Author: David Leane

“`html

CrowdStrike’s Devastating IT Outage: Causes and Preventive Measures for Future Incidents

Quick Read

• A CrowdStrike update leads to a significant IT outage affecting systems worldwide.
• Initially believed to be a Microsoft outage, the issue was later identified as a bug in CrowdStrike.
• Travel, business, and critical services have faced significant disruptions.
• Underlying issue: unauthorized memory access resulting in a Blue Screen of Death (BSOD).
• The solution required several intricate steps, such as booting in safe mode and uninstalling the problematic update.
• Preventing future issues necessitates thorough testing and the implementation of phased rollouts.

What Happened?

CrowdStrike, a prominent American cybersecurity company recognized for its endpoint security solutions, released an update that unintentionally led to a worldwide IT outage. This flaw resulted in the notorious Blue Screen of Death (BSOD) on Windows computers, causing continuous reboot loops and considerable disturbances.

The problem started at approximately 4 PM Australian time on Friday, July 19, 2024. Initially blamed on Microsoft, further investigation identified CrowdStrike’s update as the cause. This unprecedented incident had far-reaching consequences:

• Turmoil in travel: A multitude of flights were either cancelled or delayed globally.
• Operational disruptions were experienced by banks, hospitals, emergency services, and media organizations.
• Economic consequences: Companies suffered financial losses due to mandatory closures or decreased productivity.
• Significant disruption: Crucial services such as online banking and hospital systems experienced interruptions.

Root Cause Analysis

CrowdStrike’s update tried to access an invalid memory address (0x9c), causing Windows to instantly shut down the application. This invalid access occurred because of a NULL pointer in the memory-unsafe C++ language. Given that security software has extensive access to system files, this error resulted in widespread system crashes.

Crowdstrike Investigation: It was a NULL pointer stemming from the memory-unsafe C++ language. – Zach Vorhies (@Perpetualmaniac)

This section of memory is not valid for any program. Any program attempting to access this area will be instantly terminated by Windows. – Zach Vorhies (@Perpetualmaniac)

Here is the main issue behind the blue screen of death… When your computer fails, the system drivers are responsible 95% of the time. – Zach Vorhies (@Perpetualmaniac)

Resolution Steps

To address the problem, CrowdStrike released a public announcement and detailed the procedures for impacted firms.

1. Starting Windows in Safe Mode can be difficult for devices deployed in an enterprise environment because of Bitlocker encryption.
2. Delete the problematic update—it’s more straightforward once you enter Safe Mode.

CrowdStrike stopped the spread of the flawed update and focused on releasing a fixed version. However, addressing the issue was intricate and lengthy, necessitating physical access to numerous devices.

Future Prevention Strategies

The incident highlights the necessity for stringent testing procedures and gradual implementations for crucial updates. It is imperative for security vendors to ensure their code undergoes extensive automated and manual testing prior to deployment. Gradual rollouts, akin to Microsoft’s Windows Insider Release Rings, could assist in reducing such risks by identifying problems at an early stage with smaller groups.

Moreover, operating systems such as Windows ought to integrate features that enable the rollback of faulty drivers without necessitating a full reboot or considerable manual effort.

Summary

The IT outage caused by CrowdStrike highlights the essential importance of thorough testing and gradual deployments in software updates. Although the immediate problem has been addressed, similar events in the future can be avoided by enhancing practices and protocols among both cybersecurity companies and operating system developers.

Q&A

What was the reason behind the CrowdStrike IT disruption?

A:

The interruption occurred due to a glitch in a CrowdStrike update which tried to access an invalid memory address, causing Windows PCs to experience Blue Screens of Death (BSODs).

How were various sectors impacted by the outage?

A:

The disruption led to travel turmoil with flight cancellations, interruptions in banking and hospital operations, economic losses, and public inconvenience in crucial services such as online banking and emergency communication channels.

Q: What actions were implemented to address the problem?

A:

The solution entailed starting the impacted computers in Safe Mode and uninstalling the problematic update. Additionally, CrowdStrike halted the spread of the update and released a fixed version.

Q: What measures can be taken to avoid similar incidents in the future?

A:

To ensure better future prevention, it is necessary to implement stricter testing protocols, introduce phased rollouts for updates, and incorporate built-in rollback mechanisms within operating systems to manage faulty drivers more effectively.

Why wasn’t this problem identified during testing?

A:

The incident exposes deficiencies in CrowdStrike’s testing procedures. The defective code probably succeeded in automated tests but did not perform as expected in practical situations, suggesting a requirement for more thorough testing strategies.

Q: What was CrowdStrike’s reaction to the worldwide backlash?

A:

CrowdStrike has released a public apology and outlined measures to fix the problem. The CEO is presently on an apology tour to address international concerns.

What is Microsoft’s role in preventing these problems?

A:

Microsoft can mitigate these problems by introducing rollback mechanisms for faulty drivers and ensuring that third-party updates adhere to strict safety standards before being deployed.

Q: What effect did this incident have on CrowdStrike’s market valuation?

