CrowdStrike Struck, PHP CVEs, Race to Exploitation Mountain and KEVs

Hello! This week, AaronJB is here as your editor looking back at the notable security news of the last week (July 15th through July 21st); I can't avoid talking about CrowdStrike just a little, a cou...
Updated Jul 25, 2024
Version 2.0
f5 sirt
security
twis
AaronJB's avatar
Ret. Employee
20+ years in IT as a software developer, network engineer, *nix admin, security engineer and scruffy-looking nerf herder. Current holder of SANS GCIH, GWAPT and GPEN certifications as well as F5-CS and CTS-ASM certifications.
View Profile
jessrobs1's avatar
jessrobs1
Icon for Nimbostratus rankNimbostratus
Apr 30, 2025

Thanks for the detailed rundown, Aaron. The CrowdStrike outage really highlights the risks of relying too heavily on a single vendor without safeguards, something that's just as relevant in the online gaming and app world. At my website, where uptime and performance are critical for users accessing unblocked games, even minor disruptions can cause major issues. The PHP vulnerabilities also hit close to home since many web-based games and platforms still rely on older PHP builds. With attackers moving in within minutes of a PoC release, staying on top of patches and using layered security is not just best practice, it's essential. Great insights, looking forward to the next update.