Lenovo Discovers and Removes Backdoor In Networking Switches

An anonymous reader writes: Lenovo engineers have discovered a backdoor in the firmware of RackSwitch and BladeCenter networking switches. The company released firmware updates last week. The Chinese company said it found the backdoor after an internal security audit of firmware for products added to its portfolio following the acquisitions of other companies. Lenovo says the backdoor affects only RackSwitch and BladeCenter switches running ENOS (Enterprise Network Operating System). The backdoor was added to ENOS in 2004 when ENOS was maintained by Nortel’s Blade Server Switch Business Unit (BSSBU). Lenovo claims Nortel appears to have authorized the addition of the backdoor “at the request of a BSSBU OEM customer.” In a security advisory regarding this issue, Lenovo refers to the backdoor under the name of “HP backdoor.” The backdoor code appears to have remained in the firmware even after Nortel spun BSSBU off in 2006 as BLADE Network Technologies (BNT). The backdoor also remained in the code even after IBM acquired BNT in 2010. Lenovo bought IBM’s BNT portfolio in 2014. Read more of this story at Slashdot.

See more here:
Lenovo Discovers and Removes Backdoor In Networking Switches

The Underground Uber Networks Driven by Russian Hackers

Joseph Cox, reporting for DailyBeat: Uber’s ride-sharing service has given birth to some of the most creative criminal scams to date, including using a GPS-spoofing app to rip off riders in Nigeria, and even ginning up fake drivers by using stolen identities. Add to those this nefariously genius operation: Cybercriminals, many working in Russia, have created their own illegitimate taxi services for other crooks by piggybacking off Uber’s ride-sharing platform, sometimes working in collaboration with corrupt drivers. Based on several Russian-language posts across a number of criminal-world sites, this is how the scam works: The scammer needs an emulator, a piece of software which allows them to run a virtual Android phone on their laptop with the Uber app, as well as a virtual private network (VPN), which routes their computer’s traffic through a server in the same city as the rider. The scammer acts, in essence, as a middleman between an Uber driver and the passenger — ordering trips through the Uber app, but relaying messages outside of it. Typically, this fraudulent dispatcher uses the messaging app Telegram to chat with the passenger, who provides pickup and destination addresses. The scammer orders the trip, and then provides the car brand, driver name, and license plate details back to the passenger through Telegram. Read more of this story at Slashdot.

Continue reading here:
The Underground Uber Networks Driven by Russian Hackers

Linux Pioneer Munich Confirms Switch To Windows 10

The German city of Munich, once seen as a open-source pioneer, has decided to return to Windows. Windows 10 will be rolled out to about 29, 000 PCs at the city council, a major shift for an authority that has been running Linux for more than a decade. From a report: Back in 2003 the council decided to to switch to a Linux-based desktop, which came to be known as LiMux, and other open-source software, despite heavy lobbying by Microsoft. But now Munich will begin rolling out a Windows 10 client from 2020, at a cost of about Euro 50m ($59.6m), with a view to Windows replacing LiMux across the council by early 2023. Politicians who supported the move at a meeting of the full council today say using Windows 10 will make it easier to source compatible applications and hardware drivers than it has been using a Linux-based OS, and will also reduce costs associated with running Windows and LiMux PCs side-by-side. Read more of this story at Slashdot.

More:
Linux Pioneer Munich Confirms Switch To Windows 10

Big hard disks may be breaking the bathtub curve

(credit: Alpha six ) Low-cost cloud backup and storage company Backblaze has published its latest set of hard disk reliability numbers for the second quarter of 2017. While the company has tended to stick with consumer-oriented hard disks, a good pricing deal has meant that it also now has several thousand enterprise-class disks , allowing for some large-scale comparisons to be drawn between the two kinds of storage. The company has also started to acquire larger disks with capacities of 10TB and 12TB. The company is using two models of 8TB Seagate disk: one consumer, with a two-year warranty, and the other enterprise, with a five-year warranty. Last quarter, Backblaze noted some performance and power management advantages to the enterprise disks, but for the company’s main use case, these were of somewhat marginal value. The performance does help with initial data migrations and ingest, but the performance benefit overall is limited due to the way Backblaze distributes data over so many spindles. (credit: Backblaze ) In aggregate, the company has now accumulated 3.7 million drive days for the consumer disksĀ and 1.4 million for the enterprise ones. Over this usage, the annualized failure rates are 1.1 percent for the consumer disks and 1.2 percent for the enterprise ones. At least for now, then, the enterprise disks aren’t doing anything to justify their longer warranty; their reliability is virtually identical. The focus now is on what happens to the consumer disks as they pass their two-year warranty period. Will they show the same reliability, or will deterioration become more apparent? Read 2 remaining paragraphs | Comments

Read More:
Big hard disks may be breaking the bathtub curve

2 Million IoT Devices Enslaved By Fast-Growing BotNet

An anonymous reader writes: Since mid-September, a new IoT botnet has grown to massive proportions. Codenamed IoT_reaper, researchers estimate its current size at nearly two million infected devices. According to researchers, the botnet is mainly made up of IP-based security cameras, routers, network-attached storage (NAS) devices, network video recorders (NVRs), and digital video recorders (DVRs), primarily from vendors such as Netgear, D-Link, Linksys, GoAhead, JAWS, Vacron, AVTECH, MicroTik, TP-Link, and Synology. The botnet reuses some Mirai source code, but it’s unique in its own right. Unlike Mirai, which relied on scanning for devices with weak or default passwords, this botnet was put together using exploits for unpatched vulnerabilities. The botnet’s author is still struggling to control his botnet, as researchers spotted over two million infected devices sitting in the botnet’s C&C servers’ queue, waiting to be processed. As of now, the botnet has not been used in live DDoS attacks, but the capability is in there. Today is the one-year anniversary of the Dyn DDoS attack, the article points out, adding that “This week both the FBI and Europol warned about the dangers of leaving Internet of Things devices exposed online.” Read more of this story at Slashdot.