A:

CrowdStrike saw a major decline in its market capitalization, shedding billions of dollars in value overnight due to the incident.

“`

“`html

Quick Read

• CrowdStrike disclosed that a sensor settings modification led to the blue screen of death (BSOD) on Windows machines.
• The problem affected systems operating the Falcon sensor version 7.11 and later on Windows.
• Primary industries in Australia, including airlines, banking institutions, and transportation systems, experienced disruptions.
• An in-depth investigation into the root cause is currently being conducted to avert similar problems in the future.
• CrowdStrike has released remediation steps and knowledgebase articles for IT administrators.

Detailed Analysis of the Windows System Outage

In a recent blog article, CrowdStrike offered the inaugural technical breakdown of an update that caused widespread disruptions to Windows computers. A sensor configuration update caused a logic mistake, leading to system crashes and the notorious ‘blue screen of death’ (BSOD) on affected devices.

Primary Cause and Solution

CrowdStrike fixed the logic error by modifying the content in the configuration file, but acknowledged that a detailed root cause analysis is necessary to understand how the logic flaw happened. The company pledged to pinpoint any underlying or procedural enhancements to improve their process.

Regular Updates to Configuration Files

CrowdStrike usually updates configuration files—referred to as “channel files” within their ecosystem—multiple times daily. The problematic update was meant to enable CrowdStrike Falcon sensors on endpoints to identify newly detected, malicious named pipes employed by common C2 frameworks in cyberattacks.

A named pipe is a method for transferring data between unrelated processes and processes on different machines, as described in Microsoft documentation.

Effect on Systems and Industries

Systems operating Falcon sensor for Windows versions 7.11 and higher that downloaded the updated configuration between 04:09 UTC and 05:27 UTC were prone to system crashes. This issue impacted multiple sectors across Australia, such as airlines, airports, transportation networks, supermarkets, banks, and businesses. The federal government convened an emergency meeting with CrowdStrike representatives, and IT outages were subsequently experienced globally.

Controversy Regarding Social Media Examination

CrowdStrike utilized its blog post to counter social media claims that blank or null values in the configuration file contributed to the issue. They clarified that the problem was unrelated to null bytes within either the problematic channel file or any other channel file.

Summary

CrowdStrike’s latest update to its sensor configuration caused significant disruptions in Windows systems because of a logic error. This resulted in major IT outages both in Australia and other regions. Although immediate corrective measures have been implemented, a comprehensive root cause analysis is still in progress. CrowdStrike has offered detailed instructions to IT administrators to help with remediation efforts.

What led to the system crash and Blue Screen of Death (BSOD) on Windows devices?

A sensor configuration update from CrowdStrike resulted in a logic error, leading to system crashes and the blue screen of death (BSOD) on affected Windows systems.

Which systems experienced issues due to the defective update?

Systems operating Falcon sensor for Windows version 7.11 or higher that retrieved the updated configuration between 04:09 UTC and 05:27 UTC were vulnerable to crashing.

Which industries were affected by this update?

Major industries throughout Australia, such as airlines, airports, transportation systems, supermarkets, banks, and businesses, faced interruptions.

Q: What measures has CrowdStrike implemented to address the problem?

CrowdStrike fixed the logical error by modifying the configuration file’s content. They are also performing an in-depth root cause analysis and have released remediation steps and knowledgebase articles for IT administrators.

Q: How often does CrowdStrike refresh its configuration files?

CrowdStrike usually modifies its configuration files multiple times daily.

Was the problem associated with the presence of null values in the configuration file?

B: CrowdStrike made it clear that the problem was not due to null bytes in the problematic channel file or any other channel file.

For additional details on this subject, please check out TechBest.

“`

“`html

Capgemini Enhances Digital Transformation in Aged Care with an $83.3 Million Investment

Quick Read

• Capgemini’s participation in the digital transformation of Aged Care has increased from $36.7 million to $83.3 million.
• The growth is mainly fueled by services related to Salesforce.
• New agreements feature a $9.7 million budget for user-centered design services.
• The Department of Health and Aged Care has been a major beneficiary of federal budget allocations for ICT infrastructure.

Introduction to Capgemini’s Enhanced Role

Capgemini’s contribution to the federal Aged Care digital transformation has increased substantially in just over a year, rising from $36.7 million to $83.3 million, mainly for services related to Salesforce. This notable increase highlights the Australian government’s dedication to upgrading its Aged Care digital infrastructure.

Original Agreement and Later Extensions

The company originally obtained a $36.7 million “work order” in May of the previous year to develop capabilities for delivering ICT infrastructure for the Aged Care system. In May of this year, they extended the contract for an additional year at the same amount of $36.7 million. Earlier this month, an additional contract worth $9.7 million was announced, making the total funding allocated to Capgemini $83.3 million.

Distribution of Assigned Funds

The majority of the funds, totaling $73.4 million, are allocated for the “development, support, and maintenance” of Salesforce and MuleSoft. An unspecified amount is set aside for the Salesforce-based technical infrastructure of the government provider management system (GPMS), which is intended to replace a 20-year-old system currently in use.

