COMPUTERS/INTERNET/SECURITY | WHAT REALLY HAPPENED


COMPUTERS/INTERNET/SECURITY

Jun 28 10:12

Cyber Attack Disrupts Radiation Checks at Chernobyl

The Chernobyl nuclear power plant, where a huge meltdown occurred in 1986, has had its radiation monitoring equipment knocked out by the mass cyberattack sweeping Ukraine, though most other systems are functioning as normal.

Jun 28 09:54

Ransomware borrowed from NSA code, say researchers

Researchers picking the program apart found evidence its creators had borrowed from leaked National Security Agency code, raising the possibility that the digital havoc had spread using U.S. taxpayer-funded tools.

...

Ukraine suffered more than 60 per cent of the attacks, followed by Russia with more than 30 per cent, according to initial findings by researchers at the cybersecurity firm Kaspersky Lab. It listed Poland, Italy and Germany, in that order, as the next-worst affected.

Jun 28 09:48

Petya Ransomware Hits World's Largest Shipping Firm Moller-Maersk

The attack on Maersk, perhaps the world's most prominent maritime firm, comes after years of warnings by leading industry bodies of the dangers of cyber threats. SAINT GOBAIN French construction materials company Saint Gobain said it had been a victim of a cyber attack, and it had isolated its computer systems to protect data.

The Copenhagen-based group said its APM Terminals were affected "in a number of ports,"but said that its vessels with Maersk Line were "maneuverable, able to communicate and crews are safe". A hospital spokeswoman would say only that operational changes had to be made.

Jun 28 09:46

Former US security advisor: Cyberattacks damage society as much as physical infrastructure

At the 2017 Global Cybersecurity Summit in Kiev, Ukraine, Tony Blinken, who was deputy secretary of state to Barack Obama, said the best defenses against cyberattacks are educated consumers and collaborative responses.

Webmaster's Commentary: 

And still the government does nothing!

Jun 28 09:46

"Petya" cyber attack confirms need for int'l efforts against cyber crime: Kremlin

The latest major global cyber attack, which has disrupted computers around the world, underlines the importance of concerted efforts of the international community to fight cyber crime, Kremlin spokesman Dmitry Peskov said Wednesday.

"Such massive cyberattacks once again confirm the correctness of the Russian position, which has been stated at various levels, that the existence of such a danger requires cooperation at the international level," Peskov was quoted as saying by RIA Novosti news agency.

He added that the Kremlin had no information about the origin of the current cyberattack for the moment.

This round of cyberattack, with a link to virus-encryptor Petya, has caused little harm to Russia, the spokesman said.

Jun 28 09:43

Companies That Paid Ransom Can’t Get Data Back From Petya Cyberattack

Companies that paid the ransom to retrieve their data from the Petya ransomware attack have no way of receiving the encryption key.

Although Symantec has verified the Ukrainian accounting service MeDoc as “patient zero” for the attack, the cybersecurity company hasn’t discovered who is behind the attack. The email account that the attack stemmed from has been shut down, so that companies that pay the ransom of $300 won’t receive the encryption key needed to return their data. As of 7 a.m. ET, the email was still down. However, the hackers can still access the money delivered through bitcoin.

Jun 28 09:32

Everything you need to know about the Petya, er, NotPetya nasty trashing PCs worldwide

The malware, dubbed NotPetya because it masquerades as the Petya ransomware, exploded across the world on Tuesday, taking out businesses from shipping ports and supermarkets to ad agencies and law firms. Once inside a corporate network, this well-oiled destructive program worms its way from computer to computer, encrypting the infected machines' filesystems.

Although it demands about $300 in Bitcoin to unscramble the hostage data, the mechanisms put in place to collect this money from victims quickly disintegrated. Despite the slick programming behind the fast-spreading malware, little effort or thought was put into pocketing the loot, it appears.

Jun 28 09:26

Met Police laggards still have 18,000 Windows XP machines in use

Never fear – they're moving to, er, Windows 8.1 instead

Jun 28 09:21

BEX ALERT - 'They sow chaos wherever they can': A familiar actor may be behind the massive cyberattack that swept Europe

Analysts at several cybersecurity firms have confirmed that the Petya assault used a powerful and dangerous cyberweapon created by the US National Security Agency that was leaked in April by the hacker group Shadow Brokers.

Though it's too soon to be certain, experts say it seems as though a confluence of factors may be pointing to Russian state involvement in carrying out the attack.

Webmaster's Commentary: 

"RUSSIA IS TO BLAME! RUSSIA IS TO BLAME! RUSSIA IS TO BLAME! RUSSIA IS TO BLAME! RUSSIA IS TO BLAME!" -- ABCNNBBCBSFOX

Jun 28 09:17

Chernobyl's radiation monitoring hit by cyberattack: spokeswoman

The radiation monitoring system at Ukraine's Chernobyl nuclear site has been taken offline after a massive cyberattack, forcing employees to use hand-held counters to measure levels, officials said Tuesday.

Jun 28 09:00

Copyright Office Admits That DMCA Is More About Giving Hollywood 'Control' Than Stopping Infringement

If Congress truly wants to protect Hollywood from people sharing their Netflix passwords, there are other ways to do it without trying to loop it into copyright law -- and 1201 is a part of copyright law. It shouldn't then be abused for completely non-copyright purposes. Having an underlying nexus to copyright is the only sane way for the law to actually be related to the fundamental rights under copyright law. But here, the Copyright Office is arguing that Hollywood should get non-copyright rights of control over digital marketplaces, just because it thinks that's good for Hollywood. And it may be good for Hollywood, but the Copyright Office's job is supposed to be about copyright. Not about what's good for Hollywood.

Jun 28 08:12

Do the Best Identity Theft Protection Services Work?

With more and more major retailers being hit by hackers and major security flaws on the Internet like Heartbleed, identity theft is becoming more and more of a threat.

This also means that identity theft protection services are making a full-court press to get everyone to sign up for their services. But are identity theft protection services worth it? We look at the best identity theft protection services and then examine how they can help you protect your identity.

Webmaster's Commentary: 

Let's just go back to a cash-only economy!

