Welcome to the networking and cybersecurity newsletter!
Let's take a look at the interesting articles and repositories published between September 14 and 20, 2020.
"Microsoft retrieved a 40-foot-long, 12-rack, self-contained underwater data center from its seafloor home offshore from the Orkney Islands earlier this summer. The retrieval of the Northern Isles began the final phase of Microsoft's Project Natick research initiative, exploring the concept of deploying sealed server pods just offshore major population centers as a replacement for traditional onshore data centers."
"The first-ever DNS Flag Day was held on 1 February 2019. It targeted removing a workaround to accommodate DNS authoritative servers that incorrectly handled the Extensions to DNS (EDNS) protocol.
For DNS Flag Day 2020, the idea is the same: make the Internet a better place through a coordinated effort across participating DNS implementers, vendors, and operators.
This time, however, the target might seem not directly related to the DNS: IP fragmentation."
"German authorities are investigating the death of a patient following a ransomware attack on a hospital in Duesseldorf."
"The U.S. Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. The government alleges the men used malware-laced phishing emails and "supply chain" attacks to steal data from companies and their customers. One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm."
"To defeat ASLR or more advanced fine-grained and leakage-resistant code randomization schemes, modern software exploits rely on information disclosure to locate gadgets inside the victim's code. In the absence of such info-leak vulnerabilities, attackers can still hack blind and derandomize the address space by repeatedly probing the victim's memory while observing crash side effects, but doing so is only feasible for crash-resistant programs. However, high-value targets such as the Linux kernel are not crash-resistant. Moreover, the anomalously large number of crashes is often easily detectable."
Thank you for sharing the newsletter!
For feedback, please write to us at firstname.lastname@example.org.