Articles about Root Cause

Sh... IoT just got real: Mirai botnet attacks targeting multiple ISPs

Analysis The Mirai botnet has struck again, with hundreds of thousands of TalkTalk and Post Office broadband customers affected. The two ISPs join a growing casualty list from a wave of assaults that have also affected customers at Deutsche Telekom, KCOM and Irish telco Eir over the last two weeks or so. Problems at the Post Office …
John Leyden, 02 Dec 2016
Surfers

Hull surfers cut off by router attack

Thousands of broadband customers in the Hull area have been left without reliable internet access following a cyber attack. Local telco KCOM blamed difficulties for its customers which began over the weekend and remains ongoing on an attack it said was targeted at models of routers it supplies to some of its customers. Since …
John Leyden, 01 Dec 2016

Deliver-oops! Takeaway pusher's customers burger-ed by hijackers

Customers of online takeaway firm Deliveroo are getting their accounts hijacked and charged for food they never ordered, according to an investigation by BBC One's Watchdog. Investigators from the campaigning TV consumer affairs programme uncovered evidence that scores of customers of the newly be-logo-ed Deliveroo are being …
John Leyden, 23 Nov 2016

EMC publicly denies Fairview borkage involvement

EMC denies that any XtremIO failure contributed to the Fairview Health Services system collapses as reported in the Minnesotan paper City Pages. Here is an EMC statement: The City Pages article was inaccurate and misleading across a wide range of facts, including the comments relating to the Dell EMC products. The Dell EMC …
Chris Mellor, 09 Nov 2016
Doctors run to save patient. Photo by Shutterstock

XtremIO 'outages bork US hospital patient records system'

Update XtremIO storage is reportedly failing at Fairview Health Services in Minnesota, hindering patient operations. Fairview is a non-profit organisation with around 25,000 employees in hospitals, clinics, care homes and pharmacy shops. It traditionally used HDS storage for medical records used by its Epic patient admin system, and …
Chris Mellor, 08 Nov 2016
Fraud

Tesco Bank limits online transactions after fraud hits thousands

Tesco Bank has restricted the operations of current accounts after funds were looted from a reported 20,000 accounts. The UK bank has confirmed a fraudulent attack, which is under investigation. In the meantime it has suspended online transactions from current accounts, including contactless transactions. Customer can still …
John Leyden, 07 Nov 2016

SpaceX to explosion conspiracy theorists: There's no grassy knoll at Cape Canaveral

Video Conspiracy theorists can stop looking for a grassy knoll near SpaceX's Cape Canaveral launch complex: the company reckons it's close to explaining why its September launch failed so spectacularly. The explosion destroyed a Falcon 9 rocket, roughly US$200 million of Facebook satellite payload, and extensively damaged the launch …
Clock gears, photo via: Shutterstock

Dynatrace promises heavyweight OpenStack guts probing

OpenStack Summit Dynatrace is taking on open-source cloud tools with a performance suite it claims is “enterprise grade.” The firm’s Digital Performance Platform that’s used on Amazon Web Services and Microsoft Azure is now available for OpenStack. Supporting the platform are Mirantis and SUSE, through their OpenStack spins. Digital …
Gavin Clarke, 27 Oct 2016

And so we enter day seven of King's College London major IT outage

King's College London suffered its seventh consecutive day of IT woes today. According to our sources in Blighty's capital, this was down to a redundant array of inexpensive disks (RAID) which was running virtualised systems failing during a hardware upgrade. As KCL officials note, their IT systems department has been working …

DNS devastation: Top websites whacked offline as Dyn dies again

An extraordinary, focused attack on DNS provider Dyn continues to disrupt internet services for hundreds of companies, including online giants Twitter, Amazon, AirBnB, Spotify and others. The worldwide assault started at approximately 11am UTC on Friday. It was a massive denial-of-service blast that knocked Dyn's DNS anycast …
Kieren McCarthy, 21 Oct 2016
editorial only image of Whitehall. Pic Daniel Gale/Shutterstock