Jun 28 08:06

Petya ransomware attack: What it is, and why this is happening again

Just six weeks on from WannaCry, the world has fallen victim to another fast-spreading ransomware in the form of Petya/GoldenEye. Why haven't lessons been learned?

Webmaster's Commentary: 

Jun 27 19:56

How to Disable SMB on Windows Machines to prevent WannaCry Ransomware

In light to the recent cyber attack of ransomware which goes by the name “WannaCry” has affected more over 99 countries. This attack is believed to use the exploit tool called “ETERNALBLUE” which was leaked from the NSA, by the hacker group called ShadowBrokers. This tool exploits the vulnerability in the SMB service of the machine to spread and propagate. This document will provide you with the steps that a reader can take to disable the SMB service. By disabling the service the propagation of the virus will stop from spreading.

Jun 27 19:35

Kaspersky Anti-Ransomware Tool for Business

Kaspersky Anti-Ransomware Tool for Business is a free security product by Kaspersky to block ransomware on Windows machines.

Designed for businesses who don't run other Kaspersky software, it is available for anyone as a free download on the official site.

Please note that you need to fill out a form on the site that asks for a phone number, email address, name and company name, country, and number of workstations.

A useful addition for Windows security. Review and test:

Jun 27 16:58

This Ukrainian Company Is Likely Behind the Ransomware Wave

After landing on victims' machines, the malicious software then spread stealthily across networks through a vulnerability in Microsoft Windows, which Microsoft (MSFT) released patches for in March. Companies that did not apply the patch—sealing a hole exploited by a leaked hacking tool associated with the U.S. National Security Agency—were vulnerable.

Additionally, the malware spread by harvesting usernames and passwords from infected computers. Should one of these computers happen to have had administrative privileges, that login information could be used that to take over other machines on the network managed under the same credentials.

The timing and initial target of the attack, MeDoc, is sure to provoke speculation that an adversary of Ukraine might be to blame. The ransomware hid undetected for five days before being triggered a day before a public Ukrainian holiday that celebrates the nation's ratification of a new constitution in 1996.

Jun 27 16:13

‘Petya’ ransomware attack stems from NSA exploit - Snowden, security experts

According to cybersecurity company Kaspersky Lab, the latest ransomware attacks are a variation on the original Petya, which has been around since last year. “This appears to be a complex attack which involves several attack vectors,” Kaspersky Lab said Tuesday. “We can confirm that a modified EternalBlue exploit is used for propagation at least within the corporate network.”

...

“How many times does @NSAGov's development of digital weapons have to result in harm to civil infrastructure before there is accountability?” Snowden tweeted. “Listen, people can disagree on surveillance. But when NSAGov’s focus on offense over defense shuts down US hospitals, it’s time to act.”

Jun 27 15:51

Vicious VIRUS goes GLOBAL

Jun 27 15:46

Cyber attack hits CHERNOBYL radiation system: 'Goldeneye' ransomware strikes across the globe, with US drug firm Merck, advertising giants WPP and Ukrainian power grid among victims

But cyber security experts have warned that this time the virus is much more dangerous because it has no 'kill switch' and is designed to spread rapidly though networks.

Marcus Hutchins, who foiled the previous WannaCry attack by discovering a way to stop it from infecting new computers, told MailOnline that even if users pay the fee their files could now be lost forever.

He said: ' The company that hosts the email account which the ransomware asks you to contact has closed the account. There's no way to get files back.

'It's early days - we don't know if we can find a fix yet. But if it's decryptable we will find a way.'

Jun 27 15:19

Russia blocked Google briefly, but no, Google and Russia are not fighting

Russian authorities blocked Google for about three hours on Thursday.

Jun 27 15:15

Massive Ransomware Attack Hits Ukraine; Experts Say It's Spreading Globally

Signs that this is a new strain led Kaspersky Lab malware analyst Vyacheslav Zakorzhevsky to say the outbreak comes from a "new ransomware we haven't seen before." For this reason, Kaspersky announced in a statement it would be coining a new name for the ransomware: "ExPetr."

"The company's telemetry data indicates around 2,000 attacked users so far," its statement continued, noting Ukraine and Russia appear to be the most affected. But "we have also registered hits in Poland, Italy, the UK, Germany, France, the US and several other countries."

Jun 27 15:13

Ukraine central bank says cyberattack hits lenders

Ukraine's delivery service company Nova Poshta, which was also attacked today, identified the virus that hit its computers as Petya.A, a type of ransomware which locks users out of the system and demands purchase of a key to reinstate access.

Jun 27 15:08

Chernobyl nuclear power plant hit by 'Petya' ransomware attack causing havoc across the globe

A dedicated computer team have been working to contain the situation at Chernobyl. The plant's shift director Vladimir Ilchuk told Ukranian newspaper Pravda there is no radiation threat.

He said that a radiation leak was avoided due to "excess levels of control" at the power plant. However, staff working at the plant have had to switch to monitoring radiation levels manually, as they are unable to access reports and metrics on their computers.

Jun 27 14:59

Russian state-run Rosneft oil company under ‘major’ cyberattack – statement

Russian oil giant Rosneft has said its servers came under a massive hacking attack, according to a statement on Twitter. The company has asked Russia’s security services to look into the issue.

“We hope that it isn’t connected to the current legal proceedings in any way,” the company’s statement said.

Jun 27 14:41

Volvo's driverless cars 'confused' by kangaroos

Volvo's self-driving technology is struggling to identify kangaroos in the road.

The Swedish car-maker's 2017 S90 and XC90 models use its Large Animal Detection system to monitor the road for deer, elk and caribou.

But the way kangaroos move confuses it.

"We've noticed with the kangaroo being in mid-flight when it's in the air, it actually looks like it's further away, then it lands and it looks closer," its Australia technical manager told ABC.

But the problem would not delay the rollout of driverless cars in the country, David Pickett added.

Jun 27 14:38

Petya ransomware attack: Five questions answered

WannaCry was simple, but effective. With this one, it's a lot more complicated. It's got multiple methods of spreading.

It looks like it's leveraging quite a few known vulnerabilities and it is being able to spread more broadly.

