Category: DoublePulsar – Medium

In July, CrowdStrike caused a global IT outage, which I wrote about here: What I learned from the ‘Microsoft global IT outage’ A website called clownstrike.lol popped up, which displays a clown with some clown music: clownstrike.lol homepge CrowdStrike used CSC to…

Read more →

Back in early June 2023, I tracked a botnet DDoS’ing Microsoft, causing serious network outages in Azure and Microsoft 365 for days. I toot’d about it at the time: At the time, Microsoft didn’t disclose what happened or comment. Eventually, Associated Press…

Read more →

Back in early June 2023, I tracked a botnet DDoS’ing Microsoft, causing serious network outages in Azure and Microsoft 365 for days. I toot’d about it at the time: At the time, Microsoft didn’t disclose what happened or comment. Eventually, Associated Press…

Read more →

I woke up Friday to discover CrowdStrike — a cybersecurity vendor who aims to protect orgs from cyber attacks such as availability outages — created the largest IT outage ever, by pushing out a duff product update globally and breaking just under 9 million…

Read more →

I woke up Friday to discover CrowdStrike — a cybersecurity vendor who aims to protect orgs from cyber attacks such as availability outages — created the largest IT outage ever, by pushing out a duff product update globally and breaking just under 9 million…

Read more →

Cloud AI Data platform Snowflake are having a bad month. Due to teenager threat actors and cybersecurity of its own customers… and its own cybersecurity, too, in terms of optics. There are several large data breaches playing out in the media…

Read more →

Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster. I wrote a piece recently about Copilot+ Recall, a new Microsoft Windows 11 feature which — in the…

Read more →

Yesterday, Microsoft CEO Satya Nadella sat down with the media to introduce a new feature called Recall, as part of their Copilot+ PCs. It takes screenshots of what you’re doing on constantly, by design: https://medium.com/media/d4abba4451fecf39939e7aee53697784/href The idea is it allows you…

Read more →

Recently, Microsoft had quite frankly a kicking from the US Department of Homeland Security over their security practices in a Cyber Safety Review Board report. I’ve tried to keep as quiet as possible about this one for various reasons (and…

Read more →

Recently, Microsoft had a quite frankly a kicking from the US Department of Homeland Security over their security practices in a Cyber Safety Review Board report. I’ve tried to keep as quiet as possible about this one for various reasons…

Read more →

This is a weird one. Customers of Delinea Secret Server Cloud had a mysterious outage on Friday due to a “security incident” – this was visible on a service status page: https://medium.com/media/624e5e85022f659c8407983a4c7fdb36/href Delinea Secret Server – also known as Thycotic Secret…

Read more →

Inside the failed attempt to backdoor SSH globally — that got caught by chance A few days ago, a toot on Mastodon from Andres, a Postgres developer, caught my attention: https://mastodon.social/@AndresFreundTec/112180083704606941 Wait, what?! What happened here is now well documented elsewhere, so I…

Read more →

Inside the failed attempt to backdoor SSH globally — that got caught by chance A few days, a toot on Mastodon from Andres, a Postgre developer, caught my attention: https://mastodon.social/@AndresFreundTec/112180083704606941 Wait, what?! What happened here is now well documented elsewhere, so I shall…

Read more →

How 50% of telco Orange Spain’s traffic got hijacked^H^H^H^H^H^Hnull routed — a weak password So here’s a funny story. Earlier today, I noticed Orange Spain had an outage, caused by what appeared to be a BGP hijack: https://medium.com/media/86149308c6838a9cbb08d6b650510bf2/href This manifested to Orange Spain users as…

Read more →

How 50% of telco Orange Spain’s traffic got hijacked — a weak password So here’s a funny story. Earlier today, I noticed Orange Spain had an outage, caused by what appeared to be a BGP hijack: https://medium.com/media/86149308c6838a9cbb08d6b650510bf2/href This manifested to Orange Spain users as service…

Read more →

Photo by Nazrin Babashova on Unsplash Cyber Toufan goes Oprah mode, with free Linux system wipes of over 100 organisations For the past 6 or so weeks, I’ve been tracking Cyber Toufan on Telegram. They appeared in November, and they’ve been…

Read more →

I monitor (in an amateur, clueless way) ransomware groups in my spare time, to see what intelligence can be gained from looking at victim orgs and what went wrong. Basically, I’m a giant big dork with too much free time. I’ve discovered…

Read more →

Today I noticed NoName057[16] — basically a poor man’s “Ukraine IT army” — attempting to DDoS various UK councils and transport services: They post about their exploits on Telegram, similar to those crazy Ukrainians. It’s basically Russia styled as hacktavists, with some great bear…

Read more →

What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US. How CitrixBleed vulnerablity in Netscale has become the cybersecurity challenge of 2023. Credit union technology firm Trellance own Ongoing Operations LLC, and…

Read more →

What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US. How CitrixBleed vulnerablity in Netscale has become the cybersecurity challenge of 2023. Credit union technology firm Trellance own Ongoing Operations LLC, and…

Read more →