Concentrate on Salesforce and MuleSoft.

According to tender records, the value of the GPMS to Salesforce has risen from $13.5 million in February last year to $29.2 million. Additionally, Capgemini is supporting other applications of Salesforce and MuleSoft beyond just the GPMS.

User-Centred Design Services

The latest $9.7 million agreement with Capgemini is centered on a distinct set of tasks associated with “user-centred design services.” This initiative is intended to more effectively support work management and is consistent with the department’s goals to improve digital transformation in Aged Care.

Announcement from the Department of Health and Aged Care

A representative from the Department of Health and Aged Care mentioned that Capgemini is presently offering professional services to the aged care digital transformation initiative in two primary domains: the development, maintenance, and support of their Salesforce/MuleSoft platform, and the supply of design resources in collaboration with their business partners to outline requirements.

Federal Budget Allocations

For several consecutive years, the department has notably received significant federal budget allocations for “ICT infrastructure,” amounting to $312 million in Budget 2022, $214.5 million in Budget 2023, and $174.5 million in Budget 2024.

Suggestion from the Royal Commission

A Royal Commission on Aged Care Quality and Safety advised extensive modifications to IT systems within the industry and highlighted the importance of implementing digital technology to enhance the care and wellbeing of residents.

Summary

The participation of Capgemini in the federal Aged Care digital transformation has grown considerably due to an increased emphasis on Salesforce and MuleSoft services. New contracts aimed at user-centred design services enable Capgemini to remain a key player in updating Australia’s Aged Care digital framework. Substantial federal budget allocations given to the Department of Health and Aged Care are directed towards improving ICT infrastructure, in line with suggestions from the Royal Commission into Aged Care Quality and Safety.

What is the overall worth of Capgemini’s participation in the digital transformation of Aged Care?

The total commitment from Capgemini has increased to $83.3 million.

Q: What main services does Capgemini offer?

Capgemini primarily offers development, support, and maintenance services for Salesforce and MuleSoft platforms, in addition to user-centered design services.

What does GPMS stand for?

The Government Provider Management System (GPMS) is a Salesforce-based technical platform that modernizes a 20-year-old system used in Aged Care.

How much did the value of the GPMS contract rise?

A: The amount rose from $13.5 million in February of the previous year to $29.2 million.

Q: What are user-centered design services?

User-centered design services emphasize developing systems that fulfill user requirements by utilizing research, design, and repeated testing.

What federal budget provisions have been designated for ICT infrastructure in Aged Care?

Federal budget distributions encompass $312 million in Budget 2022, $214.5 million in Budget 2023, and $174.5 million in Budget 2024.

What were the recommendations of the Royal Commission?

The Royal Commission proposed comprehensive updates to IT systems in aged care, emphasizing the adoption of digital technology to enhance the care and wellbeing of residents.

Quantum Radiology Reclaims Most Patient Records After 2023 Cyber Attack

Quick Read

• Quantum Radiology restores primary IT systems after a cyber attack.
• Most patient records have been successfully restored.
• Current initiatives to recover historical scanned images.
• Notable enhancements in cybersecurity practices.

Incident Overview

Quantum Radiology, primarily a medical imaging service based in Sydney, was severely affected by a cyber attack late last year. The incident, occurring in November 2023, forced the company to shut down its clinics and cancel patient appointments because of compromised IT systems.

Recovery Efforts

In an announcement released on July 15, seven months following the initial incident notice, Quantum Radiology revealed that it had successfully decrypted its primary IT systems and carried out an analysis of data that might have been impacted. The company verified the retrieval of the majority of patient reports that were affected.

Ongoing Data Restoration

Although the main patient records have been obtained, Quantum Radiology is still in the process of recovering historical scanned images. This task is anticipated to require more time.

Cybersecurity Enhancements

Following the cyber attack, Quantum Radiology has implemented significant steps to enhance its IT and cybersecurity framework. These actions involve:

• Total overhaul of server infrastructure.
• Software upgrades.
• Enhanced security measures and cybersecurity awareness campaigns.
• A review of cybersecurity practices carried out independently.
• A dedication to continuous cybersecurity assessments.

Coordination with Authorities

The company has informed NSW and Commonwealth authorities, along with law enforcement agencies, about the recent progress in their recovery operations.

Summary

Quantum Radiology has achieved notable progress in recovering from the 2023 cyber attack that impacted its operations and exposed patient data. The organization has successfully decrypted its primary IT systems and retrieved the majority of patient records. Efforts to recover historical data are ongoing, and improved cybersecurity measures have been implemented to safeguard against future threats.

Why did Quantum Radiology shut down its clinics?

The cyber attack in November 2023 compelled Quantum Radiology to shut down its clinics and cancel patient appointments as their IT systems were compromised.

How much of the patient’s data has been retrieved?

Quantum Radiology has successfully restored its primary IT systems and retrieved most of the patient records.

Q: What measures are currently being implemented to restore historical scanned images?

