All posts tagged: malicious

Global IT outage: Warning over malicious websites offering to fix devices – as experts reveal likely cause of CrowdStrike issue | World News

Global IT outage: Warning over malicious websites offering to fix devices – as experts reveal likely cause of CrowdStrike issue | World News

A faulty software update that caused the global IT outage likely skipped checks before being deployed, experts have said – as a warning was issued about malicious websites offering to fix devices. An estimated 8.5 million Microsoft Windows PCs devices were affected worldwide by the update from cybersecurity firm CrowdStrike, causing delays for airports, broadcasters, hospitals and businesses. Problems came to light quickly after the latest version of CrowdStrikes Falcon sensor software was rolled out on Friday. The update was meant to make systems more secure against hacking, but instead caused devices to display a “blue screen of death” due to faulty code. “What it looks like is, potentially, the vetting or the sandboxing they do when they look at code, maybe somehow this file was not included in that or slipped through,” said Steve Cobb, chief security officer at Security Scorecard, as he considered the cause of the technical mishap. Image: Passengers at Gatwick Airport continued to face delays on Saturday Another expert, security researcher Patrick Wardle, put the problem with the update down …

Law passed to protect critical transport firms from ‘malicious actors’, other disruptions

Law passed to protect critical transport firms from ‘malicious actors’, other disruptions

WHAT ARE THE CHANGES? The new law will subject the designated entities to controls in three areas: Ownership, management appointments, and in their operations and resourcing. Under new proposed ownership controls, buyers will need to notify the authorities within seven days of becoming a 5 per cent controller of an entity. Approval is needed for other controlling thresholds – 25, 50 and 75 per cent – or if buyers gain indirect control over a designated entity. Sellers are also required to seek approval when they lower their controlling interest in an entity below the thresholds of 25 per cent, 50 per cent and 75 per cent. Designated entities must notify the authorities within seven days of becoming aware of these changes in ownership and control. Also proposed in the law are management appointment controls, with new approval requirements for designated entities to appoint the chief executive officer and the chairperson of the board. For a designated operating entity that is also a licensee under the relevant authority, approval will be required for the appointment of …

‘No indication of malicious activity’ as e-gates back working at UK airports after travel chaos | UK News

‘No indication of malicious activity’ as e-gates back working at UK airports after travel chaos | UK News

A “nationwide issue” with e-gates at airports has been resolved after causing travel chaos across the country, the Home Office has said. It said the system was back up and running and there was “no indication of malicious cyber activity”. Social media images and footage showed long queues at the passport scanning gates at several airports overnight. Passengers also reported being held on planes after they landed, while others said the delays caused them to miss trains. Image: Queues at Gatwick Airport. Pic: Paul Curievici/PA Heathrow, Gatwick and Stansted airports were affected, as well as Manchester, Bristol and Southampton, along with Edinburgh, Glasgow and Aberdeen. One passenger at Stansted Airport told Sky News they had missed several coaches to central London because of the issues, and only cleared the airport after nearly three hours in line. “Not much info given. No water handed out. Babies crying,” they said. Another at Luton Airport said it took around 80 minutes from leaving their flight from Amsterdam to get through border control. One traveller said they were held …

Justice Kavanaugh Warns Of Vicious Cycle Of Malicious Prosecutions That Could End Presidency

Justice Kavanaugh Warns Of Vicious Cycle Of Malicious Prosecutions That Could End Presidency

Authored by Tom Ozimek via The Epoch Times, During Thursday’s deliberations at the U.S. Supreme Court on former President Donald Trump’s immunity claim, Supreme Court Justice Brett Kavanaugh warned that a decision in the case has future implications for whether future presidents are shielded from vicious cycles of malicious prosecution that could effectively end the presidency as we know it. In the course of two-and-a-half hours of oral arguments on April 25, justices on the Supreme Court appeared skeptical of a ruling by a federal appeals court that rejected President Trump’s claim that he has absolute immunity from criminal charges based on his official acts as president. President Trump was indicted by special counsel Jack Smith in August 2023 on charges of conspiring to overturn the results of the 2020 election. Pleading not guilty, the former president has argued that he should receive absolute immunity from criminal prosecution for acts that fell within the scope of his official duties. The exception to this immunity, he has argued, is if Congress impeaches and convicts him on …

Linux XZ Utils malicious backdoor was a CVE 10 risk to Linux systems

Linux XZ Utils malicious backdoor was a CVE 10 risk to Linux systems

If you’re managing or using Linux systems, it’s crucial to understand the recent security threat that has emerged. The XZ Utils, an essential tool for lossless data compression on Linux, was discovered to have a backdoor that posed a significant risk to nearly all Linux systems. This revelation has caused considerable concern within the tech community due to the potential widespread impact. The Common Vulnerabilities and Exposures (CVE) system that provides a reference method for publicly known information-security vulnerabilities and exposures assigned a CVE severity score of 10/10 to the Linux XZ Utils backdoor. The initial detection of the issue was made by Andres Freund a PostgreSQL developer at Microsoft, who observed unexpected SSH login delays and unusual CPU usage spikes on a Debian Linux system. This led to an investigation that revealed the presence of a backdoor in the XZ Utils, originating directly from the official XZ repository. Consequently, any system that had installed the compromised updates was vulnerable, leaving countless Linux servers and workstations exposed to potential attacks. Ingenious Concealment and Potential Consequences …

