Tag: fnself-program1

AT&T/DirecTV merger likely to be approved

Despite Comcast abandoning  its Time Warner Cable (TWC) purchase in the face of government opposition, mergers of Internet and TV providers are still on the table. AT&T’s proposed $48.5 billion acquisition of DirecTV is likely to win approval from the Federal Communications Commission,  The Wall Street Journal reported . And TWC could still be acquired, but by Charter Communications instead of Comcast. The FCC hasn’t publicly revealed its position on AT&T’s attempt to buy the satellite TV provider. But despite opposing Comcast/TWC, the commission “sees the AT&T deal as helping competition and aiding the spread of broadband into rural areas that lack service, people familiar with the matter said,” according to the Journal report. FCC officials haven’t yet finalized concessions that AT&T would make in exchange for approval, “but the commission’s staff is inclined to recommend the approval of the deal.” Read 6 remaining paragraphs | Comments

Excerpt from:
AT&T/DirecTV merger likely to be approved

Universal backdoor for e-commerce platform lets hackers shop for victims

As people become more aware of the threat of targeted “phishing” attacks via e-mail and social media, malware-armed attackers are turning to new ways to target specific victims where they least expect it—by exploiting the legitimate websites they frequent and assume to be secure. Last week, Swiss security firm Hi-Tech Bridge disclosed that the Web store of a corporate customer had been used to deliver a targeted attack against a specific site visitor. The attackers were also able to retrieve the store’s customer database, which they may have used to search for desirable targets. The attack exploited a current and patched version of osCommerce Online Merchant (version 2.3.4, released last June), a common Web store content management system used by a number of high-profile companies—including Canonical’s Ubuntu Shop . The attacker inserted malicious PHP script that provided a backdoor into the site and could be configured to check users’ IP addresses and login credentials as they visit the site for specific targets. Once a desired target is detected, the script attempts to download malware to the victim from another site. The attacker can then remotely delete the backdoor and altered PHP files and replace them with the original by connecting to the script with a “?del” parameter added to its URL. The backdoor script is labeled as “osCommerce 2.x.x universal pwner by Piht0z,” and it’s just that: a generic PHP-based backdoor for osCommerce sites. According to Ilia Kolochenko, High-Tech Bridge’s CEO, there have been similar cases of targeted attacks on users of e-commerce sites before, but “it’s the first time we see a universal backdoor for a large e-commerce platform,” he said in a blog post about the discovery. “This means that hackers started using this vector on a regular basis to achieve their goals.” Read on Ars Technica | Comments

View post:
Universal backdoor for e-commerce platform lets hackers shop for victims

Sound waves separate rare cancer cells from blood

Circulating tumor cells (CTCs) are a rare type of cancer cell that are found in the blood stream of patients with localized tumors. Successful separation of CTCs from blood could serve as a liquid biopsy to help diagnose cancer and monitor treatment progress. A deeper understanding of CTCs could also lead to a better understanding of the most deadly cancer process: metastasis, where cancer cells leave established tumors and migrate to other locations in the body. Currently, CTC separation methods rely on features that distinguish CTCs from other cells—antibodies that stick to them, cell size, deformability, or even electrical properties. Scientists have also explored using sound waves to separate CTCs. Acoustic-based separation provides excellent biocompatibility and safety; it preserves the viability, function, phenotype, and genotype of cells. It also allow cells to be separated without modification. As a result, sound-based separation methods enable CTCs to be maintained in their native state throughout the separation process while avoiding invasive biopsies. Unfortunately, previous sound-based separations technologies haven’t managed to separate CTCs from clinical samples due to insufficient throughput and long-term operational instability. Recently, a team of scientists has developed an acoustic-based microfluidic device that separates CTCs from peripheral blood samples of cancer patients in a high-throughput manner. This method relies on something called tilted-angle standing surface sound waves. These standing waves contain points that “stand still,” called nodes, around which the wave oscillates. Read 7 remaining paragraphs | Comments

