day of the dalek writes:

NOAA has issued a rare G4 watch for a severe geomagnetic storm that is expected on October 10 and 11. G4 refers to NOAA's scale for the intensity of geomagnetic storms, which ranges from G1 to G5. Prior to the geomagnetic storm in May of this year that reached G5 intensity, the last G4 watch was issued in January of 2005.

This watch was issued for a coronal mass ejection (CME) that occurred around 03 UTC on October 9 and is expected to reach Earth around 12-15 UTC on October 10. An article from the Washington Post states that the speed of the CME, around 2.5 million miles per hour, is the fastest that a CME has been ejected toward Earth during the current solar cycle. From my very limited understanding of space weather, it seems that faster CMEs generate higher ram pressures against Earth's magnetosphere and can result in more severe geomagnetic storms. The x-ray brightness of solar flares gets a lot of attention, and this was an X-class flare (the highest level on the classification scale), this was an X1.8 flare whereas flares have been observed at least up to X28. The high speed of the CME, however, seems to be a factor in the potential for a severe geomagnetic storm.

One of the main questions that we can't answer until the CME gets to within about a million miles of Earth is the orientation of its magnetic field. If the CME's magnetic field is aligned in the same direction as Earth's, it will produce a less severe geomagnetic storm than if it's aligned in the opposite direction. An excellent resource for data about space weather and this CME is NOAA's space weather enthusiasts dashboard. There's a lot of data on that page that is useful if you're concerned about the possibility of viewing auroras or potential disruptions to the power grid, so hopefully some of the comments can explain a bit more about what it means. I don't know a whole lot about space weather, but I'll try to offer a cursory explanation of what I believe some of it means.

The solar visible light shows where sunspots are currently observed, whereas the LASCO C3 images are observed from satellites can be used to see CMEs when they occur. A CME will appear like an explosion outward from the sun's corona. The data is input into a model called WSA-ENLIL, which predicts the density and radial velocity (outward from the sun) of solar wind plasma. A higher plasma density or a faster radial velocity should result in a stronger geomagnetic storm. This is also useful for estimating when a CME will reach Earth. I believe the GOES magnetometer data is used to measure how much the Earth's magnetic field is compressed or stretched and can identify the onset of geomagnetic storms. The ACE MAG and SWEPAM data are satellite-derived measurements of the solar wind. In addition to showing the plasma speed, temperature, and density, the Bz and Phi variables show the orientation of the magnetic field in the solar wind. If Bz is positive, it's a northward-oriented magnetic field. However, a negative Bz indicates a southward-oriented magnetic field, the opposite direction of Earth's magnetic field, and this can result in more severe geomagnetic storms. Basically, a strongly negative Bz around -10 or even -20 would be more favorable for a strong geomagnetic storm. The aurora forecast is a short-term forecast (~30 minutes to an hour) of the probability of auroral activity over a location, though auroras may be visible near the horizon in areas equatorward of what the forecast shows.

There's a lot of data on NOAA's space weather dashboard that can be useful for anyone hoping to see the auroras. My understanding of space weather is very limited, so if anyone else has a better understanding of what the data means, please share the information in the comments. Although a G4 or even a G5 geomagnetic storm is possible, but there's still a lot of uncertainty until the CME gets very close to Earth.

Original Submission

Arthur T Knackerbracket has processed the following story:

Microsoft's Patch Tuesday for August 2024 includes a fix for a security vulnerability in the Grub2 boot loader, which is used by many Linux operating systems. Tracked as CVE-2022-2601, this flaw, discovered in 2022, could lead to an out-of-bounds write with a potential bypass of Secure Boot protection.

The Grub2 boot loader provides compatibility with the Secure Boot technology on PCs running Linux systems. After installing the new patch, Windows applies a Secure Boot Advanced Targeting (SBAT) policy to block vulnerable Linux boot loaders that could compromise OS security.

