News & Updates

Share This To Social
Sophos

On July 19, 2024, a content update rolled out by CrowdStrike to its Falcon endpoint agent on Windows devices caused significant disruptions globally across various industries. This issue, classified as a cybersecurity failure due to the impact on system availability, resulted in Blue Screens of Death (BSOD) on affected Windows machines. Although it was not a result of a cyberattack, the incident underscores the challenges and potential risks involved in deploying endpoint security updates.

Key Points:

Incident Date: July 19, 2024
Affected Entity: CrowdStrike Falcon endpoint agent on Windows devices
Impact: Disruptions in multiple industries including travel, banking, healthcare, and retail, causing Blue Screens of Death (BSOD) on impacted Windows machines.
Nature of Issue: Caused by a product content update, not a cyberattack
Devices Affected: Only Windows; Linux and macOS were unaffected
CrowdStrike Response: Identified and reverted the content causing the problem, issued remediation guidance
Risks: Potential for cybercriminals to exploit the situation through phishing and other malicious activities
Sophos Impact: Customers using Sophos endpoint protection were unaffected, though some using the Sophos XDR Sensor agent overlay on CrowdStrike Falcon might have been impacted.
Sophos Mitigation Measures:
– Rigorous internal quality assurance testing
– Staggered release strategy for updates
– Real-time telemetry for monitoring and quick rollbacks if necessary

Read the whole story here

Managed Detection and Response

MDR is a managed security service that provides 24/7 threat detection and response, expert-led threat hunting, and incident response capabilities.

Compliance and Governance

Developing a custom Risk Management and Compliance strategy can be extremely complicated. CISS has the experience to effectively get you on the right path.

Emergency Incident Response Team

CISS has a Incedent Response team to help mitigate issues 24/7 and 365. CISS can take immediate action to secure your network.

Professional IT Services

CISS can assist in developing automation and workflows that keep compliance at the forefront. Delivering many of the routine operations and processes while freeing your team.

Vulnerability Scans and Penetration Testing

Vulnerability scans and penetration testing are critical for assessing patch and configuration management and for compliance.

Privilege Access Management / SSO

CISS has a comprehensive suite of curated solutions to manage access to all your organizations' information securely and documented for Compliance.

Cloud Security and Services

From offsite backup solutions to complete security management of virtually any cloud platforms or service such as Microsoft, Amazon, Google, and Salesforce.

Endpoint Security / NDR / XDR

CISS offers a full suite of protections starting with endpoint security for your devices, NDR (Network, Detect, and Response) and XDR (Extended Detection and Response)