reader – Page 8 – Tech Today w/ Ken May

Crooks Created 28 Fake Ad Agencies To Disguise Massive Malvertising Campaign

An anonymous reader quotes a report from Bleeping Computer: A group of cyber-criminals created 28 fake ad agencies and bought over 1 billion ad views in 2017, which they used to deliver malicious ads that redirected unsuspecting users to tech support scams or sneaky pages peddling malware-laden software updates or software installers. The entire operation — codenamed Zirconium — appears to have started in February 2017, when the group started creating the fake ad agencies which later bought ad views from larger ad platforms. These fake ad agencies each had individual websites and even LinkedIn profiles for their fake CEOs. Their sole purpose was to interface with larger advertising platforms, appearing as legitimate businesses. Ad security company Confiant, the one who discovered this entire operation, says ads bought by this group reached 62% of ad-monetized websites on a weekly basis. All in all, Confiant believes that about 2.5 million users who’ve encountered Zirconium’s malicious ads were redirected to a malicious site, with 95% of the victims being based in the U.S. Read more of this story at Slashdot.

View post:
Crooks Created 28 Fake Ad Agencies To Disguise Massive Malvertising Campaign

Elon Musk’s Boring Company Delivers $600 Flamethrower

Last December, Boring Company CEO Elon Musk promised to sell a Boring Company-branded flamethrower after selling 50, 000 Boring Company hats. Well, sure enough, 50, 000 hats were sold and Musk is delivering on his promise. The Verge reports: Mark this down as one of the promises Elon delivers on, apparently, because it looks like the Boring Company flamethrower is here. Redditors in a few SpaceX, Boring Company, and Musk-related subreddits noticed earlier this week that the URL “boringcompany.com/flamethrower” started redirecting to a page with a password box. And at least one user was able to guess the original password, too: “flame.” (It’s since been changed.) Behind that password was a shop page that looks just like the one for The Boring Company’s hat. But instead of a $20 cap, they found a preorder prompt for a $600 flamethrower. “Prototype pictured above, ” the listing reads. “Final production flamethrower will be better.” Read more of this story at Slashdot.

Read the original:
Elon Musk’s Boring Company Delivers $600 Flamethrower

Now Even YouTube Serves Ads With CPU-draining Cryptocurrency Miners

YouTube was recently caught displaying ads that covertly leach off visitors’ CPUs and electricity to generate digital currency on behalf of anonymous attackers, it was widely reported. From a report: Word of the abusive ads started no later than Tuesday, as people took to social media sites to complain their antivirus programs were detecting cryptocurrency mining code when they visited YouTube. The warnings came even when people changed the browser they were using, and the warnings seemed to be limited to times when users were on YouTube. On Friday, researchers with antivirus provider Trend Micro said the ads helped drive a more than three-fold spike in Web miner detections. They said the attackers behind the ads were abusing Google’s DoubleClick ad platform to display them to YouTube visitors in select countries, including Japan, France, Taiwan, Italy, and Spain. The ads contain JavaScript that mines the digital coin known as Monero. Read more of this story at Slashdot.

View article:
Now Even YouTube Serves Ads With CPU-draining Cryptocurrency Miners

Occult manuscripts to be digitized and posted online

The announcement is more than a year old, but Dan Brown, of The Da Vinci Code fame, is paying €300,000 to have Amsterdam’s Ritman Library digitize thousands of books about “alchemy, astrology, magic and theosophy.” One particularly important text that will be digitized is the first English translation of the works of Jakob Böhme, a 17th-century German mystic. Says Esther Ritman, the library’s director and librarian, “When I show this book in the library, it’s like traveling in an entire new world.” Once the work is available online, she says, “We can take everyone along the journey of this book digitally.” The last update was a while back, though, with no updates. Previously: New documentary is a magic portal into a weird and wonderful library

Continue Reading:
Occult manuscripts to be digitized and posted online

If you bought something on Silk Road with bitcoin, the blockchain will remember it forever and possibly reveal your identity

A common misconception is that bitcoin transactions are anonymous. The truth is, unless you are very careful about covering your tracks, your bitcoin transactions can be connected to you. And the transaction records on bitcoin’s public database (the blockchain) can never be changed or deleted, meaning they will forever be searchable by authorities or anyone else. Andy Greenberg of Wired reports that researchers were able to “connect someone’s bitcoin payment on a dark web site to that person’s public account.” [T]he Qatari researchers first collected dozens of bitcoin addresses used for donations and dealmaking by websites protected by the anonymity software Tor, run by everyone from WikiLeaks to the now-defunct Silk Road. Then they scraped thousands of more widely visible bitcoin addresses from the public accounts of users on Twitter and the popular bitcoin forum Bitcoin Talk. By merely searching for direct links between those two sets of addresses in the blockchain, they found more than 125 transactions made to those dark web sites’ accounts — very likely with the intention of preserving the senders’ anonymity — that they could easily link to public accounts. Among those, 46 were donations to WikiLeaks. More disturbingly, 22 were payments to the Silk Road. Though they don’t reveal many personal details of those 22 individuals, the researchers say that some had publicly revealed their locations, ages, genders, email addresses, or even full names. (One user who fully identified himself was only a teenager at the time of the transactions.) And the 18 people whose Silk Road transactions were linked to Bitcoin Talk may be particularly vulnerable, since that forum has previously responded to subpoeanas demanding that it unmask a user’s registration details or private messages. “You have irrefutable evidence mapping this profile to this hidden service,” says Yazan Boshmaf, another of the study’s authors.

