Security News for the Week Ending April 10, 2020
Remember that Real-ID Deadline we Were Worried About
Since planes seem to be flying with less passengers than flight crew members these days – if they fly at all – the gov has decided to make some security changes. In addition to the fact that they are allowing you to bring a 12 ounce bottle of hand sanitizer onto the flight, they are allowing people to fly with EXPIRED drivers licenses since DMV offices are closed in almost every state. They can be expired up to the later of one year or 60 days past the end of the pandemic emergency. The DMVs were saying that, given the number of licenses that they had to re-issue to comply with Real ID, the October 1, 2020 date was going to be impossible to meet – before the pandemic. Now that date would require a miracle – assuming we even know when DMV offices will reopen. Of course, since no one is flying right now, it is sort of a moot point for the moment. Several House members wrote to DHS pointing that fact out, but as of today, other than saying that you can use an expired license, they haven’t said anything about Real ID. I am reasonably confident that they will delay enforcement. Again. For the umpteenth time. Source: CNN
Hacker Takes on Elastic Search Scorched Earth Policy
A hacker or hackers have decided to make a point that putting servers on the Internet with no password is not exactly a bright strategy.
To reinforce that point, the hacker is wandering around the Internet, finding unprotected servers and wiping all the data from. As of earlier this week, that amounts to around 15,000 servers. It is unknown whether these servers are active or abandoned or whether the owner has a backup, but hopefully the point will be made and people will start securing their servers. Source: ZDNet
Russia one-ups China – Steals Internet Traffic for 200 Networks for an Hour
Russia does not want to feel unloved. Therefore, it stole all of the Internet traffic for 200 or so content delivery networks such as Facebook, Google, Amazon and others for an hour. After vacuuming in all that data, it spit it back out to the rightful destination, so other than the connection being slow, the users were unaware. I am sure it was just an accident. Of course, if Russia wanted to, it could have rerouted all that data and just thrown it in the trash. The good news is that there is a new spec for BGP routing security and there are a few tests going on right now as some companies begin to implement it. In ten years or so (if we are lucky), when it is fully implemented, these attacks won’t work. Source: ZDNet
Microsoft Pays for Its Past Sins
A couple of weeks ago it was reported that the owner of the domain corp.com was putting the domain up for sale. This was an issue because for years Microsoft used Corp.com as the example domain for setting up Active Directory and thousands of companies used that example for real. This week Microsoft bought the domain which was for sale for $1.7 million. Microsoft didn’t say how much they paid, but the really had no option because if a bad guy bought it, the passwords of tens of thousands of companies employees would be at risk. Credit: Bleeping Computer