CrowdStrike Experiences Global Outage Due to Latest Update

CrowdStrike Experiences Global Outage Due to Latest Update

 

CrowdStrike, a major player in the cybersecurity industry, has encountered a significant issue following a recent update. Users worldwide are reporting experiencing a Blue Screen of Death (BSOD) error on their Windows systems. This issue has sparked widespread concern, with numerous users taking to Reddit to discuss the problem.

What's Happening?

The BSOD error, also known as a "stop error," is a critical issue that causes computers to crash and display a blue screen. This error can be very disruptive, and in the case of CrowdStrike, it appears to have affected users globally. People from countries including Australia, India, and the Czech Republic have reported encountering the BSOD after the latest update from CrowdStrike.

A Reddit user named BradW-CS, who seems to be affiliated with CrowdStrike, posted an update in the discussion thread. According to BradW-CS, "We have widespread reports of BSODs on Windows hosts, occurring on multiple sensor versions. Investigating cause. TA will be published shortly." This indicates that CrowdStrike is aware of the issue and is actively investigating the cause.

Another Reddit user, TipOFMYTONGUEDAMN, reported that not only are users experiencing BSOD errors, but CrowdStrike servers are also down. This outage seems to be impacting users all around the world, adding to the frustration.

What is a BSOD Error?

For those unfamiliar with the term, BSOD stands for Blue Screen of Death. It is a serious error that occurs on Windows operating systems, causing the system to crash and display a blue screen with an error message. The BSOD can be caused by various issues, including hardware failures, driver issues, or software problems, and it often requires a restart to fix.

What's Next?

CrowdStrike is currently investigating the root cause of the BSOD errors. Users are eagerly awaiting further updates and solutions from the company. In the meantime, if you are affected by this issue, it is recommended to keep an eye on official channels and user forums for the latest information and potential fixes.

This incident highlights the challenges and risks associated with software updates, especially in critical cybersecurity applications. CrowdStrike’s swift response and transparency will be crucial in managing this situation and restoring user confidence.

Stay tuned for more updates as CrowdStrike works to resolve this global outage.

[SAMPLE POST] What is Network Penetration Testing?

[SAMPLE POST] What is Network Penetration Testing?

 

What is Network Penetration Testing?

Network penetration testing is an attempt by an ethical hacker to breach an organization’s network without doing harm. The objective is to identify security weaknesses in the network and its security controls, report on them, and allow the organization to remediate them.

Modern networks are extremely complex, with a combination of WAN, LAN, and wireless networks, a large number of endpoints including servers, workstations, mobile devices and internet of things (IoT) devices, and security technologies like firewalls and intrusion prevention systems (IPS). Any of these could be a weak link that allows attackers to penetrate the network. 

External vs. Internal Network Penetration Testing

External Penetration Testing

Traditionally, external threats were often considered more important than internal threats. Most organizations agree that anything exposed to the Internet needs some form of security testing, and possibly the most rigorous type of testing is penetration testing. 

If an external host is compromised, it can lead to an attacker digging deeper into the internal environment. If an external device is the target of an attack, like a hacker looking for a public-facing SFTP/FTP server that stores client data, these devices must also be protected. 

External network penetration testing focuses on the perimeter of your network and identifies any deficiencies that exist in public-facing security controls. When performing external penetration testing, the testers mimic real scenarios as best as possible to identify as many potential vulnerabilities as possible. 

External network penetration testing techniques include the following:

• Host and service discover, port scanning and querying
• Attempting to gain access to public-facing systems using default passwords, brute force, password cracking, or other techniques
• Network sniffing and traffic monitoring
• Spoofing or deceiving servers and network equipment
• Using buffer overflow or similar attacks for remote code execution
• Running exploits for discovered vulnerabilities
• Changing configuration of running systems
• Denial of Service (DoS)
• Privilege escalation and lateral movement when gaining access to any internal systems

Internal Penetration Testing

Insider threats are a growing concern at most organizations. An insider threat could be a disgruntled worker, previously terminated employees, or someone trying to steal trade secrets. An insider threat could also be someone who does not have malicious intent—for example, negligent or careless employees, human errors and misconfigurations can all result in a network compromise. 

