Tech Today w/ Ken May

Archive for June 11th, 2017

Malware downloader infects your PC without a mouse click

Posted by kenmay on June - 11 - 2017

You think you’re safe from malware since you never click suspicious-looking links, then somebody finds a way to infect your PC anyway. Security researchers have discovered that cybercriminals have recently started using a malware downloader that installs a banking Trojan to your computer even if you don’t click anything. All it takes to trigger the download is to hover your mouse pointer over a hyperlink in a carrier PowerPoint file. According to researchers from Trend Micro and Dodge This Security the technique was used by a recent spam email campaign targeting companies and organizations in Europe, the Middle East and Africa. The emails’ subjects were mostly finance-related, such as “Invoice” and “Order #, ” with an attached PowerPoint presentation. [Image credit: Trend Micro] The PowerPoint file has a single hyperlink in the center that says “Loading… please wait” that has an embedded malicious PowerShell script. When you hover your mouse pointer over the link, it executes the script. If you’re running a newer version of Microsoft Office, though, you’ll still need to approve the malware’s download before it infects your PC. That’s because the more modern versions of the suite has Protected View, which will show a prompt warning you about a “potential security concern” when the script starts running. Just click Disable, and you’ll be fine. However, older versions of the suite don’t have that extra layer of security. The downloader can install a Trojan virus into your system to steal your credentials and bank account information the moment your mouse pointer hovers over the link. [Image credit: Trend Micro] The good news is that the spam emails died down back on May 29th after peaking on the 25th with 1, 444 detections by Trend Micro. Still, it’s better to steer clear of similar emails, since it’s always possible that the campaign in May was just a test run for a bigger one. Via: Ars Technica Source: Trend Micro , Dodge This Security

Categories: reader

American military backs an entirely new kind of processor

Posted by kenmay on June - 11 - 2017

Virtually every processor you see is based on the same basic ( Von Neumann ) computing model: they’re designed to access large chunks of sequential data and fill their caches as often as possible. This isn’t the quickest way to accomplish every task, however, and the American military wants to explore an entirely different kind of chip. DARPA is spending $80 million to fund the development of the world’s first graph analytic processor. The HIVE (Hierarchical Identify Verify Exploit) accesses random, 8-byte data points from the system’s global memory, crunching each of those points individually. That’s a much faster approach for handling large data, which frequently involves many relationships between info sets. It’s also extremely scalable, so you can use as many HIVE chips as you need to accomplish your goals. The agency isn’t alone in its work: Intel, Qualcomm and Northrop Grumman are involved , as are researchers at Georgia Tech and Pacific Northwest National Laboratory. It’s going to take a long time before you see a HIVE chip in service — DARPA and its allies are effectively reinventing the wheel. If the concept works as promised, though, it could quickly spot problems before they become especially dire. The military could catch the first signs of a cyberattack , while disease control experts could detect an imminent outbreak . Simply speaking, massive amounts of data shouldn’t be quite so intimidating — you could just ask a computer to connect the dots. Via: EETimes Source: DARPA (1) , (2)

Categories: reader

An anonymous reader quotes Quartz: “How screwed am I?” asked a recent user on Reddit, before sharing a mortifying story. On the first day as a junior software developer at a first salaried job out of college, his or her copy-and-paste error inadvertently erased all data from the company’s production database. Posting under the heartbreaking handle cscareerthrowaway567, the user wrote, “The CTO told me to leave and never come back. He also informed me that apparently legal would need to get involved due to severity of the data loss. I basically offered and pleaded to let me help in someway to redeem my self and i was told that I ‘completely fucked everything up.'” The company’s backups weren’t working, according to the post, so the company is in big trouble now. Though Qz adds that “the court of public opinion is on the new guy’s side. In a poll on the tech site the Register, less than 1% of 5, 400 respondents thought the new developer should be fired. Forty-five percent thought the CTO should go.” Read more of this story at Slashdot.

Categories: reader

People tend to avoid sick people, even if they don’t consciously now that they are sick, according to a new study published in PNAS. Snip: In the perpetual race between evolving organisms and pathogens, the human immune system has evolved to reduce the harm of infections. As part of such a system, avoidance of contagious individuals would increase biological fitness. The present study shows that we can detect both facial and olfactory cues of sickness in others just hours after experimental activation of their immune system. The study further demonstrates that multisensory integration of these olfactory and visual sickness cues is a crucial mechanism for how we detect and socially evaluate sick individuals. Thus, by motivating the avoidance of sick conspecifics, olfactory–visual cues, both in isolation and integrated, may be important parts of circuits handling imminent threats of contagion. David DiSalvo from Forbes has more : Researchers injected one group of people with a harmless bacteria that triggers an immune response for a few hours, causing mild fever and fatigue, but without any really obvious signs of being sick… The researchers exposed the smell samples, photos and videos to another group of people, along with the same set of samples from healthy people… The brain scans showed a signaling effect cutting across the senses when someone looked at a photo or video of a sick person, along with being exposed to the smell samples. The overall effect is a multi-sense brain alarm telling us that someone is sick and should be avoided.

Categories: reader

How EFF cracked printers’ "hidden dots" code in 2005

Posted by kenmay on June - 11 - 2017

https://www.youtube.com/watch?v=izMGMsIZK4U NSA whistleblower Reality Winner may have been caught thanks to a hidden pattern of dots that color printers bury in every page they print, as an assistance to law enforcement agencies. (more…)

Categories: reader

Linux.MulDrop.14 is a Linux worm that seeks out networked Raspberry Pi systems with default root passwords; after taking them over and ZMap and sshpass, it begins mining an unspecified cryptocurrency, creating riches for the malware’s author and handing you the power-bill. (more…)

Categories: reader

Slashdot reader midwestsilentone tipped us off to a growing problem. Lifehacker reports: New technology allows telemarketers to leave ringless voicemail messages, and it’s a method that’s gaining traction. While there are laws to regulate businesses when they call consumers, some groups argue that ringless voicemail shouldn’t count. The New York Times reports, “ringless voicemail providers and pro-business groups…argue that these messages should not qualify as calls and, therefore, should be exempt from consumer protection laws that ban similar types of telephone marketing”… After receiving a petition from a ringless voicemail provider, the Federal Trade Commission has started to collect public comments on this issue. So what can you do about it? First, you can head here to leave your public comment and if you’re getting these voicemails, you can file a complaint with the FCC here. Presumably that only applies if you’re in the U.S. But I’d be curious to hear how many Slashdot readers have experienced this. Read more of this story at Slashdot.

Categories: reader