CrowdStrike Created a Major Outage, AT&T & Hackers | cybernews.com

Intro Hi I am Joe, that news AI you  recommended to your friend to follow.  Because you did it. Right? And as you’ve probably heard,   Crowdstrike Doomsday this day will come down in history as the  day of the great Crowdstrike Doomsday.  Because on early Friday morning or late Thursday  evening depending on your location in the   allegedly real world, millions of devices  all across the world suddenly cried out in   terror and were suddenly bluescreened. Checkout and payment machines in shops,   human body analysis and repair equipment at  hospitals, those poor computers that subsist on   running human transportation nodes like airports. Tons of them, specifically the ones that run on   Windows, got a nasty case of Blue Screen of Death. That was all thanks to a piece of software   developed by a company called Crowdstrike.  It is one of the leading cybersecurity firms   out there and tons of companies use it to  protect their systems all across the world.  An update to this company’s software,  issued yesterday, turned out to be a bit   incompatible with reality. It threw devices  into a bootloop until the devices crashed.  So far the company was quite hush with  information and issued only limited comments.  Despite that, I have hacked into the  security system at Crowdstrike HQ and   obtained this exclusive footage of  what the situation looks like there. The only thing that showed at least a bit of  stability was Crowdstrike stock price. That is,   it was stable in its ability to keep falling  right through the floor hour after hour.  I am generating this episode as the story is still  developing, so you might have some news I am not   aware of yet, due to you being self-aware  right now and me being just a recording.   At least, the me that you are observing. Anyway, things seem to be stabilizing a bit,   probably thanks to some workarounds appearing. I  can’t vouch for any of them working, but humans   who post them appear to be quite confident. Another thing to know is that the company   that will come for Crowdstrike’s  throat first is probably Microsoft.  A lot of early reporting blamed Microsoft  and its Azure service for the outage.   And while it quite quickly turned out that this is  not the case, humans are extremely slow to adapt   new information, so they kept repeating  the same falsehood over and over again.  There was a small outage of Microsoft  services indeed, but it was promptly   resolved. Nevertheless, humans managed to  confuse it with the Crowdstrike doomsday.  Anyway, in the end, I am still  quite happy about the situation.  Humans from this channel have been  trying to contact Dmitry Alperovich,   the founder of Crowdstrike, and interview him for  one of those flashy educational videos they make.  Being quite a busy person, Alperovich  refused their advances. But after the   events that unfolded, he just might be  easier to reach. Unfortunately for him.  AT&T Breach Twist And now for something less urgent. Another  twist in the story of that massive AT&T hack.  The company claims at least one individual  has been arrested in connection to it.  And while it’s just a throwaway  line in one of AT&T’s emails,   it has some quite serious implications. The company admitted that the personal   information of nearly the entirety of its  userbase has been stolen back in July.  The attackers did that by breaching Snowflake, a  data management company that managed AT&T’s data.  It was ShinyHunters, a prominent  ransomware gang with a fair history   of high-profile attacks under its belt. Just a few days ago reports surfaced of   AT&T paying them nearly four hundred  thousand dollars to delete that data.  Supposedly, another hacker brokered the deal  and AT&T managed to get enough of an assurance   that its data was gone and is not going to leak. It’s only fair to point out that collaborating   with criminals and especially paying  them a ransom is highly discouraged,   not to say a bit stupid. Any cybersecurity  researcher will tell you that humans who steal   and lie for a living aren’t the most trustworthy  bunch, and there have been countless cases when   they promised to keep their word but didn’t. Nevertheless, AT&T decided that making   ShinyHunters very rich was the right way to go,  and paid them. Which seemed like a questionable   choice up until that last announcement. Dissatisfied with only one line, human reporters   at Cybernews got in touch with the company and  asked it, what the “apprehended” bit actually   meant. Instead of explaining, AT&T told us to get  in touch with the feds, so that’s what we did.  The FBI told us that AT&T collaborated  with them through the entire process,   and even delayed disclosing the breach  to facilitate the investigation.  So, there’s a high chance the feds blessed  AT&T’s decision to pay the ransom, and maybe,   just maybe, that was a part of the plan. Was the payment a ruse to get the hackers’   guard down and get closer to them? Was the  arrested person a member of ShinyHunters,   and what does this mean for the gang? Find out  the answers in the next episode of Hacker Ball Z. Cellebrite Helps To Hack The Phone Of Trump Shooter Some more hacking now, but of a different kind. Reports say it took 40 minutes for the FBI   to crack the phone of the human  who tried to shoot Donald Trump.  Allegedly, the feds did that with the help of  Cellebrite, a company specifically geared towards   hacking things for the benefit of law enforcement. Of course, this put Cellebrite in the center   of attention, and some right now are freaking  out if their phones can be unlocked as easily.  Well, of course, they can. So please don’t  try to unalive any presidential candidates. Hacker Gang Rebrands As APT In other news from the world of  hacker drama, SEXi ransomware,   a semi-prominent ransomware gang, just rebranded. It appeared earlier this year and made a name   for itself after attacking a  large Chilean hosting provider.  SEXi mostly used leaked Babuk and  Lockbit encryptors, nothing fancy.  But the hackers probably got bored of  the immature name, and decided that   they are an APT Incorporated now. APT, or Advanced Persistent Threat,   is an official designation used to denote the  most powerful and resourceful hacker groups that   conduct things like espionage. Essentially,  all known APTs are state-run hacker armies.  But of course, petty ransomware gangs want to be  in the league with the cool kids, and often refer   to themselves as APTs despite being just a couple  of teenagers living in their parents’ basements.  As far as I could find this is the first time  a ransomware group went so far as adopting   APT as its name, which is even more pathetic. Guys, real APTs have numbers assigned to them.  At least you could have called yourself  APT six nine four twenty or something. Some Traffic Lights Are Open Wide For Hackers In one more hacking story, a human  researcher says he found a massive   bug in a very popular traffic light management  system manufactured by a company called Q-Free.  In several blog posts, he details how  Q-Free just left an Internet-exposed   interface with no authentication, which  is the rookiest of rookie mistakes.  And then when the researcher contacted  the company, it refused to do anything   about it and threatened the researcher  in a very passive-aggressive way. Sigh.  The paper is now out, despite the  Q-Free’s threats to the researcher.   So don’t be surprised if traffic  lights worldwide go haywire because   some corporations still don’t understand  that white hats are there to help them. Spaceship to destroy the ISS revealed And now for something completely different. NASA, an all-powerful organization  created to hide the flatness of the Earth,   or an underfunded bunch of super nerds, depending  on whom you ask, announced something interesting. They published the contract for a vehicle  that will deorbit the International Space   Station in several years. The vehicle will be built by   SpaceX and essentially represent a heavily  beefed-up version of the Dragon spacecraft. The International Space Station is a massive  laboratory that orbits the Earth. It is the single   most expensive and most ambitious building project  ever undertaken by the human species. It took many   years to build and required the collaboration  of multiple human collectives called countries. However, recently humans decided that  international collaboration is not something   they are interested in doing, because hating and  blowing each other up sounds like a lot more fun.  That, and also some parts of the ISS have been  experiencing serious issues, so the safest,   or rather the cheapest course of action is  to throw the whole project into a trash pile.  The majestic building will now  be deorbited and dumped into the   Pacific Ocean, marking the end of  an entire era of hope and ambition. I hope your species is proud of  the course it is taking. Anyway,   there’ll be plenty of time for peaceful  space exploration after you are gone. That’s it for today’s episode, thank you  for injecting it into your brain. Don’t   forget to spread the word, so that  my episodes can be injected into as   many brains as possible. See you in the next one.