zenexer - Network
While I don't have enough information say what happened with any certainty, it looks a lot like the Ontario government unintentionally...
https://mastodon.sandwich.net/@z...While I don't have enough information say what happened with any certainty, it looks a lot like the Ontario government unintentionally hijacked http://notify.trafficmanager.net, perhaps by adding a profile named "notify" to Azure Traffic Manager: https://learn.microsoft.com/en-us/azure/traffic-manager/traffic-manager-how-it-works
Needless to say, this shouldn't be possible. Why was Microsoft using a subdomain of their Traffic Manager service without actually holding the corresponding Traffic Manager profile? Do they have other services with the same issue?
26.1.2023 19:25While I don't have enough information say what happened with any certainty, it looks a lot like the Ontario government unintentionally...https://mastodon.sandwich.net/@z...
These subdomains have CNAME records for subdomains of http://notify.trafficmanager.net. Normally, these point to IP addresses on Azure with...
https://mastodon.sandwich.net/@z...These subdomains have CNAME records for subdomains of http://notify.trafficmanager.net. Normally, these point to IP addresses on Azure with A/AAAA records.
But earlier today, they started returning CNAME records for subdomains of notify[.]com, which isn't controlled by Microsoft.
As if that weren't confusing enough, notify.trafficmanager.net got an SOA record pointing to the Ontario government, along with an accompanying CNAME record for notify1.ontario.ca.
26.1.2023 19:24These subdomains have CNAME records for subdomains of http://notify.trafficmanager.net. Normally, these point to IP addresses on Azure with...https://mastodon.sandwich.net/@z...
Push notifications are currently broken in Edge. Why? Well, it looks like the Ontario government might have added one of domains Edge uses...
https://mastodon.sandwich.net/@z...Push notifications are currently broken in Edge. Why? Well, it looks like the Ontario government might have added one of domains Edge uses to their Azure DNS account, unintentionally hijacking it in the process.
When your browser enables push notifications for a website, it gives the website a callback URL so the website's servers can submit notifications. Edge uses various subdomains of http://notify.windows.com for this purpose (e.g., http://wns2-bn3p.notify.windows.com)
26.1.2023 19:23Push notifications are currently broken in Edge. Why? Well, it looks like the Ontario government might have added one of domains Edge uses...https://mastodon.sandwich.net/@z...
If anyone has contacts at Coinbase, I'd appreciate you helping me escalate this. I'm not having any luck with support.
https://mastodon.sandwich.net/@z...If anyone has contacts at
Coinbase, I'd appreciate you helping me escalate this. I'm not having any luck with support.
https://mastodon.sandwich.net/@z...
Notable excerpts from headers:From: supervisor@admin.jesijeni[.]comReceived: from [141[.]98.252.168] (port=63975 helo=LAPTOP-E8D9PDEJ) by...
https://mastodon.sandwich.net/@z...Notable excerpts from headers:
From: supervisor@admin.jesijeni[.]com
Received: from [141[.]98.252.168] (port=63975 helo=LAPTOP-E8D9PDEJ) by dedicatedserver.jesijeni[.]com
Received: from 103[.]14.121.212-static-reverse.gooddomainregistry[.]com (unknown [103[.]14.121.212])
https://mastodon.sandwich.net/@z...
Copying from Twitter for archival purposes:@troyhunt I just received a phishing email to an address I only gave to two notable, related...
https://mastodon.sandwich.net/@z...Copying from Twitter for archival purposes:
@troyhunt
I just received a phishing email to an address I only gave to two notable, related services, Coinbase and CoinTracker (the latter recommended by the former). Have you had any other indications that something is amiss with those two?
https://mastodon.sandwich.net/@z...