See the original article here:
If you bought something on Silk Road with bitcoin, the blockchain will remember it forever and possibly reveal your identity

Roland announces software versions of its 808 and 909 drum machines

The Roland TR-808 and TR-909 are iconic drum machines that powered a ton of the music from the ’80s and ’90s. While both hardware units were recently revived as the TR-08 and TR-09 , they haven’t been officially emulated in software yet. That changes now as Roland announces VST and AU plugins for both of the iconic rhythm modules (along with a new SRX Orchestra virtual instrument set) as part of the company’s Roland Cloud service. The TR-808 and TR-909 virtual instruments are full reproductions of the original hardware, according to Roland. The SRX Orchestra is the first one of the SRX series Expansion Library (from the 2000s) available as a software instrument. Roland Cloud will be a suite of high-resolution software synths and sampled instruments that musicians will be able to pull from while creating their own musical works. It sounds similar to what Adobe has done with its own photo and graphics-based Adobe Cloud . All three new additions are headed as updates to the Roland Cloud service starting in February of this year. Via: Fact Mag Source: Roland

More:
Roland announces software versions of its 808 and 909 drum machines

$500 Million Worth of Cryptocurrency Stolen From Japanese Exchange

Locke2005 shares a report from CNBC: Hackers stole several hundred million dollars’ worth of a lesser-known cryptocurrency from a major Japanese exchange Friday. Coincheck said that around 523 million of the exchange’s NEM coins were sent to another account around 3 a.m. local time (1 p.m. ET Thursday), according to a Google translate of a Japanese transcript of the Friday press conference from Logmi. The exchange has about 6 percent of yen-bitcoin trading, ranking fourth by market share on CryptoCompare. The stolen NEM coins were worth about 58 billion yen at the time of detection, or roughly $534.8 million, according to the exchange. Coincheck subsequently restricted withdrawals of all currencies, including yen, and trading of cryptocurrencies other than bitcoin. Locke2005 adds, “That, my friends, is the prime reason why speculating in cryptocurrency is a bad idea!” Read more of this story at Slashdot.

More:
$500 Million Worth of Cryptocurrency Stolen From Japanese Exchange

Washington Bill Makes It Illegal To Sell Gadgets Without Replaceable Batteries

Jason Koebler writes: A bill that would make it easier to fix your electronics is rapidly hurtling through the Washington state legislature. The bill’s ascent is fueled by Apple’s iPhone-throttling controversy, which has placed a renewed focus on the fact that our electronics have become increasingly difficult to repair. Starting in 2019, the bill would ban the sale of electronics that are designed “in such a way as to prevent reasonable diagnostic or repair functions by an independent repair provider. Preventing reasonable diagnostic or repair functions includes permanently affixing a battery in a manner that makes it difficult or impossible to remove.” Read more of this story at Slashdot.

Excerpt from:
Washington Bill Makes It Illegal To Sell Gadgets Without Replaceable Batteries

Apple Prepares MacOS Users For Discontinuation of 32-Bit App Support

Last year, Apple announced that macOS High Sierra “will be the last macOS release to support 32-bit apps without compromise.” Now, in the macOS High Sierra 10.13.4 beta, Apple is notifying users of the impending change, too. “To prepare for a future release of macOS in which 32-bit software will no longer run without compromise, starting in macOS High Sierra 10.13.4, a user is notified on the launch of an app that depends on 32-bit software. The alert appears only once per app, ” Apple says in the beta release notes. Ars Technica reports: When users attempt to launch a 32-bit app in 10.13.4, it will still launch, but it will do so with a warning message notifying the user that the app will eventually not be compatible with the operating system unless it is updated. This follows the same approach that Apple took with iOS, which completed its sunset of 32-bit app support with iOS 11 last fall. Developers and users curious about how this will play out will be able to look at the similar process in iOS for context. On January 1 of this year, Apple stopped accepting 32-bit app submissions in the Mac App Store. This June, the company will also stop accepting updates for existing 32-bit applications. iOS followed a similar progression, with 32-bit app submissions ending in February of 2015 and acceptance of app updates for 32-bit apps ending in June of 2015. Read more of this story at Slashdot.

Read the original:
Apple Prepares MacOS Users For Discontinuation of 32-Bit App Support

AppRiver Report: 1,000% Increase in Phishing Attacks in 2017

Email & web-based spam & malware attacks impact global organizations in 2017, a cybersecurity study conducted by AppRiver shows. The post AppRiver Report: 1, 000% Increase in Phishing Attacks in 2017 appeared first on MSSP Alert .