Tag: california

New US spy satellite features world-devouring octopus

United Launch Alliance via ODNI President Obama is out to put the public’s mind at ease about new revelations on intelligence-gathering, but the Office for the Director of National Intelligence can’t quite seem to get with the program of calming everyone down. Over the weekend, the ODNI was pumping up the launch of a new surveillance satellite launched by the National Reconnaissance Office. The satellite was launched late Thursday night, and ODNI’s Twitter feed posted photos and video of the launch over the following days. Read 4 remaining paragraphs | Comments        

Continue reading here:
New US spy satellite features world-devouring octopus

Kingpin behind large chunk of world’s malware exploits led lavish life

A screenshot showing BlackHole statistics. Group-IB An online crime kingpin arrested in October and charged with creating and distributing the Blackhole exploit kit may have had his hand in as much as 40 percent of the world’s malware infections, according to information released by the security firm that helped track him down. The 27-year-old Russian, identified only as Paunch, allegedly earned about $50,000 per month selling BlackHole subscriptions for as much as $500 per month, according to a report published Friday by security firm Group-IB. He is also alleged to be behind the much more expensive Cool Exploit Kit and a “Crypt” service used to obfuscate malware to go undetected by antivirus programs. With more than 1,000 customers, he was able to lead a lavish lifestyle that included driving a white Porsche Cayenne, Group-IB said. A man Group-IB identifies as “Paunch” standing in front of a Porsche Cayenne. Group-IB Exploit kits are the do-it-yourself tools used to embed crimeware into hacked or malicious websites so they target a host of vulnerabilities found on end-user computers. People who visit the websites are exposed to “drive-by” attacks that are often able to install highly malicious software on the computers with no sign that anything is amiss. Group-IB estimated that Paunch may have supplied the code used in as much as 40 percent of the PC crimeware infections worldwide. Researchers arrived at that guess by gauging sales of BlackHole and Cool, which they said accounted for about 40 percent of world revenue for exploit kits. Even assuming that some crimeware is installed independent of exploit kits, it’s hard to overstate the role these two kits played in seeding the Web with exploit code that installed malware used in bank fraud and other forms of online crime. Read 3 remaining paragraphs | Comments        

See the original article here:
Kingpin behind large chunk of world’s malware exploits led lavish life

Mozilla making progress with Firefox’s long journey to multiprocess

Multiple Firefox processes. Gill Penney Internet Explorer and Chrome both use a multiprocess architecture to enhance stability and security. They separate the task of parsing and rendering Web pages from the job of drawing the browser on-screen, saving downloaded files, creating network connections, and so on. This allows them to run the dangerous parts—the parts exposed to malicious scripts and exploitative HTML—in a sandbox with reduced permissions, making it harder for browser flaws to be turned into system compromises. It also means that they’re much more tolerant of crash bugs; a bug will bring down an individual tab, but shouldn’t, in general, bring down the browser as a whole. In 2009, Mozilla announced the Electrolysis project , which was to bring this kind of multiprocess design to Firefox. Read 10 remaining paragraphs | Comments        

Read the article:
Mozilla making progress with Firefox’s long journey to multiprocess

Charged with theft, man arrested for plugging car into school’s outlet

Nissan A man in an Atlanta suburb was confronted by a police officer for plugging his electric car into an outside outlet at a school. Ten days later, he was arrested at home and charged with theft for taking about 5 cents worth of electricity “without consent.” Kaveh Kamooneh plugged an extension cable from his Nissan Leaf into a 110-volt external outlet at Chamblee Middle School while his son was practicing tennis. A short time later, he noticed someone in his car and went to investigate—and found that the man was a Chamblee police officer. “He informed me he was about to arrest me, or at least charge me, for electrical theft,” Kamooneh told Atlanta’s Channel 11 News . Kamooneh said that the car, when plugged into a 110-volt outlet, draws a kilowatt an hour. “Over an hour, that’s maybe eight or nine cents” worth of electricity, he said, depending on the rates. He was plugged in for less than 20 minutes, so he estimated the amount of power he drew from the school at less than 5 cents. Read 2 remaining paragraphs | Comments        

Read this article:
Charged with theft, man arrested for plugging car into school’s outlet

Found: hacker server storing two million pilfered paswords

Spider Labs Researchers have unearthed a server storing more than two million pilfered login credentials for a variety of user accounts, including those on Facebook, Yahoo, Google, Twitter, and a handful of other websites. More than 1.5 million of the user names and passwords are for website accounts, including 318,121 for Facebook, 59,549 for Yahoo, 54,437 for Google, and 21,708 for Twitter, according to a blog post published Tuesday by researchers from security firm Trustwave’s Spider Labs. The cache also included credentials for e-mail addresses, FTP accounts, remote desktops, and secure shells. More than 1.8 million of the passwords, or 97 percent of the total, appeared to come from computers located in the Netherlands, followed by Thailand, Germany, Singapore, and Indonesia. US accounts comprised 0.1 percent, with 1,943 compromised passwords. In all, the data may have come from as many as 102 countries. Read 5 remaining paragraphs | Comments        