The other concerning aspect is so far there's been no killswitch discovered - like in WannaCry. So it could continue to spread unabated.

Jun 27 14:35

Petya Weren’t Expecting This: Ransomware Takes Systems Hostage Across the Globe

Unfortunately, the authors of this variant of ransomware have learned from the past. The current outbreak of Petya ransomware can be spread to unpatched systems via the same exploit as WannaCry, but it can also achieve lateral movement to infect patched systems on connected networks using Windows Management Instrumentation Command-line (WMIC) and PsExec, a remote command tool from Microsoft.

Jun 27 14:34

Petya is the scariest computer virus yet for Microsoft Windows users. Here’s what to do about it.

Unlike WannaCry, this strain of Petya reportedly has no kill switch function, so it’s unclear if it can be stopped yet. Worse, malware analyst Vyacheslav Zakorzhevsky said that this strain is a new ransomeware that security experts like him haven’t encountered.

Ukraine’s interior minister adviser told Reuters that the Petya virus got into computer systems through “phishing” emails that were written to trick employees into opening them. If that’s the case, be sensible. Don’t click on links and attachments or download files from suspicious senders. Never use public Wi-Fi for business and be wary of shortened links.

Jun 27 14:32

There's another 'worldwide' ransomware attack and it's spreading quickly

Meanwhile, other experts have confirmed the ransomware has been seen in multiple different locations and when a computer is locked says $300 in bitcoins must be paid to decrypt locked systems. The bitcoin wallet listed in the demands has received multiple payments with a paltry sum of £5,800 being collected at the time of writing. However, email client Posteo, which hosts the account where Bitcoin payments are demanded to be sent to has closed the address listed in the ransom note. In a statement the German firm says it "does not tolerate any misuse of our platform". This means those who are trying to contact or pay those behind the attack will not be able to.

Jun 27 14:29

Petya ransomware slams Windows PCs shut in massive attack

The new ransomware, identified by security firm Bitdefender as GoldenEye, has two layers of encryption, researchers said. It locks up both your files and your computer's file system.

"Just like Petya, it is particularly dangerous because it doesn't only encrypt files, it also encrypts the hard drive as well," said Bogdan Botezatu, a senior threat analyst with Bitdefender.

The malware forces an infected PC to reboot as soon as it finishes encrypting files, so you'll see the ransom demands as soon as possible. Researchers at Recorded Future said there's also a hidden Trojan on Petya that steals victims' usernames and passwords.

Jun 27 14:28

'Petya' cyber attack targeting 'everyone': How to protect yourself

Like WannaCry, which crippled the NHS in May, the Petya-based malware is believed to be making use of the EternalBlue exploit that was stolen from the National Security Agency.

Though Microsoft patched the issue, which took advantage of a flaw in Windows, users who haven’t downloaded the fix are vulnerable.

The ransomware is encrypting users’ files and cutting off access to them, and demanding payment of $300 in Bitcoin.

Jun 27 11:10

Another Massive Ransomware Outbreak Is Going Global Fast

Ukraine's government, National Bank and biggest power companies all warned of cyberattacks Tuesday. Airports and metro services in the country were also reportedly affected, though it appears they're victims of another massive ransomware outbreak that's spreading across the world fast and hitting a significant number of critical infrastructure providers.

Whispers of WannaCry abound, though security experts said a different breed, named Petya, was to blame. "[We're seeing] several thousands of infection attempts at the moment, comparable in size to WannaCry's first hours," said Kaspersky Lab's Costin Raiu. "We are seeing infections from many different countries." One firm, BitDefender, said it believed a similar strain called GoldenEye was actually responsible. Later, security firms, including Kaspersky and Avast, said the malware responsible was actually an entirely new ransomware that had borrowed Petya code.

Jun 27 10:48

MARK ZUCKERBERG: FACEBOOK CAN PLAY A ROLE THAT CHURCHES AND LITTLE LEAGUE ONCE FILLED

Mark Zuckerberg wants Facebook groups to play an important role that community groups like churches and Little League teams used to perform: Bringing communities together. And with nearly 2 billion people around the world on Facebook today, he might have a chance to make it happen.

Jun 27 10:30

Google Slapped With $2.7 Billion EU Fine Over Search Results

The European Union’s antitrust regulator on Tuesday fined Alphabet Inc.’s Google a record €2.42 billion ($2.71 billion) for favoring its own comparison-shopping service in search results and ordered the search giant to apply the same methods to rivals as its own when displaying their services.

Jun 27 10:12

YouTube Busted Profiting Off of Pedophilia Videos While Censoring Alt-Media

On Sunday, we pointed our readers’ attention to Seven Super Girls, a channel of videos created by kids, for kids — so so goes the facade. The only problem with the channel is it’s incredibly exciting to pedophiles — and seems to be geared that way intentionally — something we documented thoroughly.

Compounding problems for Youtube, its selective censorship of far-right, far-left, and alt-media organizations has created an Us versus Them atmosphere where content creators often feel they’ve been discriminated against, simply because someone flagged their content.

Jun 27 08:04

Britain and Europe are hit by new 'WannaCry' virus, with UK advertising giants, Ukraine power grid, Russian oil plant and Danish shipping firm all affected

London-based WPP, the world's largest ad agency, was the first on UK soil to report problems, with staff told to turn off their computers and not to use the WiFi.

The Ukrainian government has been badly affected, with the state power distributor and Kiev's main airport being among the first to report issues, while supermarket tills and even ATMs have been pictured displaying error messages.

Russia's Rosneft oil company, Danish shipping giant A.P. Moller-Maersk, and global law firm DLA Piper have also confirmed issues with their networks.

Merck Sharp and Dohme, a US pharmaceuticals company, is also thought to be involved. The phone system appeared to be down when Mail Online contacted their UK offices.

Jun 27 07:51

Researchers blind autonomous cars by tricking LIDAR

If you've ever been dazzled by some idiot's high-beam driving towards you at night, you'd probably welcome a self-driving car – except one of the key “eyes”, LIDAR, can also be blinded, or tricked into reacting to objects that aren't there.

LIDAR - Light Detection and Ranging - is an important self-driving vehicle technology: it gathers distances to objects by firing a pulsed laser at them and collating the reflections.

