Articles about Root Cause

Oh no, photo via Shutterstock

You deleted the customer what, now? Human error – deal with it

Blog Everyone I speak to about system security seems to panic about malware, cloud failure system crashes and bad patches. But the biggest threat isn’t good or bad code, or systems that may or may not fail. It’s people. What we call Liveware errors range from the mundane to the catastrophic and they happen all the time at all levels …
Stuart Burns, 30 May 2016

Your pointy-haired boss 'bought a cloud' with his credit card. Now what?

Sysadmin blog Shadow IT strikes fear into the hearts of many businesses. Unfortunately, most businesses fear shadow IT for all the wrong reasons. It is easy to have a discussion about Shadow IT with different areas of the business by talking about risks that affect them directly. Legal can be made afraid by bringing forth the bogeymen of …
Trevor Pott, 04 Apr 2016
SAP Match Insights

Some old SAP systems have default kernel user accounts. Guess what happened next?

Security researchers were able to access default SAP accounts on enterprise systems worldwide by using default passwords. The security snafu meant that SAP systems worldwide were potentially vulnerable to data theft, business process disruption and fraud, specialist security outfit ERP-SEC warned. Joris van de Vis, researcher …
John Leyden, 29 Mar 2016
Bread/pretzels in the shape of zeros tumble out of a paper packet. photo via sHutterstock

Zero-day vulnerability count up by, er, zero in 2015

The number of zero-day vulnerabilities last year was the same as in 2014, according to a new study by vulnerability management outfit Secunia. Last year Secunia Research at Flexera Software recorded a total of 16,081 vulnerabilities in 2,484 products from 263 vendors. The big majority (84 per cent) of vulnerabilities in all …
John Leyden, 21 Mar 2016

DDoS protection biz Incapsula knackers its customers' websites

Glitches at distributed denial-of-service mitigation biz Incapsula left the websites it defends offline twice on Thursday. Incapsula blamed "connectivity issues" for the global PITSTOP, aka the worldwide degradation of its services. "A rare case triggered an issue on the Incapsula service and caused two system-wide errors at …
John Leyden, 10 Mar 2016

Google cloud wobbles as workers patch wrong routers

Add another SNAFU to the long list of Google cloud wobbles caused by human error: this time The Alphabet subsidiary decided to patch the wrong routers. The wobble wasn't a big one: it lasted just 46 minutes and only hit Google Compute Engine Instances in the us-central1-f zone. Of course it wasn't minor if yours was one of the …
Simon Sharwood, 01 Mar 2016

Patient monitors altered, drug dispensary popped in colossal hospital hack

Security researchers have exploited notoriously porous hospital networks to gain access to, and tamper with, critical medical equipment in attacks they say could put lives in danger. In tests, hospital hackers from the Independent Security Evaluators research team popped patient monitors, making them display false readings …
Darren Pauli, 25 Feb 2016
wham_bang by Roy Lichtenstein

Israeli military techies cook up security alerts software

Lessons from building the threat intelligence platform for the Israeli Defence Force form the technical foundations of a new security startup called Siemplify. Siemplify’s tech is designed to contextualise threat alerts from the disparate array of security technologies on enterprise networks (anti-malware, intrusion detection …
John Leyden, 18 Feb 2016

Dragons and butterflies: The chaos of other people's clouds

Cloud computing was meant to solve the reliability problem, but in practice, it still has a long way to go. Is that an endemic problem with the complexity of cloud computing, or a problem with the way people use it? Cloud infrastructures are meant to be resilient, because they tend to use lots of cheap servers and scale out. …
Danny Bradbury, 05 Feb 2016
LG G3 Android smartphone

Built-in LG smartphone app created data hack risk

Security researchers have uncovered a major vulnerability in LG G3 Android devices. The personal data on millions of LG smartphones was potentially open to theft as a result of the so-called SNAP bug. "SNAP" allows an attacker to run arbitrary JavaScript code on the vulnerable LG devices, according to security researchers …
John Leyden, 28 Jan 2016
Asda Recycling Site, Belvedere On Crabtree Manorway North. Copyright David Anstiss and licensed for reuse under this CC 2.0

