Our Vision

To give customers the most compelling IT Support experience possible.

Our Mission

Our mission is simple: make technology an asset for your business not a problem.

Our Values

We strive to make technology integrate seamlessly with your business so your business can grow. As your technology partner, when your business grows ours will grow with you, therefore, we will work hand in hand with you to support your growth.

Our Values

We develop relationship that makes a positive difference in our customers Business.

Our Values

We exibit a strong will to win in the marketplace and in every aspect of our Business

Increased risk of phishing scams following CrowdStrike outage




The Australian Signals Directorate has issued a warning about an increased risk of phishing scams following yesterday's CrowdStrike outage.

According to the alert, ASD’s ACSC has identified numerous malicious websites and unofficial code claiming to assist entities in recovering from the widespread outages caused by the CrowdStrike technical incident.

ASD’s ACSC strongly advises all consumers to obtain their technical information and updates directly from official CrowdStrike sources only. [Learn more here]https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/widespread-outages-relating-crowdstrike-software-update?fbclid=IwZXh0bgNhZW0CMTEAAR1veIrKLYJrloZIx7AvqS6Nlqv3UfvENiPg6lVbHUhffjbS_7HBzNQEGdI_aem_TUaGcC36MEN9SJxw0OUTnQ


It appears that threat actors are exploiting the #CrowdStrike situation through #phishing and #spoofing campaigns.

Here is a list of newly created domains https://urlscan.io/search/#crowdstrike*

Before clicking on any links, use tools like Domain Dossier, URLscan.io, and VirusTotal to check their authenticity — because threat actors never miss an opportunity to exploit a disaster.

#threatactors #hackers #CrowdStrike #phishing #urlscan #cybertip #VirusTotal #ASD #ACSC #AISA #Australia

Crowdstrike Global IT outage affecting computers around the world

A current worldwide #CrowdStrike issue causing #BSOD. Seen reports from  AU, NZ ,Japan, India. And Europe. The global computer outage affecting airports, banks and other businesses.

CrowdStrike’s cybersecurity software — used by numerous Fortune 500 companies, including major global banks, healthcare and energy companies — detects and blocks hacking threats. Like other cybersecurity products, the software requires deep-level access to a computer’s operating system to scan for those threats. In this case, computers running Microsoft Windows appear to be crashing because of the faulty way a software code update issued by CrowdStrike is interacting with the Windows system.

This issue is not impacting Mac- or Linux-based hosts

Some servers on perm and cloud and devices are not resuming correctly and are getting stuck in boot loops that have #Crowdstrike.

Some seen successful reboots which work for about 15 mins and then they stop and then go back into a boot loop.

Technical Breakdown

1. Crowdstrike publishes a content update for their threat feed, which is basically a list of patterns of “bad things” 

2. Software agents get this update and apply the controls to block things that match this pattern 

3. The update has a pattern which matches a critical Windows process but the software blocks it anyway

4. Windows crashes with a Blue Screen of Death (BSOD) and reboots 

5. On reboot, CrowdStrike kills the process again and Windows reboots

6. And it’s now a loop… There are various ways of fixing this but for most systems it will involve physically visiting every affected system, booting into “safe mode” and fixing the problem manually. 

For some cloud systems though, such as AWS, “safe mode” is not even possible so this fix doesn’t work. The virtual servers will need to be shut down, their disks cloned, attached to another server, edited to remove the offending files and then finally reattach to the original server.

BUT, if you’re protecting your data and using encryption at rest, you need to manually decrypt the disk with a BitLocker Recovery Key, which is probably - for most companies


Updated workaround steps:

Boot Windows into Safe Mode or the Windows Recovery Environment

Navigate to the C:\Windows\System32\drivers\CrowdStrike directory

Locate the file matching “C-00000291*.sys”, and delete it.


Boot the host normally.

Crowdstrike published a post with updated details for quering machine and how to fix here

https://www.crowdstrike.com/blog/statement-on-falcon-content-update-for-windows-hosts/


This is really just a good reminder of how MANY systems are dependent on IT. 

Technology is engrained in every part of our lives. We don’t notice it when it’s working well. We only notice when something goes wrong. No one talks about how many millions of attacks were stopped, or upgrades that went smoothly. Everyone remembers the ones that didn't.

#Crowdstrike #update #BSOD #EDR #outage #ITissue


Twitter Facebook Favorites More