Tag: elegant-bride

FBI: US court websites went down due to “technical problems,” not DDOS

Flickr user TexasGOPVote.com While the rest of us were fretting about the Gmail outage on Friday , lawyers and those involved in the United States judicial system were concerned that uscourts.gov and other federal courts’ sites had been hit by a distributed denial-of-service (DDOS) attack. Also suffering an outage was pacer.gov , the “Public Access to Court Electronic Records” (PACER), a common way for lawyers and journalists to access court documents online. (That site, which normally charges $0.10 per page for documents, also has a free online mirror , known as RECAP.) Initially, a spokesperson for the Administrative Office of the US Courts told Politico on Friday that it was indeed a denial-of-service attack. A group calling itself the “European Cyber Army” initially also claimed responsibility on Twitter . Read 2 remaining paragraphs | Comments

Read the article:
FBI: US court websites went down due to “technical problems,” not DDOS

Investigation of password crackers busts site feds say hacked 6,000 accounts

An international law-enforcement crackdown on paid password cracking services has resulted in at least 11 arrests, including the operators of an alleged cracker-for-hire site in the US that prosecutors said compromised almost 6,000 e-mail accounts. Mark Anthony Townsend, 45, of Cedarville, Arkansas, and Joshua Alan Tabor, 29, of Prairie Grove, Arkansas, ran a site called needapassword.com, according to court documents filed this week in federal court in Los Angeles. The site accepted user requests to hack into specific e-mail accounts hosted by Google, Yahoo, and other providers, prosecutors alleged. According to charging documents, the operators would break into the accounts, access their contents and send screenshots to the users proving the accounts had been compromised. The men would then send passwords in exchange for a fee paid to their PayPal account, prosecutors said. “Through www.needapassword.com, defendant and others known and unknown to the United States Attorney obtained unauthorized access to over 5,900 e-mail accounts submitted by customers,” a criminal information filed against Townsend stated. During the time of Tabor’s involvement, needapassword.com broke into at least 250 accounts, a separate charging document claimed. Read 3 remaining paragraphs | Comments

View original post here:
Investigation of password crackers busts site feds say hacked 6,000 accounts

Amazon cuts cloud storage prices, Microsoft immediately follows suit

Yesterday, Amazon announced that it would be cutting the prices of both its S3 and EBS cloud-based storage. Today, Microsoft announced that it too was cutting the cost of its cloud storage. The software giant promised last April that it would match Amazon’s prices for commodity cloud services: storage, bandwidth, and computation. Amazon’s pricing varies from region to region, and the price cuts range from 6 percent if you’re storing between 1 and 50 terabytes of data, to up to 22 percent—though you’ll need to be storing at least 5 petabytes to take advantage of this. Microsoft says that not only is it going to match these prices, making cuts of up to 20 percent itself, but it will also charge the same amount in every region . This means that Azure storage will in some parts of the world as much as 10 percent cheaper than the Amazon equivalent. Read 2 remaining paragraphs | Comments

Read More:
Amazon cuts cloud storage prices, Microsoft immediately follows suit

Microfluidics panel could add physical buttons to a touch screen

Tactus Technology Tactus Technology has created a microfluidics panel that could be overlaid on touchscreens to produce “buttons,” per a report from CNET. The panel would allow smartphones to create a bunch of nubs over the keyboard keys on touch screens to help guide typists’ fingers. Some smartphone users are still lamenting the loss of tactile keys like those on a Blackberry, but QWERTY keyboards are hard to justify in terms of real estate when a touch screen can use that space better. A keyboard add-on is a possibility, but one pretender to the Blackberry throne, the Typo, has gotten a mixed reception . Tactus Technology Tactus’ system would put a 0.75 to 1 millimeter-thick microfluidics panel over a device’s LCD instead of glass or plastic. A sub-layer of the panel would be punctured with 200-nanometer holes, through which fluid would be pressed to raise the flexible surface of the screen when the operating system called up some buttons. Read 1 remaining paragraphs | Comments

View original post here:
Microfluidics panel could add physical buttons to a touch screen

Developer screenshots may show off Apple’s “iOS in the Car” progress

Steve Troughton-Smith One of the features Apple talked about when it unveiled iOS 7 at its Worldwide Developer Conference (WWDC) back in June was “iOS in the Car,” a vehicle integration feature that would let drivers with supported vehicles talk to Siri, listen to and respond to text messages, use Maps, and perform other tasks without removing their hands from the wheel. That feature was absent from the original iOS 7 release, but rumors suggest it will be supported in the iOS 7.1 update that’s currently in beta testing. While Apple’s promotional page for iOS 7 shows some early screenshots of what iOS in the Car might look like, new screenshots pulled from developer Steve Troughton-Smith’s Twitter feed and published by 9to5Mac purport to show off a refined version of the interface. Apple Maps is the only usable app as of this writing, suggesting that the screenshots were taken in the iOS Simulator that shipped with the XCode developer tools rather than on actual hardware, but we can still see the basic UI changes that Apple has made since the original demo. There’s a left-aligned bar with the time, connection status, and a software Home button that appears to be persistent across all of the screenshots, and the rest of the interface’s graphics, fonts, and buttons closely mirror those used throughout iOS 7. A safety warning screen like the one used in most GPSs. Steve Troughton-Smith The list of apps should grow once the feature is actually released. Steve Troughton-Smith For most people, iOS in the Car’s biggest drawback will be that it requires a new car to support all of its features. Though Apple says a number of automakers (including Acura, Chevy, Ferrari, Honda, Hyundai, Infiniti, Jaguar, Kia, Mercedes-Benz, Nissan, and Opel) are interested in bringing the feature to some of their 2014 models, replacing a car to use a new feature is a bit more onerous than buying new cables or other accessories. Read 1 remaining paragraphs | Comments