Internal network penetration testing targets the networked environment that lies behind public-facing devices. This type of penetration test is designed to identify and exploit issues that can be discovered by an attacker who has gained access to your internal network. 

Internal penetration testing techniques include:

• Scanning for internal subnets, domain servers, file servers, printers, switches
• Privilege escalation and lateral movement
• Identifying vulnerable devices, services, or operating systems on the local network
• Deploying malware such as trojans and rootkits to gain persistent access

[SAMPLE POST] What is Web Penetration Testing?

[SAMPLE POST] What is Web Penetration Testing?

 

What is Web Penetration Testing?

Web application penetration testing is the practice of simulating attacks on a system in an attempt to gain access to sensitive data, with the purpose of determining whether a system is secure. These attacks are performed either internally or externally on a system, and they help provide information about the target system, identify vulnerabilities within them, and uncover exploits that could actually compromise the system. It is an essential health check of a system that informs testers whether remediation and security measures are needed.

What is the Web Penetration Testing Methodology?

There is a distinction between mobile applications and web applications. Penetration tests focus on the environment around a web app by gathering information about the app using public web pages. The end user will then use the details they glean to map out the network hosting the web application before investigating potential tampering and injection attacks.

How to Perform Penetration Testing for a Website

Cybersecurity experts will check for web application security vulnerabilities in three stages:

1. Information gathering (planning)
2. Execution (exploiting)
3. End planning (post-execution cleanup)

Information Gathering

Before testing can begin, the tester must determine which tests they will conduct, how to perform each test, and whether they need more information for all tasks. During this phase, the tester will collect as much data about the web application as possible, usually using open-source tools. Details include the app’s server type, links pages, programming languages, and database type.

There are two commonly used ways to collect data:

1. Active Reconnaissance: This method of information gathering requires the penetration tester to acquire data directly from the target system. An example of active reconnaissance is a DNS zone transfer, which uses the “nslookup” command to find the DNS server and “dig” to engage the DNS zone transfer. Another example is the DNS forward and a reverse lookup, which uses tools like Burp Suite to connect discovered domains with their respective IP addresses.
2. Passive Reconnaissance: The process of gathering data without explicitly engaging the target system is known as passive reconnaissance. To accomplish this task, the tester will collect data via the internet from broad-range sources like Google.

While gathering information for pen testing, the security expert will document all intel they have uncovered. Documentation will provide them with a baseline of data they can use to find and exploit vulnerabilities.

Execution

The web app pen testing professional will use the details they collect to initiate an attack simulation and exploit vulnerabilities. Testers can execute this part of the testing phase through manual testing or automated tool testing. While automated testing will reduce human error and produce quick results, manual testing is necessary for finding weaknesses that can yield false positives.

To accomplish this task, they will likely use several testing tools:

One of the primary testing tools, tests the framework, not just an application. Testers use it to choose and configure targeted exploits, payloads, and encoding schemas.

An all-in-one platform for web application vulnerability testing that is part of Kali Linux, a Debian-based Linux operating system for penetration testing.

Network scanner for finding vulnerabilities, malware, and misconfigurations. The goal is not to manipulate a security weakness but to give security experts who are testing systems and applications greater insight into a network’s problem areas, which they can later exploit using more appropriate tools.

End Planning

Once the penetration testing professional completes the project, they will report their findings to the business’s IT team. The company’s security experts and a member of quality assurance will review the report and consider remediation. Knowing about security flaws is not enough to maintain a sufficient security posture; they must fix the vulnerabilities uncovered by security testing.

Once remediation efforts are complete, the security team will need to conduct another round of penetration testing to ensure the application no longer has vulnerabilities. After the final test, the pen testing professional will revert the proxy settings back to their original positions, as they typically alter the proxy settings during testing.

Vulnerability Scans vs. Web Application Penetration Testing

Businesses often confuse penetration testing with vulnerability scanning. Though these functions can work in tandem with each other, they represent two separate control methods. Both must be understood to ensure a web application can stand up to threat actors.

The purpose of vulnerability scans is to detect weaknesses within network-connected devices like servers, routers, firewalls, and applications. Scanning will also identify the location of the flaws. The process offers a measure of application risk assessment without providing details about how a real-world exploit of the vulnerabilities will affect the business.