The company is presently trying to retrieve historical scanned images, which might take a bit longer.

What cybersecurity precautions have been put in place following the incident?

Quantum Radiology has implemented various actions such as fully reconstructing the server infrastructure, updating software, enhancing security measures, conducting an independent review of cybersecurity practices, and pledging to maintain continuous cybersecurity assessments.

Have the authorities been notified regarding the recovery progress?

A: Yes, NSW and Commonwealth authorities, along with law enforcement agencies, have been informed of the recent progress in Quantum Radiology’s recovery initiatives.

For further details on this subject, please visit TechBest.

Government Aims for Public Safety Mobile Broadband Deployment by 2025-26

Quick Read

• The Australian government is targeting a nationwide deployment of a public safety mobile broadband (PSMB) service by the 2025-26 timeframe.
• An RFI process has been started to collect information.
• The PSMB will deliver essential data and video services to public safety organizations.
• The service aims to boost communication among emergency responders and heighten their situational awareness.
• Both newly established and already existing cellular infrastructure are being evaluated for the network.

Introduction

The Australian government plans to introduce a national public safety mobile broadband (PSMB) service by the 2025-26 financial year. This project is designed to greatly improve the communication abilities of public safety agencies throughout the country, offering vital data, video, and voice services during emergencies and critical situations.

Background and Importance

The PSMB project has been under discussion since 2009. However, it gained renewed momentum after a thorough review in 2022. According to the government, this initiative will represent the most significant advancement in communications for Australian public safety agencies in decades. The system is designed to provide fast, secure, and reliable communication capabilities, allowing near-instant access to crucial data and real-time analytics.

The Process of Requesting Information (RFI)

At the end of September, the government revealed that additional information regarding the forthcoming phases of the PSMB project would be published shortly. A task force formed in early 2023 has already begun a request for information (RFI) process. This preliminary stage is crucial for national planning and will aid in decision-making for both federal and state authorities.

The Request for Information (RFI) is particularly looking for feedback on creating a nationwide interoperable 4G communication network that accommodates data, video, and voice services for all public safety organizations. The goal is also to gather insights on how to merge this network with current voice services and other data networks.

Two-Staged Market Approach

The government has proposed a two-phase market strategy for acquiring the PSMB service. Initially, information will be collected via the RFI process. The following phase will consist of a formal tender process scheduled for the 2025-26 fiscal year. Telecommunications companies and other potential suppliers are required to engage in the RFI stage in order to qualify for later bidding.

Technological Considerations

A primary objective of the taskforce is to explore how 5G coverage can improve the PSMB service. The government is considering multiple operational models, ranging from a dedicated network to utilizing existing cellular infrastructure. The aim is to guarantee seamless integration and interoperability between various agencies and across state lines.

Summary

The Australian government’s bold initiative to implement a national public safety mobile broadband service by the years 2025-26 is poised to transform emergency response communications. By offering expedited, secure, and dependable data and video services, the PSMB will equip public safety agencies with essential tools for real-time analytics and enhanced situational awareness. As the preparations progress through a Request for Information (RFI) process, this project represents a crucial advancement in modernising Australia’s emergency communication infrastructure.

Q&A Section

What is the main objective of the PSMB service?

The main objective is to deliver essential data, video, and voice services to public safety agencies, improving their communication efficiency during emergencies and critical events.

When is the PSMB service set to be launched?

The government plans to implement the PSMB service by the 2025-26 fiscal year.

Q: What is the goal of the RFI process?

The goal of the RFI procedure is to collect essential data that will guide national strategy and decision-making for the PSMB initiative.

Q: Who must be involved in the Request for Information (RFI) phase?

Telecommunications companies and other providers aiming to bid on the PSMB project must join in the RFI stage to qualify for the subsequent formal tender process.

Q: In what ways will the PSMB service advantage public safety agencies?

The service will offer quick and secure communication features, allowing almost immediate access to essential data and real-time analysis, thus enhancing situational awareness and the efficiency of emergency responses.

What technologies are being evaluated for the PSMB network?

The taskforce is investigating the establishment of a national interoperable 4G network and examining how 5G coverage could further improve the service.

Australia Post Appoints New Chief Information Security Officer

Quick Read

• Adam Cartwright will start as the Chief Information Security Officer (CISO) at Australia Post in August.
• Cartwright formerly occupied top cyber security positions at Asahi Beverages, Commonwealth Bank of Australia (CBA), and ANZ Banking Group.
• Glenn Stuttard leaves after 11 and a half years with Australia Post.
• Stuttard intends to pause for a while before exploring new prospects.

Australia Post has revealed that Adam Cartwright will be stepping in as the new Chief Information Security Officer (CISO) beginning next month. Cartwright takes over from Glenn Stuttard, who is departing the organisation after more than 11 years of service. Stuttard’s exit signifies the conclusion of a notable chapter in Australia Post’s cyber security history.

