Month: March 2017

This hard drive will self destruct. Data-wiping malware targets Europe

Enlarge (credit: William Warby ) Shamoon—the mysterious disk wiper that popped up out nowhere in 2012 and took out more than 35,000 computers in a Saudi Arabian-owned gas company before disappearing—is back. Its new, meaner design has been unleashed three time since November. What’s more, a new wiper developed in the same style as Shamoon has been discovered targeting a petroleum company in Europe, where wipers used in the Middle East have not previously been seen. Researchers from Moscow-based antivirus provider Kaspersky Lab have dubbed the new wiper “StoneDrill.” They found it while they were researching the trio of Shamoon attacks, which occurred on two dates in November and one date in late January. The refurbished Shamoon 2.0 added new tools and techniques, including less reliance on outside command-and-control servers, a fully functional ransomware module, and new 32-bit and 64-bit components. StoneDrill, meanwhile, features an impressive ability to evade detection by, among other things, forgoing the use of disk drivers during installation. To accomplish this, it injects a wiping module into the computer memory associated with the user’s preferred browser. StoneDrill also includes backdoor functions that are used for espionage purposes. Kaspersky researchers found four command-and-control panels that the attackers used to steal data from an unknown number of targets. Besides sharing code similarities with Shamoon, StoneDrill also reuses code used in an espionage campaign dubbed “NewsBeef,” which targeted organizations around the world. Read 6 remaining paragraphs | Comments

See more here:
This hard drive will self destruct. Data-wiping malware targets Europe

Prenda Law’s John Steele pleads guilty to fraud, money laundering

(credit: Steele Law Firm ) One of the attorneys behind the Prenda Law “copyright trolling” scheme has pleaded guilty to federal charges of fraud and money laundering. After years of denial, John Steele admitted Monday that he and co-defendant Paul Hansmeier made more than $6 million by threatening Internet users with copyright lawsuits. It’s perfectly legal to sue Internet pirates—but not the way Steele did it. Steele and Hansmeier set up “sham entities” to get copyrights to pornographic movies, “some of which they filmed themselves,” according to the Department of Justice’s statement on the plea. Steele and Hansmeier then uploaded those movies to file-sharing websites such as The Pirate Bay, and then sued the people who downloaded the content. Read 5 remaining paragraphs | Comments

See the original post:
Prenda Law’s John Steele pleads guilty to fraud, money laundering

IBM plans to build a universal quantum computer

Companies can technically buy a quantum computer right now, but it’s not really the same as a general-purpose computer. Even if you don’t question whether or not it is quantum computing , it really amounts to specialized hardware. However, IBM hopes to change all that: it’s planning to build the first commercially-oriented universal quantum computer. The plan is to build a system with roughly 50 quantum bits (the Quantum Experience started with 5 and now simulates 20) within the next few years. That may not sound like much, but 50 qubits could be more powerful than the best supercomputers when handling some calculations — tasks that were impractical before would suddenly be within reach. Not surprisingly, you probably won’t get to use this quantum machine yourself. Much as in the old mainframe days, this computer is aimed at “business and science” customers that need to solve specific problems. To that end, IBM is helping research partners Canon, Hitachi Metals, Honda, JSR, Nagase and Samsung explore potential uses for quantum tech. The exciting part, IBM argues, isn’t so much the known performance as the possibilities. No one knows the full extent of what a universal quantum computer can do — it’s entirely feasible that the device will solve problems that aren’t even on the table right now. The biggest challenges are creating a tangible roadmap for production, and developing something affordable enough that it’s genuinely practical to use outside of a handful of cases. Source: IBM Think Blog , IBM News Room

See more here:
IBM plans to build a universal quantum computer

Build Your Own Laptop-Specific Second Screen With Recycled Parts

Dual monitors are useful for a lot reasons, even if they don’t actually affect productivity . Buying a second monitor is straightforward if you’re working from a desktop computer, but it’s much trickier with a laptop. YouTuber DIY Perks shows you how to build a second monitor from recycled parts that works great with a… Read more…

Read this article:
Build Your Own Laptop-Specific Second Screen With Recycled Parts

Your WD networked drive is vulnerable to remote attacks

If you have one of Western Digital’s My Cloud nstorage drives , you might be particularly vulnerable to internet attacks. Exploitee.rs has discovered a number of unpatched security flaws in most My Cloud models that let remote intruders bypass the login, insert their own commands and upload files without permission. In numerous cases, it’s a matter of poorly implemented scripts. Also, every command exectued through the web interface has full access to the operating system — an attacker would have the keys to the kingdom. The kicker? WD did fix one login bypass flaw through a firmware update, but it introduced another in the process. We’ve asked WD for its take on the situation and will let you know if it has a response. However, the Exploitee.rs team says it’s revealing these pre-patch bugs to the public because of WD’s “reputation within the community.” Supposedly, the company doesn’t pay attention to the seriousness of security flaws — this open disclosure is a way of pressuring WD into action. True or not, you may not want to allow internet access to your My Cloud gear unless it’s absolutely necessary. Source: Exploitee.rs

