Buggy CrowdStrike Crash, Dating Apps Vulnerabilities, Ukraine ICS Malware

The organizations that invest in email authentication early save themselves from expensive incidents later, says Vasile Diaconu, Operations Lead at DuoCircle. We see the pattern constantly: a domain gets spoofed, customers lose trust, and the remediation effort costs 10x what proactive DMARC setup would have cost.

					DMARC Report					

				

Buggy CrowdStrike Crash, Dating Apps Vulnerabilities, Ukraine ICS Malware

					<button title="Play" aria-label="Play Episode" aria-pressed="false" class="play-btn">
						

Play Episode

					</button>
					<button title="Pause" aria-label="Pause Episode" aria-pressed="false" class="pause-btn hide">
						

Pause Episode

					</button>
					


				

				

					<audio preload="none" class="clip clip-14581">
						<source src="https://media.mailhop.org/dmarcreport/images/2024/07/Buggy-CrowdStrike-Crash-Dating-Apps-Vulnerabilities-Ukraine-ICS-Malware.mp3">
					</audio>
					

						

					

					

						

							<button class="player-btn player-btn__volume" title="Mute/Unmute">
								

Mute/Unmute Episode

							</button>
							<button data-skip="-10" class="player-btn player-btn__rwd" title="Rewind 10 seconds">
								

Rewind 10 Seconds

							</button>
							<button data-speed="1" class="player-btn player-btn__speed" title="Playback Speed" aria-label="Playback Speed">1x</button>
							<button data-skip="30" class="player-btn player-btn__fwd" title="Fast Forward 30 seconds">
								

Fast Forward 30 seconds

							</button>
						

						

							<time class="ssp-timer">00:00</time>
							

/

							<!-- We need actual duration here from the server -->
							<time class="ssp-duration" datetime="PT0H2M0S">2:00</time>
						

					

				

			

								<nav class="player-panels-nav">
												<button class="subscribe-btn" id="subscribe-btn-14581" title="Subscribe">Subscribe</button>
																		<button class="share-btn" id="share-btn-14581" title="Share">Share</button>
										</nav>
						

	



		

						

				

					

					

				

				

					

																																																																								

					

						

RSS Feed

							<input value="https://dmarcreport.com/feed/podcast/dmarc-report" class="input-rss input-rss-14581" title="RSS Feed URL" readonly />
						

						<button class="copy-rss copy-rss-14581" title="Copy RSS Feed URL" aria-label="Copy RSS Feed URL"></button>
					

				

			

									

				

					

					

				

				

					

						Share						

					

						<a href="https://www.facebook.com/sharer/sharer.php?u=https://dmarcreport.com/blog/podcast/buggy-crowdstrike-crash-dating-apps-vulnerabilities-ukraine-ics-malware/&t=Buggy CrowdStrike Crash, Dating Apps Vulnerabilities, Ukraine ICS Malware" target="blank" rel="noopener noreferrer" class="share-icon facebook" title="Share on Facebook">
							

						</a>
						<a href="https://twitter.com/intent/tweet?text=https://dmarcreport.com/blog/podcast/buggy-crowdstrike-crash-dating-apps-vulnerabilities-ukraine-ics-malware/&url=Buggy CrowdStrike Crash, Dating Apps Vulnerabilities, Ukraine ICS Malware" target="blank" rel="noopener noreferrer" class="share-icon twitter" title="Share on Twitter">
							

						</a>
						<a href="https://media.mailhop.org/dmarcreport/images/2024/07/Buggy-CrowdStrike-Crash-Dating-Apps-Vulnerabilities-Ukraine-ICS-Malware.mp3" target="blank" rel="noopener noreferrer" class="share-icon download" title="Download" download>
							

						</a>
					

				

				

					

						Link						

					

						<input value="https://dmarcreport.com/blog/podcast/buggy-crowdstrike-crash-dating-apps-vulnerabilities-ukraine-ics-malware/" class="input-link input-link-14581" title="Episode URL" readonly />
					

					<button class="copy-link copy-link-14581" title="Copy Episode URL" aria-label="Copy Episode URL" readonly=""></button>
				

				

					

						Embed						

					

/*! This file is auto-generated */ ’ title=“Embed Code” class=“input-embed input-embed-14581” readonly/>

					<button class="copy-embed copy-embed-14581" title="Copy Embed Code" aria-label="Copy Embed Code"></button>
				

			

				

Are you worried about the increasing hold of threat actors and scammers in our lives? Fret not, because cyber education and awareness are the keys to beating them in their own game. Here we are again, with our weekly dose of cyber news that will inform, educate, and engage you in the most **productive way possible.

