Funny how CrowdStrike already sounds like some malware’s name.
It literally sounds like a DDoS!
Botnet if you will
Not too surprising if the people making malware, and the people making the security software are basically the same people, just with slightly different business models.
Reminds me of the tyre store that spreads tacks on the road 100m away from their store in the oncoming lanes.
People get a flat, and oh what do you know! A tyre store! What a lucky coincidence.
Classic protection racket. “Those are some nice files you’ve got there. It’d be a shame if anything happened to them…”
It sounds like the name of a political protest group.
Can’t get hacked if your machine isn’t running.
You’re hired!
What’s the saying about dying a hero or becoming the villain?
Who says it was accidental?
Netflix knew they were going to move from DVD rentals to streaming over the Internet. It is right in their name.
CrowdStrike knew they were eventually going to _________. It is right in their name.
This is, in a lot of ways, impressive. This is CrowdStrike going full “Hold my beer!” about people talking about what bad production deploy fuckups they made.
You know you’ve done something special when you take down somebody else’s production system.
The answer is obviously to require all users to change their passwords and make them stronger. 26 minimum characters; two capitals, two numbers, two special characters, cannot include ‘_’, ‘b’ or the number ‘8’, and most include Pi to the 6th place.
Sorry, I don’t understand. Do you mean there have to be 6 digits of Pi in there, or the sixth character must be π? I’m down either way.
Great! Now when I brute force the login, I can tell my program to not waste time trying ‘_’, ‘b’ and ‘8’ and add
Pi to the 6th place
in every password, along with 2 capitals, 2 numbers and 2 other special characters.Furthermore, I don’t need to check passwords with less than 26 characters.
ItS NoT A wInDoWs PrObLeM – Idiots, even on Lemmy
Because it isn’t. Their Linux sensor also uses a kernel driver, which means they could have just as easily caused a looping kernel panic on every Linux device it’s installed on.
There’s no way of knowing that, though. Perhaps their Linux and Darwin drivers wouldn’t have paniced the system?
Regardless, doing almost anything at the kernel level is never a good idea
It’s not impossible. Crowdstrike has done it recently to linux machines.
Kernel panic observed after booting 5.14.0-427.13.1.el9_4.x86_64 by falcon-sensor process:
https://access.redhat.com/solutions/7068083Paywalled, unfortunately