Hey Mailop friends, sharing info here from the email security community.
I'm sure many of you are already /very/ acutely aware of the Crowdstrike outage going on globally right now. Threat actors have started to register and operationalize domains capitalizing on this outage, noted TA domains are below for blocking:
crowdstrike-helpdesk[.]com crowdstrikebluescreen[.]com crowdstrike-bsod[.]com crowdstrikedown[.]site crowdstrike0day[.]com crowdstrikedoomsday[.]com crowdstrikefix[.]com crashstrike[.]com crowdstriketoken[.]com fix-crowdstrike-bsod[.]com bsodsm8r[.]xamzgjedu[.]com crowdstrikebsodfix[.]blob[.]core[.]windows[.]net crowdstrikecommuication[.]app fix-crowdstrike-apocalypse[.]com supportportal-crowdstrike-com[.]translate[.]goog crowdstrike-cloudtrail-storage-bb-126d5e[.]s3[.]us-west-1[.]amazonaws[.]com crowdstrikeoutage[.]info clownstrike[.]co[.]uk crowdstrikebsod[.]com whatiscrowdstrike[.]com clownstrike[.]co microsoftcrowdstrike[.]com crowdfalcon-immed-update[.]com crowdstuck[.]org failstrike[.]com winsstrike[.]com crowdpass[.]live crowdstrokeme[.]me crowdstrikerecovery1.blob.core[.]windows[.]net crowdstrikeupdate[.]com - Mark Alley
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
