In this week's Cyber Bits, the only thing everyone was worried about was CrowdStrike causing BSODs, CrowdStrike taking down organizations world-wide, CrowdStrike interrupting clients who didn't have CrowdStrike via third-party vendors, and all things reeling from CrowdStrike (are you tired of us talking about CrowdStrike yet?).
We'll also take a look at some of the other items that slipped through the news cracks such as APT's targeting utilities organizations and the UK arresting hackers linked to the MGM attack.
All things CrowdStrike
Link: THE ENTIRE INTERNET
For those of you not in the know, CrowdStrike pushed an update on Friday that caused Windows-based devices to boot loop into a Blue Screen of Death, rendering them inoperable. Organizations around the globe were impacted, even those that didn't use the EDR tool, as services were interrupted by IT vendors world-wide. Because of its massive impact, Microsoft has released a standalone repair tool to remove the affected driver, although the damage may be done for some.
We would urge companies that are using the EDR to be careful where updates and tools to repair affected systems are downloaded from as malware posing as fixes have made the rounds already.
APT41 Targeting Logistics and Utility Companies
Link: Dark Reading
Chinese hacking group APT41, known for its cyber espionage activities, is targeting global logistics and utility companies. Their new tools, like the DodgeBox malware and MoonWalk backdoor, help them evade detection and infiltrate systems effectively. These attacks are part of a broader campaign to steal sensitive information and disrupt operations. Ransomware attacks are seemingly hitting the gas, energy, and utility sectors particularly hard, causing significant disruptions and financial losses.
UK Arrests Scattered Spider Hacker Linked to MGM Attack
Link: Bleeping Computer
A suspected member of the Scattered Spider hacking group, linked to the high-profile cyberattack on MGM Resorts, has been arrested in the UK. This group is notorious for its sophisticated phishing and social engineering tactics. The arrest is part of a larger effort to crack down on cybercriminals targeting major corporations. The authorities are continuing to investigate and dismantle these networks to prevent further attacks.