Microsoft explained that the SBAT value would not be applied to dual-boot systems with both Windows and Linux on the boot drive, so the patch was expected not to impact these systems. However, many users with dual-boot configurations have reported that the CVE-2022-2601 update still rendered booting into a Linux OS impossible.

The issue appears to affect various Linux distributions, including popular ones such as Ubuntu, Linux Mint, Zorin OS, Puppy Linux, and others. Affected systems typically display a "Security Policy Violation" error at boot, indicating a failed check on "shim SBAT data." Boot problems have been reported on both dual-boot systems and on Windows devices running Linux from an ISO image, USB drive, or optical media.

Microsoft's bulletin noted that only older Linux distros' ISOs were expected to experience boot issues following the CVE-2022-2601 patch. However, users with systems released in 2024 also seem to be affected. The only reliable way to restore a bootable state appears to be disabling Secure Boot entirely. Alternatively, users can follow the steps to remove the SBAT policy introduced by Microsoft this past week.

Original Submission

Breaking: CrowdStrike code update bricking Windows machines around the world

c0lo writes:

Announcement

UPDATED An update to a product from infosec vendor CrowdStrike is bricking computers running Windows.

The Register has found numerous accounts of Windows 10 PCs crashing, displaying the Blue Screen of Death, then being unable to reboot.

"We're seeing BSOD Org wide that are being caused by csagent.sys, and it's taking down critical services. I'll open a ticket, but this is a big deal," wrote one user.

Forums report that Crowdstrike has issued an advisory with a URL that includes the text "Tech-Alert-Windows-crashes-related-to-Falcon-Sensor-2024-07-19" – but it's behind a regwall that only customers can access.

An apparent screenshot of that article reads "CrowdStrike is aware of reports of crashes on Windows hosts related to the Falcon Sensor. Symptoms include hosts experiencing a bugcheck\blue screen error related to the Falcon Sensor."

CrowdStrike's engineers are working on the issue.

Falcon Sensor is an agent that CrowdStrike claims "blocks attacks on your systems while capturing and recording activity as it happens to detect threats fast."

Right now, however, the sensor appears to be the threat.

This is a developing story and The Register will update it as new info comes to hand. ®

Updated at 0730 UTC to add Brody Nisbet, CrowdStrike's chief threat hunter, has confirmed the issue and on X posted the following:

There is a faulty channel file, so not quite an update. There is a workaround... 1. Boot Windows into Safe Mode or WRE. 2. Go to C:\Windows\System32\drivers\CrowdStrike 3. Locate and delete file matching "C-00000291*.sys" 4. Boot normally.

In a later post he wrote "That workaround won't help everyone though and I've no further actionable help to provide at the minute".
More to come as the situation evolves ...

In Australia, CrowdStrike IT outage hits airports, banks, supermarkets as emergency committee meets

A major network outage has affected several Australian institutions and businesses, including multiple airports, the Commonwealth Bank, Optus, Australia Post and Woolworths.

Original Submission #1  Original Submission #2 

Major Global IT Outage Grounds Planes and Blocks Media Worldwide

upstart writes:

Airports and other key infrastructure sites around the world have reported disruptions amid problems with communications:

Disruption to air traffic control systems is being reported around the world. Preliminary reports say a computer glitch may be causing the problem. Issues have arisen in the US, Spain, Germany, Australia, and elsewhere, with authorities forced to cancel takeoffs and landings due to safety concerns.

The outage was first reported about midnight CET on Thursday night/Friday.

The failure may have been caused by a software update that locks Microsoft operating systems and is reportedly not restricted to airlines. Some banks, emergency services, broadcasters, and financial institutions are also said to have been affected.

Computers using Windows 10 OS are reportedly crashing and showing "the blue screen of death" (BSOD) after an update for a security product provided by the firm CrowdStrike. The company is reportedly working on resolving the issue.

Brody Nisbet, CrowdStrike's chief threat hunter, has offered a workaround to deal with what he called a "faulty channel file" related to the Falcon Sensor cybersecurity app.

