Information Security News
The cause isn't yet clear, but more than 36 hours after Microsoft disrupted dynamic DNS hosting for millions of No-IP.com users, service reportedly remained down for many, and the main website was also unavailable.
No-IP users continue to post tweets such as this one and this one saying service is still down. No-IP representatives on Tuesday evening reported coming under a denial-of-service attack but went on to suggest it had no relation to continuing problems with domain name resolution, which Microsoft took over a day earlier under a highly controversial court order issued in a botnet takedown action.
"Please note the DDOS attack was only directed at our website, not to our DNS infrastructure," No-IP representatives wrote in a twitter message posted around 5 pm California time. In a separate tweet about an hour earlier, they said Microsoft's claims that service was restored Tuesday morning were not true. The No-IP website was unavailable at the time this article was being prepared and a spokeswoman didn't respond to an e-mail requesting comment. The spokeswoman has reportedly indicated Microsoft's attempts to restore service to legitimate users have been ineffective.
Tinder, the iOS App Store's fastest-growing dating app, set itself apart from the online dating competition in early 2013 by combining the personality-algorithm matching of OKCupid with GPS functionality, allowing users to comb through eligible, interested singles faster than ever before.
Yesterday, the app gained a different sort of attention after former Tinder executive Whitney Wolfe filed a wide-ranging sexual harassment claim against the company. The complaint, filed in Los Angeles Superior Court, included copies of enough scathing text exchanges sent to Wolfe by co-founder/CMO Justin Mateen to prompt the company to announce Mateen's temporary suspension "pending an ongoing internal investigation."
In addition to allegations of frequent, public, and sexist name-calling, the 19-page complaint alleged that Mateen "told Ms. Wolfe that he was taking away her 'co-founder' title because having a young female co-founder 'makes the company seem like a joke' and 'devalues' the company." Additionally, the complaint alleges a complete failure by both Tinder CEO Sean Rad and parent company Match.com CEO Sam Yagan to react to accusations of corporate impropriety; in the case of the latter, Yagan was alleged to have reacted to her complaints by saying, "I can still sleep at night."
by Peter Bright
Last December, Microsoft promised to expand its use of encryption for its cloud services to protect them from criminals and hackers (and, though the company didn't say so, spying governments). Today, it announced that it has reached a number of milestones in this ongoing effort.
Both inbound and outbound mail on the Outlook.com service will use TLS encryption when sending and receiving from servers that also support TLS. The company says that it has worked with a number of other mail providers, including Deutsche Telekom, Yandex, and Mail.Ru, to ensure that mail sent to and from these popular providers is encrypted in transit.
Outlook.com and OneDrive have also been updated to use perfect forward security (PFS). In PFS, the keys used for each connection are randomly generated on a per-session basis. This is important because it protects against bulk data collection. Without PFS, if a law enforcement agency or hacker can demand or steal the long-term key used to secure connections, they can use that key to decrypt all historic, recorded sessions. PFS prevents this; compromising one session's key only enables decryption of that session.
Websites that run WordPress and MailPoet, a plugin with more than 1.7 million downloads, are susceptible to hacks that give attackers almost complete control, researchers have warned.
"If you have this plugin activated on your website, the odds are not in your favor," Daniel Cid, CTO of security firm Sucuri, warned in a blog post published Tuesday. "An attacker can exploit this vulnerability without having any privileges/accounts on the target site. This is a major threat, it means every single website using it is vulnerable."
The bug allows attackers to remotely upload any file of their choice to vulnerable servers. Cid declined to provide specifics about the flaw other than to say it's the result of the mistaken assumption that WordPress admin_init hooks are called only when a user with administrator privileges visits a page inside the /wp-admin directory. In fact, "any call to /wp-admin/admin-post.php also executes this hook without requiring the user to be authenticated." The behavior makes it possible for anyone to upload files on vulnerable sites. The only safe version is the just released 2.6.7, which should be installed immediately on all vulnerable websites. MailPoet gives sites added abilities to create newsletters and automatically post notifications and responses.
SolarWinds' Chris LaPoint: InfoSec, Systems, Network Roles to Evolve in Gov't IT
Based on the results of SolarWinds' latest public sector IT survey, Chris LaPoint, the company's vice president of product management, believes training on emerging technologies for government IT professionals is crucial in order to adapt to evolving ...
Microsoft obtained a court order allowing it to take over various domains owned by free dynamic DNS provider "No-IP" . According to a statement from Microsoft, this was done to disrupt several botnets  . However, No-IP is crying foul, stating that Microsoft never contacted them to have the malicious domains blocked. Further, Microsoft is apparently not able to properly filter and support all queries for these seized domains, causing widespread disruption among legit no-ip customers. According to the court order, Microsoft is able to take over DNS for the affected domains, but because the legit domains far outnumber the malicious domains, Microsoft is only allowed to block requests for malicious domains.
Microsoft apparently overestimated the abilities of it's Azure cloud service to deal with these requests.
In the past, various networks blocked dynamic IP providers, and dynamic IP services have been abused by criminals for about as long as they exist. However, No-IP had an abuse handling system in place and took down malicious domains in the past. The real question is if No-IP's abuse handling worked "as advertised" or if No-IP ignored take down requests. I have yet to find the details to that in the law suit (it is pretty long...) and I am not sure what measure Microsoft used to proof that No-IP was negligent.
For example, a similar justification may be used to filter services like Amazon's (or Microsoft's?) cloud services which are often used to serve malware . It should make users relying on these services think twice about the business continuity implications of legal actions against other customers of the same cloud service. There is also no clear established SLA for abuse handling, or what level of criminal activity constitutes abuse.
Posted by InfoSec News on Jul 01http://www.forbes.com/sites/lorensteffy/2014/06/30/what-if-oil-companies-apply-the-same-tactics-for-cybersecurity-to-safety/
Posted by InfoSec News on Jul 01http://www.nextgov.com/cybersecurity/2014/06/downside-not-exhausting-6-billion-cyber-contract/87577/
Posted by InfoSec News on Jul 01http://deadspin.com/leaked-10-months-of-the-houston-astros-internal-trade-1597951970