See more here:
Sound waves separate rare cancer cells from blood

Botnet that enslaved 770,000 PCs worldwide comes crashing down

Law enforcement groups and private security companies around the world said they have taken down a botnet that enslaved more than 770,000 computers in 190 countries, stealing owners’ banking credentials and establishing a backdoor to install still more malware. Simda, as the botnet was known, infected an additional 128,000 new computers each month over the past half year, a testament to the stealth of the underlying backdoor trojan and the organization of its creators. The backdoor morphed into a new, undetectable form every few hours, allowing it to stay one step ahead of many antivirus programs. Botnet operators used a variety of methods to infect targets, including exploiting known vulnerabilities in software such as Oracle Java , Adobe Flash , and  Microsoft Silverlight . The exploits were stitched into websites by exploiting SQL injection vulnerabilities and exploit kits such as Blackhole and Styx. Other methods included sending spam and other forms of social engineering. Countries most affected by Simda included the US, with 22 percent of the infections, followed by the UK, Turkey with five percent, and Canada and Russia with four percent. The malware modified the HOSTS file Microsoft Windows machines use to map specific domain names to specific IP addresses. As a result, infected computers that attempted to visit addresses such as connect.facebook.net or google-analytics.com were surreptitiously diverted to servers under the control of the attackers. Often the booby-trapped HOSTS file remains even after the Simda backdoor has been removed. Security researchers advised anyone who may have been infected to inspect their HOSTS file, which is typically located in the directory %SYSTEM32%driversetchosts. People who want to discover if they have been infected by Simda can check this page provided by AV provider Kaspersky Lab. The page is effective as long as a person’s IP address hasn’t changed from when the infection was detected. Read 2 remaining paragraphs | Comments

View post:
Botnet that enslaved 770,000 PCs worldwide comes crashing down

Eighth-grader charged with felony for shoulder-surfing teacher’s password

A 14-year-old Florida boy has been charged with felony computer intrusion after shoulder-surfing his school’s computer network password and using it to play a prank on a teacher. Domanik Green, an eighth-grader at Paul R. Smith Middle School in Holiday, Florida, was charged with an offense against a computer system and felony unauthorized access, according to a report published Thursday by The Tampa Bay Times . In late March, the youth allegedly used the administrative-level password without permission to log in to the school’s network and change the images displayed on a teacher’s computer to one of two men kissing. One of the computers accessed allegedly contained encrypted questions to the FCAT, short for the Florida Comprehensive Assessment Test . While the factual allegations laid out in the article seem to indicate the youth perpetrated some form of trespass, they also alleged a litany of poor practices on the part of school administrators. These practices include weak passwords, entering passwords in front of others, and widespread unauthorized access, possibly that went undetected. From the report: Read 1 remaining paragraphs | Comments

Original post:
Eighth-grader charged with felony for shoulder-surfing teacher’s password

Apple releases OS X 10.10.3 with new Photos app, emoji, and more

Apple has just released the final version of OS X 10.10.3, the latest major update for OS X Yosemite. The update was first available to the public as a beta build back in early March , and it follows a little over three months after OS X 10.10.2 . You can view the full release notes on Apple’s site here . The star of this update is the new Photos app, an OS X version of the photo viewing and editing app included with iOS. It primarily functions as a replacement for iPhoto, the basic photo app included with the iLife suite for years before becoming available for free for all new Macs. It also replaces Aperture, Apple’s pro photo editing app—though it doesn’t actually attempt to replicate Aperture’s functionality. Neither iPhoto nor Aperture will receive further updates from Apple after today. Photos will be installed automatically when you update to 10.10.3; it appears to be a core part of OS X rather than an optional Mac App Store download. We looked at an early Photos beta back in February and came away mostly impressed by its features and speed, at least relative to iPhoto. Those of you with existing iPhoto and Aperture libraries will be able to import them into Photos after you install OS X 10.10.3. Read 5 remaining paragraphs | Comments