See also:

• Crowdstrike and Microsoft: What we know about global IT outage
• RT

Julian Assange has been released from a British prison and is expected to plead guilty to violating US espionage law, in a deal that would allow him to return home to his native Australia.

Assange, 52, agreed to plead guilty to a single criminal count of conspiring to obtain and disclose classified US national defence documents, according to filings in the US district court for the Northern Mariana Islands.

Wikileaks posted on social media a video of its founder boarding a flight at London's Stansted airport on Monday evening and Australian prime minister Anthony Albanese confirmed he had left the UK.

https://www.theguardian.com/media/article/2024/jun/25/julian-assange-may-be-on-his-way-to-freedom-but-this-is-not-a-clear-victory-for-freedom-of-the-press

The release from a UK prison of Julian Assange is a victory for him and his many supporters around the world, but not necessarily a clear win for the principle underlying his defence, the freedom of the press.

The charges Assange is anticipated to plead guilty to as part of a US deal, and for which he will be sentenced to time served, are drawn from the 1917 Espionage Act, for "conspiring to unlawfully obtain and disseminate classified information related to the national defense of the United States".

So although the WikiLeaks founder is expected to walk free from the US district court in Saipan after Wednesday's hearing, the Espionage Act will still hang over the heads of journalists reporting on national security issues, not just in the US. Assange himself is an Australian, not a US citizen.

Live: Father of Julian Assange hints at son's return to Australia after prison release - ABC News:

Nothing is certain until it happens and there's a lot we still don't know about how Julian Assange's case will proceed.

A lot of our understanding at this stage is coming from the court documents, which state that he'll appear before a judge in Saipan at 9am local time tomorrow.

An email from the Department of Justice (DOJ) to the judge in the Northern Mariana Islands states that Assange is expected to plead guilty to one count of conspiracy to obtain and disclose national defence information, and that he'll be sentenced for that offence.

American media outlets are reporting that the plea deal would need to be approved by the judge, and WikiLeaks has described the agreement as having "not yet been formally finalised."

But Assange's departure from the UK is a massive development in the case, and the court document says the DOJ expects he'll return to Australia "at the conclusion of the proceedings".

DannyB writes:

Massive explosion rocks SpaceX Texas facility, Starship engine in flames

Elon Musk had recently announced that Starship's fourth flight test could be just days away.

[...] SpaceX has yet to provide an update on the explosion, which took place at its Boca Chica Starbase facilities in southern Texas. The footage shows SpaceX's engine test pad going up in flame.

The footage started a little after 4:12 pm local time. Roughly 14 seconds after ignition, the Raptor engine shut off. As the vapor surrounding the test tower dissipated, a fire appeared to start underneath the engine. These flames traveled upwards, causing a second explosion to engulf the entire tower.

In a tweet accompanying a clip from the footage, NASASpaceflight wrote, "The raptor testing stand at McGregor experienced an anomaly a few moments ago. The vapors from the anomaly caused a secondary explosion on the test stand."

A short video is here.

Original Submission

An Anonymous Coward writes:

xz-utils are compromised and inject malicious code

= Debian:

https://lists.debian.org/debian-security-announce/2024/msg00057.html
https://security-tracker.debian.org/tracker/CVE-2024-3094

Debian Security Advisory DSA-5649-1
[SECURITY] [DSA 5649-1] xz-utils security update

Package : xz-utils
CVE ID : CVE-2024-3094

Andres Freund discovered that the upstream source tarballs for xz-utils,
the XZ-format compression utilities, are compromised and inject
malicious code, at build time, into the resulting liblzma5 library.

Right now no Debian stable versions are known to be affected.
Compromised packages were part of the Debian testing, unstable and
experimental distributions, with versions ranging from 5.5.1alpha-0.1
(uploaded on 2024-02-01), up to and including 5.6.1-1. The package has
been reverted to use the upstream 5.4.5 code, which we have versioned
5.6.1+really5.4.5-1.

Users running Debian testing and unstable are urged to update the
xz-utils packages.

For the detailed security status of xz-utils please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xz-utils

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org

An Anonymous Coward writes:

https://blog.torproject.org/new-release-tor-browser-13013/

"This is an unscheduled emergency release with important security updates to Firefox for Desktop platforms. Android is unaffected."

https://www.mozilla.org/en-US/security/advisories/mfsa2024-16/#CVE-2024-29944

Mozilla Foundation Security Advisory 2024-16
Security Vulnerabilities fixed in Firefox ESR 115.9.1

Announced
March 22, 2024

https://www.mozilla.org/en-US/security/advisories/mfsa2024-16/#CVE-2024-29944

CVE-2024-29944: Privileged JavaScript Execution via Event Handlers

Impact critical

Description

An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox.

Tails 6.0 is affected. Please update Tails 6.0 to the current version when they release it.

Original Submission

I *just* realized that an editor on SoylentNews, janrinok (AKA JR), has very recently attained a huge milestone on our site:

8,000 stories!

I can speak from personal experience that this represents a HUGE sacrifice of time and energy. He showed me the ropes in how to post a story. (There is FAR MORE than meets the eye to be an editor!) There was also the fact that in the early years of SoylentNews, he was simultaneously taking care of his severely ill wife. (She, sadly, passes away a few short years ago.) He endured some exceedingly heart-wrenching periods doing this. I have witnessed him posting stories even though he was beyond the point of exhaustion. So much so that his doctors *demanded* that he stop *everything* and take a break for many months.

So it may not appear to be a huge milestone, please take my word for it. It is!

China balloon: US shoots down airship over Atlantic

The US has shot down a giant Chinese balloon that it says has been spying on key military sites across America.

The Department of Defense confirmed its fighter jets brought down the balloon over US territorial waters.

Three airports were shut and airspace was closed off the coast of North and South Carolina as the military carried out the operation on Saturday.

Footage on US TV networks showed the balloon falling to the sea after a small explosion.

An F-22 jet fighter engaged the high-altitude balloon with one missile - an AIM-9X Sidewinder - and it went down about six nautical miles off the US coast at 14:39 EST (19:39 GMT), a defence official told reporters.

US President Joe Biden had been under pressure to shoot the balloon down since defence officials first announced they were tracking it on Thursday.

Second balloon spotted over Latin America:

On Friday, the Pentagon said a second Chinese spy balloon had been spotted - this time over Latin America with reported sightings over Costa Rica and Venezuela.

The launch of Artemis 1 has been successful - the next burn (trans lunar injection - TLI) is in about 20 minutes away to take Artemis on its way to the Moon.

• https://www.youtube.com/watch?v=CMLD0Lp0JBg
• https://www.youtube.com/watch?v=Qhj_KAp0eYg

TLI has begun and will last about 18 minutes.

[I am having problems with video stuttering - could be my ADSL connection (fibre? Wot fibre?) or it might be the load on the streaming video itself. Reporting may be patchy. Please update in the comments if you have more current information.]

TLI has now finished and Artemis is committed to a journey to the Moon. The main propulsion unit will now be jettisoned.

Propulsion unit now jettisoned and Artemis is using the European Service Module for its journey to the Moon. There are unlikely to be any newsworthy events happening for a while now. Bon Voyage Artemis 1!

takyon writes:

UK Prime Minister Liz Truss resigns after failed budget and market turmoil

U.K. Prime Minister Liz Truss resigned Thursday following a failed tax-cutting budget that rocked financial markets and which led to a revolt within her own Conservative Party.

Truss said in a statement outside Downing Street: "We set out a vision for a low-tax, high-growth economy that would take advantage of the freedoms of Brexit."

"I recognize though, given the situation, I cannot deliver the mandate on which I was elected by the Conservative Party. I have therefore spoken to His Majesty the King to announce that I am resigning as leader of the Conservative Party."

The party is now due to complete a leadership election within the next week, faster than the usual two-month period. Graham Brady, the Conservative politician that is in charge of leadership votes and reshuffles, told reporters he was now looking at how the vote could include Conservative MPs and the wider party members.