Glued-shut IT wallets hindered UK govt's programmes – study

Efforts by the previous UK government to rein in lavish Whitehall technology spending caused more harm than good in some instances. That's according to a new academic paper, titled Identifying the critical success factors for major government projects that incorporate IT or “digital” developments. It builds upon two …
Kat Hall, 21 Oct 2016
Ada Lovelace

Despite best efforts, fewer and fewer women are working in tech

Women are still losing ground in the computer science and IT fields, despite corporate pledges to improve gender diversity in their ranks. This according to research carried out by Accenture and Girls Who Code, which found the overall percentage of women in computing jobs is set to decline in the coming years from 24 to 20 per …
Shaun Nichols, 20 Oct 2016
Anger

Microsoft keeps schtum as more battery woes hit Surface sufferers

Updated Microsoft loyalists are up in arms over yet more battery grief with the Surface Pro 3 and that Redmond is, we're told, breaking promises on repair costs. These aren't the battery blunder reported in July, in which faulty software had a habit of draining batteries of juice. Microsoft fixed that issue with a software update in …
Iain Thomson, 19 Oct 2016
Woman frustrated while trying to make mobile phone call... Photo via Shutterstock

Level3 switch config blunder blamed for US-wide VoIP blackout

Updated Backbone provider Level3 says an outage that knocked out VoIP service for much of the US Tuesday morning was the result of improperly configured equipment. It seems the outage, which smashed call services offline for much of the country, was not the result of any fiber cuts or facility damage, but rather some classic bad …
Shaun Nichols, 05 Oct 2016
Pulling the plug

Pull the plug! PowerPoint may kill my conference audience

Something for the Weekend, Sir? The man on stage is baffled. It was his big moment, a chance to show off his company’s proficiency and expertise, but now he’s being made to look useless. Two huge screens on either side of the stage are supposed to be displaying his presentation. They remain resolutely blank. A 200-strong audience of paying conference …
Alistair Dabbs, 23 Sep 2016

'Faceless' Liberty Global has 'sucked the very soul' out of Virgin Media

Exclusive Virgin Media staff have voiced widespread discontent over its gobble by Liberty Global, with one describing their new corporate daddy as "faceless change drivers with no concern for the Virgin values," according to a Q&A with senior management this week seen by The Register. The questions, which were part of the company's …
Kat Hall, 23 Sep 2016
Data breach

Mobile review website MoDaCo coughs to data breach

Smartphone news and reviews site MoDaCo has admitted to a data breach. MoDaCo founder, Paul O’Brien confirmed a security leak (first reported by haveibeenpawned), while playing down its significance. Email and IP addresses together with (hashed) passwords and usernames for up to 875,000 MoDaCo accounts were dumped online. …
John Leyden, 20 Sep 2016

Brocade broadcasts financial success. Well, if you call an 89% profit drop 'success'

Helped by two months of Ruckus Wireless ownership, Brocade's revenues for the third quarter of fiscal year 2016 were up seven per cent annually to $591m, a 13 per cent quarter-on-quarter increase. The company posted profits of a paltry $10.5m, 89 per cent down on the year-ago quarter's $91.7m, and 23.3 per cent less than the …
Chris Mellor, 26 Aug 2016
FACEPALM

Google broke its own cloud by doing two updates at once

Google has explained an August 11th brownout on its cloud as, yet again, a self-inflicted wound. At the time of the incident Google said App Engine APIs were unavailable for a time. It's now saying the almost-two-hour incident meant “18% of applications hosted in the US-CENTRAL region experienced error rates between 10% and …
Simon Sharwood, 24 Aug 2016

Software exploits overrated - it's the humans you need to be watching

Video Weak passwords and phishing offer far easier mechanisms for breaking into most organizations than exploiting software vulnerabilities. A study by US cybersecurity firm Praetorian based on 100 penetration tests and 450 real-world attacks discovered that stolen credentials offer the best way into enterprise networks. Software …
John Leyden, 22 Aug 2016