Shop online at Asda? Website vuln created account hijack risk

Updated Retailer Asda dragged its heels for nearly two years before finally this week tackling a set of security vulnerabilities reported to it by a UK consultant. Asda has acknowledged the flaws - which Paul Moore, who discovered them, argues offer up an account hijack risk - but played down their significance. Moore told El Reg …
John Leyden, 19 Jan 2016
Lumia 950 XL

Microsoft Lumia 950 and 950XL: Clear thoughts of Continuum with a snazzy camera

Review There’s only one reason you might want to buy either of the new flagship Microsoft Lumias. Straight off the bat, we can tell you it's not the party trick Continuum, where your phone doubles up as an ARM-based PC to run Microsoft Office. Nor is that reason Windows 10 – which is still buggy, bereft of significant new benefits …
Andrew Orlowski, 08 Dec 2015
Bookshelf in the British Library basement

Whisper this, but Java deserialisation vulnerability affects more libraries

A Java deserialisation vulnerability may affect as many as 40 more software libraries than first feared, research has revealed this week. The deserialisation bug in Apache Commons Collections affects popular distributed software such as WebSphere and JBoss, FoxGlove Security advised last month. But new research by security- …
John Leyden, 07 Dec 2015
microsoft nutella

Part of the world's IT brought down by Azure Active Directory issue

Alas, poor Redmond has acknowledged the Azure Active Directory is "having issues" alongside the disappearance of its Office 365 service in the UK and Europe. Microsoft's Office 365 service went down earlier this morning, and Microsoft has now copped to an issue affecting Azure Active Directory. Azure's status page reveals: …
Tesla's big saloon out-performs sports cars

Tesla recalls every single Model S car in seatbelt safety probe

If you are fortunate (and rich) enough to own a Tesla Model S, then you'll have to take it in for a checkup, as the automaker has recalled all 90,000 cars because of a problem with the seatbelts. The recall comes after a single complaint from a European Tesla owner, who turned to speak to a back-seat passenger and found their …
Iain Thomson, 20 Nov 2015

Further confusion at TalkTalk claims it was hit by 'sequential attack'

TalkTalk is continuing to confuse experts with its latest assessment of the root cause of a high profile breach on its systems last week, which may have exposed the bank details including bank information of up to four million customers. The under-fire telco is saying that it has become the victim of a “sequential attack” when …
John Leyden, 26 Oct 2015
Sign outside the National Security Agency HQ

Let's talk about that NSA Diffie-Hellman crack

Even before the leaks by former NSA sysadmin Edward Snowden, rumours had circulated for years that the agency could decrypt a significant fraction of encrypted internet traffic. Now security researchers, who published a paper on their theory in May, have come forward with a detailed and credible theory on the technical …
John Leyden, 19 Oct 2015

Smartmobe brain maker Qualcomm teases 64-bit ARM server chip secrets

Qualcomm, the maker of processors for Nexus smartphones and other mobes and tablets, has revealed early specifications for its upcoming server chips. The California company is best known for designing the brains in handheld devices, networking kit, and other embedded gear. Now, in the past few minutes, it's unveiled a pre- …
Chris Williams, 08 Oct 2015

C For Hell: Data centre meltdown for irate customers as C4L GOES TITSUP

Updated C4L has been battling a major outage for the best part of a day and customers are becoming increasingly angry about the lengthy downtime. The Bournemouth-based colocation and cloud provider, which switched its network over to Juniper kit in October last year, said it was working with the vendor to resolve the outage. C4L said …
Kelly Fiveash, 25 Aug 2015

Win8 inventory glut? Yep, it's all Microsoft's fault, says HP

HP has criticised the way Microsoft rolled out the latest OS, claiming it was the root cause of an inventory pile-up of Windows 8 consumer PCs across the industry that will take time to “flush” through. Channel analyst Context recently revealed that no computers pre-installed with Windows 10 were sat with European distributors …
Paul Kunert, 21 Aug 2015
Parliament in the clouds