Read More:
2 Million IoT Devices Enslaved By Fast-Growing BotNet

Intel Unveils One-Petabyte Storage Servers For Data Centers

Slashdot reader #9, 219 Guy Smiley shared this report on a new breed of high-density flash storage. The Inquirer reports: Intel has unveiled a brand new form factor for solid state disc drives (SSDs)… Intel Optane’s new “ruler” format will allow up to a petabyte of storage on a single 1U server rack… By using 3D-NAND, the ruler crams in even more data and will provide more stability with less chance of catastrophic failure with data loss. The company has promised that the Ruler will have more bandwidth, input/output operations per second and lower latency than SAS… As part of the announcement, Intel also announced a range of “hard drive replacement” SSDs — the S4500 and S4600 0 which are said to have the highest density 32-layer 3D NAND on the market, and are specifically aimed at data centres that want to move to solid state simply and if necessary, in stages. Read more of this story at Slashdot.

Read the original post:
Intel Unveils One-Petabyte Storage Servers For Data Centers

Microsoft Leak Reveals New Windows 10 Workstation Edition For Power Users

Upon close inspection of the Windows 10 build that Microsoft accidentally pushed to insiders last week, several users are reporting discovering the reference of a new Windows 10 SKU. From a report: In a leaked slide, Microsoft describes the edition as “Windows 10 Pro for Workstation” with four main capabilities: 1. Workstation mode: Microsoft plans to optimize the OS by identifying “typical compute and graphics intensive workloads” to provide peak performance and reliability when Workstation mode is enabled. 2. Resilient file system: Microsoft’s file system successor to NTFS, dubbed ReFS, is enabled in this new version, with support for fault-tolerance, optimized for large data volumes, and auto-correcting. 3. Faster file handling: As workstation machines are typically used for large data volumes across networks, Microsoft is including the SMBDirect protocol for file sharing and high throughput, low latency, and low CPU utilization when accessing network shares. 4. Expanded hardware support: Microsoft is also planning to allow Windows 10 Pro for Workstation on machines with up to 4 CPUs and a memory limit of 6TB. Windows 10 Pro currently only supports 2 CPUs. Read more of this story at Slashdot.

Read this article:
Microsoft Leak Reveals New Windows 10 Workstation Edition For Power Users

Microsoft Finally Bans SHA-1 Certificates In Its Browsers

An anonymous reader quotes ZDNet: With this week’s monthly Patch Tuesday, Microsoft has also rolled out a new policy for Edge and Internet Explorer that prevents sites that use a SHA-1-signed HTTPS certificate from loading. The move brings Microsoft’s browsers in line with Chrome, which dropped support for the SHA-1 cryptographic hash function in January’s stable release of Chrome 56, and Firefox’s February cut-off… Apple dropped support for SHA-1 in March with macOS Sierra 10.12.4 and iOS 10.3… Once Tuesday’s updates are installed, Microsoft’s browsers will no longer load sites with SHA-1 signed certificates and will display an error warning highlighting a security problem with the site’s certificate. Read more of this story at Slashdot.

View the original here:
Microsoft Finally Bans SHA-1 Certificates In Its Browsers

New Ransomware ‘Jaff’ Spotted; Malware Groups Pushing 5M Emails Per Hour To Circulate It

An anonymous reader writes: The Necurs botnet has been harnessed to fling a new strain of ransomware dubbed “Jaff”. Jaff spreads in a similar way to the infamous file-encrypting malware Locky and even uses the same payment site template, but is nonetheless a different monster. Attached to dangerous emails is an infectious PDF containing an embedded DOCM file with a malicious macro script. This script will then download and execute the Jaff ransomware. Locky — like Jaff — also used the Necurs botnet and a booby-trapped PDF, security firm Malwarebytes notes. “This is where the comparison ends, since the code base is different as well as the ransom itself, ” said Jerome Segura, a security researcher at Malwarebytes. “Jaff asks for an astounding 2 BTC, which is about $3, 700 at the time of writing.” Proofpoint reckons Jaff may be the work of the same cybercriminals behind Locky, Dridex and Bart (other nasty malware) but this remains unconfirmed. And Forcepoint Security Labs reports that malicious emails carrying Jaff are being cranked out at a rate of 5 million an hour on Thursday, or 13 million in total at the time it wrote up a blog post about the new threat. Read more of this story at Slashdot.

Original post:
New Ransomware ‘Jaff’ Spotted; Malware Groups Pushing 5M Emails Per Hour To Circulate It

Microsoft Finally Bans SHA-1 Certificates In Its Browsers

An anonymous reader quotes ZDNet: With this week’s monthly Patch Tuesday, Microsoft has also rolled out a new policy for Edge and Internet Explorer that prevents sites that use a SHA-1-signed HTTPS certificate from loading. The move brings Microsoft’s browsers in line with Chrome, which dropped support for the SHA-1 cryptographic hash function in January’s stable release of Chrome 56, and Firefox’s February cut-off… Apple dropped support for SHA-1 in March with macOS Sierra 10.12.4 and iOS 10.3… Once Tuesday’s updates are installed, Microsoft’s browsers will no longer load sites with SHA-1 signed certificates and will display an error warning highlighting a security problem with the site’s certificate. Read more of this story at Slashdot.

View post:
Microsoft Finally Bans SHA-1 Certificates In Its Browsers