The switching module sent these malformed packets “as network management instructions to a line module,” and the packets “were delivered to all connected nodes,” the FCC said. Each node that received the packet then “retransmitted the packet to all its connected nodes.”
Source: How malformed packets caused CenturyLink’s 37-hour, nationwide outage | Ars Technica
But the outage continued because “the malformed packets continued to replicate and transit the network, generating more packets as they echoed from node to node,” the FCC wrote. Just after midnight, at least 20 hours after the problem began, CenturyLink engineers “began instructing nodes to no longer acknowledge the malformed packets.” They also “disabled the proprietary management channel, preventing it from further transmitting the malformed packets.”
However, the biggest problem has been with the deletion of user files located in the C:/Users/[username]/Documents/ folder.
Source: Microsoft pulls Windows 10 October Update (version 1809) | ZDNet
First off, the original mail went to 13,000 users. Assuming that 1,000 of those 13,000 users replied, that means that there are 1,000 replies being sent to those 13,000 users. And it turns out that a number of these people had their email client set to request read receipts and delivery receipts. Each read and delivery receipt causes ANOTHER email to be sent from the recipient back to the sender (all 13,000 recipients). Assuming that 20% of the 1,000 users replying had read receipts or delivery receipts set, that meant that every one of the message that they sent caused another message to be sent for every one of the 13,000 recipients. So how many messages were sent?
Source: Me Too! – You Had Me At EHLO…
The files contain information on over 120,000 offshore entities — including shell corporations and legal structures known as trusts — involving people in over 170 countries. The leak amounts to 260 gigabytes of data, or 162 times larger than the U.S. State Department cables published by WikiLeaks in 2010.
via Massive data leak exposes offshore financial secrets – World – CBC News.
NASA spokesman Josh Byerly said something went wrong around 9:45 a.m. EST Tuesday during a computer software update on the station. The outpost abruptly lost all communication, voice and command from Houston.
via NASA Loses Space Station Contact; But No Danger « CBS DC.
“It is certainly unfortunate this information was leaked out, and who knows who got it before it got fixed,” Dragusin wrote. Elsewhere in the post he said: “If leaving an FTP directory containing 100GB worth of logs publicly open could be a simple mistake in setting access permissions, keeping both usernames and passwords in plaintext is much more troublesome.”
via Trade group exposes 100,000 passwords for Google, Apple engineers | Ars Technica.
Update: An IEEE spokeswoman emailed the following statement: “IEEE has become aware of an incident regarding inadvertent access to unencrypted log files containing user IDs and passwords. We have conducted a thorough investigation and the issue has been addressed and resolved.
Of all groups that have membership websites which store passwords, IEEE would be the last on a list I would suspect to have something like this happen.
Our editorial team and content monitors almost immediately noticed a flood of livid Twitter messages about the ban and attempted to restore the broadcast. Unfortunately, we were not able to lift the ban before the broadcast ended. We had many unhappy viewers as a result, and for that I am truly sorry.
via Hugo Awards: An apology and explanation | The Ustream Blog.
When you deploy on Amazon Web Services with Elastic Load Balancers, you need to assume that random (untrusted) sources are reading client requests to your server (inbound traffic).
via AWS Elastic Load Balancer sends 2 Million Netflix API Requests to Wrong Customer.