Truss was in office for just 44 days, on 10 of which government business was paused following the death of Queen Elizabeth II.

Live updates: BBC, The Guardian, CNN, NYT.

Liz Truss resigns as prime minister after Tory revolt
Liz Truss: UK prime minister resignation speech in full
Pound rallies as Liz Truss announces resignation

Liz Truss (Wikipedia).

Original Submission

https://www.bbc.co.uk/news/uk-61585886

Buckingham Palace has announced that Queen Elizabeth II has died.

takyon writes:

Shinzo Abe, Japan's former prime minister, shot and hospitalized

Japanese former prime minister Shinzo Abe was shot on Friday while campaigning in the city of Nara, a government spokesman said, with public broadcaster NHK saying he appeared to have been shot from behind by a man with a shotgun.

Chief Cabinet Secretary Hirokazu Matsuno said he did not know Abe's condition. Kyodo news agency and NHK said Abe, 67, appeared to be in a state of cardiac arrest when taken to hospital.

See also: Former Japan PM Abe Unconscious After Shooting; Man in Custody
Live Updates: Shinzo Abe Is Unconscious After Apparently Being Shot

NHK, citing the police, said a suspect, Tetsuya Yamagami, 42, had been taken into custody. He was a Nara resident, the report said. Images shared on social media showed a man being tackled after the shooting.

Boris Johnson Agrees to Resign as Prime Minister

Boris Johnson said on Thursday that he would step down as Britain's prime minister, after a wholesale rebellion of his cabinet, a wave of government resignations and a devastating loss of party support prompted by his handling of the the latest scandal that has engulfed his leadership.

Mr. Johnson said he would stay on in his post until the Conservative Party chooses a new leader, which could take several months. He said he expected the timetable for his departure and the selection of a successor to be decided on Monday by a committee of senior Conservative lawmakers.

"It is clearly now the will of the parliamentary Conservative Party that there should be a new leader," Mr. Johnson said in remarks outside Downing Street. "The process of choosing that new leader should begin now."

Original Submission

Live: Updating.

Reuters: Russian forces launch invasion of Ukraine with strikes on defence

MOSCOW/KYIV, Feb 24 (Reuters) - Russian forces fired missiles at several cities in Ukraine and landed troops on its coast on Thursday, officials and media said, after President Vladimir Putin authorised what he called a special military operation in the east.

Shortly after Putin spoke in a televised address on Russian state TV, explosions could be heard in the pre-dawn quiet of the Ukrainian capital of Kyiv.

Gunfire rattled near the capital's main airport, the Interfax news agency said, and sirens were heard over the city.

WSJ: The Latest News on the Russia-Ukraine Crisis: Live Updates

Russian troops and tanks pushed into Ukraine and airstrikes hit the country's capital and more than a dozen other cities early Thursday after President Vladimir Putin said he ordered a military operation to "demilitarize and de-Nazify Ukraine" and bring its leaders to trial.

Ukrainian officials said an initial wave of strikes targeted military installations, airfields and government facilities across the country. Ukraine's border service said its troops came under attack all along the country's frontiers with Russia and Belarus as well as Crimea. Heavy shelling targeted the city of Mariupol on the Azov sea. Air-raid sirens sounded in Kyiv after 7 a.m. and the city's airport came under attack. Ukraine's military said it shot down five Russian warplanes and one helicopter. Russia denied any of its aircraft were hit.

Ayn Anonymous writes:

[Editor's Note: This is how we received it. We are searching for anything else but the claim that Assange is (being) extradited is currently unsubstantiated.]

Assange is extradited to die in the US empire.
Wikileaks now puts EVERYTHING online in return.
https://file.wikileaks.org/file/?fbclid=IwAR2U_Evqah_Qy2wxNY12FMqFC5dAFUcZL5Kl4FIfQuMFMp8ssbM46oHXWMI

Original Submission