Low-level cybercriminals are pouncing on CrowdStrike-connected outage | CyberScoop<\/title> <meta name=\"description\" content=\"The malicious activity comes as CrowdStrike customers continue to recover from the July 18 outage.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/low-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Low-level cybercriminals are pouncing on CrowdStrike-connected outage\"> <meta property=\"og:description\" content=\"The malicious activity comes as CrowdStrike customers continue to recover from the July 18 outage.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/low-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2024-07-23T22:05:29+00:00\"> <meta property=\"article:modified_time\" content=\"2024-07-23T22:05:30+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/low-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage-2.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1142\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"AJ Vicens\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@AJVicens\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1721750696g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1718292839g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1721764637g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=ada0ad45b21fc79c6694\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/81127\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.6.1\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=81127\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Flow-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Flow-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-81127 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/low-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--event js-stickybar\">\n<div class=\"stickybar__details\" readability=\"4.952380952381\">\n<div class=\"stickybar__info js-sticky-bar-content\" readability=\"32\">\n<p>Voting is open for the 2024 CyberScoop 50 awards! <\/p>\n<\/div>\n<p> <a class=\"stickybar__link button button-tertiary\" href=\"https:\/\/cyberscoop.com\/cyberscoop50\/vote\/\">Click here!<\/a> <\/div>\n<p> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"24.765\">\n<div class=\"single-article__header-content\" readability=\"29.04854368932\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/news\/threats\/cybercrime\/\"> <span>Cybercrime<\/span> <\/a> <\/li>\n<\/ul>\n<p> The malicious activity comes as CrowdStrike customers continue to recover from the July 18 outage. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"381\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/low-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage.jpg?resize=640%2C381&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/low-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage-2.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/low-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage-2.jpg?resize=300,178 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/low-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage-2.jpg?resize=768,457 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/low-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage-2.jpg?resize=1024,609 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/low-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage-2.jpg?resize=1536,914 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/low-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage-2.jpg?resize=600,357 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/low-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage-2.jpg?resize=282,168 282w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/low-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage-2.jpg?resize=567,337 567w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/low-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage-2.jpg?resize=1135,675 1135w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/low-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage-2.jpg?resize=1417,843 1417w\" sizes=\"(max-width: 1135px) 100vw, 1135px\"><figcaption> This photograph shows screens displaying the logo of “CrowdStrike” cybersecurity technology company in Paris on July 19, 2024, amid massive global IT outage. (Photo by Stefano RELLANDINI \/ AFP) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"41.55271411339\"><body readability=\"83.578974228119\"><\/p>\n<p>Five days after a faulty update to CrowdStrike\u2019s Falcon security software <a href=\"https:\/\/cyberscoop.com\/crowdstrike-falcon-flaw-microsoft-outage-flights-grounded-windows\/\">hobbled millions of Windows computers around the world<\/a>, cybercriminals and hacktivist personas are taking advantage of the situation with newly registered domains, malware attached to files with CrowdStrike-themed names and at least one apparent instance of a data wiper.<\/p>\n<p>CrowdStrike has documented multiple instances of likely criminal activity tied to the incident, including a Word document laced with the <a href=\"https:\/\/www.crowdstrike.com\/blog\/fake-recovery-manual-used-to-deliver-unidentified-stealer\/\">Daolpu information stealer<\/a> and a zip file targeting Latin American-based CrowdStrike customers with <a href=\"https:\/\/www.crowdstrike.com\/blog\/likely-ecrime-actor-capitalizing-on-falcon-sensor-issues\/\">the HijackLoader malware<\/a>, which is typically used to deliver other malware packages, and a <a href=\"https:\/\/www.crowdstrike.com\/blog\/threat-actor-distributes-python-based-information-stealer\/\">Python-based information stealer<\/a> tracked as \u201cConnecio.\u201d<\/p>\n<p>Additionally, a phishing email with a PDF purporting to explain how to remediate last week\u2019s Falcon issue delivered a zip file laced with wiper malware, <a href=\"https:\/\/any.run\/cybersecurity-blog\/crowdstrike-outage-abuse\/\">according to sandbox company ANY.RUN<\/a>, which called it one of the most \u201csophisticated\u201d outage-related attacks thus far.<\/p>\n<p>\u201cHandala Hack,\u201d a pro-Palestinian hacktivist persona known <a href=\"https:\/\/intezer.com\/blog\/research\/stealth-wiper-israeli-infrastructure\/\">for attacking Israeli targets<\/a>, claimed responsibility for the wiper attack mentioned by ANY.RUN. In a June 21 Telegram post, they asserted \u2014 without providing evidence \u2014 that they had targeted \u201cthousands of Zionist organizations!