recentpopularlog in


« earlier   
Shutting down the BGP Hijack Factory
It started with a lengthy email to the NANOG mailing list on 25 June 2018: independent security researcher Ronald Guilmette detailed the suspicious routing activities of a company called Bitcanal, whom he referred to as a “Hijack Factory.”
a:Doug-Madory  bgp  trust  internet  f:blog-post  infrastructure  bad-tech  bitcanal  p:Vantage-Point  hijack  network-security  dyn 
5 days ago by andrewjbates
BGP Hijack of Amazon DNS to Steal Crypto Currency | Dyn Blog
However, the users of networks that accepted the hijacked routes (evidently including Google’s recursive DNS service) sent their DNS queries to an imposter DNS service embedded within AS10297. If these users attempted to visit, the imposter DNS service wouldn’t direct them to Amazon Web Services (which normally hosts the site), but to a set of Russian IP addresses, according to CloudFlare.
bgp  hijack  cryptocurrency  cybersecurity  amazon  aws  google  dns 
9 weeks ago by bwiese
Fox-IT hit by cyber attack - Fox-IT (ENG)
What a wonderfully transparent after-action review of an incident. Though changing the registrar password regularly doesn't seem like it would buy them much, as they kept their password in a vault and rarely used it (low chance of extraction/exfil), and the subtle implication the registrar got owned. Though as a mitigation to lack of 2FA, at the registrar, maybe worthwhile. But the real need is watching for abnormal events, which requires a registrar change feed or external monitoring, as you need to trigger on registrar change events or general DNS SOA changes.
DFIR  case  study  DNS  registrar  hijack  MitM  reference  information 
december 2017 by asteroza
'Our minds can be hijacked': the tech insiders who fear a smartphone dystopia | Technology | The Guardian
a small but growing band of Silicon Valley heretics who complain about the rise of the so-called “attention economy”: an internet shaped around the demands of an advertising economy.
ethics  technology  mind  hijack 
october 2017 by gdw
New Technique to Hijack Social Media Accounts - Schneier on Security
Access Now has documented it being used against a Twitter user, but it also works against other social media accounts:
With the Doubleswitch attack, a hijacker takes control of a victim's account through one of several attack vectors. People who have not enabled an app-based form of multifactor authentication for their accounts are especially vulnerable. For instance, an attacker could trick you into revealing your password through phishing. If you don't have multifactor authentication, you lack a secondary line of defense. Once in control, the hijacker can then send messages and also subtly change your account information, including your username. The original username for your account is now available, allowing the hijacker to register for an account using that original username, while providing different login credentials.
Three news stories.
hack  phishing  social_media  privacy  security  hijack 
july 2017 by rgl7194
Russian BGP hijack
Someone hijacked all Internet traffic for major financial service companies
bgp  finance  security  badtech  russia  hijack  cyberwar 
april 2017 by nelson

Copy this bookmark:

to read