Delta Air Lines has filed a lawsuit against CrowdStrike in Georgia, accusing the cybersecurity company of causing a global outage in July that disrupted travel for 1.3 million passengers. The airline claims a faulty software update forced by CrowdStrike led to the mass cancellation of 7,000 flights over five days, resulting in losses exceeding $500 million.
The airline alleges that CrowdStrike’s software update caused more than 8.5 million Microsoft Windows-based systems to crash worldwide, affecting multiple industries, including banks and healthcare. Delta insists that better testing could have prevented the failure, criticising CrowdStrike for deploying the update without adequate checks. The incident prompted an investigation by the US Transportation Department.
CrowdStrike has rejected Delta’s claims, calling them ‘misinformation’ and blaming the airline’s outdated IT infrastructure for the extended disruption. It also questioned why Delta was hit harder than other airlines, implying the carrier’s slow recovery reflected deeper internal issues rather than software faults alone.
Delta has been using CrowdStrike’s products since 2022 and argues that it has invested heavily in advanced technology for its operations. In its lawsuit, Delta seeks compensation for direct financial losses, lost profits, legal fees, and damage to its reputation, maintaining that CrowdStrike should be held accountable.
The United States and Nigeria have launched the Bilateral Liaison Group on Illicit Finance and Cryptocurrencies to counter cybercrime and misuse of digital assets. Led by the US Department of Justice and Nigerian authorities, this new initiative aims to strengthen both countries’ capabilities in investigating and prosecuting cyber and crypto-related financial crimes as digital finance expands globally.
The group’s formation comes soon after the release of Tigran Gambaryan, Binance’s head of financial crime compliance, who was detained in Nigeria since February on money laundering charges. His release due to health concerns follows rising tensions, and this new collaboration may help ease strained relations as both nations work toward secure cyberspace operations.
Aligned with US goals for global cyber enforcement, this liaison group aims to streamline coordination between the two countries’ enforcement bodies. This joint effort underscores the importance of cross-border cooperation to address the unique challenges posed by digital assets in the fight against financial crime.
Four members of the REvil ransomware gang were sentenced to prison in Russia for hacking and money laundering. Artem Zayets received 4.5 years, Alexey Malozemov got 5 years, while Daniil Puzyrevsky and Ruslan Khansvyarov were sentenced to 5.5 and 6 years, respectively. Puzyrevsky, considered the leader, may face additional fines.
The St Petersburg Garrison Military Court’s decisions followed arrests of 14 individuals in early 2022, based on US tips, with authorities seizing over 426 million rubles (about $4.38 million), $600,000, and €500,000 in cash, along with cryptocurrency and luxury vehicles. The gang was linked to significant breaches at companies like JBS and Kaseya before disbanding in 2021.
REvil (Ransomware Evil) is ransomware that emerged around 2019. It is known for its sophisticated attacks and targeted operations against various organisations worldwide. It has been allegedly involved in several high-profile cases at the Colonial Pipeline in May 2021, which led to the shutdown of the largest fuel pipeline in the US, causing fuel shortages and panic buying. The company paid approximately $4.4 million in ransom.
Linux creator Linus Torvalds has expressed support for removing several Russian maintainers from the Linux kernel project. This decision, announced by prominent developer Greg Kroah-Hartman, has sparked debate within the Linux community. The removals affect 11 Russian developers, largely due to compliance with new sanctions, though specific details of the removals still need to be fully clarified.
Responding to the concerns, Torvalds stated, “If you haven’t heard of Russian sanctions yet, you should try reading the news sometime,” emphasising that the changes will not be reversed.
The Linux kernel, the operating system’s core, is managed by maintainers who oversee code submissions and updates. Kroah-Hartman noted that those removed may return if they provide documentation proving independence from sanctioned entities, especially organisations associated with the Russian government.
This action has stirred reactions among developers, with some accusing the decision-makers of acting contrary to Linux’s open-source principles. Others warned that the decision could lead to future uncertainties about the participation of maintainers in sanctioned regions.
Responding to criticism, Torvalds dismissed the objections as originating from “Russian troll factories” and reaffirmed his stance, citing his opposition to Russian aggression. The move follows broader trends in the tech industry, where major US companies, like Docker Hub and GitHub, have imposed restrictions on Russian users, reflecting the impact of international sanctions on open-source software projects.
President Biden signed a landmark national security memorandum to strengthen how AI is employed across defence and intelligence operations. The directive outlines strict protections on AI use, preventing autonomous systems from making high-stakes decisions like nuclear launches and immigration rulings. Jake Sullivan, the national security adviser, highlighted the need for the US to maintain its competitive edge in AI to safeguard national security.
‘Few technologies will be as critical to our future security as AI,’ Sullivan said at the National Defense University in Washington. He underscored the administration’s aim to roll out AI protections faster than other global powers and underscored a balance between open market competition and secure innovation.
The memorandum also directs federal agencies to bolster the security and diversity of chip supply chains and prioritise gathering intelligence on foreign AI operations targeting the US sector. These insights will support AI developers in protecting their products from adversarial threats.