\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Tom Hegel, principal threat researcher with SentinelLabs, told CyberScoop that Handala is known for its \u201cbroad targeting scope,\u201d has previously executed wiper attacks on both Windows and Linux systems, and engaged in hack-and-leak operations.<\/p>\n<p>\u201cWhile the group presents itself as a hacktivist entity, there remains speculation about possible Iranian backing as we\u2019ve commonly observed active in the Middle East since last year,\u201d Hegel said. \u201cComplete scope of these CrowdStrike-themed intrusions is unclear, however the attacker has publicly claimed to have dozens of victims.\u201d<\/p>\n<p>CrowdStrike did not respond to a request for comment Tuesday on the threats exploiting the situation. In a July 19 update, CrowdStrike founder and CEO George Kurtz said the company was aware that \u201cadversaries and bad actors will try to exploit events like this,\u201d and encouraged customers to \u201censure that you\u2019re engaging with official CrowdStrike representatives.\u201d<\/p>\n<p>Jose Enrique Hernandez, threat research director at Splunk, <a href=\"https:\/\/x.com\/_josehelps\/status\/1815781181754921091\">said in a Tuesday post<\/a> on X that he identified more than 2,000 CrowdStrike-related domains registered in the past seven days. An analysis of the top 25 suggests that \u201cmost of them are looking pretty funky,\u201d Hernandez wrote.<\/p>\n<p>James Spiteri, a director of product management with Elastic, <a href=\"https:\/\/www.linkedin.com\/posts\/jamesspiteri_141-certificates-generated-in-the-last-48-activity-7220558376764628992-8zhb\/\">wrote in a LinkedIn post<\/a> Sunday<strong> <\/strong>that he had documented more than 141 certificates generated for what looks \u201clike (mostly) bogus [CrowdStrike] domains. Hope this list helps folks keep a lookout for any phishing.\u201d <strong>T<\/strong>he list had <a href=\"https:\/\/gist.github.com\/jamesspi\/06f2755ab781bb085388784cf7b64208\">grown to 193<\/a> by mid-afternoon Tuesday.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The malicious activity comes as CrowdStrike customers continue to recover from the outage, which disabled at least <a href=\"https:\/\/blogs.microsoft.com\/blog\/2024\/07\/20\/helping-our-customers-through-the-crowdstrike-outage\/\">8.5 million Windows devices<\/a>, according to a Microsoft estimate. Delta Airlines, for instance, is <a href=\"https:\/\/www.cbsnews.com\/news\/delta-flight-cancellations-today-dot-investigation-crowdstrike-outage\/\">under investigation by the Transportation Department<\/a> after it had to cancel thousands of flights as a result of the outage.<\/p>\n<p>A Cybersecurity and Infrastructure Security Agency spokesperson told CyberScoop on Tuesday that the agency was \u201cworking closely with our government and industry partners to continue to mitigate the impact of the global IT outage.\u201d <\/p>\n<p>The spokesperson did not respond to questions about malicious activity related to the outage targeting federal networks, criminal or otherwise, although the incident caused technical issues at multiple federal agencies, <a href=\"https:\/\/fedscoop.com\/federal-government-agencies-affected-by-worldwide-it-outage\/\">FedScoop reported Friday<\/a>.<\/p>\n<p>CISA <a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2024\/07\/19\/widespread-it-outage-due-crowdstrike-update\">had earlier said<\/a> it was aware of malicious activity connected to the event, mirroring messaging put out by cybersecurity officials in the <a href=\"https:\/\/www.ncsc.gov.uk\/news\/major-it-outage\">U.K.<\/a>, <a href=\"https:\/\/www.cyber.gov.au\/about-us\/view-all-content\/alerts-and-advisories\/widespread-outages-relating-crowdstrike-software-update\">Australia<\/a> and <a href=\"https:\/\/www.cyber.gc.ca\/en\/alerts-advisories\/issue-impacting-crowdstrike-falcon-edr\">Canada<\/a>.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"1.2066666666667\">\n<div class=\"author-card\" readability=\"8\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/low-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage-1.jpg?w=640&ssl=1\" alt=\"AJ Vicens\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by AJ Vicens<\/h4>\n<p> AJ covers nation-state threats and cybercrime. He was previously a reporter at Mother Jones. Get in touch via Signal\/WhatsApp: (810-206-9411). <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/low-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Low-level cybercriminals are pouncing on CrowdStrike-connected outage | CyberScoop Skip<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[2350,282,2379,60,1698],"tags":[2354,286,2380,67,1701],"class_list":["post-4617","post","type-post","status-publish","format-standard","hentry","category-crowdstrike","category-cybercrime","category-handala-hack","category-phishing","category-wiper-malware","tag-crowdstrike","tag-cybercrime","tag-handala-hack","tag-phishing","tag-wiper-malware"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/crowdstrike\/\" rel=\"category tag\">CrowdStrike<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybercrime\/\" rel=\"category tag\">cybercrime<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/handala-hack\/\" rel=\"category tag\">Handala Hack<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/phishing\/\" rel=\"category tag\">phishing<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/wiper-malware\/\" rel=\"category tag\">wiper malware<\/a>","tag_info":"wiper malware","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/4617","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=4617"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/4617\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=4617"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=4617"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=4617"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":4617,"date":"2024-07-23T17:05:29","date_gmt":"2024-07-23T22:05:29","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=81127"},"modified":"2024-07-23T17:05:29","modified_gmt":"2024-07-23T22:05:29","slug":"low-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/07\/23\/low-level-cybercriminals-are-pouncing-on-crowdstrike-connected-outage\/","title":{"rendered":"Low-level cybercriminals are pouncing on CrowdStrike-connected outage"},"content":{"rendered":"