The Register
CrowdStrike meets Murphy's Law: Anything that can go wrong will
Opinion CrowdStrike's recent Windows debacle will surely earn a prominent place in the annals of epic tech failures. On July 19, the cybersecurity giant accomplished what legions of hackers could only dream of – bringing millions of Windows systems worldwide to their knees with a single botched update.…
Progress discloses second critical flaw in Telerik Report Server in as many months
Progress Software's latest security advisory warns customers about the second critical vulnerability targeting its Telerik Report Server in as many months.…
North Korean chap charged for attacks on US hospitals, NASA – and even China
The US Department of Justice on Thursday charged a North Korean national over a series of ransomware attacks on stateside hospitals and healthcare providers, US defense companies, NASA, and even a Chinese target.…
Malware crew Stargazers Goblin used 3,000 GitHub accounts to make bank
Infosec researchers have discovered a network of over three thousand malicious GitHub accounts used to spread malware, targeting groups including gamers, malware researchers, and even other threat actors who themselves seek to spread malware.…
CrowdStrike update blunder may cost world billions – and insurance ain't covering it all
The cost of CrowdStrike's apocalyptic Falcon update that brought down millions of Windows computers last week may be in the billions of dollars, and insurance isn't covering most of that.…
Beware of fake CrowdStrike domains pumping out Lumma infostealing malware
CrowdStrike is the latest lure being used to trick Windows users into downloading and running the notorious Lumma infostealing malware, according to the security shop's threat intel team, which spotted the scam just days after the Falcon sensor update fiasco.…
FYI: Data from deleted GitHub repos may not actually be deleted
Researchers at Truffle Security have found, or arguably rediscovered, that data from deleted GitHub repositories (public or private) and from deleted copies (forks) of repositories isn't necessarily deleted.…
Uncle Sam accuses telco IT pro of decade-long spying campaign for China
The US is looking to prosecute a Chinese immigrant over claims he has been drip-feeding information of interest to Beijing since at least 2012.…
You should probably fix this 5-year-old critical Docker vuln fairly sharpish
Docker is warning users to rev their Docker Engine into patch mode after it realized a near-maximum severity vulnerability had been sticking around for five years.…
Kaspersky says Uncle Sam snubbed proposal to open up its code for third-party review
Exclusive Despite the Feds' determination to ban Kaspersky's security software in the US, the Russian business is moving forward with another proposal to open up its data and products to third-party review – and prove to Uncle Sam that its code hasn't been compromised by Kremlin spies.…
Patch management still seemingly abysmal because no one wants the job
Comment Patching: The bane of every IT professional's existence. It's a thankless, laborious job that no one wants to do, goes unappreciated when it interrupts work, and yet it's more critical than ever in this modern threat landscape.…
How a cheap barcode scanner helped fix CrowdStrike'd Windows PCs in a flash
Not long after Windows PCs and servers at the Australian limb of audit and tax advisory Grant Thornton started BSODing last Friday, senior systems engineer Rob Woltz remembered a small but important fact: When PCs boot, they consider barcode scanners no differently to keyboards.…
Fatal timeline of CrowdStrike's week from hell – Feb to now
Analysis The great irony of the CrowdStrike fiasco is that a cybersecurity company caused the exact sort of massive global outage it was supposed to prevent. And it all started with an effort to make life more difficult for criminals and their malware, with an update to its endpoint detection and response tool Falcon.…
Oops. Apple relied on bad code while flaming Google Chrome's Topics ad tech
Apple last week celebrated a slew of privacy changes coming to its Safari browser and took the time to bash rival Google for its Topics system that serves online ads based on your Chrome history.…
Uncle Sam opens probe into CrowdStrike turbulence at Delta Air Lines
The US Department of Transportation (DoT) is investigating Delta Air Lines over its handling of the global IT outage caused by CrowdStrike's content update.…
Windows Patch Tuesday update might send a user to the BitLocker recovery screen
Some Windows devices are presenting users with a BitLocker recovery screen upon reboot following the installation of July's Patch Tuesday update.…
Data pilfered from Pentagon IT supplier Leidos
Internal documents stolen from Leidos Holdings, an IT services provider contracted with the Department of Defense and other US government agencies, have been leaked.…
School gets an F for using facial recognition on kids in canteen
The UK's data protection watchdog has reprimanded a school in Essex for using facial recognition for canteen payments, nearly three years after other schools were warned about doing the same.…
Forget security – Google's reCAPTCHA v2 is exploiting users for profit
Google promotes its reCAPTCHA service as a security mechanism for websites, but researchers affiliated with the University of California, Irvine, argue it's harvesting information while extracting human labor worth billions.…
CrowdStrike blames a test software bug for that giant global mess it made
CrowdStrike has blamed a bug in its own test software for the mass-crash-event it caused last week.…