Adam Cartwright’s Background

Adam Cartwright has a strong background in cyber security management and has joined Australia Post. Before this position, he was the Group General Manager of Cyber Security and Risk at Asahi Beverages. Cartwright has also served in significant roles like Deputy CISO at Commonwealth Bank of Australia (CBA) and Head of Cyber Security at ANZ Banking Group.

A spokesperson for Australia Post stated, “Adam will contribute extensive knowledge to Australia Post from his experience in cyber security across various sectors.”

Glenn Stuttard’s Departure

Glenn Stuttard, after serving Australia Post for 11.5 years, announced his resignation on LinkedIn last week. In his farewell message, Stuttard looked back on his journey with a sense of pride, highlighting the team’s achievements in protecting one of Australia’s most trusted brands. He also stated that he intends to “recharge before seeking new opportunities.”

Transition Period

The transition phase is anticipated to be seamless, with Cartwright taking over to uphold the strong security infrastructure founded during Stuttard’s tenure. Australia Post believes that Cartwright’s substantial experience will improve their cyber security practices even further.

Summary

Australia Post has named Adam Cartwright as the new Chief Information Security Officer, following Glenn Stuttard’s departure after 11.5 years of service. Cartwright’s broad expertise in cyber security within multiple sectors is anticipated to offer a new outlook on Australia Post’s security measures.

Q: Who has been appointed as the new CISO of Australia Post?

Adam Cartwright is set to begin his new role as Chief Information Security Officer at Australia Post next month.

What professional experience does Adam Cartwright have?

Adam Cartwright formerly served as the Group General Manager of Cyber Security and Risk at Asahi Beverages. Additionally, he held the roles of Deputy CISO at the Commonwealth Bank of Australia and Head of Cyber Security at ANZ Banking Group.

Why is Glenn Stuttard departing from Australia Post?

Glenn Stuttard is departing after 11.5 years at Australia Post to take a break and rejuvenate before seeking new opportunities.

How will this new leadership affect Australia Post?

The transition is anticipated to be seamless, as Adam Cartwright brings extensive expertise in cybersecurity to enhance Australia Post’s security framework.

When is Adam Cartwright scheduled to begin his position?

Adam Cartwright will begin his position as Chief Information Security Officer in August.

“`html

Quick Read

• Australia is set to implement legislation that requires internet companies to block scams.
• Severe penalties for failing to comply could amount to $50 million or higher.
• The ACCC and the treasury are seeking input from multiple industries to develop a code to combat scams.
• Advertisements for cryptocurrency scams that use Andrew Forrest’s name have led to substantial financial losses.
• Meta is facing a lawsuit for not effectively controlling misleading ads.
• The recent legislation seeks to make technology giants responsible, which might lead to clashes with United States laws.

Australia’s New Anti-Fraud Legislation

By the end of the year, Australia intends to implement a pioneering law that will require internet companies to actively prevent the hosting of scams or risk substantial fines. The Australian Competition and Consumer Commission (ACCC), alongside the treasury department, is presently engaging with internet, banking, and telecommunications companies to develop a compulsory and enforceable anti-scam code.

The Importance of This Legislation

This action follows significant financial losses for Australians due to cryptocurrency scam advertisements featuring high-profile individuals such as mining tycoon Andrew Forrest. Forrest has initiated legal proceedings against Facebook’s parent company, Meta, in California, after failing to compel the company to take action within Australia. Government statistics show that Australians’ losses from scams have surged from $900 million in 2020 to $2.7 billion in 2023, reflecting a global trend worsened by the increased online activity driven by the pandemic.

Consultation with Industry and Code Creation

The ACCC and the Treasury seek to create an anti-scam code mandating internet platforms to take reasonable measures to safeguard users. This encompasses providing efficient complaint services. At present, only telecommunications providers in Australia are subject to specific anti-scam regulations.

Possible Disputes with Major Technology Companies

The enactment of this law might provoke another clash between Australia and major tech companies. Historically, internet platforms have depended on U.S. legislation that mostly absolves them from accountability. The ACCC has previously required internet firms to pay media organizations licensing fees for content links, causing Meta to contemplate blocking media content on Facebook in Australia. The new anti-scam legislation could exacerbate these tensions by imposing legal liability on these platforms.

Expected Implementation Timeline

“We anticipate the implementation of these measures throughout this period and by the end of the year,” stated ACCC chair Gina Cass-Gottlieb. The ACCC maintains that clear and enforceable legal requirements are essential. Non-compliance with these new regulations could lead to penalties of up to $50 million, triple the profit obtained from the misconduct, or 30 percent of the revenue at the time the violation took place.

Ongoing Legal Proceedings and Potential Consequences

The ACCC is taking legal action against Meta for not preventing the display of deceptive advertisements that include well-known Australians. Meta has been defending itself since March 2022, and the case remains in the pre-trial phase. Cass-Gottlieb contends that a compulsory code would lessen the reliance on “retroactive” and lengthy court procedures for enforcement.

Meta has chosen not to provide comments regarding the timing of the anti-scam code. However, the company has previously expressed a preference for a voluntary code, arguing that a mandatory code could result in a focus on compliance rather than innovation.

