feeds – Page 8 – Tech Today w/ Ken May

“Nuclear” exploit kit service cashes in on demand from cryptoransomware rings

The web console for Nuclear, the customer-friendly malware-as-a-service platform. Some Nucleus infrastructure operating on DigitalOcean servers was recently disrupted. (credit: Check Point) Security researchers at Cisco Talos and Check Point have published reports detailing the inner workings of Nuclear, an “exploit kit” Web service that deployed malware onto victims’ computers through malicious websites. While a significant percentage of Nuclear’s infrastructure has been recently disrupted, the exploit kit is still operating—and looks to be a major contributor to the current crypto-ransomware epidemic. Introduced in 2010, Nuclear has been used to target millions of victims worldwide, giving attackers the ability to tailor their attacks to specific locations and computer configurations. Though not as widely used as the well-known Angler exploit kit , it has been responsible for dropping Locky and other crypto-ransomware onto over 140,000 computers in over 200 countries, according to statistics collected by Check Point (PDF). The Locky campaign appeared to be placing the greatest demand on the Nuclear pay-to-exploit service. Much of Talos’ data on Nuclear comes from tracking down the source of its traffic—a cluster of “10 to 15” IP addresses that were responsible for “practically all” of the exploit infrastructure. Those addresses were being hosted by a single cloud hosting provider—DigitalOcean. The hosting company’s security team confirmed the findings to Talos and took down the servers—sharing what was on them with security researchers. Read 12 remaining paragraphs | Comments

Follow this link:
“Nuclear” exploit kit service cashes in on demand from cryptoransomware rings

Out-of-date apps put 3 million servers at risk of crypto ransomware infections

(credit: Dr F. Eugene Hester, U.S. Fish and Wildlife Service) More than 3 million Internet-accessible servers are at risk of being infected with crypto ransomware because they’re running vulnerable software, including out-of-date versions of Red Hat’s JBoss enterprise application , researchers from Cisco Systems said Friday. About 2,100 of those servers have already been compromised by webshells that give attackers persistent control over the machines, making it possible for them to be infected at any time, the Cisco researchers reported in a blog post . The compromised servers are connected to about 1,600 different IP addresses belonging to schools, governments, aviation companies, and other types of organizations. Some of the compromised servers belonged to school districts that were running the Destiny management system that many school libraries use to keep track of books and other assets. Cisco representatives notified officials at Destiny developer Follett Learning of the compromise, and the Follett officials said they fixed a security vulnerability in the program. Follett also told Cisco the updated Destiny software also scans computers for signs of infection and removes any identified backdoors. Read 2 remaining paragraphs | Comments

View post:
Out-of-date apps put 3 million servers at risk of crypto ransomware infections

One of the “most important” shipwreck treasures ever discovered

It wasn’t exactly what divers searching for sunken ships expect to find. When the Texel Divers Club glimpsed a package in the sand-buried remains of a sunken ship off the island of Texel in the Wadden Sea, they brought it to the surface—only to discover it held a wealthy lady’s most prized possessions : a silk damask dress, velvet embroidered purse, perfume ball, lice comb, stockings, and books bound in beautiful leather. Kaap Skil Museum A lice comb made from cow horn. 6 more images in gallery Preserved beneath a layer of sand since the 17th century, the dress was probably for everyday wear and was of a style frequently seen in paintings from the late Renaissance. Made of rich silk damask, it likely belonged to a woman of the upper classes. Despite its fanciness, experts believe it was for everyday wear because it wasn’t beaded or embroidered with golden or silver threads. The woman’s books were stamped with the emblem of King Charles I, of the Stuart royal family from England, which suggests she may even have been royalty. It’s exceedingly rare to find such a well-preserved collection of textiles and makes this find one of the most important of its kind in Europe. The find is also a boon for historians who want to understand what everyday life was like during this era. What we see in paintings is not always an accurate record of people’s lives. Finding this cache of typical (albeit expensive) clothing verifies that privileged women of the era really did dress in the ways we might expect and carry tiny metal balls of scented, dried flowers to mask body odors that would have been common in a culture where people didn’t bathe very often—and never got any medical remedies for all the funguses and bacterial infections that flourish on human bodies. Read 2 remaining paragraphs | Comments