‘Malicious Activity’ Hits the University of Cambridge’s Medical School

‘Malicious Activity’ Hits the University of Cambridge’s Medical School

The University of Cambridge is constantly ranked among the world’s top universities, with its medical school and vast research facilities among the very best. But for the last month, staff at the prestigious medical school have had work hampered following “malicious activity” on its computer network. An emailed “staff notice” seen by WIRED, believed to have been sent at the end of February, alerted staff to the disruption and said the university was working to get systems back online as soon as possible. However, weeks later, the incident is still ongoing, and little information has been made public about the nature of the incident. “IT services provided by the Clinical School Computing Service (CSCS) have been disrupted by malicious activity,” the email reviewed by WIRED says. “We appreciate that some staff and students are experiencing significant disruption to their work and studies, and we are grateful for their patience and understanding.” The University has confirmed to WIRED that its systems have been impacted; that some services have been voluntarily taken offline; and while it has …

UK and US blame China for ‘malicious’ cyber attacks

UK and US blame China for ‘malicious’ cyber attacks

In this video grab taken on March 25, 2024, Britain’s Deputy Prime Minister Oliver Dowden makes a statement on Chinese cyber attacks, in the House of Commons. – / AFP The UK on Monday, March 25, accused Beijing-linked organizations of orchestrating two “malicious” cyber campaigns, calling in China’s ambassador to protest and sanctioning those it branded responsible. The announcement came as the US Department of Justice in Washington said it had charged seven Chinese nationals in connection with a 14-year campaign against critics of Beijing. In London, Deputy Prime Minister Oliver Dowden told MPs that the attacks in 2021 and 2022 had compromised the Electoral Commission and UK parliamentary accounts, including those of lawmakers critical of China. “Chinese state-affiliated actors were responsible for two malicious cyber campaigns targeting both our democratic institutions and parliamentarians,” he said. The hacks, by what he said were “Chinese state-affiliated actors,” were “the latest in a clear pattern of hostile activity originating in China.” But he stressed that both, while a “real and serious threat,” were unsuccessful. “The compromise has …

China responsible for two ‘malicious’ cyber attack campaigns in UK, says Dowden | Politics News

China responsible for two ‘malicious’ cyber attack campaigns in UK, says Dowden | Politics News

China “state-affiliated actors” have been blamed by the government for two “malicious” cyber attack campaigns in the UK. Making a speech in the Commons, Deputy Prime Minister Oliver Dowden revealed the two incidents involved an attack on the Electoral Commission – responsible for overseeing elections and political finance – in 2021, and targeted attacks against China-sceptic MPs. He confirmed the Foreign Office would be summoning the Chinese ambassador “to account for China’s conduct in these incidents”, and that the UK, alongside international partners such as the US, would be issuing sanctions. Mr Dowden told MPs: “The cyber threat posed by China affiliated actors is real and it is serious, but it is more than equalled by our determination and resolve to resist it. “That is how we defend ourselves and our precious democracy.” But he faced condemnation from backbench Tories for not going far enough, with former immigration minister Robert Jenrick calling the actions of the UK government “feeble” and “derisory”, and foreign affairs committee chair Alicia Kearns deeming them “sadly insufficient”. Politics live: PM …

Haiti’s ‘deal with the Devil’: The malicious tale that emerges every crisis

Haiti’s ‘deal with the Devil’: The malicious tale that emerges every crisis

It comes up every time Haiti suffers a crisis. Take 2010, when a 7.0-magnitude earthquake shook Port-au-Prince flat, killing some 220,000 people. Aftershocks were still rattling the capital when Pat Robertson took to the Christian Broadcasting Network to pinpoint the disaster’s cause. “Something happened a long time ago in Haiti, and people might not want to talk about it,” the televangelist turned seismologist told viewers of “The 700 Club,” his news and talk show. “They were under the heel of the French … and they got together and swore a pact to the Devil. They said, ‘We will serve you if you’ll get us free from the French.’” Robertson continued, “True story. And so the Devil said, ‘Okay, it’s a deal.’ But ever since, they have been cursed by one thing after another.” Robertson, who died last year, might not have been the most reliable authority: He endorsed the claim that feminists and gay people were responsible for the Sept. 11, 2001, terrorist attacks and predicted, at various points, the imminent arrival of an Earth-destroying …

Epic’s Tim Sweeney slams Google for ‘malicious compliance’ with EU’s Digital Markets Act

Epic’s Tim Sweeney slams Google for ‘malicious compliance’ with EU’s Digital Markets Act

Are you looking to showcase your brand in front of the gaming industry’s top leaders? Learn more about GamesBeat Summit sponsorship opportunities here.  Epic Games CEO Tim Sweeney blasted Google for “malicious compliance” with the requirements of the European Union’s Digital Markets Act. The DMA is an anti-monopoly law that prohibits “gatekeeper” tech companies from blocking developers’ access to digital markets through means such as alternative app stores. Epic Games sued both Google and Apple for charging monopoly fees (taking 30% of all game transactions in their marketplaces) and shutting down developers from mentioning alternative stores where fees are lower. In the Apple antitrust case, Epic lost most of the rulings but a federal judge found that the “anti-steering” policy that Apple had in place was anticompetitive. In December, Epic won a jury trial in its antitrust case against Google, and the EU’s DMA is codifying some of the principles for fair competition. But Sweeney alleges that both Apple and Google are dragging their feet on compliance. In a similar case involving Spotify and the …