Summary

Australia is poised to implement a groundbreaking anti-scam legislation by year’s end, aimed at holding internet companies responsible for preventing scams. Both the ACCC and the treasury are engaging with different industries to develop a regulatory anti-scam code. This initiative is intended to combat the increasing financial losses due to scams in Australia but might result in additional disputes with major tech companies such as Meta.

What is the main goal of Australia’s new anti-scam legislation?

The main goal is to require internet firms to take preventive measures against hosting scams and to offer efficient complaint services, thereby safeguarding users.

What are the potential fines for businesses that do not comply?

Companies could be subject to penalties amounting to $50 million, triple the advantage obtained from the misconduct, or 30 percent of their revenue at the point of the violation.

Why might there be a possible conflict with U.S. laws?

U.S. regulations generally shield internet platforms from liability for content created by users, whereas Australia’s recent legislation seeks to make these platforms legally responsible.

What has driven this recent legislative proposal?

The rising financial losses resulting from scams during the pandemic, which led to Australians losing $2.7 billion between 2020 and 2023, spurred this legislative action.

Who is in charge of developing the anti-scam code?

The mandatory anti-scam code is being developed under the leadership of the Australian Competition and Consumer Commission (ACCC) and the treasury department.

Q: Which types of scams have been most common in Australia?

Cryptocurrency scam ads featuring high-profile individuals such as Andrew Forrest have been especially common, resulting in considerable financial losses for Australians.

How could this new legislation affect technological innovation?

Certain technology firms, such as Meta, contend that enforcing a compulsory anti-fraud code might compel them to emphasize adherence at the expense of innovation.

Q: When is the law anticipated to take effect?

The ACCC aims to implement the new anti-scam codes by the end of this year.

“`

Apple Expands Tap-and-Go Payment Options to Include Competitors in Significant Policy Change

Quick Read

• Apple is allowing competitors to use its tap-and-go mobile payment system.
• Action driven by EU antitrust rules outlined in the Digital Markets Act (DMA).
• Apple is subject to three investigations related to the DMA.
• The European Commission’s decision mandates adherence for a decade.
• Over 3000 banks and issuers across Europe provide Apple Pay.
• The ruling permits developers to utilize Apple’s NFC technology.
• The Norwegian application Vipps MobilePay is pleased with the decision.

The Apple and Digital Markets Act

The Digital Markets Act (DMA) seeks to create fair competition among major technology companies and provide users with more options. Apple is currently facing scrutiny through three active investigations. The company’s App Store policies and recent contractual terms for developers have been called into question. EU antitrust regulator Margrethe Vestager has stated that Apple has not yet adhered to these rules.

Opening NFC Technology

In a major policy change, Apple is set to grant access to its near-field communication (NFC) technology to competitors. This choice is the result of a four-year investigation conducted by the European Commission. Apple’s proposal will be effective for 10 years, enabling developers to create payment applications that use Apple’s NFC technology. The goal of this initiative is to enhance competition within the mobile wallet market.

Effects on European Programmers

Apple’s concessions will let European developers incorporate tap-and-go payments into a wide range of applications, such as car keys, transit systems, corporate badges, home keys, hotel keys, merchant loyalty/rewards, and event tickets within their iOS apps. This adjustment is anticipated to make Apple’s NFC technology more accessible and foster innovation among competitors.

Feedback from Industry Stakeholders

The Norwegian mobile payment application, Vipps MobilePay, which had previously raised concerns regarding Apple Pay’s limitations, embraced the recent change. This advancement permits Vipps MobilePay and other service providers to compete on an equal footing with Apple, potentially resulting in a wider array of consumer-friendly choices within the market.

EU Antitrust Penalties

In March, Apple encountered its inaugural EU antitrust fine—a substantial 1.84 billion euros (AUD 2.96 billion) for limiting competition from Spotify and other music streaming competitors through its App Store regulations. This penalty highlighted the EU’s dedication to addressing anti-competitive actions by major tech firms.

Microsoft’s Antitrust Settlement

Independently, Microsoft finalized an agreement with cloud services entity CISPE to resolve an antitrust grievance, therefore evading an EU probe. Vestager characterized this resolution as a “promising outcome,” mirroring the EU’s overarching strategy to encourage fair competition in the technology industry.

Summary

Apple’s choice to allow competitors access to its tap-and-go mobile payment system is a significant development in the technology sector, compelled by stringent EU antitrust laws. By granting rival developers access to its NFC technology, Apple aims to enhance competition and innovation within the mobile wallet market. This action aligns with the goals of the Digital Markets Act and illustrates the growing regulatory pressures on major tech firms to maintain a fair and competitive environment.

Q&A

Q: What led Apple to unlock its tap-and-go payments service?

A:

The decision was driven by continuous investigations and regulatory pressures from the EU under the Digital Markets Act (DMA), which seeks to promote fair competition among large technology companies.

Q: Could you explain what NFC technology is?

