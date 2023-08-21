Late on Thursday, Hotmail users began experiencing issues with their emails being rejected and directed to spam folders. The problem was traced back to a DNS record mishap at Microsoft, which caused emails sent from Hotmail accounts using Microsoft’s Outlook service to be flagged as suspicious by recipient services.

The issue stemmed from a mistake in the Sender Policy Framework (SPF) record, a method of outbound email authentication that helps prevent email spoofing and phishing. It was discovered that Microsoft had made changes to the SPF record, removing a subdomain and changing the failure condition. As a result, recipient services were unable to verify the authenticity of the emails, leading to their rejection.

The problem was confirmed by Reddit users on the Sysadmin subreddit who reported experiencing SPF issues with Hotmail. Microsoft support forum advisors also acknowledged the issue, and the Office service status page displayed a notification about the problem.

Microsoft quickly took action to resolve the problem by making configuration changes. However, they later discovered that additional configuration entries were impacted, requiring further changes. Finally, Microsoft announced that all configuration changes had been completed and the issue was fixed.

This incident highlights the importance of DNS record management and the potential impact of even minor mistakes. Microsoft has not provided further details about the incident.

Critical Vulnerabilities from Cisco and Juniper

Last week, Cisco and Juniper released patches for critical vulnerabilities in their products. Juniper’s vulnerabilities, categorized as low-risk individually, could be chained together to exploit devices running Junos OS. If successfully exploited, an attacker could remotely execute code on the devices. Users are advised to patch their systems as soon as possible.

Cisco’s patches addressed multiple products, including the Unified Communications Manager, which had an SQL injection vulnerability due to improper input validation. It is crucial for users to install these patches promptly.

Industrial control systems utilizing Schneider Electric’s EcoStruxure and Modicon components are also at risk. These components have vulnerabilities that could allow attackers to bypass authentication and hijack sessions. Companies in charge of these systems should apply security measures to prevent unauthorized access.

New York City Bans TikTok on City-Owned Devices

The government of New York City has decided to ban TikTok on city-owned devices, citing concerns about potential security risks associated with the Chinese social media app. The NYC Cyber Command determined that TikTok should not run on city devices, hence departments have been given 30 days to comply with this decision.

Several states and the US House of Representatives have also ordered the removal of TikTok from publicly-owned devices. A bipartisan bill was introduced in 2022 to ban TikTok entirely in the US, but it has not progressed. Currently, Montana is the only state that has successfully implemented a ban on civilian use of the app. TikTok is actively opposing this ban.

TikTok accounts operated by NYC’s sanitation and Police departments have already indicated that they are no longer in use.

Former Microsoft Executive’s Ex-Wife Arrested for Role in Murder Plot

Shanna Gardner, the ex-wife of a former Microsoft executive who was murdered in 2022, has been arrested for her alleged involvement in the crime. Jared Bridegan, the victim, was shot to death after dropping off his children at Gardner’s home. The murder was carried out by Gardner’s current husband, Mario Fernandez Saldana, and his associate Henry Tenon.

Gardner has been indicted on charges of first-degree murder, conspiracy, solicitation, and child abuse. Law enforcement officials revealed that the investigation uncovered Gardner’s central role in the premeditated murder of Bridegan.

No further details about the motive or circumstances surrounding the murder have been provided.