Hocheol Shin, Dohyun Kim, Yujin Kwon, and Yongdae Kim of the Korea Advanced Institute of Science and Technology have demonstrated two kinds of attacks against LIDAR: a spoofing attack, and a saturation attack. Their work is published at the International Association for Cryptologic Research's pre-print archive here.

While their work was in a lab, they write that the potential damage from an attack is serious.

Jun 27 07:44

Microsoft plays down Skype vulnerability

Microsoft said the bug wasn't a problem for those running the latest version of its software.

"Users on the latest Skype client are automatically protected, and we recommend upgrading to this version for the best protection," a Microsoft spokesperson told El Reg.

Vulnerability Laboratory's Benjamin Kunz Mejri responded that although Microsoft had fixed this issue with version 7.37, widely used versions 7.2, 7.35 and 7.36 are still vulnerable to what he described as a "critical" security issue.

Jun 27 07:42

HMS Windows XP: Britain's newest warship runs Swiss Cheese OS

The Royal Navy’s brand new £3.5bn aircraft carrier HMS Queen Elizabeth is running Windows XP in her flying control room, according to reports.

Defence correspondents from The Times and The Guardian, when being given a tour of the carrier’s aft island – the rear of the two towers protruding above the ship’s main deck – spotted Windows XP apparently in the process of booting up on one of the screens in the flying control room, or Flyco.

“A computer screen inside a control room on HMS Queen Elizabeth was displaying Microsoft Windows XP – copyright 1985 to 2001 – when a group of journalists was given a tour of the £3 billion warship last week,” reported Deborah Haynes of The Times, accurately describing the copyright information on the XP loading screen.

Jun 27 07:40

Petya Ransomware Spreading Rapidly Worldwide, Just Like WannaCry

According to multiple sources, a new variant of Petya ransomware, also known as Petwrap, is spreading rapidly with the help of same Windows SMBv1 vulnerability that the WannaCry ransomware abused to infect 300,000 systems and servers worldwide in just 72 hours.

Petya is a nasty piece of ransomware and works very differently from any other ransomware malware. Unlike other traditional ransomware, Petya does not encrypt files on a targeted system one by one.

Instead, Petya reboots victims computers and encrypts the hard drive's master file table (MFT) and rendering the master boot record (MBR) inoperable, restricting access to the full system by seizing information about file names, sizes, and location on the physical disk.

Petya replaces the computer's MBR with its own malicious code that displays the ransom note and leaves computers unable to boot.

Jun 26 16:09

Global Internet Forum Targets 'Free Speech' Under The Guise of Fighting Terror

Today, Facebook, Microsoft, Twitter and YouTube are announcing the formation of the Global Internet Forum to Counter Terrorism, which will help us continue to make our hosted consumer services hostile to terrorists and violent extremists.

Jun 26 13:59

iPhones And Siri Are Getting Ready To Take Over By Integrating Into Every Aspect Of Our Daily Life

It’s 2027, and you’re walking down the street, confident you’ll arrive at your destination even though you don’t know where it is. You may not even remember why your smartphone is telling you to go there.

Jun 26 13:42

Heads Up! Dangerous Marcher Android Malware Can Steal Login Data to Many Apps

A Trojan virus that poses as an Adobe Flash Player update is targeting Android smartphone users.
The malware can obtain login credentials from at least 40 different retail, social media and banking apps.

Jun 26 11:21

ReactOS Is a Promising Open Source Windows Replacement

If you want to run a clone of Microsoft Windows to escape the drama of upgrading to Windows 10, try ReactOS -- but do not expect it to be a fully functional replacement any time soon.

ReactOS is a free, open source operating system built on the design principles found in the Windows NT architecture.

Just remember that ReactOS is a Windows clone and not a Linux distro with a Windows-like desktop shell. It does not run Linux apps.

Jun 26 10:46

Loretta Lynch faces possible felony if alleged DNC emails exist: Judge Napolitano

Judge Andrew Napolitano says former Attorney General Loretta Lynch could be facing jail time for obstruction of justice if emails to former DNC chairwoman Debbie Wasserman Shultz reportedly about furthering DNC interests surface.

“It is alleged, this document has not seen the light of day yet, if it exists that there is one or several emails between Debbie Wasserman Shultz and Loretta Lynch concerning the behavior that Loretta Lynch will take to further the DNC interests while Mrs. Lynch was the Attorney General, that if it happened, would be misconduct in office,” he said.

Webmaster's Commentary: 

GOOD!

Jun 26 09:24

Obama Ordered Cyberweapons Implanted Into Russia's Infrastructure

A new report from the Washington Post today quoted a series of Obama Administration officials reiterating their official narrative on Russia’s accused hacking of the 2016 election. While most of the article is simply rehashes and calls for sanctions, they also revealed a secret order by President Obama in the course of “retaliation” for the alleged hacking.

Jun 26 09:02

Pro-ISIS hackers break into U.S. government sites

Several United States government pages were hacked on Sunday with messages advocating support for the Islamic State (ISIS) terror group.

Among those websites to be hacked was the official site of Ohio Governor John Kasich, reported Fox News.

“You will be held accountable Trump, you and all your people for every drop of blood flowing from Muslim countries,” read the message that was planted by the hackers on the Republican's homepage, which also carried a black background and the message, “I love Islamic state.”

Jun 26 08:27

Cyber-attack on UK parliament: Russia is suspected culprit

Fewer than 90 email accounts with weak passwords are believed to have been hacked in ‘sustained’ attack

Webmaster's Commentary: 

Oh, come ON now! Enough, already!

Jun 26 06:42

Humanity is doomed: we watch 45 BILLION hours of YouTube a month

And that's just the stuff Google can count on mobile devices

Jun 26 06:41

Australian govt promises to push Five Eyes nations to break encryption

The Australian government looks set to take a hard line on encryption at this week’s Five Eyes meeting, and encourage the other nations in the network to jump on the back-door band wagon.

The Five Eyes nations - the UK, United States, Canada, Australia and New Zealand - have an agreement to gather and share intelligence, and are meeting this week to discuss national security.