A:

NFC is an abbreviation for near-field communication. It facilitates contactless payments by enabling devices such as smartphones and smartwatches to interact with payment terminals when they are in close range.

How long will Apple’s proposal to make its NFC technology accessible remain effective?

A:

Apple’s proposal will remain in effect for a decade, allowing developers to utilize its NFC technology for creating payment apps.

How many banks and issuers are presently providing Apple Pay services in Europe?

A:

Presently, over 3000 banks and issuers across Europe provide Apple Pay as a payment method.

Q: What effect does this have on developers?

A:

This modification enables developers to develop and provide tap-and-go payment solutions utilizing Apple’s NFC technology, thus promoting competition and innovation in the mobile wallet industry.

Q: What penalty did the European Union impose on Apple?

A:

In March, Apple received a fine of 1.84 billion euros (equivalent to AUD 2.96 billion) from the EU due to its App Store policies, which were deemed to restrict competition from Spotify and other music streaming competitors.

What was the response of other companies to Apple’s decision?

A:

The Norwegian mobile payment application, Vipps MobilePay, expressed approval of Apple’s decision, as it enables them to compete fairly with Apple and other mobile wallet service providers in the market.

What role does Microsoft play in this situation?

A:

Microsoft and cloud services group CISPE have reached a settlement, resolving an antitrust complaint and sidestepping an EU investigation. This action forms part of wider regulatory efforts to maintain fair competition within the tech industry.

Samsung Galaxy Z Fold 6 Addresses Its Major Weakness at Last

Introduction

Samsung hosted their Galaxy Unpacked event for 2024 overnight, revealing several new hardware announcements. A standout was the Galaxy Z Fold 6, which tackles one of the main criticisms of the Galaxy Z Fold 5: the front display size.

Broader Cover Screen: A Game Changer

The Samsung Galaxy Z Fold 6 features a broader 6.3-inch cover screen, offering a more natural viewing experience. This enhancement ensures that content in apps is displayed more naturally, addressing the problem of the Fold 5’s excessively narrow front screen.

Design and Durability

Samsung keeps pushing the boundaries in foldable technology, producing the thinnest and lightest Galaxy Z series to date. The symmetrical structure with straight edges gives it a refined appearance, and the updated cover screen ratio delivers a more natural bar-style viewing experience.

Designed for robustness, the Galaxy Z Fold 6 incorporates a dual rail hinge design bolstered by a reinforced folding edge. Improved layers on the primary display ensure durability, and the device is fortified with Armor Aluminum and Corning Gorilla Glass Victus 24 for increased protection.

Efficiency and AI Assimilation

The Galaxy Z Fold 6 and Flip 6 feature the Snapdragon 8 Gen 3 Mobile Platform, delivering outstanding performance in CPU, GPU, and NPU, specifically enhanced for AI tasks. The cooling system has been improved with a larger vapor chamber in the Fold 6 and, for the first time, a vapor chamber in the Flip 6.

Productivity Features

The Galaxy Z Fold 6 is equipped with AI-driven features designed to boost productivity.

• Note Assist: Provides translation, summaries, and automatic formatting for meeting notes.
• Composer: Generates text based on simple keywords for emails and social media posts.
• S Pen Integration: Enhanced S Pen functionality with Galaxy AI, featuring Sketch to Image capability for generating AI-created images.

Enhanced Communication

Galaxy AI improves seamless communication on the Galaxy Z Fold 6. The distinct dual-screen design facilitates Interpreter mode, allowing easy translations across both screens. Live Translate provides instant phone call translations directly on your device.

Creative Tools

The AI-driven ProVisual Engine enhances creative potential on the Galaxy Z Fold 6. Photo Assist makes it easier to create professional-quality content, and Portrait Studio provides diverse portrait styles like 3D cartoon and watercolor. The Instant Slow-mo feature enables the creation of extra frames for smoother video playback.

Gaming Experience

The Galaxy Z Fold 6 enhances the gaming experience with its advanced chipset and expanded vapor chamber. Ray Tracing enables vibrant, realistic graphics on a brighter 7.6-inch display, offering a more immersive gameplay.

Technical Specifications

Spec	Details
Main Screen	7.6-inch QXGA+ Dynamic AMOLED 2X Infinity Flex Display with a resolution of 2160 x 1856 and an adaptive refresh rate ranging from 1 to 120Hz.
Cover Screen	6.3-inch HD+ Dynamic AMOLED 2X Screen (2376 x 968), 120Hz variable refresh rate (1~120Hz)
Dimension & Weight	Closed: 68.1 x 153.5 x 12.1mm; Open: 132.6 x 153.5 x 5.6mm; Mass: 239g
Cameras	10MP front-facing camera; 4MP camera beneath the display; triple rear camera setup (12MP ultra-wide, 50MP wide-angle, 10MP telephoto)
Processor	Snapdragon 8 Gen 3 Mobile Processor for Galaxy
Memory and Storage	12GB of memory available with choices of 256GB, 512GB, or 1TB of internal storage
Battery	4,400mAh dual battery
OS	Android 14 One UI 6.1.1
Sensors	Capacitive fingerprint sensor (side), accelerometer, barometer, gyroscope, geomagnetic sensor, hall sensor, proximity sensor, light sensor.
Sims	One Nano SIM card and one eSIM.
Colours	Silver Shadow, Pink, Navy; Exclusive colors: Crafted Black, White

