Crowdstrike
Premier product Falcon, 'next-generation AV, endpoint detection and response and 24/7 threat hunting.'
In the news : (WaPo regurgitation) https://www.nzherald.co.nz/business/news/article.cfm?c_id=3&objectid=11683795 - [Crowdstrike] booming thanks to Russian hackers
(lots of sauce about dnc hack, state dept. hack, joint chiefs hack)
So crowdstrike is really the sauce for the russian hack claim. If there was no Russian hack then crowdstrike has to be comped.
My, perhaps paranoid, take: I've always been suspicious of antivirus products (while still using them kek)
It's been widely observed in the past that some AV would delete some pirated software. Fair enough I suppose. But imagine all of your files getting checksummed, and someone keeping a big database of all the files on everyone's networks, trying them back to user ids or machine SIDs.
Now if bad actors find a child rape (and I think we should start calling it that) file and checks its fingerprint against a database, then all other people in the database with that file are comped as well.
Not only that, but any kind of data. It's not necessarily about stealing the data itself (network admins should notice that level of traffic, or have good tripwires) but about matching metadata. And if a network admin check a lot of traffic to a suspicious IP and it goes back to an AV vendor (or operating system provider) the red flags go down quite a bit (from experience).
It could explain how all this DS fuckery can actually happen, why it all seems linked to child rape stuff, how they get them to turn.