Microsoft Finally Bans SHA-1 Certificates In Its Browsers

An anonymous reader quotes ZDNet: With this week’s monthly Patch Tuesday, Microsoft has also rolled out a new policy for Edge and Internet Explorer that prevents sites that use a SHA-1-signed HTTPS certificate from loading. The move brings Microsoft’s browsers in line with Chrome, which dropped support for the SHA-1 cryptographic hash function in January’s stable release of Chrome 56, and Firefox’s February cut-off… Apple dropped support for SHA-1 in March with macOS Sierra 10.12.4 and iOS 10.3… Once Tuesday’s updates are installed, Microsoft’s browsers will no longer load sites with SHA-1 signed certificates and will display an error warning highlighting a security problem with the site’s certificate. Read more of this story at Slashdot.

Read More:
Microsoft Finally Bans SHA-1 Certificates In Its Browsers

Researchers Find New Version Of WanaDecrypt0r Ransomware Without A Kill Switch

Remember that “kill switch” which shut down the WannCry ransomware? An anonymous reader quotes Motherboard: Over Friday and Saturday, samples of the malware emerged without that debilitating feature, meaning that attackers may be able to resume spreading ransomware even though a security researcher cut off the original wave. “I can confirm we’ve had versions without the kill switch domain connect since yesterday, ” Costin Raiu, director of global research and analysis team at Kaspersky Lab told Motherboard on Saturday… Another researcher confirmed they have seen samples of the malware without the killswitch. Read more of this story at Slashdot.

More:
Researchers Find New Version Of WanaDecrypt0r Ransomware Without A Kill Switch

Up To 1.4M More Fake Wells Fargo Accounts Possible

An anonymous reader quotes the Bay Area Newsgroup: Wells Fargo may have opened as many as 3.5 million bogus bank accounts without its customers’ permission, attorneys for customers suing the bank have alleged in a court filing, suggesting the bank may have created far more fake accounts than previously indicated. The plaintiffs’ new estimate of bogus bank accounts is about 1.4 million, or 67%, higher than the original estimate — disclosed last year as part of a settlement with regulators — that up to 2.1 million accounts were opened without customers’ permission… The attorneys covered a period from 2002 to 2017, rather than the previously scrutinized five-year stretch from 2011 to some time in 2016 in which the bank acknowledged setting up unauthorized accounts. Wells Fargo terminated 5, 300 employees for creating fake accounts, and their CEO now acknowledges that “we had an incentive program and a high-pressure sales culture within our community bank that drove behavior that many times was inappropriate and inconsistent with our values.” In a possibly-related story, Wells Fargo plans to shut 450 branches over the next two years. Read more of this story at Slashdot.

Follow this link:
Up To 1.4M More Fake Wells Fargo Accounts Possible

Germany Sets New National Record With 85 Percent of Its Electricity Sourced From Renewables

Germany was able to set a new national record for the last weekend of April with 85 percent of all electricity consumed in the country being produced from renewables — wind, solar, biomass, and hydroelectric power. Digital Trends reports: Aided by a seasonal combination of windy but sunny weather, during that weekend the majority of Germany’s coal-fired power stations weren’t even operating, while nuclear power stations (which the country plans to phase out by the year 2022) were massively reduced in output. To be clear, this is impressive even by Germany’s progressive standards. By comparison, in March just over 40 percent of all electricity consumed in the country came from renewable sources. However, while the end-of-April weekend was an aberration, the hope is that it won’t be for too much longer. According to Patrick Graichen of the country’s sustainability-focused Agora Energiewende Initiative, German renewable energy percentages in the mid-80s should be “completely normal” by the year 2030. Read more of this story at Slashdot.

Read More:
Germany Sets New National Record With 85 Percent of Its Electricity Sourced From Renewables