Talks are expected to focus on how to force tech companies to introduce back-doors into their previously encrypted products.

The UK government has already indicated it is thinking of going down this path - plans that have gone down like a lead balloon with tech experts and privacy campaigners - but its Australian counterpart has been more forthright in its praise of the idea.

Jun 26 06:37

Intel's Skylake and Kaby Lake CPUs have 'critical' hyper-threading flaw

The processors exhibiting the flaw are 6th and 7th-gen Intel Core processors (desktop, embedded, mobile and HEDT), their related server processors (such as Xeon v5 and Xeon v6), as well as some Intel Pentium processor models. Only models released from 2015 onwards are affected.

According to the Debian blog, Intel is aware of the flaw and has apparently supplied patches, but the firm neglected to inform the OCaml researchers who originally reported the bug about this.

...

The defect only affects processors on which hyper-threading has been enabled, so a quick fix is to turn off this feature in the system BIOS, although this may require a BIOS/UEFI update.

Jun 25 19:47

Linux is Running on Almost All of the Top 500 Supercomputers

Linux is still running on more than 99% of the top 500 fastest supercomputers in the world. Same as last year, 498 out of top 500 supercomputers run Linux while remaining 2 run Unix.

No supercomputer dared to run Windows (pun intended). And of course, no supercomputer runs macOS because Apple has not manufactured the ‘iSupercomputer’ yet.

Jun 25 19:45

Intel's Skylake and Kaby Lake CPUs have nasty microcode bug

During April and May, Intel started updating processor documentation with a new errata note, and over the weekend we learned why: Skylake and Kaby Lake silicon has a microcode bug.

The errata is described in detail on the Debian mailing list, and affects Skylake and Kaby Lake Intel Core processors (in desktop, high-end desktop, embedded and mobile platforms), Xeon v5 and v6 server processors, and some Pentium models.

The Debian advisory says affected users need to disable hyper-threading “immediately” in their BIOS or UEFI settings, because the processors can “dangerously misbehave when hyper-threading is enabled.”

Symptoms can include “application and system misbehaviour, data corruption, and data loss”.

Jun 25 19:40

Microsoft recommends you ignore Microsoft-recommended update

Earlier this month, Microsoft gave the world .NET Framework 4.7 and urged users to install it for the usual reasons: more fun bits to play with and a security improvements.

But two days later the company urged Exchange users not to install it ASAP, because it hadn't validated it yet. Last Friday - 10 days after the launch of the new code - it reminded users of Lync and Skype for Business not to install it either.

Jun 25 09:51

Low-Cost Micro Satellites are Spawning a Global Surveillance Arms Race

By Nicholas West

The emergence of low-cost micro satellites is starting to spawn a global surveillance arms race: the familiar problem-reaction-solution paradigm upon what all other arms races are built. “Our competitors will learn to use this exploding geo-enabled capability to learn a lot of things. If we don’t use this as well as them and use our exquisite assets to be a differentiator and stay ahead, we’re going to get behind.” – Major Mike Little, U.S. Southern Command...

Jun 25 05:19

NSA USES TRICK TO SPY ON AMERICANS

The government is spying on most Americans through our computers, phones, cars, buses, streetlights, at airports and on the street, via mobile scanners and drones, through our credit cards and smart meters, televisions, dolls, and in many other ways.

Yesterday, ZDNet reported that the NSA uses a trick to get around the few flimsy American laws on spying … they shuttle internet traffic overseas so they can pretend they’re monitoring foreign communications:

A new analysis of documents leaked by whistleblower Edward Snowden details a highly classified technique that allows the National Security Agency to “deliberately divert” US internet traffic, normally safeguarded by constitutional protections, overseas in order to conduct unrestrained data collection on Americans.

Webmaster's Commentary: 

This... is why intelligent people either encrypt their communications securely, or only say very vanilla stuff in their emails or social media.

Jun 25 05:12

FLIMSY EVIDENCE AND FRINGE SOURCES LAND PEOPLE ON SECRETIVE BANKING WATCHLIST

A CORPORATE DATABASE used by banks and other institutions to screen clients for crimes such as money laundering and terror financing has labeled dozens of U.S. citizens as connected to terrorism on the basis of outdated or unsubstantiated allegations. An analysis of a 2014 copy of the database, which is known as World-Check, also indicates that many thousands of people, including children, were listed on the basis of tenuous links to crime or to politically prominent persons.

The database relied on allegations stemming from right-wing Islamophobic websites to categorize under “terrorism” people and groups like the Council on American-Islamic Relations, several mosques, and national and regional Islamic organizations.

Jun 25 04:18

Germany Secretly Passed Total Surveillance of Everything

Governments routinely pass laws that are expanding their powers to the detriment of personal rights that are buried deeply in legislation only a diehard will read.

Jun 24 09:07

NSA's use of 'traffic shaping' allows unrestrained spying on Americans

By using a "traffic shaping" technique, the National Security Agency sidestepped legal restrictions imposed by lawmakers and the surveillance courts.

Jun 23 16:03

A Cyberattack ‘the World Isn’t Ready For’

There have been times over the last two months when Golan Ben-Oni has felt like a voice in the wilderness.

On April 29, someone hit his employer, IDT Corporation, with two cyberweapons that had been stolen from the National Security Agency. Mr. Ben-Oni, the global chief information officer at IDT, was able to fend them off, but the attack left him distraught.

In 22 years of dealing with hackers of every sort, he had never seen anything like it. Who was behind it? How did they evade all of his defenses? How many others had been attacked but did not know it?

Jun 23 16:01

VIRTUAL 9-11: Will the US & Israel Hack US Computers and Falsely Blame It On Iran or Syria or Russia or China

So what it looks like is being planned, and pre-sold to the American people with all these stories about celebrities' personal information being hacked and made public (an activity that produces no profit for the hackers other than news headlines), and the "Syrian" (nudge nudge wink wink) hack of the AP Twitter feed that shocked the US stock market, is that the US Government will itself take down the US financial computers, and blame it on Iran /Russia/ China/Al Qaeda/Syria/Arabs and others to be named as convenient.

