Security News for the Week Ending December 9, 2022
Rackspace Admits Outage Related to Ransomware
On Tuesday, five days into an outage of Rackspace’s hosted Exchange service, they admitted it was due to ransomware. They say it is going to impact revenue as they work to mitigate the problem. It is still a dumpster fire, but they are dribbling out information at last. I would think this will have a long term impact on their revenue. I don’t think anyone is going to just blow off losing access to email and possibly losing their entire email history. Credit: HelpNet Security
South Carolina and South Dakota Governors Banned TikTok on State Computers
South Carolina’s governor calls TikTok a clear and present danger to national security. Far be it for me to argue that statement. He and the governor of South Dakota issued a ban on employees TikToking on government computers at work. Am I missing something? Shouldn’t sites like that already be banned? Somehow watching TikTok videos is a good use of taxpayer’s money to pay the viewer’s salary? Are these governors completely clueless as to how that makes them look to anyone with half a brain? I know this is just a political stunt to get a few seconds of air time, but it could backfire. You mean you weren’t already blocking this? Why are my tax dollars being spent on this? What other time wasting activities are you not stopping? Maybe we need to reduce funding since you apparently have enough time to watch TikTok? Apparently, other governors, like Texas and Maryland, are also doing this. Credit: Daily Wire
Air Gapped Networks Vulnerable to DNS Attacks
Companies often air-gap mission critical networks like nukes and classified networks. But hackers have figured out an interesting attack. They use compromised DNS servers for command and control. Sometimes these networks still have Internet access in order to work and poof, they are compromised. Credit: Dark Reading
Twitter to Introduce New Controls for Ad Placement
We are already seeing new features from Elon’s Twitter. Twitter announced a new capability to control ad placement as a way to try and get advertisers to come back. Advertisers left in large numbers over fears that their ad will appear next to undesirable content. Twitter makes nearly 90% of its revenue from ads, so the flight of advertisers threatens Twitter’s existence. With this feature, advertisers will have more control over where their ad is NOT placed. Credit: Reuters
Pentagon Releases Next Try at Cloud Contract
The CIA implemented their shared cloud program with Amazon almost a decade ago, but the Pentagon, always a tech leader, didn’t even have an approved vendor until this week. Attempts at letting a contract to Amazon or Microsoft (the program was called JEDI) were doomed by protests and lawsuits. They sent out a request for bids last year for a new version called JWCC (for Joint Warfighting Cloud Capability). This week the contract, possibly worth $9 billion, was approved for all of the players (Google, Oracle, Microsoft and Amazon) except IBM. Maybe this will end the lawsuits. Still, optimistically, it won’t be ready until 2028. That will be 15 years – at least – after the CIA turned theirs on. Maybe the Pentagon wanted to make sure that the cloud wasn’t a passing fad. Credit: Market Watch