Availability

The Galaxy Z Fold 6, Z Flip 6, and Galaxy Buds3 series can be pre-ordered in Australia starting July 11, with general sales commencing on July 31. The Galaxy Z Fold 6 comes in Silver Shadow, Pink, and Navy. The Galaxy Z Flip 6 provides more color choices: Silver Shadow, Yellow, Blue, and Mint. Exclusive colors like Crafted Black, White, and Peach are available exclusively online at Samsung.com.

Summary

The Samsung Galaxy Z Fold 6 tackles key problems of its forerunner by incorporating a wider cover screen and upgraded functionalities aimed at productivity, communication, creativity, and gaming. Boasting increased durability and sophisticated AI integration, it establishes a new standard in the foldable smartphone industry.

Q&A Section

Q: What is the most notable improvement in the Samsung Galaxy Z Fold 6?

A: The most notable improvement is the larger front display screen (6.3 inches), offering a more comfortable viewing experience than the narrower screen of the previous model.

What enhancements has Samsung made to the durability of the Galaxy Z Fold 6?

Samsung has improved durability by integrating a dual rail hinge design, fortified with a strengthened folding edge, and utilizing Armor Aluminum along with Corning Gorilla Glass Victus 24 for additional protection.

Q: Could you list some of the productivity features on the Galaxy Z Fold 6 that are powered by AI?

Key AI-enhanced productivity tools feature Note Assist for translating and summarizing meeting notes, Composer for creating text from keywords, and improved S Pen integration for producing AI-generated images.

How does the Galaxy Z Fold 6 improve communication?

The device improves communication with features such as Interpreter mode for dual-screen translations and Live Translate for real-time phone call translations directly on your device.

What enhancements have been introduced to the gaming experience on the Galaxy Z Fold 6?

The gaming experience is enhanced by a robust chipset, an enlarged vapor chamber for superior cooling, Ray Tracing compatibility for more vibrant graphics, and a brighter display that reaches up to 2,600 nits.

“`html

Insignia Financial Unveils New Cybersecurity Plan

Quick Read

• Insignia Financial embarks on a new chapter in cyber security investment.
• An ASX-listed superannuation fund is looking for a new head of cyber security.
• Allocated budget and operational framework for the new cybersecurity strategy.
• The existing cyber team is crucial in protecting assets.

Insignia Financial, a superannuation fund listed on the ASX, is making substantial progress in its cyber security initiatives by allocating resources to a thorough upgrade of technology and procedures. This ambitious action marks the onset of a renewed dedication to enhanced security and resilience within the company.

New Cyber Security Leadership

Insignia Financial is seeking a new head of cyber security strategy and governance as part of its forward-thinking approach. The chosen candidate will be responsible for designing the company’s cyber security framework, with the support of a dedicated budget and an approved operating model.

The job listing emphasizes this position as a chance for a new beginning, allowing the incoming leader to influence the future direction of cyber security at Insignia Financial.

Existing Cybersecurity Framework

Appointed as the general manager of cyber security in October, James Ng is currently spearheading the overall strategy. His leadership ensures that the cyber team plays a crucial role in protecting the organisation’s information assets and reducing cyber risks.

A New Beginning for Cyber Resilience

The newly appointed head of cyber security will play a crucial role in developing a strong framework that enhances resilience against cyber threats. This position involves not only upholding current standards but also advancing the company’s abilities to tackle future challenges.

The company’s proactive approach underscores its commitment to upholding the highest standards of security and safeguarding its members’ information and assets.

Summary

Insignia Financial’s commitment to a new wave of cybersecurity signifies a major advancement in boosting resilience and defense. By recruiting fresh leadership and designating specific resources, the firm is well-prepared to tackle and surmount upcoming cyber threats adeptly.

What is the primary objective of Insignia Financial’s newly implemented cyber strategy?

The primary objective is to enhance security and resilience by updating the organization’s technology and procedures.

Who is currently heading the cyber strategy at Insignia Financial?

James Ng, the general manager of cybersecurity, has been leading the overall strategy since October.

What kind of support will be available to the new head of cybersecurity?

A: The new leader will receive a specific budget and an authorized operating model, allowing them to establish a strong cybersecurity structure.

Why has Insignia Financial decided to invest in this new strategy?

The goal of the investment is to enhance resilience against cyber threats and to protect the organization’s information assets effectively.

Q: In what ways does this approach advantage the members of Insignia Financial?

By strengthening the security framework, the company guarantees improved safeguarding of members’ data and assets against possible cyber threats.

Where can an individual submit an application for the role of head of cyber security?

Interested candidates can apply via job portals like Seek by looking up CISO positions or visit TechBest for the latest information.

“`