831
CrowdStrike downtime apparently caused by update that replaced a file with 42kb of zeroes (twiiit.com)
submitted 11 months ago* (last edited 11 months ago) by Aatube@kbin.melroy.org to c/technology@lemmy.world
186 comments fedilink hide all child comments

…according to a Twitter post by the Chief Informational Security Officer of Grand Canyon Education.

So, does anyone else find it odd that the file that caused everything CrowdStrike to freak out, C-00000291-
00000000-00000032.sys was 42KB of blank/null values, while the replacement file C-00000291-00000000-
00000.033.sys was 35KB and looked like a normal, if not obfuscated sys/.conf file?

Also, apparently CrowdStrike had at least 5 hours to work on the problem between the time it was discovered and the time it was fixed.

you are viewing a single comment's thread
view the rest of the comments
[-] independantiste@sh.itjust.works 396 points 11 months ago* (last edited 11 months ago)

Every affected company should be extremely thankful that this was an accidental bug, because if crowdstrike gets hacked, it means the bad actors could basically ransom I don't know how many millions of computers overnight

Not to mention that crowdstrike will now be a massive target from hackers trying to do exactly this

[-] Evotech@lemmy.world 223 points 11 months ago

Don't Google solar winds

[-] planish@sh.itjust.works 86 points 11 months ago

Holy hell

[-] SomethingBurger@jlai.lu 53 points 11 months ago

New vulnerability just dropped

[-] peopleproblems@lemmy.world 22 points 11 months ago

Oooooooo this one again thank you for reminding me

[-] floofloof@lemmy.ca 6 points 11 months ago

That one turns out to have been largely Microsoft's fault for repeatedly ignoring warnings of a severe vulnerability relating to Active Directory. Microsoft were warned about it, acknowledged it and ignored it for years until it got used in the Solar Winds hack.

load more comments (38 replies)
this post was submitted on 19 Jul 2024
831 points (98.5% liked)

Technology

71586 readers
1887 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws