… no AD in sight, …
Active Directory?
… no AD in sight, …
I'm not a sec expert. Instead of throwing sarcarsm at me, please if you wish just look at the video and report back. To me it looks pretty legit, maybe you're more experienced than me and can help me understand better. Thanks.So says someone on YouTube, with fifteen thousand upvotes, but is he correct?
CrowdStrike's blog post is emphatic:
"… Although Channel Files end with the SYS extension, they are not kernel drivers. …"
… please if you wish just look at the video …
He clearly states that "...the main Crowstrike driver was loading..." the corrupt .sys file at this point in the video:I'm not a sec expert. Instead of throwing sarcarsm at me, please if you wish just look at the video and report back. To me it looks pretty legit, maybe you're more experienced than me and can help me understand better. Thanks.