Chrome 50 ends support for Windows XP, OS X 10.6, other old versions

Google Chrome version 50 was released to the browser’s stable channel yesterday, and in addition to a handful of new features and security fixes , the update also ends support for a wide range of operating systems that have been supported since Chrome launched on those platforms. Windows XP, Windows Vista, OS X 10.6, OS X 10.7, and OS X 10.8 are no longer supported. This shouldn’t come as much of a surprise, since Google promised last November to end support for these older OS versions in April of 2016. Old versions of Chrome installed on these OSes won’t stop working (for now), but they’ll no longer receive updates and there’s no guarantee that things like Google account sign-in and data syncing will continue to work. If you’re still using one of these operating systems, you have a couple of options. One is to upgrade to a newer OS, assuming your hardware can handle it. Security patches for Windows XP stopped in April of 2014 , and patches for OS X 10.6 stopped a few months before that . Updates for OS X 10.7 and 10.8 ended roughly when versions 10.10 and 10.11 were released, respectively, since Apple’s unofficial policy is to provide security fixes for the most recent OS X release and the two previous releases. Windows Vista is still getting bare-minimum security patches from Microsoft, but that ends in April of 2017 . Read 1 remaining paragraphs | Comments

More:
Chrome 50 ends support for Windows XP, OS X 10.6, other old versions

Windows 10 roadmap: Control everything remotely

As Microsoft continues to court businesses and encourage them to upgrade to Windows 10, the company has taken the novel step of publishing a roadmap of Windows 10 features . This roadmap describes business-oriented features that are coming to Windows 10. Some, such as biometric authentication in the Edge browser, have already been announced as part of the forthcoming Anniversary Update and are currently available in the Insider Preview . But others are not. While some are so vague as to tell us nothing—the Passport API used for biometric authentication is being “enhanced” to improve enterprise functionality—other features are rather more concrete. Microsoft plans to add device-based PC unlocking, wherein Windows and Android phones can be used to store authentication credentials, and the feature can be used to both unlock the PC and authenticate apps and services that use Windows Hello and the Passport API. The same is also being enabled for what Microsoft calls “Companion devices” that integrate with a new API called the “Companion Device Framework.” The Microsoft Band 2 fitness device will plug into this framework, and third-party devices will also be able to join in. Read 6 remaining paragraphs | Comments

View original post here:
Windows 10 roadmap: Control everything remotely

Nation-wide radio station hack airs hours of vulgar “furry sex” ramblings

(credit: TJJSvdM ) Some Tuesday morning listeners of KIFT, a Top 40 radio station located in Breckenridge, Colorado, were treated to a radically different programming menu. Instead of the normal fare from Taylor Swift, The Chainsmokers, or other pop stars, a hack by an unknown party caused one of the station’s signals to broadcast a sexually explicit podcast related to the erotic attraction to furry characters . The unauthorized broadcast lasted for about 90 minutes . KIFT wasn’t the only station to be hit by the hack. On the same day, Livingston, Texas-based country music station KXAX also broadcast raunchy furry-themed audio . And according to an article posted Wednesday by radio industry news site RadioInsight.com, the unauthorized broadcasts from a hobbyist group called FurCast were also forced on an unnamed station in Denver and an unidentified national syndicator. “All in all the FurCast aired for an hour, possibly two,” Jason Mclelland, owner and general manager of the KXAX Radio Group, wrote in an e-mail. “During that time they talked about sex with two guys and a girl in explicit details and rambled on with vulgar language not really having much of a point to the podcast. I’m assuming there was no real reason for this hack.” Read 6 remaining paragraphs | Comments

Originally posted here:
Nation-wide radio station hack airs hours of vulgar “furry sex” ramblings

All-bacterial battery makes a nutrient when charged, eats it to discharge

Diagram of a microbial fuel cell that runs on acetate, one half of the bacterial battery described here. (credit: Oak Ridge National Lab ) The chemical that powers most of our cellular processes is produced through something called the electron transport chain. As its name suggests, this system shuffles electrons through a series of chemicals that leaves them at a lower energy, all while harvesting some of the energy difference to produce ATP. But the ultimate destination of this electron transport chain doesn’t have to be a chemical. There are a variety of bacteria that ultimately send the electrons off into the environment instead. And researchers have figured out how to turn these into a fuel cell, harvesting the electrons to do something useful. While some of these designs were closer to a battery than others, all of them consumed some sort of material in harvesting the electrons. A team of researchers in the Netherlands figured out how to close the loop and create an actual bacterial battery. One half of the battery behaves like a bacterial fuel cell. But the second half takes the electrons and uses them to synthesize a small organic molecule that the first can eat. Its charging cycle is painfully slow and its energy density is atrocious, but the fact that it works at all seems rather noteworthy. Read 11 remaining paragraphs | Comments

