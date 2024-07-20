Windows TCO: Ransomware, Azure Downtime, Bricked Windows, People Dying in Hospitals
Two Lockbit affiliates from Russia plead guilty in US court
Between 2020 and 2023, Astamirov deployed LockBit against at least 12 victims — including businesses in Virginia, Japan, France, Scotland, and Kenya — extorting $1.9 million, according to court documents. He operated under the online aliases “BETTERPAY,” “offtitan,” and “Eastfarmer.”
Two LockBit Ransomware Affiliates Plead Guilty In U.S. Federal Court
Between 2020 and 2024, the LockBit group had attacked over 2,500 victims in at least 120 countries, with 1,800 of those in the United States, extorting hundreds of millions of dollars in the form of ransom payments.
UK Police Arrest Suspect in MGM Ransomware Attack
On Friday U.K. police announced, in a joint operation with the country’s National Crime Agency (NCA) and the U.S. FBI, they arrested a 17 year-old suspected of being connected to the ransomware attack against MGM Resorts last year.
Microsoft's massive outage explained in 10 points: Blue Screen of Death, Azure, CrowdStrike and all we know so far
A massive IT outage has thrown businesses and critical services into chaos globally, with Microsoft Azure and Microsoft 365 services experiencing widespread disruptions. The root cause? A faulty update from cybersecurity provider CrowdStrike, affecting countless Windows PCs and servers across various sectors.
What We Know About the Global Microsoft Outage
The problem affecting the majority of services was caused by a flawed update by CrowdStrike, an American cybersecurity firm, whose systems are intended to protect users from hackers. Microsoft said on Friday that it was aware of an issue affecting machines running “CrowdStrike Falcon.”
But Microsoft had also said there was an earlier outage affecting U.S. users of Azure, its cloud service system. Some users may have been affected by both. Even as a fix was sent out by CrowdStrike, some systems were still affected into the U.S. morning as businesses needed to make manual updates to their systems to resolve the issue.
An angry admin shares the CrowdStrike outage experience
Being hit by the outage is one thing. Recovering is quite another. The workarounds published so far are less than ideal for administrators used to remotely managing devices. Since the failure leaves an affected device stuck in a Blue Screen Of Death (BSOD) boot loop, implementing a workaround tends to involves in-person intervention unless remote access that does not use the operating system is possible.
Sadly, for our administrator, things are less than ideal.
Blue Screen Of Death Is Not A Cybersecurity Incident, Says Australian Cybersecurity Minister
CrowdStrike said it is actively working with customers impacted by a defect found in a single content update for Windows hosts. “Mac and Linux hosts are not impacted. This is not a security incident or cyberattack,” CrowdStrike said.
Widespread Windows Crashes Due to Crowdstrike Updates
Last night, endpoint security company Crowdstrike released an update that is causing widespread "blue screens of death" (BSOD) on Windows systems. Crowdstrike released an advisory, which is only available after logging into the Crowdstrike support platform. A brief public statement can be found here.
Update: Some reports we have seen indicate that there may be phishing emails circulating claiming to come from "Crowdstrike Support" or "Crowdstrike Security". I do not have any samples at this point, but attackers are likely leveraging the heavy media attention. Please be careful with any "patches" that may be delivered this way.
CrowdStrike and the Evil of Automatic Updates
Last night CrowdStrike sent an automatic update that threw millions of Windows based computers into blue screen of death reboot loops. This took down airlines, banks, hospitals, government services, TV networks and many more. To fix the problem, IT staff have to boot each computer in safe mode, delete the CrowdStrike device driver and then reboot again. If the hard drive is encrypted then there is added complexity accessing the drive to delete the driver.
CrowdStrike Falcon flaw sends Windows computers into chaos worldwide
Thousands of Windows machines worldwide, including those at banks, airlines, TV broadcasters, and supermarkets, are experiencing a Blue Screen of Death (BSOD). The faulty CrowdStrike update has caused affected PCs and servers to enter a recovery boot loop, preventing them from starting properly. Early Friday, companies in Australia first reported the issue, which quickly spread globally to the U.K., India, Germany, the Netherlands, and the U.S.
Rising cybersecurity threats in the cloud: A call to action
Ransomware: Ransomware attacks continue to be a major concern, with cybercriminals targeting cloud environments to maximise disruption and extort ransoms. The report emphasises the need for comprehensive backup and recovery strategies to counter ransomware threats.
Dark web shows cybercriminals ready for Olympics. Are you?
