Free Republic
Browse · Search 		News/Activism
Topics · Post Article

"We have moved beyond the days when computer viruses merely corrupted files. Now, we face sophisticated threats that combine social engineering with malicious software, aiming to do far more than just damage your computer." Phishing attacks and other kinds of social engineering try to trick us into giving away secrets by clicking on links to cloned websites, for example.
1 posted on 07/22/2024 10:05:19 AM PDT by Alas Babylon!
[ Post Reply | Private Reply | View Replies ]

To: Alas Babylon!

2 posted on 07/22/2024 10:19:36 AM PDT by BBQToadRibs2
[ Post Reply | Private Reply | To 1 | View Replies ]
To: Alas Babylon!
CrowdStrike Highlights the Dangers of 'Security' 'not testing' Software
3 posted on 07/22/2024 10:22:00 AM PDT by CodeJockey (I'd like to change the world, but they won't give me the source code.)
[ Post Reply | Private Reply | To 1 | View Replies ]
To: Alas Babylon!

4 posted on 07/22/2024 10:26:29 AM PDT by ShadowAce (Linux - The Ultimate Windows Service Pack )
[ Post Reply | Private Reply | To 1 | View Replies ]
To: Alas Babylon!

The Crowdstrike crash revealed a fundamental flaw in how security suite software is packaged with Microsoft. Because it operates at the device level in the kernel (Ring 0), it has to be packaged as a signed device driver that goes through Microsoft’s rigorous testing protocols. But because it also has to respond immediately to Zero day vulnerabilities, it can’t wait for a new signed driver to be approved.

This is why they use DEF files to patch the driver code. The signed driver code reads the DEF file to get updated p-code that must run in the kernel memory. The latest DEF file release contained bad code that caused a NULL exception in the kernel memory, resulting in a BSD.

Crowstrike’s regression testing should have caught this, and they have a lot to answer for.


6 posted on 07/22/2024 10:51:14 AM PDT by Dave Wright
[ Post Reply | Private Reply | To 1 | View Replies ]
To: Alas Babylon!

This article’s argument is like saying seat belts can be removed from cars because hardly any accident victims are ejected from their vehicles these days.

The only reason threats have shifted to social engineering is because the tech has been pretty well locked down by these and other security tools that update almost constantly.


7 posted on 07/22/2024 11:10:23 AM PDT by ConservativeWarrior (Fall down seven times, stand up eight. - Japanese proverb)
[ Post Reply | Private Reply | To 1 | View Replies ]
To: Alas Babylon!
I was down all day long on my work laptop because of this. Because the idiots I work for not only insist on a complete monoculture in their supported laptops, AND,/b. because they so severely lock down access to these systems, I couldn't do anything about the BSOD, even though I KNEW what the fix was, and I'm a professional nerd that is absolutely taking care of the laptop itself.

So, I effectively had the day off to read about the crapstorm on the internet. Their loss. They pay me for my time regardless.

14 posted on 07/22/2024 2:09:56 PM PDT by zeugma (Stop deluding yourself that America is still a free country.)
[ Post Reply | Private Reply | To 1 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson