Category: Risk Management

The Ripple Effect of the CrowdStrike Incident – An Expanded Attack Surface and Potential Future Threats

August 1, 2024

The CrowdStrike incident in July 2024, which resulted in the blue screen of death (BSOD) affecting millions of Windows computers globally, not only highlighted vulnerabilities within IT infrastructure but also potentially handed malicious actors new clues about weak points to exploit. This incident underscores the increased attack surface area and the heightened risk of future … More The Ripple Effect of the CrowdStrike Incident – An Expanded Attack Surface and Potential Future Threats

Optus Outage Incident – Root Cause Analysis

November 15, 2023

There were four breaches, one hacking and the recent outage believed to be some configuration mishap while doing a software upgrade, all in past 5 years making big news for Optus (see reference1-5). Around 4.05am on Wednesday, November 8, 2023, Optus experienced a widespread service outage, affecting a significant number of its customers. The disruption … More Optus Outage Incident – Root Cause Analysis

CVE-2021-44228 – Log4Shell/Log4J

March 5, 2022

🪢 There has always been this tug-of-war between what is “comfortable” vs. what is “healthy”, since ages, and has been more of discussion with technology proliferation in our day to day affairs. 👨🏻‍💻 Software developers, while documenting and logging an application’s physiology, tend to be creative and use “variables” in making the program’s footprint more … More CVE-2021-44228 – Log4Shell/Log4J