Web penetration testing is a more targeted approach to understanding holes in an application. Pen testing relies on a cybersecurity professional with advanced knowledge to simulate a cyberattack or mimic the mistakes someone may make that could potentially expose a business’s digital assets. Testers look for the most at-risk entry points to exploit.

Conclusion

Some companies hesitate to invest in penetration testing because leaders assume the testing process will be too expensive or time-consuming. Not testing the application or using less costly measures is no way to effectively find and address security weaknesses. The cost of doing nothing will be far greater than time and finances one would spend on a business’s web application security.

Don’t allow hackers to invade your web apps. The security experts at Digital Defense have over 20 years of experience providing businesses of all sizes with superior application security solutions to end users and MSPs, including web application penetration testing and vulnerability scanning.

[SAMPLE POST] What is Penetration Testing?

[SAMPLE POST] What is Penetration Testing?

 

 

What is Penetration Testing?

Penetration testing (or pen testing) is a security exercise where a cyber-security expert attempts to find and exploit vulnerabilities in a computer system. The purpose of this simulated attack is to identify any weak spots in a system’s defenses which attackers could take advantage of.

This is like a bank hiring someone to dress as a burglar and try to break into their building and gain access to the vault. If the ‘burglar’ succeeds and gets into the bank or the vault, the bank will gain valuable information on how they need to tighten their security measures.

Who performs pen tests?

It’s best to have a pen test performed by someone with little-to-no prior knowledge of how the system is secured because they may be able to expose blind spots missed by the developers who built the system. For this reason, outside contractors are usually brought in to perform the tests. These contractors are often referred to as ‘ethical hackers’ since they are being hired to hack into a system with permission and for the purpose of increasing security.

Many ethical hackers are experienced developers with advanced degrees and a certification for pen testing. On the other hand, some of the best ethical hackers are self-taught. In fact, some are reformed criminal hackers who now use their expertise to help fix security flaws rather than exploit them. The best candidate to carry out a pen test can vary greatly depending on the target company and what type of pen test they want to initiate.

What are the types of pen tests?

1. Open-box pen test - In an open-box test, the hacker will be provided with some information ahead of time regarding the target company’s security info.
2. Closed-box pen test - Also known as a ‘single-blind’ test, this is one where the hacker is given no background information besides the name of the target company.
3. Covert pen test - Also known as a ‘double-blind’ pen test, this is a situation where almost no one in the company is aware that the pen test is happening, including the IT and security professionals who will be responding to the attack. For covert tests, it is especially important for the hacker to have the scope and other details of the test in writing beforehand to avoid any problems with law enforcement.
4. External pen test - In an external test, the ethical hacker goes up against the company’s external-facing technology, such as their website and external network servers. In some cases, the hacker may not even be allowed to enter the company’s building. This can mean conducting the attack from a remote location or carrying out the test from a truck or van parked nearby.
5. Internal pen test - In an internal test, the ethical hacker performs the test from the company’s internal network. This kind of test is useful in determining how much damage a disgruntled employee can cause from behind the company’s firewall.

How is a typical pen test carried out?

Pen tests start with a phase of reconnaissance, during which an ethical hacker spends time gathering data and information that they will use to plan their simulated attack. After that, the focus becomes gaining and maintaining access to the target system, which requires a broad set of tools.

Tools for attack include software designed to produce brute-force attacks or SQL injections. There is also hardware specifically designed for pen testing, such as small inconspicuous boxes that can be plugged into a computer on the network to provide the hacker with remote access to that network. In addition, an ethical hacker may use social engineering techniques to find vulnerabilities. For example, sending phishing emails to company employees, or even disguising themselves as delivery people to gain physical access to the building.

The hacker wraps up the test by covering their tracks; this means removing any embedded hardware and doing everything else they can to avoid detection and leave the target system exactly how they found it.

What happens in the aftermath of a pen test?

After completing a pen test, the ethical hacker will share their findings with the target company’s security team. This information can then be used to implement security upgrades to plug up any vulnerabilities discovered during the test. These upgrades can include rate limiting, new WAF rules, and DDoS mitigation, as well as tighter form validations and sanitization.