This week’s highlight is the buggy Crowdstrike update that literally shook the corporate world with its “blue screen of death.” Ukraine is in news again and this time it is because of a novel ICS malware attack on the **war-ravaged country’s water heating services. Something as casual as swiping right on online dating apps too, can make you prone to cyberscams.

To know more, keep reading!

CrowdStrike’s buggy update crashed Windows and brought the world to a standstill!

As of 2025, DMARC is mandatory under multiple compliance frameworks. CISA BOD 18-01 requires p=reject for US federal domains. PCI DSS v4.0 mandates DMARC for organizations processing payment card data as of March 2025. Google and Yahoo require DMARC for bulk senders (5,000+ messages/day) since February 2024, and Microsoft began rejecting non-compliant email in May 2025. The UK NCSC, Australia’s ASD, and Canada’s CCCS all mandate DMARC for government domains. Cyber insurers increasingly require DMARC enforcement as an underwriting condition.

**Corporate employees are not yet over last Friday’s Microsoft outage . The “blue screen of death” created a mess across the world. Almost every sector, like aviation, healthcare, banking, hospitality and IT, was affected, resulting in chaos and confusion. A buggy update to CrowdStrike Falcon Sensor was the reason behind this global disruption.

The cybersecurity vendor has acknowledged the outage and held the **Memory Scanning prevention policy responsible for the ultimate disarray. The bug wasn’t identified during the testing stages.

CrowdStrike has already reverted the buggy update. However, users in different corners of the world are still experiencing frequent crashes and finding it hard to receive the latest version.

Microsoft, on the other hand, is done with its Microsoft 365 mitigation process and claims that all the affected **Microsoft 365 apps have been fully recovered.

George Kurtz, the CEO of CrowdStrike, said that it was just a faulty update and not a cyberattack.

While **Mac and Linux systems stayed unaffected by the update, Windows users across the world faced extreme inconvenience.

The outage affected the Paris Olympics as the authorities faced extreme difficulty in uniform deliveries and accreditations.

Swipe right with caution, as online dating apps are making you prone to cyberattacks!

Online dating can **lead you straight to threat actors! If you are seeking your soulmate on OKCupid, Tinder, Bumble, Badoo, Grindr or Hinge, then you need to take a step back.

Belgium-based security researchers have discovered that all these dating apps have API vulnerabilities. It is thus convenient for the threat actors to gain access to your personal data as well as exact location.

Two researchers at KU Leuven, a Belgian university, tested the dating apps to find the extent of user data vulnerabilities. The test results have revealed that cyberattackers can easily access sensitive user information beyond the data that is publicly shared on these apps.

In order to find out the extent of damage, the researchers- Le Pochat and Karel Dhondt, simply lurked in the apps like malicious users. They made no attempt to hack the apps and yet got easy access to sensitive user data. Le Pochat said that technical proficiency is enough to crack the traffic that is coming and going out of the app to get some data. The researchers also used the trilateration method to find out the location of other users accurately.

The researchers have got in touch with all the dating app companies and informed them about the privacy concerns and security threats. The apps have confirmed that they have fixed the leaks. However, the Belgian researchers believe that some **privacy concerns still exist.

Ukraine is in the news again- this time for a novel ICS malware attack!

Back in Januray 2024, Ukraine faced a severe crisis when an attack disrupted the water heating services, thereby affecting as many as 600 apartments in Lviv . Researchers have now concluded that the disruption was made possible by threat actors. They used a novel, highly dangerous ICS malware, that allows the cybercriminals to interfere with the OT or operational technology directly. They have named it FrostyGoop.

This malware has the capacity to attack any and every ICS system that depends on Modbus for communication. **Security experts believe that FrostyGoop attacks can have far-fetched consequences.

The attack targeted the ENCO water heating services in Ukraine, thereby depriving people of basic hot water in sub-zero temperatures. FrostyGoop used Modbus commands to interact with the water heating controllers, which eventually led to system malfunction. Detailed investigation suggests that the attackers managed to gain access to the water heating systems way back in April 2023. It took them multiple attempts and trials to finally lodge the cyberattack and affect the OT through their ICS malware. The attack was so severe that the incident responders were required to work for almost 48 hours to take back the control and set things right.

Keep visiting DMARCReport.com for the latest weekly updates on cybersecurity news.

Sources

• CISA Binding Operational Directive 18-01
• Microsoft Outlook DMARC Enforcement May 2025 (2025)
• PCI DSS v4.0 - DMARC Requirement (2025)