Month: May 2017

‘Accidental Hero’ Finds Kill Switch To Stop Wana Decrypt0r Ransomware

Posted on by Robin Edgar

“An ‘accidental hero’ has halted the global spread of the WannaCry ransomware that has wreaked havoc on organizations…” writes The Guardian. An anonymous reader quotes their report: A cybersecurity researcher tweeting as @malwaretechblog, with the help of Darien Huss from security firm Proofpoint, found and implemented a “kill switch” in the malicious software that was Read more about ‘Accidental Hero’ Finds Kill Switch To Stop Wana Decrypt0r Ransomware[…]

Keylogger Found in Audio Driver of HP Laptops

Posted on by Robin Edgar

The audio driver installed on some HP laptops includes a feature that could best be described as a keylogger, which records all the user’s keystrokes and saves the information to a local file, accessible to anyone or any third-party software or malware that knows where to look. Swiss cyber-security firm modzero discovered the keylogger on Read more about Keylogger Found in Audio Driver of HP Laptops[…]

Cloudflare goes berserk on next-gen patent troll Blackbird, vows to utterly destroy it using prior-art bounties

Posted on by Robin Edgar

Rather than a corporation that hires outside lawyers to pursue infringement claims, Blackbird is a small law firm strapped to a war chest of patents. It is an all-in-one form-filling, claim-filing robot. It has no extra baggage and no expensive legal bills to pay, making it a rather lean and mean machine. “In the past, Read more about Cloudflare goes berserk on next-gen patent troll Blackbird, vows to utterly destroy it using prior-art bounties[…]

Avast blocks the entire internet – again

Posted on by Robin Edgar

“Non tech savvy users will have issues reporting or getting the problem fixed,” he explained. “To regain web access you have to disable Web Shield or disable Avast or uninstall Avast. To fix the issue you have to do a clean install of the latest version of software.” It’s unclear how widespread the problem is. Read more about Avast blocks the entire internet – again[…]

Another IoT botnet has been found feasting on 120k vulnerable IP cameras

Posted on by Robin Edgar

Persirai targets more than a thousand different internet protocol camera models. Researchers at Trend Micro warn that 120,000 web-connected cameras are vulnerable to the malware. Consumers would, in most cases, be unaware that their devices are even exposed to the internet much less at risk of compromise. Hackers are using a known but seldom patched Read more about Another IoT botnet has been found feasting on 120k vulnerable IP cameras[…]

Macron defeats Russian hackers and puts leakers at a disadvantage

Posted on by Robin Edgar

Emmanuel Macron’s digital team responded to cyberattacks with a “cyber-blurring” strategy that involved fake email accounts loaded with false documents. […] “We created false accounts, with false content, as traps. We did this massively, to create the obligation for them to verify, to determine whether it was a real account,” Mr. Mahjoubi said. “I don’t Read more about Macron defeats Russian hackers and puts leakers at a disadvantage[…]

Well this is awkward. As Microsoft was bragging about Office at Build, Office 365 went down

Posted on by Robin Edgar

TITSUP: Total Inability To Stand Up Products Loads of people reported that, at around 1245 PT, access to the service went out. Microsoft confirmed shortly after it was having problems, and said it was looking into the matter. Subscribers in New York, Denver, Texas, and Portland, in the US, were, for example, unable to access Read more about Well this is awkward. As Microsoft was bragging about Office at Build, Office 365 went down[…]

Debenhams Flowers shoppers stung by bank card-stealing tech pest

Posted on by Robin Edgar

Malware has infected backend systems used by Brit high street chain Debenhams – and swiped 26,000 people’s personal information in the process. The cyber-break-in targeted the online portal for the retailer’s florist arm, Debenhams Flowers. Miscreants had access to the internal systems at Ecomnova, the biz that runs the Debenhams Flowers business, for more than Read more about Debenhams Flowers shoppers stung by bank card-stealing tech pest[…]

Intel chip remote auth fail worse than thought – authentication doesn’t work at all!

