The big news about the Raspberry Pi 3 was built-in Bluetooth and Wi-Fi , but it turns out there was another set of new tricks: new boot options. This feature’s still in beta, but over at the Raspberry Pi Foundation, they outline how to boot from a mass storage device or over ethernet. Read more…
More here:
You Can Boot a Raspberry Pi 3 From a Hard Drive or Over Ethernet
Delta Airlines flights around the world have been indefinitely delayed this morning following a major “computer outage” affecting all of the carriers flights. Read more…
Continued here:
Delta Flights Grounded Worldwide After Unexplained Computer Shutdown (Updating)
An anonymous Slashdot reader quotes a report from CNET: Four newly-discovered vulnerabilities found in Android phones and tablets that ship with a Qualcomm chip could allow an attacker to take complete control of an affected device. The set of vulnerabilities, dubbed “Quadrooter, ” affects over 900 million phone and tablets, according to Check Point researchers who discovered the flaws. An attacker would have to trick a user into installing a malicious app, which wouldn’t require any special permissions. If successfully exploited, an attacker can gain root access, which gives the attacker full access to an affected Android device, its data, and its hardware — including its camera and microphone. The flaw even affects several of Google’s own Nexus devices, as well as the Samsung Galaxy S7 and S7 Edge, according to the article, as well as the Blackberry DTEK50, which the company describes as the “most secure Android smartphone.” CNET adds that “A patch that will fix one of the flaws will not be widely released until September, a Google spokesperson confirmed.” Read more of this story at Slashdot.
View article:
900M Android Devices Vulnerable To New ‘Quadrooter’ Security Flaw
“A pair of security researchers recently uncovered a Nigerian scammer ring that they say operates a new kind of attack…after a few of its members accidentally infected themselves with their own malware, ” reports IEEE Spectrum. “Over the past several months, they’ve watched from a virtual front row seat as members used this technique to steal hundreds of thousands of dollars from small and medium-sized businesses worldwide.” Wave723 writes: Nigerian scammers are becoming more sophisticated, moving on from former ‘spoofing’ attacks in which they impersonated a CEO’s email from an external account. Now, they’ve begun to infiltrate employee email accounts to monitor financial transactions and slip in their own routing and account info…The researchers estimate this particular ring of criminals earns about US $3 million from the scheme. After they infected their own system, the scammers’ malware uploaded screenshots and all of their keystrokes to an open web database, including their training sessions for future scammers and the re-routing of a $400, 000 payment. Yet the scammers actually “appear to be ‘family men’ in their late 20s to 40s who are well-respected, church-going figures in their communities, ” according to the article. SecureWorks malware researcher Joe Stewart says the scammers are “increasing the economic potential of the region they’re living in by doing this, and I think they feel somewhat of a duty to do this.” Read more of this story at Slashdot.
