Hello, welcome to the Tuesday, November 13th, 2018 edition of the Sansonet Storm Center's

Stormcast. My name is Johannes Ulrich, I'm recording from Jacksonville, Florida.

And we do have more BGIP-based routing attacks to talk about.

At least it sort of looks like an attack against Google cost and outage in some of Google's cloud services.

Cloud service monitoring company Thousand Eyes first noted the problem and what they saw was that the traffic was redirected to China, Russia

and an ISP in Nigeria. Now, the main problem that then led to an outage was that, well, China

is dropping Google's traffic so it never actually got routed back to Google once it entered China.

Sort of a problem with a lot of these routing attacks is that they often go unnoticed,

but in this case because China dropped traffic, they actually then resulted in a denial of service.

No real idea yet, who is behind it it or if this was intentional or if this

was just another accident. Earlier we also had some outages with Facebook that were routing

related but according to Facebook this was related to a test that apparently didn't work out quite right.

And then we have another tool in the fight to get old CPU's microcode updated to protect them from the specter vulnerability.

If you have a modern up-to-date operating system, then that really shouldn't be a big problem

for you because these operating systems did deliver new microcode as a patch, like, for example,

in Windows and you should be all good. But yes, there are still a lot of people out there that

are using no longer supported operating

systems.

And for them, it was kind of difficult to apply this patch.

You can find the microcode online, but you have to find the right microcode for your

CPU.

Apparently, there are something like 2,900 different CPU versions out there that are affected

...