August 28, 2024 by Zeus Team

Thunderbolt 0x01

blog-feature-image

What’s the Thunderbolt?

Welcome! This is the first edition of our new cybersecurity newsletter, the Thunderbolt. Each month we will bring you the latest cybersecurity news, along with practical tips to help safeguard your business. We hope you will find it informative and we’re always looking for feedback so feel free to reach out.

Current Cybersecurity News

CrowdStrike Strikes Out

What seems to be a null-pointer bug pushed to a new release of CrowdStrike’s Falcon System caused Windows computers worldwide to crash, around 8.5 million computers, to be more precise. The Falcon system is an AI-native security appliance designed to detect and prevent security breaches.

One victim, Delta Air Lines, had to cancel 5,000 flights over the multi-day outage with the CEO estimating they lost about $550 million due to cancellations and other related issues.

More Info

Azure DDoS

According to Microsoft, Distributed Denial of Service (DDoS) attacks are quite common, something to the tune of 1,700 daily attacks. However, this past week there was a failure at an Azure site in Europe which caused traffic to be routed incorrectly. This paired with the DDoS attack, caused network congestion which caused connectivity failures and high latency.

Overall, the incident lasted around 2 hours for most people before the initial routing issue was resolved. Some customers with applications that did not follow Azure’s best practices regarding retry logic were affected for up to 8 hours.

More Info

National Public Data Breached

A background check company called National Public Data (NPD) was the victim of a hack back in April by a group called USDoD. They were able to get information, including addresses, birthdays, and social security; amounting to close to 3 billion records. The group originally planned to sell the data on the darkweb, but before that could happen another hacking group swiped the data and released it for free.

The company Pentester has released a tool which allows you to search the stolen data to see if you were a victim. They recommend trying any state you’ve lived in (the data seems to be old) and any other names, such as a maiden name. If you are affected, the recommended action is to freeze your credit accounts which would prevent new accounts from being created using your information.

Lessons Learned

What can we learn from this edition of cyber news?

  • Backups and recovery plans! Most companies need to rely on third-party software and the CrowdStrike glitch shows that a faulty software update can happen to anyone and you need to be prepared.
  • Ensure that people within your organization are notified of critical service issues regarding the technologies your organization relies on.
  • You can check if you have been the victim of a breach using the tool Have I Been Pwned. Also, use password managers, multi-factor authentication, and stay up to date on security news.

Practical Security Tips

Multi-Factor Authentication (MFA)

Multi-factor authentication is an easy way to add an extra layer of security to your services. Try to use them when possible.

Regular Software Updates

Though we may have scared a few folks with the horror story that is the CrowdStrike glitch caused by a software update, it is still best practice to keep your software as updated as possible. But make sure you have those backups!

Need help?

Schedule a free consultation with our experts at Zeus Technologies to better understand your current security posture and how you can be better prepared.

Subscribe to the Thunderbolt

A monthly cybersecurity newsletter packed with news, tips, and much more delivered right to your inbox!

LET’S WORK TOGETHER