Link:
Found: hacker server storing two million pilfered paswords

Scientist-developed malware covertly jumps air gaps using inaudible sound

Topology of a covert mesh network that connects air-gapped computers to the Internet. Hanspach and Goetz Computer scientists have developed malware that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection. The proof-of-concept software—or malicious trojans that adopt the same high-frequency communication methods—could prove especially adept in penetrating highly sensitive environments that routinely place an “air gap” between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals. The researchers, from Germany’s Fraunhofer Institute for Communication, Information Processing, and Ergonomics , recently disclosed their findings in a paper published in the Journal of Communications . It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps . The new research neither confirms nor disproves Dragos Ruiu’s claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today’s malware. Read 6 remaining paragraphs | Comments        

More:
Scientist-developed malware covertly jumps air gaps using inaudible sound

Anti-GMO crop paper to be forcibly retracted

Chiot’s Run Last year, a French researcher made waves by announcing a study that suggested genetically modified corn could lead to an increased incidence of tumors in lab animals. But the way the finding was announced seemed designed to generate publicity while avoiding any scientific evaluation of the results. Since then, the scientific criticisms have rolled in, and they have been scathing. Now, the editor of the journal that published it has decided to pull the paper despite the objections of its primary author. The initial publication focused on corn that had been genetically engineered to carry a gene that allowed it to break down a herbicide. French researchers led by Gilles-Eric Séralini fed the corn, with and without herbicide, to rats. Control populations were given the herbicide alone or unmodified corn. The authors concluded that the genetically-modified corn led to an elevated incidence of tumors and early death. But even a cursory glance at the results suggested there were some severe problems with this conclusion. To begin with, there were similar effects caused by both the genetically engineered crop and by the herbicide it was designed to degrade. None of the treatments showed a dose effect; in some cases, the lowest doses had the most dramatic effect. And, if the treatment populations were combined, in some cases they were healthier than the controls. Tests of whether the results were statistically significant were completely lacking. Read 8 remaining paragraphs | Comments        

More:
Anti-GMO crop paper to be forcibly retracted

New Linux worm targets routers, cameras, “Internet of things” devices

Wesley Fryer Researchers have discovered a Linux worm capable of infecting a wide range of home routers, set-top boxes, security cameras, and other consumer devices that are increasingly equipped with an Internet connection. Linux.Darlloz , as the worm has been dubbed, is now classified as a low-level threat, partly because its current version targets only devices that run on CPUs made by Intel, Symantec researcher Kaoru Hayashi wrote in a blog post published Wednesday . But with a minor modification, the malware could begin using variants that incorporate already available executable and linkable format (ELF) files that infect a much wider range of “Internet-of-things” devices, including those that run chips made by ARM and those that use the PPC, MIPS, and MIPSEL architectures. “Upon execution, the worm generates IP addresses randomly, accesses a specific path on the machine with well-known ID and passwords, and sends HTTP POST requests, which exploit the vulnerability,” Hayashi explained. “If the target is unpatched, it downloads the worm from a malicious server and starts searching for its next target. Currently, the worm seems to infect only Intel x86 systems, because the downloaded URL in the exploit code is hard-coded to the ELF binary for Intel architectures.” Read 4 remaining paragraphs | Comments        

More:
New Linux worm targets routers, cameras, “Internet of things” devices

Hack of Cupid Media dating website exposes 42 million plaintext passwords

A hack on niche online dating service Cupid Media earlier this year has exposed names, e-mail addresses and—most notably—plain-text passwords for 42 million accounts, according to a published report. The cache of personal information was found on the same servers that housed tens of millions of records stolen in separate hacks on sites including Adobe , PR Newswire , and the National White Collar Crime Center, KrebsonSecurity journalist Brian Krebs reported Tuesday night . An official with Southport, Australia-based Cupid Media told Krebs that user credentials appeared to be connected to “suspicious activity” that was detected in January. Officials believed they had notified all affected users, but they are in the process of double-checking that all affected accounts have had their passwords reset in light of Krebs’s discovery. The compromise of 42 million passwords makes the episode one of the biggest passcode breaches on record. Adding to the magnitude is the revelation the data was in plain-text, instead of a cryptographically hashed format that requires an investment of time, skill, and computing power to crack. As Krebs noted: Read 3 remaining paragraphs | Comments        

Continue Reading:
Hack of Cupid Media dating website exposes 42 million plaintext passwords

GitHub resets user passwords following rash of account hijack attacks

GitHub is experiencing an increase in user account hijackings that’s being fueled by a rash of automated login attempts from as many as 40,000 unique Internet addresses. The site for software development projects has already reset passwords for compromised accounts and banned frequently used weak passcodes, officials said in an advisory published Tuesday night . Out of an abundance of caution, site officials have also reset some accounts that were protected with stronger passwords. Accounts that were reset despite having stronger passwords showed login attempts from the same IP addresses involved in successful breaches of other GitHub accounts. “While we aggressively rate-limit login attempts and passwords are stored properly, this incident has involved the use of nearly 40K unique IP addresses,” Tuesday night’s advisory stated. “These addresses were used to slowly brute force weak passwords or passwords used on multiple sites. We are working on additional rate-limiting measures to address this. In addition, you will no longer be able to login to GitHub.com with commonly used weak passwords.” Read 3 remaining paragraphs | Comments        

See the article here:
GitHub resets user passwords following rash of account hijack attacks