Posted on by Robin Edgar

A remote hijacking flaw that lurked in Intel chips for seven years was more severe than many people imagined, because it allowed hackers to remotely gain administrative control over huge fleets of computers without entering a password. This is according to technical analyses published Friday… AMT makes it possible to log into a computer and Read more about Intel chip remote auth fail worse than thought – authentication doesn’t work at all![…]

WikiLeaks Reveals CIA Man-in-the-Middle LAN Hacking Tool Archimedes

Posted on by Robin Edgar

WikiLeaks isn’t done exposing the CIA’s arsenal of hacking tools used to infiltrate computer systems around the globe. Last month, we told you about Weeping Angel, which targeted select Samsung Smart TVs for surveillance purposes. Today, we’re learning about Archimedes, which attacks computers attached to a Local Area Network (LAN). Although we have no way Read more about WikiLeaks Reveals CIA Man-in-the-Middle LAN Hacking Tool Archimedes[…]

Jean-Claude Juncker: ‘English is losing importance’ – so only the French get to hear his views on the EU

Posted on by Robin Edgar

Juncker said he was opting for French because “slowly but surely English is losing importance in Europe and France has elections this Sunday and I want the French people to understand what I am saying about the importance of the EU.” The Commission president tackled the row that erupted over a private meeting he had Read more about Jean-Claude Juncker: ‘English is losing importance’ – so only the French get to hear his views on the EU[…]

Cop fakes body cam footage through re-enactment, prosecutors drop drug charges

Posted on by Robin Edgar

Prosecutors in Pueblo, Colorado are dropping felony drug and weapon-possession charges after an officer involved in the case said he staged body cam footage so he could walk “the courts through” the vehicle search that led to the arrest. The development means that defendant Joseph Cajar, 36, won’t be prosecuted on allegations of heroin possession Read more about Cop fakes body cam footage through re-enactment, prosecutors drop drug charges[…]

Leaked: The UK’s secret blueprint with telcos for mass spying on internet, phones – and backdoors

Posted on by Robin Edgar

The UK government has secretly drawn up more details of its new bulk surveillance powers – awarding itself the ability to monitor Brits’ live communications, and insert encryption backdoors by the backdoor. In its draft technical capability notices paper [PDF], all communications companies – including phone networks and ISPs – will be obliged to provide Read more about Leaked: The UK’s secret blueprint with telcos for mass spying on internet, phones – and backdoors[…]

First test flight of stratospheric solar plane

Posted on by Robin Edgar

A group of Swiss adventurers say they have completed the first test flight of a new solar-powered airplane they hope will eventually reach the edge of space. The team says pilot Damian Hirschier performed a seven-minute flight at low altitude with the SolarStratos plane in “ideal” conditions early Friday. The maiden flight took place at Read more about First test flight of stratospheric solar plane[…]

Congressmen taking huge wads of $$$ to vote for tracking US web history named and shamed on billboards

Posted on by Robin Edgar

When Congress voted in March to block FCC privacy rules and let internet service providers sell users’ personal data, it was a coup for the telecom industry. Now, the nonprofit, pro-privacy group Fight for the Future is publicizing just how much the industry paid in an attempt to sway those votes. The group unveiled four Read more about Congressmen taking huge wads of $$$ to vote for tracking US web history named and shamed on billboards[…]

Good vibrations no longer needed for speakers as research encourages graphene to talk

Posted on by Robin Edgar

A pioneering new technique that encourages the wonder material graphene to “talk” could revolutionise the global audio and telecommunications industries. Researchers from the University of Exeter have devised a ground-breaking method to use graphene to generate complex and controllable sound signals. In essence, it combines speaker, amplifier and graphic equaliser into a chip the size Read more about Good vibrations no longer needed for speakers as research encourages graphene to talk[…]