How Brussels works: if you can’t beat them, join rewrite an EU directive

Analysis The biggest European telcos are poised to use Brussels to enact their revenge on American internet platforms, and on OTT providers like WhatsApp, the Eurocrats’ house journal The Financial Times claims. This isn’t exactly news, as a “sop to telcos” was exactly how we described what to expect last year, after we were leaked a …
Andrew Orlowski, 16 Aug 2016

Baffled Scots cops call in priest to deal with unruly spirits

Scottish Police have been forced to turn to the Catholic Church after a family in South Lanarkshire were apparently subjected to a campaign of terror by a Chihuahua-levitating poltergeist. According to the Scottish Daily Record, police attended a house in Rutherglen, South Lanarkshire on August 8 and 9, following reports of …
Joe Fay, 15 Aug 2016
Linux hacking team

Linux security backfires: Flaw lets hackers inject malware into downloads, disrupt Tor users, etc

Analysis A flaw in the Linux kernel lets hackers inject malware into downloads and webpages, smash Tor connections, launch denial-of-service attacks, and more. This is a troubling security headache because Linux is used widely across the internet, from web servers to Android smartphones, tablets and smart TVs. The TCP/IP networking …
Iain Thomson, 10 Aug 2016
airplane just kidding shot

BT internet outage was our fault, says Equinix

Telecity data center owner Equinix has 'fessed up to a "brief outage" that knocked 10 per cent of BT internet subscribers offline in the UK as well as a number of other providers on the morning of 20 July. A spokesman from the group, which slurped up Telecity for £2.3bn in 2015, confirmed that the outage occurred at Equinix's …
Kat Hall, 20 Jul 2016
Angry businesswoman shouting on phone in office. Image via Shutterstock

Using Comcast biz phones? Hope you liked your afternoon off

Comcast says it is still investigating the cause of outages that killed its business phone service in the US on Tuesday. Reports of problems with the phone service began around midday, and the American telecom giant said that as of approximately 2:30pm Pacific time it was still trying to figure out why those on its small …
Shaun Nichols, 12 Jul 2016
his low-angle self-portrait of NASA's Curiosity Mars rover shows the vehicle at the site from which it reached down to drill into a rock target called "Buckskin." The MAHLI camera on Curiosity's robotic arm took multiple images on Aug. 5, 2015, that were stitched together into this selfie. Credit: NASA/JPL-Caltech/MSSS

A little image magic gets Curiosity's wheels turning again

The Curiosity Rover is not about to become a nuclear waste dump on Mars as the trundling science lab has become mobile again after a glitch put it in safe mode last week. The root cause of the bug is a little mysterious, but NASA reckons an image transfer mode brought about the glitch, so the agency will avoid using that mode …
Power outage

4-day Fasthosts outage: Customers' sites go TITSUP

Hosting provider Fasthosts has been hit with an outage lasting four days, which has knocked some customers' sites offline due a number of its cloudy services being out of action. According to the Gloucester-based provider's service update page: "Over the weekend one of our platform specialists, in conjunction with Dell and …
Kat Hall, 11 Jul 2016
Cartoon - Private SNAFU

Telstra's business network in six-hour collapse

Telstra is red-faced yet again, after suffering a long outage centred in Victoria. The TITSUP (Total Inability To Support Usual Performance) began around 2pm on June 30, and it was six hours before Telstra reported services back online. On the way, the outage forced airline Jetstar to manually process passengers at …
NBC suit worker image via Shutterstock

You know how that data breach happened? Three words: eBay, hard drives

Users are unwittingly selling sensitive and unencrypted data alongside their devices through the likes of eBay and Craigslist. Secure data erasure firm Blancco Technology Group (BTG) purchased 200 second-hand hard disk drives and solid state drives before conducting a forensic analysis to find out what data was recoverable. …
John Leyden, 28 Jun 2016
Doctors run to save patient. Photo by Shutterstock

NHS e-prescription problems persist after Cegedim fixes fault

The issues affecting the NHS electronic prescription service (EPS) which began on Monday 6 June have still not been fully resolved, despite supplier Cegedim anticipating they would be “completed over the weekend.” While new prescriptions are being processed through Cegedim at the moment, those issued during the fault have got …
Hacker cons. Image: Darren Pauli