Why Microsoft needed to make Windows run Linux software

It’s bash, it’s Windows, it’s not a virtual machine. Perhaps the biggest surprise to come from Microsoft’s Build developer conference last week was the Windows Subsystem for Linux (WSL). The system will ship as part of this summer’s Anniversary Update for Windows 10. WSL has two parts; there’s the core subsystem, which is already included in Insider Preview builds of the operating system , and then a package of software that Canonical will provide. The core subsystem is what provides the Linux API on Windows, including the ability to natively load Linux executables and libraries. Canonical will provide bash and all the other command-line tools that are expected in a Linux environment. Microsoft is positioning WSL strictly as a tool for developers, with a particular view to supporting Web developers and the open source software stacks that they depend on. Many developers are very familiar with the bash shell, with building software using make and gcc , and editing text in vi or emacs . WSL will give these developers versions of these tools that are equal in just about every regard to the ones you get on Linux, because they’ll be the ones you get on Linux running unmodified on Windows. Read 22 remaining paragraphs | Comments

More:
Why Microsoft needed to make Windows run Linux software

Facebook Live gets a discovery section and instant reactions

Facebook Live is set to make a splashy launch of new sharing- and discovery-centric features with appearances by Mark Zuckerberg and product chief Chris Cox. The social network is looking to tap its billion-plus user advantage and built-in social and group features to gain an edge on rivals like Periscope . As such, it has revealed new features like live streaming within groups and events, real-time reactions, invitations to watch video with friends and a live map showing video in 60 countries. The biggest and most logical feature is the ability to broadcast live within groups and events . If you’re putting on a concert, race or charitable event, for example, it makes infinite sense to be able to stream key moments to members. You’ve already got a captive audience, so friends and family who are subscribed but can’t make it in person can still experience the fun at a distance. If you feel the need to express yourself without commenting, Facebook also revealed live reactions for videos. As shown above, you can drop in one of the new emoticons (love, haha, wow, sad or angry) with each popping up on the screen in real time. In addition, if you’re only able to catch a Facebook Live replay, you’ll see comments and reactions pop up during the video as if it were live. On the discovery side, Facebook unveiled “Live Video Destinations” on mobile. That’s a dedicated section where you can find popular streams and live video from friends or folks and topics you’re interested in. It lets you search live and recorded videos and stream your own instantly with a “go live” button. Desktop users, meanwhile, get “Facebook Live Map, ” a button that helps you find live video in 60 countries around the world. If you want watch with a friend, every stream now gets an “invite” button, as well. Facebook may have jumped late into live video well after rivals like YouTube, Periscope and Meerkat, but it’s certainly a high priority now. The company pushes live video to the top of your feeds and notifies you about new streams, though you can now turn those off , thankfully. With product head Chris Cox and Zuck himself involved in the latest Facebook Live feature push, expect live streams to become an even larger part of your feeds. The features will roll out over the next few weeks.

Nvidia unveils first Pascal graphics card, the monstrous Tesla P100

The first full-fat GPU based on Nvidia’s all-new Pascal architecture is here. And while the Tesla P100 is aimed at professionals and deep learning systems rather than consumers, if consumer Pascal GPUs are anything like it—and there’s a very good chance they will be—gamers and enthusiasts alike are going to see a monumental boost in performance. The Tesla P100 is the first full-size Nvidia GPU based on the TSMC 16nm FinFET manufacturing process—like AMD, Nvidia has been stuck using an older 28nm process since 2012—and the first to feature the second generation of High Bandwidth Memory (HBM2). Samsung began mass production of faster and higher capacity HBM2 memory back in January. While recent rumours suggested that both Nvidia and AMD wouldn’t use HMB2 this year due to it being prohibitively expensive—indeed, AMD’s recent roadmap suggests that its new Polaris GPUs won’t use HBM2 —Nvidia has at least taken the leap with its professional line of GPUs. The result of the P100’s more efficient manufacturing process, architecture upgrades, and HBM2 is a big boost in performance over Nvidia’s current performance champs like the Maxwell-based Tesla M40 and the Titan X/Quadro M6000. Nvidia says the P100 reaches 21.2 teraflops of half-precision (FP16) floating point performance, 10.6 teraflops of single precision (FP32), and 5.3 teraflops (1/2 rate) of double precision. By comparison, the Titan X and Tesla M40 offer just 7 teraflops of single precision floating point performance. Read 9 remaining paragraphs | Comments

Continue Reading:
Nvidia unveils first Pascal graphics card, the monstrous Tesla P100