234 Android Applications Are Currently Using Ultrasonic Beacons to Track Users

Posted on by Robin Edgar

uXDT is the practice of advertisers hiding ultrasounds in their ads. When the ad plays on a TV or radio, or some ad code runs on a mobile or computer, it emits ultrasounds that are picked up by the microphone of nearby laptops, desktops, tablets or smartphones. SDKs embedded in apps installed on those devices Read more about 234 Android Applications Are Currently Using Ultrasonic Beacons to Track Users[…]

China makes much fastest quantum computer

Posted on by Robin Edgar

Researchers at the University of Science and Technology of China created a quantum device, called a boson sampling machine, that can now carry out calculations for five photons, but at a speed 24,000 times faster than previous experiments. Pan Jianwei, the lead scientist on the project, said that though their device was already (only) 10 Read more about China makes much fastest quantum computer[…]

MS Win10S locks you in to windows store, Edge browser and Bing searches

Posted on by Robin Edgar

If developers do start leveraging the Windows Store, the Windows 10 S experiment could take off, as users won’t find a need to install legacy programs. This will largely depend on web browsers being available there, as many users dislike Edge. Thankfully, Microsoft is allowing third-party browser installs from the Windows Store. Unfortunately, there is Read more about MS Win10S locks you in to windows store, Edge browser and Bing searches[…]

NSA collected Americans’ phone records (151 million of them!) despite law change

Posted on by Robin Edgar

The U.S. National Security Agency collected more than 151 million records of Americans’ phone calls last year, even after Congress limited its ability to collect bulk phone records, according to an annual report issued on Tuesday by the top U.S. intelligence officer. The report from the office of Director of National Intelligence Dan Coats was Read more about NSA collected Americans’ phone records (151 million of them!) despite law change[…]

After years of warnings, mobile network hackers exploit SS7 flaws to drain bank accounts via MitM attacks

Posted on by Robin Edgar

Experts have been warning for years about security blunders in the Signaling System 7 protocol – the magic glue used by cellphone networks to communicate with each other. These shortcomings can be potentially abused to, for example, redirect people’s calls and text messages to miscreants’ devices. Now we’ve seen the first case of crooks exploiting Read more about After years of warnings, mobile network hackers exploit SS7 flaws to drain bank accounts via MitM attacks[…]

Endurance in a pill

Posted on by Robin Edgar

“It’s well known that people can improve their aerobic endurance through training,” says senior author Ronald Evans, Howard Hughes Medical Institute investigator and holder of Salk’s March of Dimes Chair in Molecular and Developmental Biology. “The question for us was: how does endurance work? And if we really understand the science, can we replace training Read more about Endurance in a pill[…]

rpcbomb: remote rpcbind denial-of-service + patches

Posted on by Robin Edgar

This vulnerability allows an attacker to allocate any amount of bytes (up to 4 gigabytes per attack) on a remote rpcbind host, and the memory is never freed unless the process crashes or the administrator halts or restarts the rpcbind service. Attacking a system is trivial; a single attack consists of sending a specially crafted Read more about rpcbomb: remote rpcbind denial-of-service + patches[…]

Mozilla Fathom – framework for classifying the web semantically

Posted on by Robin Edgar

Fathom is a JavaScript framework for extracting meaning from web pages, identifying parts like Previous/Next buttons, address forms, and the main textual content—or classifying a page as a whole. Essentially, it scores DOM nodes and extracts them based on conditions you specify. A Prolog-inspired system of types and annotations expresses dependencies between scoring steps and Read more about Mozilla Fathom – framework for classifying the web semantically[…]

FuturePets.com database of thousands of credit cards was left exposed for months

Posted on by Robin Edgar

A US online pet store has exposed the details of more than 110,400 credit cards used to make purchases through its website, researchers have found. In a stunning show of poor security, the Austin, Texas-based company FuturePets.com exposed its entire customer database, including names, postal and email addresses, phone numbers, credit card information, and plain-text Read more about FuturePets.com database of thousands of credit cards was left exposed for months[…]