The rise and rise of Australia's community hacking conferences

Special report In Australia and New Zealand, hackers are doing it for themselves by creating vibrant security conferences that run on their own terms and actively avoid the corporate-speak and fear-mongering that characterises so many vendor-led events. These conferences, or "cons", are booming and showcase security skills that rival the …
Darren Pauli, 06 Jun 2016
Oh no, photo via Shutterstock

You deleted the customer. What now? Human error - deal with it

Blog Everyone I speak to about system security seems to panic about malware, cloud failure system crashes and bad patches. But the biggest threat isn’t good or bad code, or systems that may or may not fail. It’s people. What we call Liveware errors range from the mundane to the catastrophic and they happen all the time at all levels …
Stuart Burns, 30 May 2016

Your pointy-haired boss 'bought a cloud' with his credit card. Now what?

Sysadmin blog Shadow IT strikes fear into the hearts of many businesses. Unfortunately, most businesses fear shadow IT for all the wrong reasons. It is easy to have a discussion about Shadow IT with different areas of the business by talking about risks that affect them directly. Legal can be made afraid by bringing forth the bogeymen of …
Trevor Pott, 04 Apr 2016
SAP Match Insights

Some old SAP systems have default kernel user accounts. Guess what happened next?

Security researchers were able to access default SAP accounts on enterprise systems worldwide by using default passwords. The security snafu meant that SAP systems worldwide were potentially vulnerable to data theft, business process disruption and fraud, specialist security outfit ERP-SEC warned. Joris van de Vis, researcher …
John Leyden, 29 Mar 2016
Bread/pretzels in the shape of zeros tumble out of a paper packet. photo via sHutterstock

Zero-day vulnerability count up by, er, zero in 2015

The number of zero-day vulnerabilities last year was the same as in 2014, according to a new study by vulnerability management outfit Secunia. Last year Secunia Research at Flexera Software recorded a total of 16,081 vulnerabilities in 2,484 products from 263 vendors. The big majority (84 per cent) of vulnerabilities in all …
John Leyden, 21 Mar 2016

DDoS protection biz Incapsula knackers its customers' websites

Glitches at distributed denial-of-service mitigation biz Incapsula left the websites it defends offline twice on Thursday. Incapsula blamed "connectivity issues" for the global PITSTOP, aka the worldwide degradation of its services. "A rare case triggered an issue on the Incapsula service and caused two system-wide errors at …
John Leyden, 10 Mar 2016

Google cloud wobbles as workers patch wrong routers

Add another SNAFU to the long list of Google cloud wobbles caused by human error: this time The Alphabet subsidiary decided to patch the wrong routers. The wobble wasn't a big one: it lasted just 46 minutes and only hit Google Compute Engine Instances in the us-central1-f zone. Of course it wasn't minor if yours was one of the …
Simon Sharwood, 01 Mar 2016

Patient monitors altered, drug dispensary popped in colossal hospital hack

Security researchers have exploited notoriously porous hospital networks to gain access to, and tamper with, critical medical equipment in attacks they say could put lives in danger. In tests, hospital hackers from the Independent Security Evaluators research team popped patient monitors, making them display false readings …
Darren Pauli, 25 Feb 2016
wham_bang by Roy Lichtenstein

Israeli military techies cook up security alerts software

Lessons from building the threat intelligence platform for the Israeli Defence Force form the technical foundations of a new security startup called Siemplify. Siemplify’s tech is designed to contextualise threat alerts from the disparate array of security technologies on enterprise networks (anti-malware, intrusion detection …
John Leyden, 18 Feb 2016

Dragons and butterflies: The chaos of other people's clouds

Cloud computing was meant to solve the reliability problem, but in practice, it still has a long way to go. Is that an endemic problem with the complexity of cloud computing, or a problem with the way people use it? Cloud infrastructures are meant to be resilient, because they tend to use lots of cheap servers and scale out. …
Danny Bradbury, 05 Feb 2016
LG G3 Android smartphone

