Microsoft Buys Corp.com So Bad Guys Can’t

Found on Krebs On Security on Tuesday, 07 April 2020
Browse Internet

Domain experts called corp.com dangerous because years of testing showed whoever wields it would have access to an unending stream of passwords, email and other sensitive data from hundreds of thousands of Microsoft Windows PCs at major companies around the globe.

The story went on to describe how years of testing — some of which was subsidized by grants from the U.S. Department of Homeland Security — showed hundreds of thousands of Windows computers were constantly trying to send this domain information it had no business receiving, including attempts to log in to internal corporate networks and access specific file shares on those networks.

The sweet fallout of default values to keep things simple and easy.

A hacker has wiped, defaced more than 15,000 Elasticsearch servers

Found on ZD Net on Monday, 06 April 2020
Browse Internet

The attacks appear to be carried with the help of an automated script that scans the internet for ElasticSearch systems left unprotected, connects to the databases, attempts to wipe their content, and then creates a new empty index called nightlionsecurity.com.

However, these types of destructive attacks were Elasticsearch data is wiped are not the first of their kind. In the spring and summer of 2017, multiple hacker groups engaged in database ransom attacks against multiple types of database technologies, including Elasticsearch.

Three years and ongoing, and people still put unprotected systems online. The pity is limited.

Zoombombing is a crime, not a prank, prosecutors warn

Found on Ars Technica on Sunday, 05 April 2020
Browse Internet

Internet trolls and other troublemakers have responded with "Zoombombing": joining Zoom meetings uninvited and disrupting them.

"Hackers are disrupting conferences and online classrooms with pornographic and/or hate images and threatening language," wrote the US Attorney's Office for the Eastern District of Michigan. "Anyone who hacks into a teleconference can be charged with state or federal crimes."

Those are not even hackers, because security at Zoom is practically non-existant. It's just a poorly designed software, full of holes and lies.

Cloudflare Launches a DNS-Based Parental Control Service

Found on Bleeping Computer on Wednesday, 01 April 2020
Browse Internet

During the coming months, Cloudflare is also working on developing and providing users with additional configuration settings for the 1.1.1.1 for Families service.

"This year, while many of us are sheltering in place, protecting our communities from COVID-19, and relying on our home networks more than ever it seemed especially important to launch 1.1.1.1 for Families," Prince added.

Well, censorship is coming with the excuse of protecting the children. Who would have thought that?

From Gmail to Gfail: Google's G-Suite topples over for unlucky netizens, rights itself

Found on The Register on Sunday, 29 March 2020
Browse Internet

The outage affected Gmail, Drive, Docs, Sheets, Slides, Hangouts Chat, and Meet services. The G-Suite admin console and Classroom services were also down. Basically, Google said users reported being unable to access its platforms.

"Some of our users experienced a service disruption ... as a result of a significant router failure in one of our data centers in the South Eastern US, causing network congestion," the web giant said.

It's rather strange that a router failure would cause such an downtime, considering marketing never fails to point out how many redundancy systems are in place.

Microsoft throttles some Office 365 services to continue to meet demand

Found on ZD Net on Tuesday, 24 March 2020
Browse Internet

On March 16, Microsoft posted to Microsoft 365/Office 365 admin dashboardds a warning about "temporary feature adjustments" that it might take. That warning told customers that Microsoft was "making temporary adjustments to select non-essential capabilities."

Microsoft officials said they will continue to apprise customers of further restrictions and tweaks they will be making to their services to continue to meet demand.

In other words, "the cloud" does not scale as well as marketing always promised.

Microsoft nukes 9 million-strong Necurs botnet after unpicking domain name-generating algorithm

Found on The Register on Saturday, 14 March 2020
Browse Internet

Microsoft researchers figured out how an algorithm that generated new, unique domains for Necurs' infrastructure operated and was able to correctly guess six million domain names that would be generated over a 25-month period, it said. These domains were then reported to registrars so they could be promptly blocked.

That's actually pretty impressive. Hopefully it stays down.

Popular VPN And Ad-Blocking Apps Are Secretly Harvesting User Data

Found on Buzzfeed on Thursday, 12 March 2020
Browse Internet

Sensor Tower, a popular analytics platform for tech developers and investors, has been secretly collecting data from millions of people who have installed popular VPN and ad-blocking apps for Android and iOS, a BuzzFeed News investigation has found. These apps, which don’t disclose their connection to the company or reveal that they feed user data to Sensor Tower’s products, have more than 35 million downloads.

Apple and Google restrict root certificate privileges due to the security risk to users. Sensor Tower’s apps bypass the restrictions by prompting users to install a certificate through an external website after an app is downloaded.

You'd think that Google and Co would sue companies like these for the policy violations; otherwise this type of business continues.

ICANN still hasn’t decided whether to approve .org sale with just 11 days left to go

Found on The Register on Tuesday, 10 March 2020
Browse Internet

Despite two previous postponements, four months’ notice, dozens of letters, and a protest outside its headquarters, on Monday this week ICANN refused to say whether it will consider the broader public interest in its decision, or apply the same criteria it used last time the registry changed ownership.

It’s no coincidence that the primary criticism leveled at ICANN since its inception in 1998 is that it is – and remains – largely unaccountable. It makes decisions of global import and holds itself up as a model of modern “multistakeholder” decision-making, where everyone impacted has a say, but in reality the organization never reveals internal deliberations and it goes to great lengths to shield its decisions from scrutiny.

This was planned as a quick inside-job, but the public paid more attention than the involved partied thought. Now ICANN tries to come up with a way to give the sale a green light.

Facebook sues Namecheap to unmask hackers who registered malicious domains

Found on ZD Net on Friday, 06 March 2020
Browse Internet

Christen Dubois, Director and Associate General Counsel at Facebook, said today that Facebook engineers tracked down 45 suspicious Facebook lookalike domains registered through Namecheap, which had the owners' details hidden through the company's WhoisGuard side-service.

Since early 2019, Facebook's legal department has been filing lawsuits left and right against various third-parties abusing its platform.

They could just shut down that platform and stop all abuse.