Original post:
Apple releases OS X 10.10.3 with new Photos app, emoji, and more

Price of WoW gold plummets in first day of “official” trading

Just over a day after Blizzard introduced the first official method for converting dollars into World of Warcraft gold, the real-world price for the in-game currency has already plummeted 27 percent from the initial position set by Blizzard. For most of World of Warcraft ‘s history, the only way to buy in-game gold with real currency was to go through one of many gray market third-party services (which technically goes against Blizzard’s terms of service for the game). That was true until yesterday, when Blizzard introduced a $20 game time token that can be sold for gold at the in-game auction house on North American servers (European servers will get the feature at a later date). While the real world price of those tokens is fixed at $20, the gold price is “determined dynamically based on supply and demand,” as Blizzard puts it. To start the market off, Blizzard set the price of a $20 token at 30,000 gold. That gold price increased incrementally for a few hours before plummeting precipitously starting yesterday evening in the US. As of this writing, just over 24 hours after the markets opened, that initial price has fallen over 27 percent to 21,739 gold, according to an API-based tracking site . Read 5 remaining paragraphs | Comments

More:
Price of WoW gold plummets in first day of “official” trading

Next Windows Server offer new even smaller “Nano Server” footprint

Microsoft is adding even more features to Windows Server to diversify and strengthen its support for virtualization and containerization on its platform. The next Windows Server will include an even more stripped down, lightweight install mode called Nano Server. Windows Server already has a shrunk install option, Server Core, that omits various features to reduce the memory and disk footprint, and to shrink its exposure to security flaws. Nano Server strips back the operating system further still, dropping things like the GUI stack, 32-bit Win32 support, local logins, and remote desktop support. Nano Server is designed for two kinds of workload; cloud apps built on runtimes such as .NET, Java, Node.js, or Python, and cloud infrastructure, such as hosting Hyper-V virtual machines. Compared to the full Server install, Microsoft claims that Nano Server shrinks the disk footprint by 93 percent, the number of critical security bulletins by 92 percent, and the number of reboots by 80 percent. Read 4 remaining paragraphs | Comments

View post:
Next Windows Server offer new even smaller “Nano Server” footprint

Dell support software gets flagged by antivirus program

Diagnostic software preinstalled on many Dell computers is now being flagged as a potentially unwanted program by antivirus program Malwarebytes following the discovery of a vulnerability that allows attackers to remotely execute malicious code on older versions. The application known as Dell System Detect failed to validate code before downloading and running it, according to a report published last month by researcher Tom Forbes. Because the program starts itself automatically, a malicious hacker could use it to infect vulnerable machines by luring users to a booby-trapped website. According to researchers with AV provider F-Secure , the malicious website need only have contained the string “dell” somewhere in its domain name to exploit the weakness. www.notreallydell.com was just one example of a site that would have worked. Dell released an update in response to Forbes’s report, but even then, users remained vulnerable. That’s because the updated program still accepted downloads from malicious sites that had a subdomain with “dell” in it, for instance, a.dell.fakesite.ownedbythebadguys.com. Read 2 remaining paragraphs | Comments

Read More:
Dell support software gets flagged by antivirus program

New York woman can send divorce papers via Facebook

A New York County Supreme Court judge ruled that 26-year-old nurse Ellanora Baidoo can serve divorce papers  (PDF) to her soon-to-be ex-husband, Victor Sena Blood-Dzraku, via Facebook. The ruling is one of the first of its kind, and it comes at a time when even standard e-mail is still not “statutorily authorized” as a primary means of service, the judge wrote. A number of courts have allowed plaintiffs to use Facebook as supplemental means of service since at least 2013, but Baidoo has requested that the social media service be the primary and only means of telling Blood-Dzraku that she wants a divorce. The circumstances for the decision are unique, however. As the New York Daily News reported , Baidoo and Blood-Dzraku, both Ghanaian, were married in a civil service in 2009, but when Blood-Dzraku refused to marry in a traditional Ghanaian wedding ceremony, the relationship ended. The two never lived together, and Blood-Dzraku only kept in touch with Baidoo via phone and Facebook. Read 5 remaining paragraphs | Comments

Excerpt from:
New York woman can send divorce papers via Facebook