These events are also prime opportunities for cybercriminals. Over the past decade, the number of cyberattacks targeting major events has surged, increasing from 212 million documented attacks at the London 2012 Games to a staggering 4.4 billion at the Tokyo 2020 Games. These attacks often have direct financial motives, such as scams, digital fraud, or the acquisition of valuable data from attendees, viewers, and sponsors. In their excitement, eager fans often overlook potential risks when purchasing tickets, arranging accommodations, or buying memorabilia, making them easy targets for cybercriminals.
Others, desperate to view specific events, are enticed by malicious websites offering free access, only to have their devices compromised or personal data stolen. With the world’s media focused on the event, criminals with a political agenda are looking for a large audience for their message by disrupting a significant site or knocking critical services offline.
Global IT Outage Grounds Flights, Disrupts Health Care and Banking | Truthout
“Shortly after,” the outlet continued, “reports of disruptions started flooding in from around the world, including from the U.K., India, Germany, the Netherlands, and the U.S.: TV station Sky News went offline, and U.S. airlines United, Delta, and American Airlines issued a ‘global ground stop‘ on all flights.”
-
A software update wreaked havoc on computer systems globally on Friday, grounding flights, forcing some broadcasters off air and hitting services from banking to healthcare.
-
How One Bad CrowdStrike Update Crashed the World’s [Windows] Computers
Only a handful of times in history has a single piece of code managed to instantly wreck computer systems worldwide. The Slammer worm of 2003. Russia’s Ukraine-targeted NotPetya cyberattack. North Korea’s self-spreading ransomware WannaCry. But the ongoing digital catastrophe that rocked the internet and IT infrastructure worldwide over the past 12 hours appears to have been triggered not by malicious code released by hackers, but by the software designed to stop them.
CERT-In: CrowdStrike Update Caused Windows BSOD Outages
Amidst the global outage affecting Microsoft Windows systems, the Indian Computer Emergency Response Team (CERT-In) has issued a critical advisory (CIAD-2024-0035) to address the issue.
This outage seems to have stemmed from a recent update to the CrowdStrike Falcon Sensor, a popular endpoint detection and response (EDR) solution. Dubbed the Blue Screen of Death (BSOD), the outage has disrupted operations across airports, hospitals, software firms among other sectors globally and is generating widespread frustration among users.
All Sciphol flights delayed or canceled over global Windows outage; Fix in the making
Every single flight at Schiphol Airport was delayed or canceled on Friday due to a global Windows outage. The Amsterdam airport was filled to the brim with frustrated travelers trying to start their summer vacation. At 11:45 a.m., the CEO of Crowdstrike, the company whose cybersecurity software was behind the outage, said that they had identified the issue and were deploying a fix.
The outage impacted multiple airlines at Schiphol Airport, making it impossible for them to access their check-in systems, among other things. KLM canceled a large part of its operations on Friday as a result.
-
KLM: More cancellations likely this weekend but IT disruption nearly resolved
At Schiphol, 185 flights were cancelled on Friday due to the global computer [sic] failure. The systems at Schiphol were being restarted by 3:30 p.m., but it has had a major impact on flights to and from the airport.
Windows outage closed two terminals at Rotterdam port; Some regional buses affected
Two terminals at the port of Rotterdam were closed on Friday due to the Crowdstrike bug that crashed Windows computers worldwide. The malfunction makes loading and unloading impossible at the ECT Euromax and ECT Delta. The outage also impacted buses in the province of Utrecht, Amersfoort, and Almere.
Crowdstrike announced at around noon that it was implementing a fix, but it would take time for impacted companies to restart their processes and catch up.
-
From flights to supermarkets to banking operations, the global Microsoft outage is disrupting multiple sectors and threatens to lead to massive issues if it is not resolved soon. In India, almost all air carriers -- Vistara, IndiGo, SpiceJet and Akasa Air -- are facing technical issues that are affecting booking, check-in and flight updates. The airlines are now checking in passengers manually.
-
Windows Computers Lead To 'Blue Screen Of Death' Due To CrowdStrike Error
Millions of Windows users across the globe today experienced the Blue Screen of Death (BSOD) error which caused the system to suddenly shut down or restart. The Microsoft error, caused due to a CrowdStrike 'Falcon Sensor' update, affected airlines banks, stock markets, and other businesses across the globe.
-
The problem seems to have impacted airlines and banks the most but this may just be because delay of service for them is quite visible and some frustrated customers would resort to complaining on social media.
Other companies affected would be telecoms, insurance companies… really any company for whom security on employee computers is important enough they’d pay upwards of $50 a year for each computer.
