure out how transfers work. And this could speed up that sort of discovery process.” Responding to the withering criticism of Recall, Microsoft said last week (https://lnkd.in/eMnjHxqP) that it will no longer be enabled by default on Copilot+ PCs. Only one of the patches released today — CVE-2004-30080 (https://lnkd.in/e2CqEJ_K) — earned Microsoft’s most urgent “critical” rating, meaning malware or malcontents could exploit the vulnerability to remotely seize control over a user’s system, without any user interaction.…

Technology Tuesday - Week 30 As most people are aware, late last week, a software update from CrowdStrike caused a major outage, disrupting Microsoft Windows systems and affecting essential services nationwide. The incident highlights the risks of relying on single vendors for critical infrastructure and has sparked discussions on the need for better redundancy and regulatory measures. Experts argue that while regulatory intervention could be costly, it is crucial for businesses to adopt multiple layers of cybersecurity to prevent such failures in the future.  #Cybersecurity #TechUpdate #BusinessContinuity #Microsoft #CrowdStrike #ITOutage #1872Consulting #TechTuesday #TechnologyTuesday https://lnkd.in/eHKayCHX

Shouldn't your operating system protect itself from crashing when a third party updates their code? Microsoft crashes, and half the world goes down for a day. And they majestically paraded a scapegoat around and the guy from CrowdStrike fell on the sword for them, stealing the headlines away from what can only be seen as a fatal security flaw in Windows. With that and all the lawsuits about stealing data to train their #AI, maybe trusting them with your #AI isn't a great idea after all. #Overinvestment into one vendor makes you a slave customer. https://lnkd.in/gSEcrEa9 #Microsoft #ITOutage #Cybersecurity

🌐🚨 Global Internet Outage Alert! 🚨🌐 Are you experiencing issues with your internet connection today? 💻✈️ Whether you're grounded at the airport, facing problems with your credit or debit cards, or staring at the dreaded blue screen of death, you're not alone. This widespread disruption is linked to a recent update from CrowdStrike, which is causing major outages, including with Microsoft 365 and Azure services. Stay informed and check out the detailed article below for more information on what’s happening and how it might impact you: 🔗 https://lnkd.in/e2idi3ae Let's hope for a swift resolution to this issue! In the meantime, stay patient and informed. 🚀 #InternetOutage #TechUpdate #CyberSecurity #CrowdStrike #Microsoft365 #Azure

Here's what happened in cybersecurity in the past week: Microsoft has recently addressed a critical zero-click remote code execution (RCE) vulnerability, CVE-2024-38021, affecting various Microsoft Outlook applications. This flaw, discovered by Morphisec, allowed attackers to execute commands without user authentication, making it a high-risk vulnerability. While Microsoft classified it as "Important," Morphisec urged a "Critical" rating due to its potential impact. In a recent press release, AT&T, a major telecommunications company disclosed a significant data breach that exposed call and text message records of nearly all its cellular network customers. While the content of these communications remained secure, the breach compromised metadata, including phone numbers, which could potentially be used to identify individuals and reveal sensitive patterns of behaviour. Read more: https://lnkd.in/dEB9vWin

🚨 CrowdStrike Update Causes Major Microsoft Outage! 🚨 Key points: - 💻 A CrowdStrike update led to widespread Windows failures, impacting many sectors. - ✈️ Airlines, banks, and emergency services faced significant disruptions. - 🔄 CrowdStrike, a cybersecurity company, is actively working on a solution, urging users to avoid unofficial fixes. - 📅 The incident occurred on a Friday evening, adding to the challenge for IT teams. - 🔐 Importance of password management during recovery. - 🤝 Highlights the reliance on Microsoft's systems across various industries. - 🖥️ Mac and Linux systems were not affected by this outage. #CyberSecurity #TechNews #ITSupport Additional Details: - 🛡️ Avoid misinformation about fixes and updates. - ⏳ IT teams are working round the clock to restore services. - 🛠️ Ensure your organization has a robust recovery plan. - 💬 Support and clear communication are vital for IT teams during recovery. What is CrowdStrike and how did it cause a global Windows outage? https://lnkd.in/gHskFFaS