Read the original post:
Developer screenshots may show off Apple’s “iOS in the Car” progress

Point-of-sale malware infecting Target found hiding in plain sight

Cyberslayer Independent security journalist Brian Krebs has uncovered important new details about the hack that compromised as many as 110 million Target customers, including the malware that appears to have infected point-of-sale systems and the way attackers first broke in. According to a post published Wednesday to KrebsOnSecurity, point-of-sale (POS) malware was uploaded to Symantec-owned ThreatExpert.com on December 18, the same day that  Krebs broke the news of the massive Target breach . An unidentified source told Krebs that the Windows share point name “ttcopscli3acs” analyzed by the malware scanning website matches the sample analyzed by the malware scanning website . The thieves used the user name “Best1_user” to log in and download stolen card data. Their password was “BackupU$r”. KrebsonSecurity The class of malware identified by Krebs is often referred to as a memory scraper, because it monitors the computer memory of POS terminals used by retailers. The malware searches for credit card data before it has been encrypted and sent to remote payment processors. The malware then “scrapes” the plain-text entries and dumps them into a database. Krebs continued: Read 2 remaining paragraphs | Comments

Continue reading here:
Point-of-sale malware infecting Target found hiding in plain sight

Google Play Movies & TV comes to iOS, minus the store and offline support

Google loves itself some iOS apps. Its newest addition to Apple’s platform is Google Play Movies & TV , Google’s video content store. To call the app a “store” on iOS is a bit of a misnomer, as buying content from the iOS app isn’t possible, thanks to Apple’s restrictions. What it  can do is play existing content that you’ve purchased on an Android device or through the Google Play Web interface . There isn’t much to the app. Movies and TV shows are broken out into separate categories, and everything is displayed as a large thumbnail. The individual content pages show a short description, a minimal list of credits, and the all-important “play” button. The app supports Google’s Chromecast via a button in the top right corner, and that’s about it. It’s simple, but a movie player doesn’t really need to be complicated. Compared to the Android version, there are a few things missing. The lack of a store means Google’s recommendation engine is missing too, which leads to of a lot of blank-looking pages. The biggest omission is offline support—there is no way to download a video for later offline viewing, so make sure you have a great Internet connection before pressing “play.” In fact, the app doesn’t work over a cellular connection at all—Wi-Fi is required. Read 2 remaining paragraphs | Comments

Visit site:
Google Play Movies & TV comes to iOS, minus the store and offline support

Creator of PGP e-mail encryption making secure Android “Blackphone”

Blackphone Phil Zimmerman, creator of PGP e-mail encryption , is leading a team of security industry executives building an Android phone with a variety of built-in privacy tools. “I’ve been interested in secure telephony for longer than I’ve been interested in secure e-mail,” Zimmerman said in a video on so-called Blackphone ‘s website. “I had to wait for the rest of the technology infrastructure to catch up to make it possible to do secure telephony. PGP was kind of a detour for me while waiting for the rest of the technology to catch up to make really good secure telephony possible.” The narrator of the Blackphone video ominously says, “Technology was supposed to make our lives better. Instead we have lost our privacy—we have become enslaved.” The Blackphone website says the phone will use “PrivatOS,” an Android-based operating system, while letting users “make and receive secure phone calls; exchange secure texts; exchange and store secure files; have secure video chat; browse privately; and anonymize your activity through a VPN.” Read 4 remaining paragraphs | Comments

See more here:
Creator of PGP e-mail encryption making secure Android “Blackphone”

Critical Microsoft, Adobe, and Oracle updates: Like dental floss for your PC

drueckert.com I was still wiping the sleep from my eyes this morning when the nagging voice kicked in: before trawling the Internet for news, you better install yesterday’s security updates. It wasn’t a pleasant thought, given the raft of patches released yesterday by Microsoft, Adobe, and Oracle for a variety of products. But as someone who has covered computer security for eight years, I’ve come to make updating a top priority. And for good reason. A large percentage of the booby-trapped websites that surreptitiously install malware on visitors’ machines exploit vulnerabilities that have already been patched. The recent hack on Yahoo’s ad network , for instance, targeted two security flaws in the Java software framework that Oracle had fixed 17 and 24 months ago, Trend Micro reported in a blog post . Those who visited compromised Yahoo servers with up-to-date systems were immune to those attacks. By contrast, people using unpatched software were exposed to malicious payloads that installed the Dorkbot and Gamarue trojans, as well as malware that turned visitors’ machines into Bitcoin miners. Read 5 remaining paragraphs | Comments

See the original post:
Critical Microsoft, Adobe, and Oracle updates: Like dental floss for your PC

DoS attacks that took down big game sites abused Web’s time-sync protocol

69 percent of all DDoS attack traffic by bit volume in the first week of January was the result of NTP reflection. Black Lotus Miscreants who earlier this week took down servers for League of Legends, EA.com, and other online game services used a never-before-seen technique that vastly amplified the amount of junk traffic directed at denial-of-service targets. Rather than directly flooding the targeted services with torrents of data, an attack group calling itself DERP Trolling sent much smaller-sized data requests to time-synchronization servers running the Network Time Protocol (NTP). By manipulating the requests to make them appear as if they originated from one of the gaming sites, the attackers were able to vastly amplify the firepower at their disposal. A spoofed request containing eight bytes will typically result in a 468-byte response to victim, an increase of more than 58 fold. “Prior to December, an NTP attack was almost unheard of because if there was one it wasn’t worth talking about,” Shawn Marck, CEO of DoS-mitigation service Black Lotus , told Ars. “It was so tiny it never showed up in the major reports. What we’re witnessing is a shift in methodology.” Read 4 remaining paragraphs | Comments

More:
DoS attacks that took down big game sites abused Web’s time-sync protocol