Philip Semplice’s Post

Important Update from CrowdStrike on Falcon Sensor Issue: We've addressed the Windows hosts issue with a recent Falcon Sensor update. A fix is deployed, and here's how you can ensure your systems are clear: 1. Reboot: Restart the host to download the reverted channel file. 2. Safe Mode: If issues persist, boot Windows into Safe Mode. 3. File Deletion: Navigate to %WINDIR%\System32\drivers\CrowdStrike and delete the file C-00000291*.sys. 4. Normal Boot: Restart your system normally. 5. Cloud and VMs: For cloud or VM environments, detach, fix, and reattach the OS disk volume. 6. Check Your Systems: Ensure no file older than the 0527 UTC timestamp remains. 7. Support: Visit our support portal for continuous updates. We apologize for the inconvenience and thank you for your patience as we ensure your protection. 🛡️ #CrowdStrike #CyberSecurity #TechSupport #WindowsSecurity

As most of us are already aware, CrowdStrike experienced an unexpected outage related to their Falcon Sensor, impacting businesses using Windows hosts nationwide. Statement from CrowdStrike: "CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack." CrowdStrike workaround steps for individual hosts: 1. Reboot the host to give it an opportunity to download the reverted channel file. If the host crashes again, then: 2. Boot Windows into Safe Mode or the Windows Recovery Environment NOTE: Putting the host on a wired network (as opposed to WiFi) and using Safe Mode with Networking can help remediation. 3. Navigate to the %WINDIR%\System32\drivers\CrowdStrike directory Locate the file matching “C-00000291*.sys”, and delete it. 4. Boot the host normally. Note: Bitlocker-encrypted hosts may require a recovery key. Further information for workarounds on Public Cloud/Virtual, Azure, and AWS can be found on CrowdStrike's blog. https://lnkd.in/gFQmuh7z #crowdstrike #microsoft #cybersecurity

As many of you are aware, a recent IT outage following a CrowdStrike security update has caused significant global disruption. Fortunately, fixes are now available. Affected organizations should refer to the vendor guidance to take the necessary corrective actions. Please find attached CrowdStrike's statement, which includes workaround steps for individual hosts and public cloud environments, including virtual setups. A huge shoutout to all the IT teams worldwide who have been working tirelessly under intense pressure to resolve these issues! 🌍💪 If you need any assistance, please reach out or email Databox 360 at info@databox-360.com #ITSupport #TechUpdate #CrowdStrike #CyberSecurity #ITOutage #TeamWork #ITCommunity #DisasterRecovery

What's next after the Crowdstrike update fiasco and the massive global IT disruptions caused by the Microsoft Azure outage? 1. The world relies heavily on three cloud service providers (CSPs): Microsoft Azure, Amazon AWS, and Google Cloud. Any disruption to these firms can severely impact major service providers worldwide. The frequency of disruptions for these CSPs has increased in recent years. The primary cause of these disruptions? You guessed it—misconfigurations, often due to automation or human errors. These CSPs need to improve their patching quality control processes. If you control the software patching and update process, ensure you test updates in your test environment before applying them to production. 2. Be very careful when applying fixes. Always go to authorized sources to verify the fixes. Do not rely on unverified and unauthorized YouTube videos. 3. Many websites operated by malicious actors have started sharing misinformation or malware disguised as fixes. Ensure you only visit authorized sources for patches and instructions. Don’t become a phishing victim in these desperate times. Here is the Crowdstrike official statement on updates for Windows: https://lnkd.in/gJJVnjdC Here is the Crowdstrike official blog warning customers about malicious actors: https://lnkd.in/gjdz_D8H

🔒 Check out this article from Fredrik Brattstig on how you can boost security for #AzureVirtualDesktop (#AVD) and #Windows365 (#W365) Access. 📝He explains how you can elevate your security by ensuring only managed IGEL OS endpoints can access your AVD or Windows365 environment by using custom AppIDs within Microsoft Entra to control access precisely. This method simplifies security without the complexity of extensive conditional access policies. Protect your resources by using unique AppIDs and disable first-party clients for added security. ▶️For a detailed guide on setting this up, visit https://lnkd.in/eWXFTR6s

Despite the many benefits VDI/DaaS can provide, virtual environments are vulnerable to attacks on the endpoint. Find out how ThinScale can help; https://lnkd.in/dVQcCy_u #vdi #daas #saas #cybersecurity #zerotrust #thinscale #endpointsecurity #securitysolutions

A third party cyber security company (ClodStrike) caused a recent outage on Azure which affected several major businesses. According to Microsoft status update, https://lnkd.in/g5H8hKPb virtual machines get stuck during update. See details in the previous and this link, https://lnkd.in/gctg8f3H Few years ago, I had a similar experience, identified during development, in one of the projects that I led in a different cloud service. To mitigate the problem I suggested, after consulting my team, to add a production like staging to our CI/CD to increase the probability of capturing the issues before it goes to production. Note that this increased deployment time and not to mention development time. When it comes to reliability and security related design decisions you will make some stakeholders unhappy: your job is not to make everybody happy; it is to minimize such kinds of impacts.

🌟 Excited to unveil my latest blog post, "Spoof/Change MAC Address permanently in Microsoft Azure"! 💡Dive into the intricacies of software licensing methods and the challenges they pose in Azure environments. From user-account licensing to the often cumbersome MAC address licensing, we explore how to navigate these hurdles. 🔍 Discover the significance of MAC addresses in network communication and the critical role they play in device identification. Learn how to effectively change MAC addresses on both Windows and Linux VMs, ensuring seamless operations without compromising connectivity or security. 💻 This comprehensive guide empowers you to optimize your infrastructure, reduce costs, and fortify your security measures. 🚀 Ready to enhance your Azure experience? Don't miss out on these invaluable insights! Read the full article now #MicrosoftAzure #Networking #Security #TechBlog #MACAddress #VirtualMachines #Azure #Spoofing

From #CyberSecurity to #AI, #Windows11 made waves in 2023 & the #2024 update is just a couple of months away. Take our assessment to get your organization started on the path to migrating to the advanced #OS from #Microsoft #DigitalWorkplace #DPC https://hubs.ly/Q02hxxw_0