Cybersecurity

5611 readers

80 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 1 year ago

MODERATORS

[email protected]

CrowdStrike Explains Friday Incident Crashing Millions of Windows Devices (thehackernews.com)

submitted 3 months ago by [email protected] to c/[email protected]

9 comments fedilink hide all child comments

all 10 comments

sorted by: hot top controversial new old

[–] [email protected] 19 points 3 months ago (2 children)

Wouldn't any internal testing have cought this issue at CrowdStrike?

[–] [email protected] 16 points 3 months ago (1 children)

A smoke test, aka turn it on and "see if it catches fire," would have caught this.

[–] [email protected] 14 points 3 months ago

And a controlled rollout would've limited the damage.

[–] Brkdncr 10 points 3 months ago

Yes. Why would anyone trust Crowdstike after this? They’ve ignored foundational deployment steps.

[–] [email protected] 13 points 3 months ago

But will you try actually installing the update on a machine or 50 to see if you bork things horrifically?

Crowdstrike: "We are really focused on unit testing right now"

I probably misread it, don't mind my grumbling, rabble rabble rabble

[–] [email protected] 5 points 3 months ago (2 children)

CrowdStrike report of the incident: https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/

[–] [email protected] 6 points 3 months ago (1 children)

Local developer testing

Hmm, didn't think of that one...

staggered deployment strategy

Also a novel idea...

It's like they're catching up to best practices from 10 years ago, good job team!

[–] [email protected] 3 points 3 months ago

Listening to literally any sysadmin would have had these practices already in play.

I wonder if any are in the building, of if it's all devs and "platform engineers."

[–] PlutoniumAcid 1 points 3 months ago

Systems in scope include Windows hosts running sensor version 7.11 and above that were online between Friday, July 19, 2024 04:09 UTC and Friday, July 19, 2024 05:27 UTC and received the update.

Definitely incorrect. My machine was powered off by physical switch at that time. It was powered off at 17:00 the day before and powered up at 08:00 CEST / 06:00 UTC and promptly bluescreened.