Built-in LG smartphone app created data hack risk

Security researchers have uncovered a major vulnerability in LG G3 Android devices. The personal data on millions of LG smartphones was potentially open to theft as a result of the so-called SNAP bug. "SNAP" allows an attacker to run arbitrary JavaScript code on the vulnerable LG devices, according to security researchers …
John Leyden, 28 Jan 2016
Asda Recycling Site, Belvedere On Crabtree Manorway North. Copyright David Anstiss and licensed for reuse under this CC 2.0

Shop online at Asda? Website vuln created account hijack risk

Updated Retailer Asda dragged its heels for nearly two years before finally this week tackling a set of security vulnerabilities reported to it by a UK consultant. Asda has acknowledged the flaws - which Paul Moore, who discovered them, argues offer up an account hijack risk - but played down their significance. Moore told El Reg …
John Leyden, 19 Jan 2016
Lumia 950 XL

Microsoft Lumia 950 and 950XL: Clear thoughts of Continuum with a snazzy camera

Review There’s only one reason you might want to buy either of the new flagship Microsoft Lumias. Straight off the bat, we can tell you it's not the party trick Continuum, where your phone doubles up as an ARM-based PC to run Microsoft Office. Nor is that reason Windows 10 – which is still buggy, bereft of significant new benefits …
Andrew Orlowski, 08 Dec 2015
Bookshelf in the British Library basement

Whisper this, but Java deserialisation vulnerability affects more libraries

A Java deserialisation vulnerability may affect as many as 40 more software libraries than first feared, research has revealed this week. The deserialisation bug in Apache Commons Collections affects popular distributed software such as WebSphere and JBoss, FoxGlove Security advised last month. But new research by security- …
John Leyden, 07 Dec 2015
microsoft nutella

Part of the world's IT brought down by Azure Active Directory issue

Alas, poor Redmond has acknowledged the Azure Active Directory is "having issues" alongside the disappearance of its Office 365 service in the UK and Europe. Microsoft's Office 365 service went down earlier this morning, and Microsoft has now copped to an issue affecting Azure Active Directory. Azure's status page reveals: …
Tesla's big saloon out-performs sports cars

Tesla recalls every single Model S car in seatbelt safety probe

If you are fortunate (and rich) enough to own a Tesla Model S, then you'll have to take it in for a checkup, as the automaker has recalled all 90,000 cars because of a problem with the seatbelts. The recall comes after a single complaint from a European Tesla owner, who turned to speak to a back-seat passenger and found their …
Iain Thomson, 20 Nov 2015

Further confusion at TalkTalk claims it was hit by 'sequential attack'

TalkTalk is continuing to confuse experts with its latest assessment of the root cause of a high profile breach on its systems last week, which may have exposed the bank details including bank information of up to four million customers. The under-fire telco is saying that it has become the victim of a “sequential attack” when …
John Leyden, 26 Oct 2015
Sign outside the National Security Agency HQ

Let's talk about that NSA Diffie-Hellman crack

Even before the leaks by former NSA sysadmin Edward Snowden, rumours had circulated for years that the agency could decrypt a significant fraction of encrypted internet traffic. Now security researchers, who published a paper on their theory in May, have come forward with a detailed and credible theory on the technical …
John Leyden, 19 Oct 2015

Smartmobe brain maker Qualcomm teases 64-bit ARM server chip secrets

Qualcomm, the maker of processors for Nexus smartphones and other mobes and tablets, has revealed early specifications for its upcoming server chips. The California company is best known for designing the brains in handheld devices, networking kit, and other embedded gear. Now, in the past few minutes, it's unveiled a pre- …
Chris Williams, 08 Oct 2015

C For Hell: Data centre meltdown for irate customers as C4L GOES TITSUP

Updated C4L has been battling a major outage for the best part of a day and customers are becoming increasingly angry about the lengthy downtime. The Bournemouth-based colocation and cloud provider, which switched its network over to Juniper kit in October last year, said it was working with the vendor to resolve the outage. C4L said …
Kelly Fiveash, 25 Aug 2015