Pinned
FYI, the only reason I'm still here is to to make fun of the new CEO and his $44B dumpster fire. Anything serious I have to say will be said over on that other site (rhymes with John Mastodon). But please, keep the replies coming!
briankrebs
17.1K posts
briankrebs
@briankrebs
Independent investigative journalist. Author of 'Spam Nation,' a NYT bestseller. Former Washington Post reporter. Mastodon: infosec.exchange/@briankrebs
- Confirmed: The DNS records that tell systems how to find Facebook.com or Instagram.com got withdrawn this morning from the global routing tables. Can you imagine working at FB right now, when your email no longer works & all your internal FB-based tools fail?
- Let this sink in: @elonmusk hath decreed that all links to Mastodon should be flagged as malware. This is, of course, a baldfaced lie, and he knows it. So the CEO of Twitter is lying to everyone on Twitter, and to all its advertisers, even to all of his defenders.
- Everything that @elonmusk has done publicly so far to Twitter seems like exactly what I'd do if I wanted to ensure the entire platform ran straight into the ground, and fast. His actions and words make it really hard to see how this isn't actually his plan.
- Western Union to forfeit $586M to settle charges with US Govt over alleged money laundering for human trafficking
- LOL. The CEO of Twitter has gone full despot/dictator mode. You can now get banned for mentioning your Insta, FB, Mastodon, Post, or other. You know a country is in full freedom mode when it starts shutting its borders for people trying to leave!
- Replying to @briankrebsWe don't know why this change was made. It could well have been the result of an internal, system wide change or update that went awry. It's all speculation at this point why. FB alone is in control over its DNS records.
- Replying to @briankrebsTo be more precise (and Geek Factor 5) the BGP routes serving Facebook's authoritative DNS were withdrawn, rendering all Facebook domains inaccessible. That's per @DougMadory , who knows a few things about BGP/DNS.
- From trusted source: Person on FB recovery effort said the outage was from a routine BGP update gone wrong. But the update blocked remote users from reverting changes, and people with physical access didn't have network/logical access. So blocked at both ends from reversing it.
- Being in infosec for so long takes its toll. I've come to the conclusion that if you give a data point to a company, they will eventually sell it, leak it, lose it or get hacked and relieved of it. There really don't seem to be any exceptions, and it gets depressing.
- ICYMI, Equifax forced to pull offline a huge database of consumer data guarded only by credentials "admin/admin"
- 8kun/8chan went down tonight. A phone call to their DDoS protection provider was all it took. That provider says they had no idea they were helping 8kun stay online. 8kun, some QAnon sites now getting DDoS protection from ddos-guard dot net in Russia securitytrails.com/list/ns/ns6.dd…
- Fun fact: CIA unit exposed by Wikileaks was tasked w/ crafting cyber response to Russia's alleged election meddling
- Just published a short (hopefully broadly accessible) writeup on the ongoing outages at Facebook, Instagram & WhatsApp. Includes perspective, graphic from @DougMadory and Kentik. Will update to add more info soon.