Jun 23 15:50

32TB of Windows 10 internal builds, core source code leak online

A massive trove of Microsoft's internal Windows operating system builds and chunks of its core source code have leaked online.

The data – some 32TB of installation images and software blueprints that compress down to 8TB – were uploaded to betaarchive.com, the latest load of files provided just earlier this week. It is believed the data has been exfiltrated from Microsoft's in-house systems since around March.

The leaked code is Microsoft's Shared Source Kit: according to people who have seen its contents, it includes the source to the base Windows 10 hardware drivers plus Redmond's PnP code, its USB and Wi-Fi stacks, its storage drivers, and ARM-specific OneCore kernel code.

Anyone who has this information can scour it for security vulnerabilities, which could be exploited to hack Windows systems worldwide. The code runs at the heart of the operating system, at some of its most trusted levels.

Jun 23 12:47

Router hack risk not limited to Virgin Media

Virgin Media's Super Hub 2 was criticised for using short default passwords that could easily be cracked by attackers.

But experts raised concerns that older routers provided by BT, Sky, TalkTalk and others were also affected.

They recommend users change their router password from the default.

Jun 23 08:13

CIA penetrated by insider network of snack thieves who stole $3,000 worth of junk food

A report released this week shows the premier US intelligence body discovered that insider hackers had stolen more than $3,300 worth of crisps, chocolate bars and other snacks from its vending machines.

The culprits weren’t undercover agents or veteran Al-Qaeda chasers, but instead “contractors” of which the CIA has thousands, doing everything from terror analysis to servicing the machines that answer American spies’ junk food needs.

Jun 23 08:11

Linksys issues security advisory following discovery of CIA exploitation

If users believe their router firmware may have been compromised, Linksys recommends that users download the latest available firmware from http://www.linksys.com/support/ and update your router.

Jun 23 07:40

Beware this Android banking malware posing as a software update

A sophisticated banking trojan has once again develop new techniques in order to trick Android users into downloading the malware.

It's the latest variant of Marcher Android malware and this time it's posing as an Adobe Flash Player Update. Having first appeared on Russian-speaking undeground forums in late 2013, previous incarnations of Marcher have posed as a security update a Super Mario mobile game and more.

Uncovered by researchers at Zscaler Threatlabz, this version of the banking trojan is using new lure techniques to spread infections, including adult content and links taking advantage of hype around new mobile games. All of the malware downloads are accessed from third-party sites and not via the official Google Play store.

Jun 23 07:39

Microsoft says 'no known ransomware' runs on Windows 10 S — so we tried to hack it

Microsoft claims "no known ransomware" runs on Windows 10 S, its newest, security-focused operating system.

The software giant announced the version of Windows earlier this year as the flagship student-focused operating system to ship with its newest Surface Laptop. Microsoft touted the operating system as being less susceptible to ransomware because of its locked down configuration -- to the point where you can't run any apps outside the protective walled garden of its app store. In order to get an app approved, it has to go through rigorous testing to ensure its integrity. That's one of several mitigations that helps to protect the operating system to known file-encrypting malware.

We wanted to see if such a bold claim could hold up.

Spoiler alert: it didn't.

Jun 23 07:36

Virgin Media tells 800,000 users to change passwords over hub hacking risk

Virgin Media is advising more than 800,000 customers with a specific router to change their password immediately after an investigation found hackers could gain access to it.

Virgin Media said the risk to customers with a Super Hub 2 router was small, but advised them to change both their network and router passwords if they were still set as the default shown on the attached sticker.

The advice comes after a Which? investigation found that hackers could access to home networks and connected appliances in as little as four days.

Jun 23 07:35

Report: Most US Government Web Sites Fail Basic Cybersecurity Tests

It seems like cybersecurity is in the news all the time these days, with scams more prevalent than ever and phishing on the rise. So you’d think major web sites would be more secure than ever, right? It turns out that some of them are, but some pretty important ones aren’t.

According to a new report from the Online Trust Alliance, consumer sites like Twitter and YouTube have some of the best security practices, and are the most “trusted” at keeping user data safe. But over half of government web sites are exposed to cyberattacks, which is a bit alarming considering the nature of data that’s often transmitted through them.

Jun 22 20:21

Certain U.S. Airlines Are Testing Mandatory Facial Recognition Scans on Americans Flying Abroad

Just when you thought air travel couldn’t get any more invasive, authoritarian and downright miserable, the Department of Homeland Security and two U.S. carriers are determined to prove you wrong.

Jun 22 19:41

Microsoft PatchGuard flaw could let hackers plant rootkits on x64 Windows 10 boxen

Flaws in Microsoft PatchGuard create a means for hackers to plant rootkits on Windows 10, 64-bit OS devices.

The newly discovered attack technique, dubbed GhostHook, allows attackers to completely bypass PatchGuard, security researchers at CyberArk Labs warn.

PatchGuard (formally known as Kernel Patch Protection) was developed to prevent Windows users patching the kernel, and by extension make the OS more secure by preventing hackers from running rootkits at the kernel level. CyberArk Labs reckons GhostHook is the first technique that thwarts the defensive technology to bypass PatchGuard and hook a rootkit at the kernel level.

Jun 22 15:00

Illinois Man Arrested For Threatening to Kidnap and Kill President Trump on Facebook

Another radicalized liberal, obsessed with the Trump-Russia conspiracy

THANKS CNN!

Jun 22 11:03

Freedom.social

Independent Media Platform
and
Media Compensation Platform

Webmaster's Commentary: 

This is a social and video sharing network aimed at the liberty movement.

Jun 22 09:49

Still think crypto currencies are a store of value? Ethereum just flash-crashed 96% in a matter of minutes

In other words, just as I have repeatedly warned, on the day you want to get out of a crypto currency as it’s crashing, you won’t be able to sell. The value of the virtual currency will crash to almost zero in a matter of minutes, long before your sell transactions can be processed. This was neatly demonstrated today as Ethereum plunged 96% before most people even had a clue what was happening… all while Coinbase basically gave its users the finger.

