Rapid Response Status Page
All Systems Operational
Uptime over the past 90 days. View historical uptime.
Rapid Response Operational
90 days ago
98.3 % uptime
Today
Operational
Degraded Performance
Partial Outage
Major Outage
Maintenance
Major outage
Partial outage
No downtime recorded on this day.
No data exists for this day.
had a major outage.
had a partial outage.

No incidents or maintenance related to this downtime.

Past Incidents
Jul 27, 2024

No incidents reported today.

Jul 26, 2024

No incidents reported.

Jul 25, 2024

No incidents reported.

Jul 24, 2024

No incidents reported.

Jul 23, 2024

No incidents reported.

Jul 22, 2024
CrowdStrike July Outage (C-00000291) - Update
Resolved - This incident has been resolved.
Jul 22, 14:35 UTC
Identified - Dear Customers,

Axon is aware that multiple threat actor groups are exploiting the current chaos and panic within organizations caused by the ongoing Crowdstrike outage incident.

Our analysis has identified several ongoing malicious campaigns, including:
* Phishing and adware campaigns aimed at fraud and credential theft.
* Malware campaigns delivered via email targeting employees and IT personnel.
* Fraudulent groups impersonate Crowdstrike in phone calls to IT personnel to install remote tools or steal money.


Over the past day, our team has been continuously monitoring and hunting for IOCs based on our intelligence sources. Affected customers will be notified directly. In addition, the IOCs have been added to the Axon IOCs feed, to allow future tracking with the Hunters platform.

The appendix to the current IOCs can be found on our RR Github page: https://github.com/axon-git/rapid-response/blob/main/CrowdStrike%20July%20Outage%20(C-00000291)/threat_iocs_cs_outage_breach_200724.txt


Please do not hesitate to reach out if you have any questions.

Yours,
Team Axon
Jul 20, 11:23 UTC
Jul 21, 2024

No incidents reported.

Jul 20, 2024
Jul 19, 2024
CrowdStrike July Outage (C-00000291)
Resolved - This incident has been resolved.
Jul 19, 10:42 UTC
Identified - Dear Customers,

Team Axon is aware of the significant outage affecting Windows machines with CrowdStrike EDR agents, caused by a driver update.
To assist with scoping the impact, we have created a dedicated SQL query and visibility dashboard for our CrowdStrike customers.

1. Visibility dashboard: The dashboard “CrowdStrike July Outage (C-00000291) Visibility Dashboard” is available from the Hunters platform —> “Data” --> “Visibility” page.

2. Visibility query: The dashboard helps identify affected machines by checking for LFODownloadConfirmation events, which indicate when a specific CrowdStrike-related driver (C-00000291) has been downloaded from their servers. Additionally, the query detects if the driver file has been deleted by correlating it with deletion events. You can find the query on Axon’s RR Github: https://github.com/axon-git/rapid-response/blob/main/CrowdStrike%20July%20Outage%20(C-00000291)/crowdstrike_july_outage_c-00000291_visibility_query.sql


Yours,

Team Axon
Jul 19, 10:27 UTC
Jul 18, 2024

No incidents reported.

Jul 17, 2024

No incidents reported.

Jul 16, 2024

No incidents reported.

Jul 15, 2024

No incidents reported.

Jul 14, 2024

No incidents reported.

Jul 13, 2024

No incidents reported.

Incident History Powered by Atlassian Statuspage