Tag Archives: CrowdStrike

2026, AI, AI & Machine Learning, Gadget Man, Security, Self Aware AI, Technology

Anthropic’s Project Glasswing Could Change Cybersecurity Forever

Leave a comment

There are moments in tech when you read an announcement and immediately realise that something important has shifted.

That was very much my reaction when I came across Project Glasswing, a newly announced initiative from Anthropic that is aimed squarely at one of the biggest looming problems in modern computing: what happens when AI becomes exceptionally good at finding software vulnerabilities. Source

According to Anthropic, Project Glasswing brings together a heavyweight list of partners including Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA and Palo Alto Networks, all with the goal of securing critical software for what Anthropic calls the AI era. It is also extending access to more than 40 additional organisations that build or maintain important software infrastructure. Source

Now, that alone would be interesting enough, but the real headline here is the model sitting behind it all.

Anthropic says its unreleased model, Claude Mythos Preview, has already demonstrated the ability to find and exploit software vulnerabilities at a level beyond all but the most skilled human experts. That is a huge claim, and if it holds up in practice, it means we may have crossed into a very different phase of cybersecurity. Source

In plain English, this is not just about a chatbot helping someone write a bit of code more quickly. This is about AI being able to inspect complex software, spot weaknesses that humans and automated tools have missed for years, and in some cases work out how those weaknesses could be exploited. Anthropic says the model has already found thousands of high-severity vulnerabilities, including flaws affecting major operating systems and web browsers. Source

Some of the examples are rather startling. Anthropic says Mythos Preview uncovered a 27-year-old vulnerability in OpenBSD, a 16-year-old flaw in FFmpeg, and even chained together several Linux kernel vulnerabilities in a way that could escalate ordinary user access into full control of a machine. The company says those issues have now been responsibly disclosed and patched. Source

That, to me, is the bit that really lands.

Because for years we have tended to think of cybersecurity in terms of patching known issues, following best practice, keeping software up to date and hoping the really serious flaws are found by the good people before the bad people. But if AI systems are now reaching the point where they can autonomously discover dangerous bugs in code that has survived decades of scrutiny, then the pace of both defence and attack could increase dramatically. Source

Anthropic is clearly trying to frame Glasswing as a defensive first move. The company says it is committing up to $100 million in usage credits for Mythos Preview and $4 million in direct donations to open-source security organisations. The idea seems to be to put these capabilities into the hands of defenders, infrastructure operators and maintainers before similar systems become more widely available. Source

And that is probably the most sensible angle here.

Because whether we like it or not, the genie is not going back in the bottle. If one frontier AI lab can build a model that is frighteningly good at vulnerability discovery, others will too. Eventually, those capabilities will spread further. The question is not really whether AI will reshape cybersecurity. It is whether defenders can get enough of a head start to stop things getting seriously messy. That is an inference from Anthropic’s announcement and the examples it gives, rather than a direct claim from the company, but it feels like the unavoidable conclusion. Source

For those of us who run websites, servers, ecommerce platforms, mail systems or anything else connected to the wider internet, this should be a bit of a wake-up call. The old approach of leaving systems half-maintained, delaying updates, or assuming that obscure software will somehow stay below the radar looks even more risky in a world where AI can inspect code at speed and scale.

Project Glasswing may turn out to be remembered as one of those early milestone moments, the point where the cybersecurity industry publicly acknowledged that AI is no longer just a helpful assistant for defenders. It is becoming a serious force multiplier, and one that could work for either side.

That makes this announcement both exciting and slightly chilling.

And, in true Gadget Man fashion, it is exactly the kind of development that reminds us technology is never just about shiny new tools. It is also about consequences, responsibility and how quickly the world has to adapt when the rules suddenly change.

Source

Anthropic, Project Glasswing: Securing critical software for the AI era

Gadget Man, Matt Porter, Microsoft, The Gadget Man

Global Windows Crash Crisis: The Crowdstrike Falcon Update Fiasco

Leave a comment

Earlier today, a significant issue has come to light affecting Windows users globally. CrowdStrike’s Falcon sensor update for Windows hosts has led to widespread system crashes, commonly known as the “blue screen of death” (BSOD). This disruption has impacted critical sectors across the globe, including transport, banking, and media.

What Happened?

The latest content update from CrowdStrike for its Falcon sensor, designed to enhance security measures, inadvertently introduced a defect. This defect has caused systems to crash, triggering BSOD errors. Users began experiencing these problems shortly after the update was deployed, leading to a flurry of reports and concerns from various industries dependent on uninterrupted system operations.

Affected Areas

The fallout from this update has been extensive. Industries such as transport have seen operational disruptions, banking systems have faced downtime affecting transactions, and media outlets have struggled with system reliability. This has not only caused inconvenience but has also raised concerns about the stability and reliability of critical cybersecurity tools.

