Towerwall, Inc.

It has been one week since the CrowdStrikesituation, underscoring the importance of developing #VendorRisk Management policies. To help you navigate these challenges, check out our recent piece for CSO Online "6 Steps for Third-Party Cyber Risk Management" https://hubs.li/Q02H_MRn0. If you need assistance in developing a comprehensive Vendor Risk Management program, contact the Towerwall team today. We are here to help you stay secure and prepared. #5thWallofSecurity #IncidentResponse #VendorRisk

7 reasons why you should choose Towerwall for Penetration Testing& VulnerabilityProtection expertise.🛡️ 1. Only Senior-Level Security Experts w/ 25+ Years Experience 2. Quick Start, On Your Schedule 3. Dedicated Project Management assigned to you 4. Communicate Directly with Engineers 5. Completely Customized Approach 6. No Surprises, Findings Escalated Immediately 7. Integrated Remediation Roadmaps Do you have 15 minutes to discuss your penetration test needs? Contact the Towerwall team to schedule a call: https://hubs.li/Q02H_D4m0 #5thWallofSecurity #PenTest #Towerwall

📢 UPDATE ON OUR UPCOMING BRIGHTTALK 📢 Our session "Zero Trust Mastery: From VPN Replacement to Privilege Management" has been rescheduled to next Wednesday, July 31 at 11:30am ET. Please plan to join us then! Register here: https://hubs.li/Q02HSv8s0 #5thWallofSecurity #ZeroTrust #Webinar

In light of recent events with CrowdStrike it's clear that #TableTopExercises have never been more crucial. Ensure your team is prepared for any incident by watching a 25 min replay of our latest BrightTALK session: "Why Tabletop Exercises are Critical for Incident Response." Watch it here: https://hubs.li/Q02HNRJ70 #5thWallofSecurity #IncidentResponse #TableTopExercises #Crowdstrike #BrightTALK

Join ☕ Erik V. of Cloudflare and our panel for our Zero Trust Mastery: From VPN Replacement to Privilege Management BrightTALK on Jul 25 2024, 12:00pm EDT. This session is designed to provide comprehensive insights and strategies for implementing a Zero Trust security model in your organization. Register here: https://hubs.ly/Q02GzXRn0 #ZeroTrust #Webinar "

Have you registered for our #ZeroTrust BrightTALK w/ Cloudflare yet? It's this Thursday! (7/25 12:00pm EDT) 🔍 We will cover: 1. VPN Replacement: Explore modern alternatives to traditional VPNs. 2. Privilege Access Management (PAM): Understand the importance of managing and securing privileged accounts. 3. Zero Trust Architecture: Get an overview of the Zero Trust principles. Register to join us on Jul 25 2024, 12:00pm EDT https://hubs.li/Q02HD16q0 #ZeroTrust #Webinar #5thWallofSecurity

📢 **Important Update from CrowdStrike: Remediation and Guidance Hub** CrowdStrike has made a series of updates on their Remediation and Guidance Hub to help you navigate the current challenges. The hub now includes detailed instructions on: - How Do I Identify Impacted Hosts? - How Do I Remediate Impacted Hosts? - How Do I Recover BitLocker Keys? - How Do I Recover Cloud-Based Environments? For comprehensive guidance, please visit: https://hubs.li/Q02HtFNz0 As always, Towerwall is here to help escalate any issues and provide additional information. Please do not hesitate to reach out to us for support. #5thWallofSecurity #CrowdStrike #ITSupport #Towerwall #StaySecure

“Threat actors could exploit the RockYou2024 password compilation to conduct brute-force attacks and gain unauthorized access to various online accounts used by individuals who employ passwords included in the dataset,” the team explained.

🚨 Security Alert: Heightened Email-Based Threats 🚨 Due to the ongoing worldwide disruption with CrowdStrike we are seeing an increase in email-based fraud and phishing attempts. Bad actors are taking advantage of the situation, posing as trusted representatives to exploit unsuspecting users. Some of the reported phishing attempts include: 1. Threat actors claiming to be CrowdStrike representatives 2. Threat actors posing as Microsoft staff 3. Threat actors pretending to be IT support staff Next Steps: 1. Be Vigilant: Scrutinize emails from unfamiliar or unexpected sources. 2. Verify Identities: Contact the sender through official channels to confirm their identity before clicking any links or providing information. 3. Report Suspicious Emails: Notify your IT department or use your company's designated reporting system. Stay safe and alert. If you need assistance, reach out to us directly at info@towerwall.com #5thWallofSecurity #PhishingAlert #StaySafe #ITSecurity #CrowdStrike

We understand that the CrowdStrike situation is challenging for everyone. We want to assure you that there are workarounds available for on-site users. We are still awaiting a fix for remote users, but we will update you as soon as we have more information. Per Crowdstrike, below outlines workaround steps. You can also following these steps by logging into your Crowdstrike portal and following the notification. Workaround Steps for individual hosts: 1. Reboot the host to give it an opportunity to download the reverted channel file. If the host crashes again, then: 2. Boot Windows into Safe Mode or the Windows Recovery Environment (NOTE: Putting the host on a wired network (as opposed to WiFi) and using Safe Mode with Networking can help remediation.) 3. Navigate to the %WINDIR%\System32\drivers\CrowdStrike directory 4. Locate the file matching “C-00000291*.sys”, and delete it. 5. Boot the host normally. (Note: Bitlocker-encrypted hosts may require a recovery key.) Workaround Steps for public cloud or similar environment including virtual: Option 1: 1. Detach the operating system disk volume from the impacted virtual server 2. Create a snapshot or backup of the disk volume before proceeding further as a precaution against unintended changes 3. Attach/mount the volume to to a new virtual server 4. Navigate to the %WINDIR%\System32\drivers\CrowdStrike directory 5. Locate the file matching “C-00000291*.sys”, and delete it. 6. Detach the volume from the new virtual server 7. Reattach the fixed volume to the impacted virtual server Option 2: 1. Roll back to a snapshot before 0409 UTC. Full details and new updates can be found on CrowdStrike's website - https://hubs.li/Q02HhwDH0 Towerwall is here to help escalate any issues and provide additional information. Please do not hesitate to reach out to us for support. Best regards, Team Towerwall