An Endpoint Protection Platform is an endpoint security capability designed to protect systems from compromise by preventing malicious software from executing. It is important to understand that Endpoint Protection is often used in conjunction with Endpoint Detection and Response (EDR), however they are not synonymous. The primary purpose of an EDR solution is to record events as they occur while also providing a means of threat resolution.

Personally Identifiable Information (PII) encompasses data that uniquely identifies an individual. Examples of PII include direct identifiers like full names, social security numbers, driver's license numbers, and indirect identifiers such as date of birth, email and IP addresses. The precise nature of PII can vary depending on the context and jurisdiction, but its defining characteristic is its ability to single out a specific person.

If your passwords were exposed in the RockYou2024 leak, you should immediately change them, set up Multi-Factor Authorization on your account and monitor your account for suspicious activity. RockYou2024 is now the largest password leak to date, with almost 10 billion passwords revealed on a popular hacking forum. Due to the magnitude of this leak, many people around the world are concerned for their online safety.

No, you should not use ChatGPT to create passwords because it will likely produce the same password for multiple users and what you input will live on in its database. For those of you who are unfamiliar with what ChatGPT is and does, it is an Artificial Intelligence (AI) program used to follow instructions through prompts and provide a user with answers to both simple and complex questions.

IT asset management (ITAM) is a structured system for organizing, provisioning, deploying, maintaining, and deprovisioning business assets. It allows organizations to keep track of IT assets like hardware and software systems, as well as the data those systems process.

Trustwave SpiderLabs issued a warning that threat actors may attempt to take advantage of CrowdStrike’s software update that caused widespread outages by using the news as the center of a social engineering scheme to convince people to open malicious phishing emails or fall for other types of attacks. Using this news cycle is nothing new.

Knowing Your Supply Chain (KYSC) is becoming an increasingly important component of cyber resilience. Understanding the dependencies within your organization and those of your vendors is critical for responding to incidents effectively. Even the most reliable vendors and partners can experience issues. Today, a widespread outage impacted CrowdStrike Falcon, affecting the global supply chain.

CrowdStrike, is a prominent cybersecurity technology company that provides security services for endpoints, cloud workloads, identity, and data. They are well-known for their Falcon Sensor Software designed to protect against cyberattacks. On Thursday, July 18 2024 there was a crash on Microsoft systems related to an update in Falcon Sensor software. This update involved a single file that added extra logic for detecting bad actors.

Our team at Arctic Wolf has been following the CrowdStrike issue affecting Windows endpoints since approximately 12 AM EST on July 19th, 2024. Although Arctic Wolf’s service is not impacted, some of our customers who leverage CrowdStrike for endpoint security are experiencing widespread outages. Arctic Wolf continues to protect and monitor these customers’ environments while they focus their attention on recovering from this event.