📰 Major Microsoft Changes after CrowdStrike Incident | Tuesday Times | July 30, 2024

josem.serrano

What is Tuesday Times?

Tuesday Times is a weekly Tuesday series where we highlight a handful of recent cybersecurity-related news stories. We'll provide brief summaries of these news stories and link the articles directly, should you want to read more!

Feel free to comment on any of the articles highlighted, or share your own in the comments below!

📰 Major Microsoft Changes after CrowdStrike Incident | Tuesday Times | July 30, 2024

Microsoft shifts focus to kernel-level security after CrowdStrike incident

• With 8.5 million Windows PCs being affected, along with major airlines, banks, and hospitals, it should not be surprising that Microsoft is planning some changes to ensure something like this does not happen again.
• In simple terms, kernel access is full access to everything with no restrictions. This type of access is necessary for some software to detect and prevent attacks. Still, concurrently, it allows compromised or bugged software to cause disruptions and breaches.
• Microsoft tried restricting kernel access back in 2006 and failed, however, the severity of this incident seems like a good time for the tech giant to try again. All jokes aside, this is likely the first of many steps Microsoft will take to increase security and reduce the likelihood of third-party bugs from crashing their OS again.
  

4.3 Million Impacted by HealthEquity Data Breach

• Another day, another data breach. On March 25th of this year, Health Equity investigated an alert they received regarding a "systems anomaly" and found "unauthorized access to and potential disclosure of protected health information and/or personally identifiable information stored in an unstructured data repository outside our core systems.”  
• While not all affected users had the same type of data stolen, the stolen data includes personal information ranging from social security numbers to full names and addresses.
• On the bright side, the company stated they "are not aware of any actual or attempted misuse of information because of this incident to date." They are also offering two years of free credit monitoring and will send notification letters to the 4.3 million affected users starting August 9th.