Cloudstrike Statement
Cloudstrike Statement

CrowdStrike’s Response

In response to the crisis, CrowdStrike has issued a statement acknowledging the problem and detailing their steps to mitigate the issue. They have provided guidelines for affected users to stabilise their systems and are working on a resolution to prevent further incidents. CrowdStrike’s team is actively investigating the root cause and is committed to restoring normal operations as swiftly as possible.

What to Do If You’re Affected

Users experiencing issues are advised to follow CrowdStrike’s interim measures to disable the problematic update and revert to a stable version of the Falcon sensor. Detailed instructions are available on CrowdStrike’s official blog, ensuring that users can manage their systems and mitigate the immediate impact while a permanent fix is developed.

For ongoing updates and support, affected users are encouraged to stay in touch with CrowdStrike’s customer service and monitor their communication channels.

Conclusion

This incident underscores the critical importance of robust update testing and rapid response mechanisms in cybersecurity. While CrowdStrike’s proactive measures are a step in the right direction, the incident highlights the need for vigilance and preparedness in handling unforeseen software issues.

For more detailed information, you can visit the official statement from CrowdStrike here.

Crowdstrike, Gadget Man, Matt Porter, Microsoft, Podcast, Technology, The Gadget Man, Worldwide Outage

Global Windows Crash Crisis: Crowdstrike Falcon Sensor Update “Defect” Disrupts Key Sectors Worldwide

Leave a comment

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Email | TuneIn | RSS | More

Today, I’m addressing a significant issue affecting numerous Windows users worldwide. Reports have emerged of widespread crashes, commonly referred to as the “blue screen of death,” impacting various critical sectors, from transportation to banking and media.

I spoke with Sarah Julian at BBC Radio WM about the worldwide problems that continue to persist

Understanding the Issue:

The root cause of these crashes has been traced back to an overnight software update for CrowdStrike’s Falcon Sensor. For those unfamiliar, Falcon Sensor is a security tool designed to act as a sentinel for your computer, monitoring and protecting against malicious activities. A single corrupted system file from this update is causing Windows systems to crash upon booting.

Why This Matters:

Windows holds a substantial market share, with 72% of global computers running this operating system. The automatic update to Falcon Sensor has inadvertently introduced a fault, leading to these severe crashes. The update, once applied, seems to corrupt system functionality, causing the dreaded blue screen on countless machines.

Impact Across Sectors:

The ripple effect of this issue is profound. The update has disrupted services across various sectors:

  • Transportation: Both train and plane operations have been hampered.
  • Banking: Financial institutions are facing operational challenges, with payment systems affected.
  • Media: Broadcast systems have been affected, causing interruptions, including Sky News and CBBC.
  • Healthcare: NHS GP surgery systems are impacted, with reports of doctors having to handwrite prescriptions.
  • Emergency Services: Even essential services like emergency call centres have not been spared.
  • Airports: Airports, including Birmingham Airport, have reported issues with check-in services, and operations at the Port of Dover are also impacted.

Al Lakhani, CEO of IDEE, said:

“Many people might be thanking Microsoft for their accidental day off, but countless businesses are suffering due to Microsoft’s and their partners’ failure to maintain their services. This incident underscores the importance of businesses thoroughly researching and vetting their cybersecurity solutions before implementation. Microsoft clearly fell short in this regard, and we are witnessing a cascade of operational failures around the world as a result.”

“CrowdStrike’s platform approach, which relies on a single agent focused on detection, might seem good at first glance, but as we can see, it can create significant issues. For instance, agents require installation and maintenance of software on multiple different OSes, adding layers of complexity and potential points of failure. Moreover, agents can become a single point of failure, as a bad update can compromise the entire network, as seen with the SolarWinds attack.

“The lesson here is blindingly obvious: investing in cybersecurity is not just about acquiring the latest or most popular tools but ensuring those tools are reliable and resilient. This is why businesses must prioritise agentless solutions like MFA 2.0, which reduce the risk of widespread failures and ensure more resilient defences.”

Cloudstrike Falcon Sensor Blue Screen of Death BSOD Global Outage
Cloudstrike Falcon Sensor Blue Screen of Death BSOD Global Outage

Current Status and Actions:

Microsoft has acknowledged the problem and stated that a fix is in place. However, this does not immediately rectify the situation for all affected devices. Many computers remain non-functional, and a manual fix may be required. One proposed solution involves removing the corrupted update link to restore system operations.

Security Concerns:

This incident raises critical questions about our reliance on third-party providers and the level of access they have to our systems. The Falcon Sensor update had kernel-level access, the deepest level of system access, which allowed it to cause such widespread disruption.

Tech Alert Windows Crashes Related to Falcon Server
Tech Alert Windows Crashes Related to Falcon Server

Moving Forward:

As we navigate this challenging situation, it’s essential to stay informed and take proactive steps to secure our systems. Further updates will be provided as new information becomes available and solutions are implemented.

For now, if you’re experiencing issues, consult with your IT department or follow the suggested manual fix to remove the problematic update. Manual intervention is likely to be needed to address the corrupted system file causing the crashes. Stay vigilant and prioritise your system’s security.