Jun 22 09:07

Hackers Are Now Infecting Windows Computers with Mining Software

Reports have surfaced detailing a malware trojan that uses an NSA hacking tool to infect Windows computers with a cryptocurrency mining bug. The virus identifies available resources on a victim’s PC that can be used to initiate the mining of XMR (Monero).

Jun 22 08:24

Traders Get Burned In Ethereum Flash Crash

The white hot cryptocurrency Ethereum went on a wild ride on Wednesday, plummeting from around $320 to around 10 cents in a so-called "flash crash."

...

As Adam White, the VP of GDAX, explained in a blog post, one investor placed a multi-million dollar Ethereum "sell" order at 12:30 p.m. on Wednesday. The size of the order caused the price of the currency, which is already volatile, to dip.

Things started to go really haywire, however, as the price dip triggered a series of stop loss orders.

"This slippage started a cascade of approximately 800 stop loss orders and margin funding liquidations, causing ETH to temporarily trade as low as $0.10," White explained.

In other words, the computers executing the stop loss orders began to sell at all costs and, so long as there was someone on the other side to match the order, the trade went through—even if the price was totally irrational, and driven only by an algorithmic frenzy.

Jun 22 08:21

Are Electromagnetic Frequencies The Microwave Industry’s Achilles Heel Or The “Allergy de Jour”?

By Catherine J. Frompovich

Basically, anyone can be allergic to anything; how about nickel allergy to cheap metal jewelry. Or woolen clothing? Insect bites? One percent of U.S. people have latex allergies! Nothing, technically, is exempt depending upon an individual’s constitution and exposures. That’s something allopathic medicine and some of the sciences seemingly write off as “not possible,” especially when it comes to modern technologies, which include electromagnetic impulses or frequencies called EMFs or RFs (radiofrequencies)...

Jun 22 08:15

Hackers Use NSA Exploit to Mine Monero Using Victims’ Computers

Once infected, the malware creates a simple backdoor that allows the hackers to execute code on a machine. The hackers then use the NSA’s Doublepulsar exploit to download a generic malware loader onto the infected machine. The virus will then scan the computer to determine if it has enough resources available to execute its payload. If said resources are available, a generic malware loader will download a cryptocurrency miner, begin mining XMR, and divert the XMR to the hacker’s wallet. Experts also note that the trojan is able to shut itself down when a PC owner launches the Task Manager utility, allowing the malware to remain undetected whilst in operation.

Jun 22 07:51

UCL ransomware attack traced to malvertising campaign

Security researchers have suggested that the ransomware attack on University College London last week was spread through a "malvertising" campaign.

Proofpoint reckons the AdGholas group spread the infection using malware-tainted online ads. This was a "zero-click required" campaign that could infect users who simply visited a compromised site1.

More specifically, the Astrum Exploit Kit was used to deliver the Mole ransomware, Proofpoint said. Mole is a member of the CryptFile2/CryptoMix ransomware family.

Jun 22 07:07

FROM WIKILEAKS VAULT 7 -RELEASE: CIA ‘Brutal Kangaroo’ and ‘Emotional Simian’ USB air gap jumping viruses

Jun 21 16:11

NSA had NFI about opsec: 2016 audit found laughably bad security

Second-rate opsec remained pervasive at the United States' National Security Agency, according to an August 2016 review now released under Freedom of Information laws.

It's almost surprising that the agency was able to cuff Reality Winner, let alone prevent a wholesale Snowden-style leak. The Department of Defense Inspector General report, first obtained by the New York Times, finds everything from unsecured servers to a lack of two-factor authentication.

The formerly-classified review (PDF) was instigated after Snowden exfiltrated his million-and-a-half files from August 2012 to May 2013.

“NSA did not have guidance concerning key management and did not consistently secure server racks and other sensitive equipment in the data centers and machine rooms” under its “Secure-the-net” initiative, the report says.

Jun 21 15:02

Rowdy Gowdy Destroys Jeh Johnson on DNC Hacking Claims: ‘Why Would the Victim of a Crime Not Turn Over a Server?’ (VIDEO)

Gowdy stumps Jeh Johnson: "If they were hacked, why didn't the DNC let the FBI look at their servers?"

Jun 21 11:23

Privacy Organization Urges Congress to Examine FBI’s Secret Biometric ID Program

By Nicholas West

While the general public is still in the dark about the arrival of biometric identification that is taking place in nearly every walk of life, even privacy defenders who have been closely following these developments don’t have sufficient information.

A shocking report came to light early this year about a massive FBI database that has been collecting millions of faceprints of American citizens – for years...

Jun 21 09:38

ZeroPhone - a Raspberry Pi smartphone

Pi Zero-based open-source mobile phone (that you can assemble for 50$ in parts)

Jun 21 09:29

WannaCry virus forces Honda car plant to halt operations, delaying production of 1,000 vehicles

A Honda factory near Tokyo was shuttered for over 24 hours this week after its computers became infected with WannaCry, the same ransomware virus responsible for crippling systems in 150 countries last month, the car manufacturer said Wednesday.

Honda learned late Sunday evening that “computer systems in several plants across the world were affected by the ransomware virus Wannacry,” the car maker said in a statement, forcing the company to briefly halt production at its factory in Sayama, Japan.

Honda launched recovery efforts immediately after the virus was detected and reopened the Sayama factory Tuesday morning, the company said in a statement. In all, the shutdown delayed the production of about 1,000 vehicles.

Jun 21 09:26

What an AI's Non-Human Language Actually Looks Like

Facebotlish looks pretty weird to me to me to me to me to me to me to me to

Jun 21 08:36

WannaCry: The smart person's guide

WannaCry only targets Windows systems, particularly those vulnerable to EternalBlue, the SMB exploit developed by the NSA.

Jun 21 08:30

CNN Caught Faking News Again: Qatar Says News Agency Hacking Linked To Middle East, Not Russia

As it turns out, it's somewhat ironic that CNN accused Russia of spreading "fake news stories" that "have turned up amid elections in France, Germany and other countries" because, as Reuters reports today, their entire Qatari hacking narrative was all fake news.

According to reports from Qatar's attorney general, it was an Arab neighbor state that severed ties with Doha (i.e. Saudi Arabia, Egypt, Bahrain and/or the United Arab Emirates) that was responsible for the hacking of Qatar's state news agency and not the Russians.

