Conversation

Notices

1. Embed this notice
   Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 19-Sep-2024 18:52:45 JST Kevin Beaumont

   The Germany government interviewed over 300 companies to find out the CrowdStrike impact to their orgs. Over 60% were impacted, and around half had to all operation, for an average of 10 hours. https://www.bsi.bund.de/DE/Service-Navi/Presse/Pressemitteilungen/Presse2024/240919_BSI-bitkom_Crowdstrike-Umfrage.html

   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 26-Sep-2024 20:30:33 JST Kevin Beaumont

     in reply to

     The BBC have an in depth look at the impact of the CrowdStrike ‘global IT outage’ aka happy little non-cyber availability incident

     It’s a really good article. Held up cancer care etc. https://www.bbc.com/news/articles/cr54m92ermgo

   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 26-Oct-2024 17:44:52 JST Kevin Beaumont

     in reply to

     Delta have filed their lawsuit against CrowdStrike, accusing the firm of gross negligence in their testing regime.

     https://www.wsj.com/business/airlines/delta-sues-crowdstrike-over-july-operations-meltdown-099ad8fa

   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 30-Oct-2024 06:59:21 JST Kevin Beaumont

     in reply to

     CrowdStrike are now counter suing their own customer 🤣

   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 19-Nov-2024 22:48:42 JST Kevin Beaumont

     in reply to

     Microsoft are making further changes to try to prevent another CrowdStrike moment https://www.theverge.com/2024/11/19/24299873/microsoft-windows-resiliency-initiative-crowdstrike-incident

   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 27-Nov-2024 20:48:28 JST Kevin Beaumont

     in reply to

     • Metacurity

     CrowdStrike says customers who left “won’t be missed” HT @metacurity

     https://www.theregister.com/2024/11/27/crowdstrike_q3_2025/

   • Embed this notice
     Metacurity (metacurity@infosec.exchange)'s status on Thursday, 28-Nov-2024 04:04:59 JST Metacurity

     in reply to

     • Michael Young

     @mbmy @GossiTheDog I can see how the writer interpreted the small MSP space "really doesn't matter" as "won't be missed."

     But I will delete my toot that quoted the article directly to not create any confusion.

   • Embed this notice
     Michael Young (mbmy@infosec.exchange)'s status on Thursday, 28-Nov-2024 04:05:00 JST Michael Young

     in reply to

     • Metacurity

     @GossiTheDog @metacurity I think this was misunderstood in the article.

   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 07-Feb-2025 02:15:33 JST Kevin Beaumont

     in reply to

     Congrats to CrowdStrike for being top right of the latest magic quadrant, for world's biggest cyber attacks!

   • Embed this notice
     Craig Stewart (pmb00cs@mastodon.online)'s status on Friday, 07-Feb-2025 02:49:57 JST Craig Stewart

     in reply to

     @GossiTheDog *so far*

   • Embed this notice
     Ray Gulick, he/him/wtf 🇺🇦 (rgulick@social.coop)'s status on Friday, 07-Feb-2025 06:28:43 JST Ray Gulick, he/him/wtf 🇺🇦

     in reply to

     @GossiTheDog

     FYI, CrowdStrike's share price of ~ $415 currently exceeds its high of ~ $392 prior to the the July incident.

   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 05-Jun-2025 00:06:44 JST Kevin Beaumont

     in reply to

     CrowdStrike still expects to take around another $65m in costs from their update snafu last year, they retained customers by offering financial incentives https://www.reuters.com/business/crowdstrike-shares-drop-windows-outage-fallout-hits-forecast-2025-06-04/

   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 05-Jun-2025 04:42:55 JST Kevin Beaumont

     in reply to

     US authorities are investigating CrowdStrike over their defective software update last year - and, intriguingly, their financial statements.

     Why intriguing? I mentioned last year - their financial position doesn’t make sense. One to watch.

     https://www.wsj.com/business/telecom/crowdstrike-cooperating-with-federal-probes-into-july-software-outage-c39a96b5?st=ycLecq&reflink=desktopwebshare_permalink

   • Embed this notice
     hal8999 (hal8999@infosec.exchange)'s status on Thursday, 05-Jun-2025 07:20:21 JST hal8999

     in reply to

     @GossiTheDog "Financial incentives" did not include discounts, contract extensions, or additional license counts. It was features that you didn't already have at a reduced rate...which will go up to full-boat pricing after the discount period.

     They turned a disaster into a sales tool.

     But, I still don't understand the complaints about airlines. There were companies who recovered in hours, or were able to stave off 100% penetration of the update....and recovered in hours.

     The organizations who took days and weeks didn't have a Crowdstrike problem. They had a management problem and some technical debt that got cashed in that night.

     [Edit: typos]

   • Embed this notice
     hal8999 (hal8999@infosec.exchange)'s status on Thursday, 05-Jun-2025 07:54:47 JST hal8999

     @GossiTheDog But is that a Crowdstrike problem? We have BitLocker, and use a non-Microsoft tool to manage keys and recovery, accessible from off-site.

     I guess since we used encryption before Microsoft starting bundling BitLocker we had a little more common sense?