-
In the early hours of Friday, companies in Australia running Microsoft’s Windows operating system started reporting devices showing Blue Screens of Death (BSODs). Shortly after, reports of disruptions started flooding in from around the world, including from the UK, India, Germany, the Netherlands, and the US: TV station Sky News went offline, and US airlines United, Delta, and American Airlines issued a “global ground stop” on all flights.
-
CrowdStrike’s products are extremely popular, and this problem is shockingly widespread I’ve got a bunch of friends in corporate IT, and none of them are having a good day. Here’s Warren again: [...]
-
Low-cost carriers Frontier Airlines, a unit of Frontier Group Holdings, Allegiant and SunCountry had reported outages that affected operations. Frontier said late Thursday that it was in the process of resuming normal operations, and that the ground stop had been lifted.
U.S. Secretary of Transportation Pete Buttigieg said the department was monitoring the flight cancellation and delay issues at Frontier, adding that the agency will hold the company and all other airlines "to their responsibilities to meet the needs of passengers".
-
A major disruption in Microsoft Corp.’s cloud services caused service disruptions to a number of businesses around the world, including in India, on Friday. A number of airlines, including Indigo, Akasa Air, Air India Express and Spicejet have said that they were all facing technical glitches.
-
Netizens took to social media to express their ire on the outage. An 'X' user posting a picture of the Blue Screen wrote, "Something super weird happening right now: just been called by several totally different media outlets in the last few minutes, all with Windows machines suddenly BSoD’ing (Blue Screen of Death). Anyone else seen this? Seems to be entering recovery mode:"
-
-
If you couldn’t fly, buy tickets, withdraw money, watch the news, or buy groceries this morning, you’re not alone. A massive global IT outage affecting countless businesses and services grounded United, Delta, and American Airlines flights, delayed British soccer team Manchester United ticket sales, and knocked Sky News off the air. The reason? A Windows update.
-
The update in question appears to have installed faulty software onto the core Windows operating system, causing systems to get stuck in a boot loop. Systems are showing an error message that says, “It looks like Windows didn’t load correctly,” while giving users the option to try troubleshooting methods or restart the PC. Many companies, including this airline in India, have resorted to the good old-fashioned way of doing things by hand.
-
The Starbucks app itself is working, but the ability to order ahead is currently unavailable at all locations. It looks as though some Starbucks shops have (temporarily) closed altogether to avoid dealing with this tech hassle until the situation improves.
-
A faulty software update from cybersecurity vendor Crowdstrike crippled countless Microsoft Windows computers across the globe today, disrupting everything from airline travel and financial institutions to hospitals and businesses online. Crowdstrike said a fix has been deployed, but experts say the recovery from this outage could take some time, as Crowdstrike’s solution needs to be applied manually on a per-machine basis.
-
CrowdStrike CEO George Kurtz scrambled to apologize for the crisis, which affected millions of customers using Microsoft Windows — crippling airlines, banks, hospitals and various other clients.
-
Microsoft Windows crashed globally Friday morning due to cybersecurity issues, causing problems in a variety of industries including health care, travel and business. The outage created flight disruptions for major airlines in India and Latin America, and has resulted in more than 3,300 flight cancellations worldwide. In Michigan, hospitals are facing software difficulties, including large hospital systems such as Corewell Health, a result of the merger between Beaumont Health and Spectrum Health, and Michigan Medicine, delaying procedures and appointments for patients.
-
There have been two issues affecting Microsoft systems in quick succession, adding to the confusion over a global outage.
-
It's not believed that the CrowdStrike failure was related to the other Azure outage yesterday, so if you're recovering from one hopefully you didn't have to deal with the other. If your VMs were borked by Falcon, however, then read on.
-
Many of those who use Microsoft Windows are likely experiencing a “blue screen of death” or an error page. The issue is due to a single bug in a software update from cybersecurity company CrowdStrike, which provides antivirus software for Microsoft users.
-
The company pushed out an update to the software overnight, and at 1:30 a.m. EST, CrowdStrike said its “Falcon Sensor” software was causing Microsoft Windows to crash and display a blue screen, Reuters reported.
-
Cybersecurity firm CrowdStrike said that the issue believed to be behind the outage was not a security incident or cyberattack — and that a fix was on the way. The company said the problem occurred when it deployed a faulty update to computers running Microsoft Windows.
But hours after the problem was first detected, the disarray continued — and escalated.
