CrowdStrike aftermath: Microsoft claims it cannot legally implement the same protections as Apple
The CrowdStrike aftermath is seeing IT teams around the world struggle to restore the 8.5 million Windows PCs taken out by the bug. The mess included thousands of flights cancelled, health centers unable to make appointments, retailer payment terminals down, and even some 911 services unavailable. Macs weren’t affected thanks to protections put in place by Apple, but Microsoft has reportedly claimed that antitrust law means it’s unable to take the same approach … Microsoft published a blog post over the weekend acknowledging the scale of the problem.
Los Angeles Superior Court shuts down after ransomware attack
The largest trial court in the United States, the Superior Court of Los Angeles County, closed all 36 courthouse locations on Monday to restore systems affected by a Friday ransomware attack. The attack, which has not yet been claimed by a ransomware operation, affected the entire network of the Los Angeles Superior Court. This includes external systems like the MyJuryDuty Portal and its website and internal systems like the case management systems. “With many of the Court’s network systems still inaccessible as of Sunday evening, the Court will close tomorrow in order to provide one additional day to get essential networks back online,” a statement issued on Sunday reads.
US sanctions Russian hacktivists who breached water facilities
The US government has imposed sanctions on two Russian cybercriminals for cyberattacks targeting critical infrastructure. According to a US Treasury press release, the two sanctioned persons are Yuliya Vladimirovna Pankratova and Denis Olegovich Degtyarenko, both key members of the Russia-aligned hacktivist group Cyber Army of Russia Reborn (CARR). Pankratova, known online as ‘YuliYA,’ is allegedly the leader of CARR, controlling the threat group’s operators and acting as their spokesperson.
Global cops power down world’s ‘most prolific’ DDoS dealership
A DDoS-for-hire site described by the UK’s National Crime Agency (NCA) as the world’s most prolific operator in the field is out-of-action following a law enforcement sting dubbed Operation Power Off. The NCA, together with the Police Service of Northern Ireland (PSNI) and FBI, today announced the closure of digitalstress.su – a platform responsible for tens of thousands of DDoS attacks every week – and the arrest of its suspected admin. The arrest was made on July 2 but authorities haven’t named the suspect. DDoS-for-hire platforms, aka booters, allow budding cybercriminals to take their first step toward the dark side with what is essentially a point-and-click tool to flood a domain of choice.
CrowdStrike CEO to testify about massive outage that halted flights and hospitals
CrowdStrike CEO George Kurtz was called to testify before the House Homeland Security Committee over the major outage affecting Windows PCs spurred by a faulty update that brought flights, hospital procedures, and broadcasters to a halt on Friday, The Washington Post reported. “Recognizing that Americans will undoubtedly feel the lasting, real-world consequences of this incident, they deserve to know in detail how this incident happened and the mitigation steps CrowdStrike is taking,” Homeland Security Chair Mark Green (R-TN) and Cybersecurity and Infrastructure Protection Subcommittee Chair Andrew Garbarino (R-NY) wrote in a letter later shared with The Verge. They asked that CrowdStrike schedule a hearing with the subcommittee by end of day Wednesday.