50 floating screens will clean the Pacific garbage patch next year

The Ocean Cleanup , a Dutch foundation that aims to deal with plastics polluting our seas, says it’s finally ready to put its technology to work. In a statement released today, the organization has revealed that it plans to start cleaning up the Great Pacific Garbage Patch in early 2018 using its newly redesigned cleaning system. That garbage patch is the biggest collection of debris in the ocean, a massive soup of visible and microscopic plastic particles poisoning marine life. The ship captain who discovered it in 2003 said he “never found a clear spot” in the week it took to cross the region. While Boyan Slat (the organization’s founder) originally envisioned trapping plastic trash with one large screen tethered to the ocean floor, the new design is smaller, sturdier and can save the group a ton of money. Instead of deploying a 60-mile stationary screen, they plan on releasing 50 smaller ones that measure 0.6 miles in length. They’ll weigh the floating screens down with anchor, so they can move with the currents like plastics do, albeit a bit slower in order to trap debris. Slat told FastCompany that he expected the original design to clean up half of the massive garbage patch in 10 years for $320 million. Now, he expects the new design to cut that timespan in half and to cost the group significantly less than that amount. Since he and his team still need to fund the project, though, they plan to use the plastic they collect to make items they can sell, such as sunglasses, chairs and car bumpers. Source: The Ocean Cleanup

See original article:
50 floating screens will clean the Pacific garbage patch next year

Scientists Finally Know What Makes These Weird Glass Droplets So Incredibly Strong

Something unusual happens when a drop of molten glass falls into water. As it cools, it creates a crystal clear tadpole-like droplet that’s bulletproof on one end, but impossibly fragile on the other. We’ve known about these droplets for 400 years, but scientists have only recently figured out what makes them almost… Read more…

More here:
Scientists Finally Know What Makes These Weird Glass Droplets So Incredibly Strong

Massive ransomware attack hits UK hospitals, Spanish banks

Enlarge (credit: Health Service Journal) A large number of hospitals, GPs, and walk-in clinics across England have been locked down by a ransomware attack, reports suggest. There are also some reports of a ransomware attack hitting institutions in Portugal and Spain, though it isn’t known if the incidents are connected. NHS England says it is aware of the issue, but hasn’t yet issued an official statement. At this point it isn’t clear whether a central NHS network has been knocked offline by the ransomware, or whether individual computers connected to the network are being locked out. In any case, some hospitals and clinics are reporting that their computer systems are inaccessible and some telephone services are down too. Read 7 remaining paragraphs | Comments

View original post here:
Massive ransomware attack hits UK hospitals, Spanish banks

Ram is recalling more than a million trucks for faulty software

Enlarge / A 2015 Ram 1500, one of the models affected by this recall. (credit: FCA) Dodgy software code controlling side airbags and safety belt pretensioners is responsible for a recall affecting more than a million Ram pickup trucks. On Friday, Fiat Chrysler Automobiles (FCA) announced that it will be recalling Ram 1500 and 2500 trucks (model years 2013 to 2016) and Ram 3500 trucks (model years 2014 to 2016) beginning in June in order to rectify the problem. The software error, which could prevent side airbag deployment and belt pretensioning in cases where a vehicle rolls over following an underbody impact—say, hitting road debris or something when off-roading—has already been implicated in one death. Although the code has not been conclusively fingered as the culprit, FCA says it is issuing the recall proactively. A similar issue forced General Motors to recall more than 4 million vehicles in 2016. Read 1 remaining paragraphs | Comments

View the original here:
Ram is recalling more than a million trucks for faulty software

New Ransomware ‘Jaff’ Spotted; Malware Groups Pushing 5M Emails Per Hour To Circulate It

An anonymous reader writes: The Necurs botnet has been harnessed to fling a new strain of ransomware dubbed “Jaff”. Jaff spreads in a similar way to the infamous file-encrypting malware Locky and even uses the same payment site template, but is nonetheless a different monster. Attached to dangerous emails is an infectious PDF containing an embedded DOCM file with a malicious macro script. This script will then download and execute the Jaff ransomware. Locky — like Jaff — also used the Necurs botnet and a booby-trapped PDF, security firm Malwarebytes notes. “This is where the comparison ends, since the code base is different as well as the ransom itself, ” said Jerome Segura, a security researcher at Malwarebytes. “Jaff asks for an astounding 2 BTC, which is about $3, 700 at the time of writing.” Proofpoint reckons Jaff may be the work of the same cybercriminals behind Locky, Dridex and Bart (other nasty malware) but this remains unconfirmed. And Forcepoint Security Labs reports that malicious emails carrying Jaff are being cranked out at a rate of 5 million an hour on Thursday, or 13 million in total at the time it wrote up a blog post about the new threat. Read more of this story at Slashdot.

See the original post:
New Ransomware ‘Jaff’ Spotted; Malware Groups Pushing 5M Emails Per Hour To Circulate It