Millions of dynamic DNS users suffer after Microsoft seizes No-IP domains

Legitimate users caught in legal fire designed to take down botnets.

Millions of legitimate servers that rely on dynamic domain name services from No-IP.com suffered outages on Monday after Microsoft seized 22 domain names it said were being abused in malware-related crimes against Windows users.

Microsoft enforced a federal court order making the company the domain IP resolver for the No-IP domains. Microsoft said the objective of the seizure was to identify and reroute traffic associated with two malware families that abused No-IP services. Almost immediately, end users, some of which were actively involved in Internet security, castigated the move as heavy handed, since there was no evidence No-IP officially sanctioned or actively facilitated the malware campaign, which went by the names Bladabindi (aka NJrat) and Jenxcus (aka NJw0rm).

"By becoming the DNS authority for those free dynamic DNS domains, Microsoft is now effectively in a position of complete control and is now able to dictate their configuration," Claudio Guarnieri, co-founder of Radically Open Security, wrote in an e-mail to Ars Technica. "Microsoft fundamentally swept away No-IP, which has seen parts of its own DNS infrastructure legally taken away."

Read 8 remaining paragraphs | Comments

Active malware operation let attackers sabotage US energy industry

“Dragonfly” infected grid operators, power generators, gas pipelines, report warns.

Symantec

Researchers have uncovered a malware campaign that gave attackers the ability to sabotage the operations of energy grid owners, electricity generation firms, petroleum pipelines, and industrial equipment providers.

Called Dragonfly, the hacking group managed to install one of two remote access trojans (RATs) on computers belonging to energy companies located in the US and at least six European countries, according to a research report published Monday by Symantec. One of the RATs, called Havex, was spread by hacking the websites of companies selling software used in industrial control systems (ICS) and waiting for companies in the energy and manufacturing industries to install booby-trapped versions of the legitimate apps.

"This campaign follows in the footsteps of Stuxnet, which was the first known major malware campaign to target ICS systems," the Symantec report stated. "While Stuxnet was narrowly targeted at the Iranian nuclear program and had sabotage as its primary goal, Dragonfly appears to have a much broader focus with espionage and persistent access as its current objective with sabotage as an optional capability if required."

Read 5 remaining paragraphs | Comments

Dragonfly: Western Energy Companies Under Sabotage Threat

Cyberespionage campaign stole information from targets and had the capability to launch sabotage operations.

Cyberespionage campaign stole information from targets and had the capability to launch sabotage operations.

Exclusive: A review of the Blackphone, the Android for the paranoid

Custom-built with privacy in mind, this handset isn’t for (Google) Play.

Built for privacy, the Blackphone runs a beefed-up Android called PrivatOS.
Sean Gallagher

Based on some recent experience, I'm of the opinion that smartphones are about as private as a gas station bathroom. They're full of leaks, prone to surveillance, and what security they do have comes from using really awkward keys. While there are tools available to help improve the security and privacy of smartphones, they're generally intended for enterprise customers. No one has had a real one-stop solution: a smartphone pre-configured for privacy that anyone can use without being a cypherpunk.

That is, until now. The Blackphone is the first consumer-grade smartphone to be built explicitly for privacy. It pulls together a collection of services and software that are intended to make covering your digital assets simple—or at least more straightforward. The product of SGP Technologies, a joint venture between the cryptographic service Silent Circle and the specialty mobile hardware manufacturer Geeksphone, the Blackphone starts shipping to customers who preordered it sometime this week. It will become available for immediate purchase online shortly afterward.

Specs at a glance: Blackphone
SCREEN 4.7" IPS HD
OS PrivatOS (Android 4.4 KitKat fork)
CPU 2GHz quad-core Nvidia Tegra 4i
RAM 1GB LPDDR3 RAM
GPU Tegra 4i GPU
STORAGE 16GB with MicroSD slot
NETWORKING 802.11b/g/n, Bluetooth 4.0 LE, GPS
PORTS Micro USB 3.0, headphones
CAMERA 8MP rear camera with AF, 5MP front camera
SIZE 137.6mm x 69.1mm x 8.38mm
WEIGHT 119g
BATTERY 2000 mAh
STARTING PRICE $629 unlocked
OTHER PERKS Bundled secure voice/video/text/file sharing, VPN service, and other security tools.

Dan Goodin and I got an exclusive opportunity to test Blackphone for Ars Technica in advance of its commercial availability. I visited SGP Technologies’ brand new offices in National Harbor, Maryland, to pick up mine from CEO Toby Weir-Jones; Dan got his personally delivered by CTO Jon Callas in San Francisco. We had two goals in our testing. The first was to test just how secure the Blackphone is using the tools I’d put to work recently in exploring mobile device security vulnerabilities. The second was to see if Blackphone, with all its privacy armor, was ready for the masses and capable of holding its own against other consumer handsets.

Read 44 remaining paragraphs | Comments