Jun 21 08:02

Raspberry Pi simulator lets you start tinkering without even owning a Pi

Microsoft is building an online Raspberry Pi simulator that allows users to write code to control hardware.

Jun 21 07:15

WebSites Found Collecting Data from Online Forms Even Before You Click Submit

'Do I really need to give this website so much about me?'

That's exactly what I usually think after filling but before submitting a web form online asking for my personal details to continue.

I am sure most of you would either close the whole tab or would edit already typed details (or filled up by browser's auto-fill feature) before clicking 'Submit' — Isn't it?

But closing the tab or editing your information hardly makes any difference because as soon as you have typed or auto-filled anything into the online form, the website captures it automatically in the background using JavaScript, even if you haven't clicked the Submit button.

During an investigation, Gizmodo has discovered that code from NaviStone used by hundreds of websites, invisibly grabs each piece of information as you fill it out in a web form before you could hit 'Send' or 'Submit.'

Jun 21 06:46

How to delete Google’s tracking of your Internet search history

If you use or have ever used Google as your search engine, Google’s “cookies” actually keeps track of and save your search history.

Jun 20 20:15

One-third of preschoolers own smartphones or tablets, child health poll finds

A third of preschoolers and two-thirds of primary school-aged children own smartphones or tablets – and 50% of them are using them unsupervised, the latest Australian Child Health Poll shows.

The paediatrician Dr Anthea Rhodes, the director of the national poll, said knowing so many very young children were spending too much time on devices was a “worrying” trend.

Rhodes said there was very little evidence to support the idea a smartphone or tablet boosted a toddler’s development. But there was plenty of evidence linking excessive use to health problems.

“Particularly with sleep difficulties, problems related to unhealthy weight gain and then difficulties with social and emotional wellbeing,” she said.

Jun 20 20:12

US is Number One! In sales register hacking attacks, at least

Hacking attacks against sales terminals have risen by nearly a third last year, and the US is still leading the way in being insecure.

Incidents affecting sales tills and payment systems increased to 31 per cent in 2016, according to research by security firm Trustwave, while incidents affecting e-commerce environments fell to 26 per cent from 38 per cent. Incidents involving sales registers were most common in the US, thanks to its tardy adoption of EMV chip technology and a reliance on chip and signature rather than chip and PIN payment.

Jun 20 20:10

No, really. You can see through walls using drones and Wi-Fi

Drones can perform three-dimensional imaging of objects through walls using Wi-Fi, a team of researchers demonstrated for the first time.

Chitra Karanam, a PhD student, and Yasamin Mostofi, a professor at the department of electrical and computer engineering at the University of California, Santa Barbara, presented their results [PDF] at the Association for Computing Machinery/Institute of Electrical and Electronics Engineers International Conference on Information Processing in Sensor Networks.

“Our proposed approach has enabled unmanned aerial vehicles to image details through walls in 3D with only Wi-Fi signals. This approach utilizes only Wi-Fi RSSI measurements, does not require any prior measurements in the area of interest and does not need objects to move to be imaged,” Mostofi said on Monday.

Jun 20 12:18

Data Indicates Cell Phones Expose Consumers To Radiation Levels Higher Than Manufacturers Claim, Says The French Government

By Catherine J. Frompovich

The Environmental Health Trust published “Cell Phone Radiation Scandal: More Exposure Than Manufacturers Claim ‘PhoneGate’ In France, government data release reveals 9 out of 10 phones tested exceed regulatory limits.”

The French ANFR published online on June 1, 2017, a listing of cell phone data “details of make, model and test results...

Jun 20 10:27

Chelsea Clinton (daughter of murderous parents) tries to appear 'normal' in disastrous PR move

Chelsea Clinton claimed she was waiting in line at Starbucks Tuesday when she tweeted about the White House “fat shaming” Sean Spicer.

Jun 20 09:50

Google plans to increase censorship on Youtube

The issue of filtering out content that advocates or glorifies terrorism on widely-used media sites like Alphabet’s YouTube has come under renewed scrutiny since authorities learned that 23-year-old Salman Abedi was radicalized after watching videos of an American preacher posted on the site.

Jun 20 07:59

You Can’t Open the Microsoft Surface Laptop Without Literally Destroying It

Microsoft's latest Surface Laptop may have earned glowing reviews from certain sections of the tech press, but don't tell that to iFixit.

The company, which provides repair tools and manuals for popular gadgets like the iPhone and PlayStation, has handed the Surface Laptop a score of 0 out of 10 in terms of user repairability, stating definitively that the laptop "is not meant to be opened or repaired; you can't get inside without inflicting a lot of damage."

Jun 20 07:54

ProtonMail makes its free VPN service available to everyone

ProtonMail, the encrypted email created by CERN and MIT scientists, has released a new product in response to the administration's roll back of Obama-era internet privacy rules. Starting today, you can try out the company's VPN service, which was in beta testing by 10,000 initial users for a year, by getting it from the official ProtonVPN website. The great thing about it is that it has a free tier that's free forever. It might not be as robust as the paid ones, but it still routes your connection through multiple encrypted tunnels in three countries.

Jun 20 07:44

A Decade Old Unix/Linux/BSD Root Privilege-Escalation Bug Discovered

Security researchers have discovered more than a decade-old vulnerability in several Unix-based operating systems — including Linux, OpenBSD, NetBSD, FreeBSD and Solaris — which can be exploited by attackers to escalate their privileges to root, potentially leading to a full system takeover.

Jun 20 07:40

$28 hacking software to break into webcams spreads in China

The notion of “the privacy of your own home” may be becoming a thing of the past. Cheap software has reportedly spread in the Chinese Internet, allowing web-connected cameras and home surveillance devices to be infiltrated.

Virtually anyone can buy the hacking software for just 188 yuan ($28) with an attached list of IP addresses and a manual on how to use the malware, China’s CCTV broadcaster reported after conducting an investigation. The malware scans for internet-connected webcams, giving its buyers easy access to them.

SHARE THIS ARTICLE WITH YOUR SOCIAL MEDIA