Cause of Parliamentary downtime on Microsoft Office 364½ revealed

A major Microsoft Office 365 outage in the Houses of Parliament that left up to 3,000 users without email was due to Microsoft failing to inform itself about a technical change, The Register can reveal. The outage occurred on 23 June and resulted in a total of 13 hours of downtime, the Parliamentary Digital Service said in …
Kat Hall, 06 Aug 2015

Crazy Chrysler security hole: USB stick fix incoming for 1.4 million cars

Fiat Chrysler's bad week just got even worse: the US National Highway Traffic Safety Administration has recalled 1.4 million of the manufacturer's cars after a dangerous software flaw was revealed just days ago. Renowned hackers Charlie Miller and Chris Valasek warned on Tuesday of a ridiculous vuln in the computer systems …
Iain Thomson, 24 Jul 2015

Congratulations! You survived the leap secondocalypse

The leap second did not break the internet, it wasn’t the second coming of the Y2K bug and nor did it challenge the world’s financial markets or make the Greek situation any worse. Neither did it kick Amazon.com, Netflix, Instagram or Pinterest offline. At most, the addition of a leap second to Universal Co-ordinated Time (UTC …
Gavin Clarke, 01 Jul 2015

Win the business services race with run-book automation

Bringing a more service-based culture to your IT department is a great idea, but who will manage it behind the scenes? Service-based IT is the holy grail for IT departments that want to improve their standing in the business. In the bad old days, IT was a black art, practised behind closed doors by Merlin-like figures. No …
Danny Bradbury, 26 Jun 2015
atm_teaser_648

It's OK – this was an entirely NEW type of cockup, says RBS

The NatWest and RBS IT cock-up that caused 600,000 transactions to go missing this week was entirely unrelated to the 2012 mega IT cock-up, the bank has said in an not-too-reassuring update. In a webcast about the Royal Bank of Scotland's IT strategy today, Simon McNamara, chief administrative officer, said: "It is different to …
Kat Hall, 18 Jun 2015
4 arrows signs in arrow on wooden wall

ISP Level 3 goes TITSUP after giganto traffic routing blunder

ISP Level 3's customers have been left without internet access since this morning, after the provider seems to have leaked routes to a Tier 1 transit provider in Malaysia. An incident report from CloudFlare said that while "the Tier 1 transit provider of the ISP leaking routes appears to have stopped accepting these …

O2 craps itself on national Blighty holiday as cabinet minister moans: 'Oi, sort it out!'

Updated O2 customers up and down the UK were left without access to the carrier's mobile service on Bank Holiday Monday, after its network buckled for five hours yesterday evening. Even former Minster of Fun Sajid Javid – who is now Business Secretary under the new Tory government – griped about O2's pisspoor service. He tweeted: No …
Kelly Fiveash, 26 May 2015
Venomous snake

VENOM virtual vuln proves less poisonous than first feared

Analysis A newly discovered vulnerability in many popular virtual machine platforms is serious, but nowhere near as bad as last year’s Heartbleed vulnerability, according to security experts. Dubbed VENOM (Virtualized Environment Neglected Operations Manipulation), the zero-day flaw takes advantage of the “virtual floppy disk controller …
John Leyden, 14 May 2015
Umbrellas

Oh, hey, look – it's the hardware storing all your medical records

Hitachi has whipped out a data-center outage tool, a health data storage product, and an analytics center of excellence – and put them under a social innovation umbrella. What gives? Hitachi and HDS is turning itself into a kind of amalgam of GE (General Electric) and EMC. The three new products are: Hitachi Live Insight for IT …
Chris Mellor, 29 Apr 2015

Google botches another cloud patch, this time messing up App Engine

Google's botched another cloud patch. The Chocolate Factory's cloud operations have had a tough time of things this year, suffering a network mess in February and then a brownout in early March. Over the last couple of days the company's App Engine experienced “elevated 503 errors on <1% of applications for a typical duration …
Simon Sharwood, 27 Mar 2015

