Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Over the last decade, cybersecurity has emerged as a critical concern for financial institutions. With cyberattacks increasing in frequency and sophistication, it has become imperative for institutions in the financial sector to safeguard sensitive data and implement robust data protection measures. The Dodd-Frank Wall Street Reform and Consumer Protection Act, commonly known as the Dodd-Frank Act, plays a crucial role in regulating the American financial services industry.

Today’s global IT outage affecting Microsoft Windows users was caused by a bug in a CrowdStrike product (Falcon Strike) protection content update. The resulting widespread impact demonstrates an urgent importance for maintaining strong quality assurance (QA) processes before products or their updates are released into production.

Our team at Arctic Wolf has been following the CrowdStrike issue affecting Windows endpoints since approximately 12 AM EST on July 19th, 2024. Although Arctic Wolf’s service is not impacted, some of our customers who leverage CrowdStrike for endpoint security are experiencing widespread outages. Arctic Wolf continues to protect and monitor these customers’ environments while they focus their attention on recovering from this event.

CrowdStrike, is a prominent cybersecurity technology company that provides security services for endpoints, cloud workloads, identity, and data. They are well-known for their Falcon Sensor Software designed to protect against cyberattacks. On Thursday, July 18 2024 there was a crash on Microsoft systems related to an update in Falcon Sensor software. This update involved a single file that added extra logic for detecting bad actors.

Knowing Your Supply Chain (KYSC) is becoming an increasingly important component of cyber resilience. Understanding the dependencies within your organization and those of your vendors is critical for responding to incidents effectively. Even the most reliable vendors and partners can experience issues. Today, a widespread outage impacted CrowdStrike Falcon, affecting the global supply chain.

Trustwave SpiderLabs issued a warning that threat actors may attempt to take advantage of CrowdStrike’s software update that caused widespread outages by using the news as the center of a social engineering scheme to convince people to open malicious phishing emails or fall for other types of attacks. Using this news cycle is nothing new.

IT asset management (ITAM) is a structured system for organizing, provisioning, deploying, maintaining, and deprovisioning business assets. It allows organizations to keep track of IT assets like hardware and software systems, as well as the data those systems process.

No, you should not use ChatGPT to create passwords because it will likely produce the same password for multiple users and what you input will live on in its database. For those of you who are unfamiliar with what ChatGPT is and does, it is an Artificial Intelligence (AI) program used to follow instructions through prompts and provide a user with answers to both simple and complex questions.

If your passwords were exposed in the RockYou2024 leak, you should immediately change them, set up Multi-Factor Authorization on your account and monitor your account for suspicious activity. RockYou2024 is now the largest password leak to date, with almost 10 billion passwords revealed on a popular hacking forum. Due to the magnitude of this leak, many people around the world are concerned for their online safety.

Personally Identifiable Information (PII) encompasses data that uniquely identifies an individual. Examples of PII include direct identifiers like full names, social security numbers, driver's license numbers, and indirect identifiers such as date of birth, email and IP addresses. The precise nature of PII can vary depending on the context and jurisdiction, but its defining characteristic is its ability to single out a specific person.