-
Long lines formed at airports in the U.S., Europe and Asia as airlines lost access to check-in and booking services at a time when many travelers are heading away on summer vacations. News outlets in Australia — where telecommunications were severely affected — were pushed off air for hours. Hospitals and doctor's offices had problems with their appointment systems, while banks in South Africa and New Zealand reported outages to their payment system or websites and apps.
-
A massive IT outage has struck industries around the world, grounding flights, halting stock trading, and interfering with broadcasting.
The outage was attributed to a faulty update by CrowdStrike, a company that develops a widely-used cybersecurity software, and it is affecting machines using Microsoft Windows. Apple and Linux systems are not affected.
-
All air carriers operating in India have been hit by the Microsoft outage. Air India, Vistara, IndiGo, SpiceJet and Akasa Air are putting out updates to guide passengers and inform them about the situation. Air India said its "digital systems have been impacted temporarily due to the current Microsoft outage, resulting in delays". IndiGo warned that check-ins "may be slower and queues longer". The low-cost carrier also said the option to rebook a flight or claim a refund is temporarily unavailable. SpiceJet said it is working closely with authorities to minimise disruptions. Akasa Air said its online services have been affected. Vistara, too, said it is facing technical challenges and is working to fix it at the earliest.
-
Amid a massive global outage that hit operations of airlines, banks and businesses across the globe, Microsoft on Friday said it is aware of the issue affecting Windows devices due to an update from a third-party software platform.
-
A significant Microsoft outage brought low-cost carrier Frontier Airlines and some competitors to a standstill for hours after a regulator halted departures. The ground stop was lifted late Thursday night.
“Our systems are currently impacted by a Microsoft outage, which is also affecting other companies,” Frontier said in a statement on its website. “We appreciate your patience.” The company was offering refunds to inconvenienced passengers.
-
Millions of Microsoft Windows users were experiencing the "Blue Screen of Death" error that caused their computers to shut down or restart.
Microsoft said the preliminary root cause was a "configuration change" in a portion of its Azure backend workloads. It caused interruption between storage and compute resources which resulted in connectivity failures that affected downstream Microsoft 365 services dependent on these connections, the company said.
-
Microsoft said on the status page for Azure, its flagship cloud computing platform, that the problem began at 5:56 p.m. and affected multiple systems for customers in the central United States.
“Our systems are currently impacted by a Microsoft outage, which is also affecting other companies. During this time booking, check-in, access to your boarding pass, and some flights may be impacted,” Frontier said in a post on X.
The airline issued a ground stop for all its flights, according to a notice posted on the Federal Aviation Administration’s website. The ground stop was lifted about 35 minutes later.
-
The airline has cancelled 131 flights Thursday and delayed 223 others, making up nearly 30% of its overall flights, according to data tracker FlightAware.
-
Microsoft also tweeted users might have trouble accessing various Microsoft 365 apps and services.
-
According to FlightAware, initially 103 Frontier flights (13%) were canceled and 231 flights (30%) were delayed.
-
An update to a product from infosec vendor CrowdStrike is bricking computers running Windows.
The Register has found numerous accounts of Windows 10 PCs crashing, displaying the Blue Screen of Death, then being unable to reboot.
-
Computer security company CrowdStrike is linked to a major IT outage affecting banks, airports, supermarkets and businesses across Australia and the world.
The ABC is experiencing a major network outage, along with several other media outlets.
-
A global tech outage that appeared to be related to issues at global cybersecurity firm CrowdStrike and Microsoft was affecting operations in various sectors on July 19, including airports, airlines, media, and banks.
-
The headline “Azure Configuration Change Triggers Major Airport Disruption” is clear but could be slightly more specific to capture the full scope of the issue. Here’s a refined version: [...]
-
The company's Regulatory News Service, which publishes company updates, and the prices and news for various assets on its Workspace platform, had also been affected but resumed functioning. A spokesperson for LSEG stated that the issue was due to a third-party global technical problem, but securities trading on the London Stock Exchange remained unaffected.
-
These costs can be especially challenging for institutes with limited budgets. While investing in high-quality hardware and dependable software can mitigate some risks, it does not completely eliminate the possibility of BSOD errors.
-
Cathay subsidiary, low-cost carrier HK Express was also affected. “Due to a global service outage of Microsoft, Navitaire, our global e-commerce system has been affected,” the airline said in a post on Facebook. It added that its website, mobile app, and WeChat mini-app had all been affected.
“Self-service check-in facilities at Hong Kong International Airport and our departure control system have also been affected, we are currently performing manual check-in procedures for our passengers,” HK Express said, calling for travellers to allow at least three hours for check-in.