Visit link:
Your WD networked drive is vulnerable to remote attacks

Hidden Backdoor Discovered In Chinese IoT Devices

“A backdoor has been found in devices made by a Chinese tech firm specializing in VoIP products, ” reports TechRadar. An anonymous reader quotes their article: Security outfit Trustwave made the discovery of a hidden backdoor in DblTek’s devices which was apparently put there to allow the manufacturer access to said hardware — but of course, it’s also open to being exploited by other malicious parties. The backdoor is in the Telnet admin interface of DblTek-branded devices, and potentially allows an attacker to remotely open a shell with root privileges on the target device. What’s perhaps even more worrying is that when Trustwave contacted DblTek regarding the backdoor last autumn — multiple times — patched firmware was eventually released at the end of December. However, rather than removing the flaw, the vendor simply made it more difficult to access and exploit. And further correspondence with the Chinese company has apparently fallen on deaf ears. The firmware with the hole “is present on almost every GSM-to-VoIP device which DblTek makes, ” and Trustwave “found hundreds of these devices on the net, and many other brands which use the same firmware, so are equally open to exploit.” Read more of this story at Slashdot.

See the original article here:
Hidden Backdoor Discovered In Chinese IoT Devices

Windows 10 Build 15048 Has a Windows Mixed Reality Demo You Can Try

Microsoft’s big push into mixed reality involves headsets from multiple manufacturers (including ASUS, Dell, HP, Lenovo), and developer kits with Acer’s headset will begin a phased rollout this month. But Windows 10’s latest “Insider Preview” build already includes a mixed reality simulator with a first-person 3D environment that can be navigated with the W, A, S and D keys. Slashdot reader Mark Wilson writes: From the look of the changelog for Windows 10 build 15048 that was released a few days ago to Insiders, it looked to be little more than a bug fixing release. But in fact Microsoft has already started to include references to — and even a portal for — Windows Mixed Reality. We have seen reference to Windows Holographic in Windows 10 before, but this is the first time there has been anything to play with. It coincides nicely with Microsoft revealing that Windows Mixed Reality is the new name for Windows Holographic, and it gives Insiders the chance to not only see if their computer meets the recommended specs, but also to try out a Windows Mixed reality simulation. Read more of this story at Slashdot.

Originally posted here:
Windows 10 Build 15048 Has a Windows Mixed Reality Demo You Can Try

New York will offer $2,000 if you buy an electric car

Believe it or not, New York hasn’t offered a financial incentive to buy eco-friendly cars. While over three quarters of the US has some kind of state-level discount, New York has made you ‘settle’ for the federal tax credit. Officials are about to sweeten the pot, though: months after approval, New York is launching a rebate program on April 1st that gives you up to $2, 000 if you buy an electric car or plug-in hybrid . If you can buy a car that also qualifies for the federal credit, you’re looking at nearly ten grand off the sticker price. The initiative wasn’t exactly on the fast track. April 1st was the deadline for launching the program — the state clearly put this off until the last minute, and staff at New York’s Energy Research and Development Authority are still hashing out the details of the rebate. Still, it could be vital if it goes according to plan. New York represents one of the larger potential markets for electric cars outside of California, and the added incentive could be important for the Chevy Bolt , Tesla Model 3 and future EVs just affordable enough that even $2, 000 could make a big difference. It’s particularly important for the Model 3, whose pre-orders are strong enough that you may not get a federal credit at all if you ordered relatively late. Via: Electrek Source: AP (US News)

See the original post:
New York will offer $2,000 if you buy an electric car

Streaming TV Sites Now Have More Subscribers Than Cable TV

Nielsen reported this week that millennials “spend about 27% less time watching traditional TV than viewers over the age of 35, ” possibly threatening the dominance of cable TV. An anonymous reader quotes Axios: Streaming service subscribers (free or paid) increased again (68% in 2016 vs. 63% in 2014) and have caught up with the percentage of paid TV service providers (67%) for the first time ever, according to the Consumer Technology Association’s new study, The Changing Landscape for Video and Content. The rise of streaming services represents a shift in consumption habits towards cord-cutting, primarily amongst millennials. Some other trends are impossible to ignore. 2016 also saw a saw dramatic drops in the use of physical disks — from 41% in 2015 to just 28% — as well as another big drop in the use of antennas, from 18% to just 10%. Read more of this story at Slashdot.

See the article here:
Streaming TV Sites Now Have More Subscribers Than Cable TV

More Fast Food Restaurants Are Now Automating

An anonymous reader writes: Wendy’s is adding self-service ordering kiosks “to at least 1, 000 restaurants, or about 15% of its stores, ” reports the Los Angeles Times, while McDonald’s and Panera Bread are now planning to add kiosks to every restaurant. “Lots of restaurants, not just fast-food chains, are really trying to mitigate the costs of higher wages, ” says one market research firm, while also citing a survey which found 40% of millennials willing to use kiosks (compared to 30% of restaurant-goers overall). But in some cases this means more work for human employees. Quartz points out that McDonalds doesn’t plan to reduce its workforce after installing kiosks, and Panera Bread “has said that at some locations where it has ordering kiosks, it has actually increased human hours to help the kitchen keep up with the higher number of orders that come in through the more efficient ordering system.” Read more of this story at Slashdot.

See more here:
More Fast Food Restaurants Are Now Automating