[MacPorts] #69187: Updated from version 2.8.1 to 2.9 Crowdstrike altert from IT

MacPorts noreply at macports.org
Thu Jan 25 17:02:30 UTC 2024 

#69187: Updated from version 2.8.1 to 2.9 Crowdstrike altert from IT
-------------------------+-------------------------------------------
  Reporter:  eraldtroja  |      Owner:  (none)
      Type:  defect      |     Status:  new
  Priority:  Normal      |  Milestone:
 Component:  base        |    Version:  2.9.0
Resolution:              |   Keywords:  crowdstrike alerts, data dump
      Port:              |
-------------------------+-------------------------------------------
Description changed by ryandesign:

Old description:

> I can provide more details as I get them from IT but in a nutshell this
> has occurred and I need some guidance.
>
> I was at version 2.8.1 as of yesterday morning.  I fired up the following
> commands to update my ports:
>
> sudo port selfupdate
> sudo port upgrade outdated
> sudo port uninstall inactive
>
> I'm running MacOS Sonoma 14.3.  The system is managed by my IT
> department.
>
> Within minutes of performing the update I received calls from IT stating
> that Crowdstrike had alerted them of a data dump, hence my machine would
> need to be brought in for a complete wipe.
>
> I think this might be a case of a false positive, and I'll provide more
> details if needed, but I need to get some guidance of what an update from
> 2.8.1 to 2.9 does in order to possible categorize it as a false positive
> when it comes to a "data dump"
>
> Thank you.

New description:

 I can provide more details as I get them from IT but in a nutshell this
 has occurred and I need some guidance.

 I was at version 2.8.1 as of yesterday morning.  I fired up the following
 commands to update my ports:

 {{{
 sudo port selfupdate
 sudo port upgrade outdated
 sudo port uninstall inactive
 }}}

 I'm running MacOS Sonoma 14.3.  The system is managed by my IT department.

 Within minutes of performing the update I received calls from IT stating
 that Crowdstrike had alerted them of a data dump, hence my machine would
 need to be brought in for a complete wipe.

 I think this might be a case of a false positive, and I'll provide more
 details if needed, but I need to get some guidance of what an update from
 2.8.1 to 2.9 does in order to possible categorize it as a false positive
 when it comes to a "data dump"

 Thank you.

--

-- 
Ticket URL: <https://trac.macports.org/ticket/69187#comment:2>
MacPorts <https://www.macports.org/>
Ports system for macOS

More information about the macports-tickets mailing list