An anonymous reader writes: A confidential computer project designed to break military codes was accidentally made public by New York University engineers. An anonymous digital security researcher identified files related to the project while hunting for things on the internet that shouldn’t be, The Intercept reported. He used a program called Shodan, a search engine for internet-connected devices, to locate the project. It is the product of a joint initiative by NYU’s Institute for Mathematics and Advanced Supercomputing, headed by the world-renowned Chudnovsky brothers, David and Gregory, the Department of Defense, and IBM. Information on an exposed backup drive described the supercomputer, called — WindsorGreen — as a system capable of cracking passwords. Read more of this story at Slashdot.
Continued here:
NYU Accidentally Exposed Military Code-breaking Computer Project To Entire Internet
In response to a U.S. Justice Department order that requires colleges and universities make website content accessible for citizens with disabilities and impairments, the University of California, Berkeley, will cut off public access to tens of thousands of video lectures and podcasts. Officials said making the videos and audio more accessible would have proven too costly in comparison to removing them. Inside Higher Ed reports: Today, the content is available to the public on YouTube, iTunes U and the university’s webcast.berkeley site. On March 15, the university will begin removing the more than 20, 000 audio and video files from those platforms — a process that will take three to five months — and require users sign in with University of California credentials to view or listen to them. The university will continue to offer massive open online courses on edX and said it plans to create new public content that is accessible to listeners or viewers with disabilities. The Justice Department, following an investigation in August, determined that the university was violating the Americans With Disabilities Act of 1990. The department reached that conclusion after receiving complaints from two employees of Gallaudet University, saying Berkeley’s free online educational content was inaccessible to blind and deaf people because of a lack of captions, screen reader compatibility and other issues. Cathy Koshland, vice chancellor for undergraduate education, made the announcement in a March 1 statement: “This move will also partially address recent findings by the Department of Justice, which suggests that the YouTube and iTunes U content meet higher accessibility standards as a condition of remaining publicly available. Finally, moving our content behind authentication allows us to better protect instructor intellectual property from ‘pirates’ who have reused content for personal profit without consent.” Read more of this story at Slashdot. 
An anonymous reader writes: “An attacker going by the name of Harak1r1 is hijacking unprotected MongoDB databases, stealing and replacing their content, and asking for a 0.2 Bitcoin ($200) ransom to return the data, ” reports Bleeping Computer. According to John Matherly, Shodan founder, over 1, 800 MongoDB databases have had their content replaced with a table called WARNING that contains the ransom note. Spotted by security researcher Victor Gevers, these databases are MongoDB instances that feature no administrator password and are exposed to external connections from the internet. Database owners in China have been hit, while Bleeping Computer and MacKeeper have confirmed other infections, one which hit a prominent U.S. healthcare organization and blocked access to over 200, 000 user records. These attacks are somewhat similar to attacks on Redis servers in 2016, when an unknown attacker had hijacked and installed the Fairware ransomware on hundreds of Linux servers running Redis DB. The two series of attacks don’t appear to be related. Read more of this story at Slashdot.