More:
Nigerian Scammers Infect Themselves With Own Malware, Reveal New Fraud Scheme
The internet just marked another major milestone. The first website , Tim Berners-Lee’s description of the World Wide Web project, went public 25 years ago on August 6th, 1991. The launch was unceremonious — Berners-Lee announced the project on a Usenet group, and it wasn’t until after August 23rd that new users visited the site. However, the launch effectively marked the start of the web as a widely available tool. There wasn’t exactly a rush to embrace the technology, mind you. The big leaps toward the mainstream came in 1993, when NCSA released the first widely popular web browser (Mosaic) and CERN helped adoption by making the web’s software both free and open source. Berners-Lee’s original approach to the web treated it more as a platform for academic collaboration than a revolution. Still, there’s no denying that the events of 1991 got the ball rolling on a fundamental shift in communication. Via: Independent Source: Google Groups
Read More:
The first website went public 25 years ago
Windows 10 on the Raspberry Pi is a great way to create your own internet connected devices , and today Microsoft pushed out an update that makes the set up process a bit easier. Read more…
View article:
Windows 10 IoT Core for the Raspberry Pi Is Now Easier to Set Up, Adds Remote Client Access and More
Security researchers at KU Leuven have discovered an attack technique, dubbed HEIST (HTTP Encrypted Information can be Stolen Through TCP-Windows), which can exploit an encrypted website using only a JavaScript file hidden in a maliciously crafted ad or page. ArsTechnica reports: Once attackers know the size of an encrypted response, they are free to use one of two previously devised exploits to ferret out the plaintext contained inside it. Both the BREACH and the CRIME exploits are able to decrypt payloads by manipulating the file compression that sites use to make pages load more quickly. HEIST will be demonstrated for the first time on Wednesday at the Black Hat security conference in Las Vegas. “HEIST makes a number of attacks much easier to execute, ” Tom Van Goethem, one of the researchers who devised the technique, told Ars. “Before, the attacker needed to be in a Man-in-the-Middle position to perform attacks such as CRIME and BREACH. Now, by simply visiting a website owned by a malicious party, you are placing your online security at risk.” Using HEIST in combination with BREACH allows attackers to pluck out and decrypt e-mail addresses, social security numbers, and other small pieces of data included in an encrypted response. BREACH achieves this feat by including intelligent guesses — say, @gmail.com, in the case of an e-mail address — in an HTTPS request that gets echoed in the response. Because the compression used by just about every website works by eliminating repetitions of text strings, correct guesses result in no appreciable increase in data size while incorrect guesses cause the response to grow larger. Read more of this story at Slashdot.
See the article here:
New Attack Steals SSNs, E-mail Addresses, and More From HTTPS Pages
prisoninmate writes from a report via Softpedia: LibreOffice 5.2 is finally here, after it has been in development for the past four months, during which the development team behind one of the best free office suites have managed to implement dozens of new features and improvements to most of the application’s components. Key features include more UI refinements to make it flexible for anyone, standards-based document classification, forecasting functions in Calc, the spreadsheet editor, as well as lots of Writer and Impress enhancements. A series of videos are provided to see what landed in the LibreOffice 5.2 office suite, which is now available for download for GNU/Linux, Mac OS X, and Microsoft Windows operating systems. Read more of this story at Slashdot.
Visit link:
LibreOffice 5.2 Officially Released
An anonymous reader quotes a report from Reuters: Hong Kong-based digital currency exchange Bitfinex said late on Tuesday it has suspended trading on its exchange after it discovered a security breach, according to a company statement on its website. The company said it has also suspended deposits and withdrawals of digital currencies from the exchange. “We are investigating the breach to determine what happened, but we know that some of our users have had their bitcoins stolen, ” the company said. “We are undertaking a review to determine which users have been affected by the breach. While we conduct this initial investigation and secure our environment, bitfinex.com will be taken down and the maintenance page will be left up.” The company said it has reported the theft to law enforcement. It said it has not yet determined the value of digital currencies stolen from customer accounts. CoinDesk reports that the company confirmed roughly 120, 000 BTC (more than $60 million) has been stolen via social media. “In response, bitcoin prices fell to $560.16 by 19:30 UTC, $530 by 23:30 and $480 at press time, CoinDesk USD Bitcoin Price Index (BPI) data reveals, ” reports CoinDesk. “This price was roughly 20% lower than the day’s opening of $607.37 and 27% below the high of $658.28 reached on Saturday, July 30th, when the digital currency began pushing lower.” Read more of this story at Slashdot.
Read the original post:
Bitcoin Exchange Bitfinex Says It Was Hacked, Roughly $60M Stolen
“Mike” (portrayed above) is a real person and his email party is now over. Authorities announced today that a 40-year-old Nigerian man, identified only as Mike, was nabbed in a joint operation by Interpol and the Nigerian Economic and Financial Crime Commission. Mike was reportedly the mastermind behind a large number of online scams, and officials suspect him of swindling more than $60 million from people around the world, including $15.4 million from one victim alone. Read more…
See more here:
Interpol Just Busted a Nigerian Email Scam Kingpin