Google promises proper patch preparation after new cloud outage

Google Compute Engine (GCE) users experienced a brownout over the weekend, after an incident that bears plenty of likeness to a worse outage that took down the service in February. The February FAIL came about when “The internal software system which programs GCE’s virtual network for VM egress traffic stopped issuing updated …
Simon Sharwood, 09 Mar 2015
The fashion world&rsquo;s most privileged urchin lounges in a luxury hotel in Paris, 1993. &copy; Geoff Wilkinson/RexUSA

Mandarin Oriental coughs to credit card breach

Upmarket hotel chain Mandarin Oriental has admitted to a credit card breach. Investigative journalist Brian Krebs uncovered evidence of a breach before extracting an admission of the problem from the hotel group. The root cause of the security spill – as well as the number of credit cards exposed – remains unclear, pending the …
John Leyden, 06 Mar 2015
Game of Thrones Season One Blu-ray disc set

Game of Moans: Sky coughs to BORKED set top box BALLS-UP

Sky customers have been complaining for months about a firmware update that has cocked up their set top boxes but the media giant has been slow to repair the glitch, it has been claimed. An unknown number of Sky HD boxes have been crashing, failing to record pre-set programmes or altogether disrupting the TV service. Sky has …
Kelly Fiveash, 17 Feb 2015

HELP! Windows Phone update 8.1 broke my Lumia

Updated In less-than-pleasing news for Microsoft, a massive thread of Windows Phone moans is growing on its forums. Back in September 2014, Microsoft started rolling out Windows Phone update 8.1, with significant new features including the Cortana digital assistant and Word Flow keyboard. A nice update, but not for a subset of …
Tim Anderson, 12 Feb 2015

Intel silicon photonics modules can't take the heat of the HPC kitchen

Chipzilla's first foray into silicon photonics has hit a snag, with Intel reworking its expected production runs to fix “quality issues” with its first modules. The company's 100 Gbps-and-beyond project is designed to push optical transmission right down to the system level. Using optical signals between system components like …

Lloyds supplier payments TITSUP: What, you want MONEY from a BANK?

Exclusive Lloyds Banking Group’s (LBG) failure to settle debts with some tech suppliers over the past few months has reached “crisis” point, and could have dire consequence for smaller players, sources tell us. The High Street lender recently automated its payment processing system and brought it back on-shore with the intent of speeding …
Paul Kunert, 16 Jan 2015

Demon Internet goes TITSUP: Outage borks ancient ISP

Updated Demon internet broadband users are currently unable to connect, with the company reporting a complete outage of its services. The internet provider first reported problems at 08:43 this morning. According to Demon, engineers have localised the issue and further engineers have been despatched to a network site. "Our focus …
Kat Hall, 15 Jan 2015

Rackspace restored after DDOS takes out DNS

Rackspace says it has recovered from a nasty distributed denial of service attack that it says may have seen “a portion of legitimate traffic to our DNS infrastructure … inadvertently blocked.” The trouble started just before lunchtime on Monday, US central time, and persisted until 11 hours later. Over on the company's Google …
Simon Sharwood, 24 Dec 2014
Adobe security

Second time's a charm: Adobe has another go at killing Flash hijack flaw

Ready to enjoy the Thanksgiving holiday? Can't wait to open your advent calendar? Not so fast – there's one more patch to install before the month is over. Adobe has posted an update for its Flash plugin, version 15.0.0.239, to address a critical remote-code-execution vulnerability. This will be the Photoshop giant's second …
Shaun Nichols, 25 Nov 2014

Holy cow! Fasthosts outage blamed on DDoS hack attack AND Windows 2003 vuln

Fasthosts' five-hour collapse today has been blamed on a Distributed Denial of Service attack and a security flaw spotted on its Windows 2003 shared web server kit. The company explained the torrid morning it had suffered in an emailed statement to The Register. Earlier today, after we reported that Fasthosts had gone titsup …
Kelly Fiveash, 17 Nov 2014
David Cameron, UK prime minister