However, with many recommendations set to take effect post-2025, it’s uncertain if the next administration will uphold these regulations. Experts emphasise that while AI is kept out of nuclear launch decisions, it still influences the data presidents receive, raising questions about reliance on AI for critical decision-making.
In the meantime, the administration will convene a global safety summit in San Francisco next month to address AI risks and foster international cooperation. This move adds to Biden’s executive order from last year, which aimed to limit AI’s risks to consumers, workers, and minority groups.
Chinese hackers infiltrated Verizon’s phone systems to target devices used by individuals connected to Kamala Harris’s campaign, according to a source. Reports also indicated attempts to breach phones linked to Donald Trump and JD Vance, although Reuters could not confirm this.
Investigators are working to establish whether any communications from Trump or Vance were compromised. While the Trump campaign did not verify the targeting, it acknowledged the issue and criticised Harris, claiming her leadership emboldened cyberattacks from China and Iran.
The Chinese embassy in Washington denied involvement, asserting that China does not interfere in US elections and opposes cyberattacks in any form. The Harris campaign did not provide an immediate response to requests for comment.
The FBI and the US Cybersecurity and Infrastructure Security Agency are currently investigating the incident. Verizon confirmed it was aware of a sophisticated cyberattack aimed at US telecommunications and said it is cooperating with law enforcement.
The Hong Kong government has banned most civil servants from using widely used apps, including WhatsApp, WeChat, and Google Drive, on work computers to reduce security risks. The Digital Policy Office’s updated IT security guidelines allow government workers to access these services on personal devices at work, and managers can grant exceptions to the ban if required.
Experts in cybersecurity agree with the policy, pointing to similar restrictions in other governments, including the United States and China, amid increasing concerns over data leaks and hacking threats. Sun Dong, Secretary for Innovation, Technology and Industry, noted that stricter controls were essential given the growing complexity of cybersecurity challenges.
The ban is intended to minimise potential breaches by preventing malware from bypassing security measures through encrypted messages, according to Francis Fong, the honorary president of the Hong Kong Information Technology Federation. Anthony Lai, director of VX Research Limited, called the decision prudent, citing low cybersecurity awareness among some staff and limited monitoring of internal systems.
Data breaches have previously compromised tens of thousands of Hong Kong citizens’ personal information, raising public concern about government cybersecurity protocols. The updated guidelines aim to address these vulnerabilities while increasing overall data security.
Apple is raising the stakes in its commitment to data security by offering up to $1M to researchers who can identify vulnerabilities in its new Private Cloud Compute service, set to debut next week. The service will support Apple’s on-device AI model, Apple Intelligence, enabling more powerful AI tasks while prioritising user privacy. The bug bounty program targets serious flaws, with the top rewards reserved for exploits that could allow remote code execution on Private Cloud Compute servers.
Apple’s updated bug bounty program also includes rewards up to $250,000 for any vulnerability that could expose sensitive customer information or user prompts processed by the private cloud. Security issues affecting sensitive user data in less critical ways can still earn researchers substantial rewards, signaling Apple’s broad commitment to protecting its users’ AI data.
With this move, Apple builds on past security initiatives, including its specialised research iPhones designed to enhance device security. The new Private Cloud Compute bug bounty is part of Apple’s approach to ensure that as its AI capabilities grow, so does its infrastructure to keep user data secure.
An Indian court has instructed insurer Star Health to assist Telegram in identifying chatbots responsible for leaking sensitive customer data through the messaging app. Star Health, the country’s largest insurer, sought the directive after a report revealed that a hacker leaked private information, including medical and tax documents, via Telegram chatbots.
Justice K Kumaresh Babu of the Madras High Court ordered Star Health to provide details on the chatbots so Telegram could delete them. Telegram’s legal representative, Thriyambak Kannan, stated that while the app can’t independently track data leaks, it will remove the chatbots if the insurer supplies specific information.
Star Health is facing a $68,000 ransom demand and has launched an investigation into the leak, which includes claims about potential involvement of its chief security officer. However, the insurer has found no evidence implicating the officer.
A cyberattack on Change, the tech unit of UnitedHealth, exposed personal information of 100 million people. The breach, reported in February, is now officially recognised as the largest healthcare data breach in US history. Hackers, identified as the ALPHV group, disrupted claims processing, impacting patients and providers nationwide.
UnitedHealth started notifying affected individuals in June, warning that the breach may have compromised member IDs, diagnoses, treatment data, social security numbers, and billing codes. The company is still investigating the full impact and working to contact those affected promptly.
The hack mirrors the scale of a 2015 breach at health insurer Anthem, which compromised nearly 79 million records. UnitedHealth’s business is forecast to take a hit of $705 million this year due to payment disruptions and customer notifications.
The US healthcare giant provided loans to help providers cope with financial strain caused by the incident. Despite ongoing recovery efforts, the breach continues to highlight the sector’s vulnerabilities to ransomware attacks.