UK PM Cameron says Internet must not 'be an ungoverned space'

UK prime minister David Cameron has called for “extremist material” to be taken offline by governments, with help from network operators. Speaking in Australia's Parliament on a trip that will also see him attend the G20 leaders' summit, Cameron spoke of Australia and Britain's long shared history, common belief in freedom and …
Simon Sharwood, 14 Nov 2014

Countless Belkin routers go TITSUP in massive mystery meltdown

Updated A large number of Belkin routers were knocked off the internet on Tuesday, owing to an as-yet-unexplained glitch. It's not known how many routers were affected, but it was a lot of them and quite possibly worldwide, all at once. Complaints began popping up on Twitter shortly after midnight Eastern time, with some customers …
Neil McAllister, 07 Oct 2014
Bug bounties

SMASH the Bash bug! Apple and Red Hat scramble for patch batches

A fresh dump of Shellshock patches were released on Friday night in the latest move to stamp out the Bash shell security vuln that has the potential to blight millions of Linux, Unix and Mac OS X machines. Red Hat said in a blog post that the threat from Shellshock was receding now that patches had been issued for most operating …
Team Register, 28 Sep 2014
Targeted Spam

Mushy spam law's IDEAL for toothless watchdog: Spamhaus slams CAN-SPAM

Antispam organisation Spamhaus has reacted phlegmatically to a recent survey that one in 10 of the world’s largest online retailers are still violating the CAN-SPAM Act, a full 10 years after the US anti-spam legislation went into effect. Richard Cox, CIO of The Spamhaus Project, suggested the Online Trust Alliance (OTA)'s …
John Leyden, 22 Sep 2014
putin topless

Work in the tech industry? The Ukraine WAR is coming to YOU

Anyone in tech who thinks that the conflict in Ukraine - which has been smoldering since the end of 2013 - is not their business should think again. At the weekend Russia was given one week by European Union chiefs to reverse course in the Ukraine or face new sanctions. Russia has been accused of interfering in Ukraine, …
Gavin Clarke, 04 Sep 2014
IT Crowd. Source: Channel 4 / 2entertain

Gamma's not a goner! UK ISP sorts out major outage

British ISP Gamma Partners is blaming BT for a 13-hour break in its data and communications services but says the problem has now been fixed. We have now restored service to all our users. Root cause investigations continue and a further update will be issued tomorrrow — Gamma Support (@GammaSvcSupport) August 28, 2014 The …
Iain Thomson, 29 Aug 2014

Visual Studio Online goes titsup as Microsoft wrestles with database

Updated Microsoft's Visual Studio Online services for software developers are in the midst of a total outage that has lasted for more than four hours. The Redmond giant has blamed a database snafu. The services, which were launched in November 2013 to coincide with general availability of Visual Studio 2013, are hosted on Redmond's …
Neil McAllister, 14 Aug 2014

Dimension Data cloud goes TITSUP down under... after EMC storage fail

UPDATE Dimension Data's Australian cloud has been down for over 24 hours after EMC kit failed. The outage is detailed on this status page recording problems with the company's “AU 1” region dating back to the morning of July 2nd. Dimension Data company says the service has since come back in “a degraded state” and that “Services are …
Simon Sharwood, 04 Jul 2014
A boat full of Fail

Vodafone AU frees data to atone for outage

Vodafone Australia has blamed yesterday's network outage on "transmission network failure" that hit its Western Australian operations. Whatever the reason for the failure, the carrier says its attempts to fix it foundered as "problems occurred which had an impact on the network nationally" manifested. The rest you know if you' …
Simon Sharwood, 20 Jun 2014

Adobe blames 'maintenance failure' for 27-hour outage

Adobe has blamed a maintenance failure for the 27-hour outage in its Creative Cloud suite that left video and photo editors unable to log into online services. “The failure happened during database maintenance activity and affected services that require users to log in with an Adobe ID,” Adobe said in a blog post apologising …