Tag: internet

US government names North Korea as the source of WannaCry

Donald Trump’s homeland security adviser, Tom Bossert, said in a Wall Street Journal op-ed that “after careful investigation, the U.S. today publicly attributes the massive ” WannaCry ” cyberattack to North Korea.” Coming during increasing tensions between the two countries over nuclear threats and Twitter outbursts, Bossert said this attribution is based on evidence and agrees with the findings from the UK and Microsoft. In the op-ed we did not see traces of the evidence used to link the May attack to the “Lazarus Group” (also blamed for the Sony Pictures hacking incident ) and North Korea, but the White House will reportedly follow up Tuesday with a more formal statement. While some, like Microsoft , have blamed the US government for stockpiling vulnerabilities — the WannaCry attack used an exploit based on technology apparently stolen from the NSA — the op-ed says: Stopping malicious behavior like this starts with accountability. It also requires governments and businesses to cooperate to mitigate cyber risk and increase the cost to hackers. The U.S. must lead this effort, rallying allies and responsible tech companies throughout the free world to increase the security and resilience of the internet. Bossert also called the attack reckless, while Reuters cites a “senior administration official” who declined to comment on whether or not the US believes it was a deliberate attack or accidental. So what happens now? According to the piece, the Trump administration “will continue to use our maximum pressure strategy to curb Pyongyang’s ability to mount attacks, cyber or otherwise.” Source: Wall Street Journal

Read More:
US government names North Korea as the source of WannaCry

CDC Director Says No Words Are Actually Banned At the CDC

An anonymous reader quotes a report from PBS: U.S. Centers for Disease Control and Prevention director Dr. Brenda Fitzgerald on Sunday addressed a report that President Donald Trump’s administration had banned the CDC from using seven words or phrases in next year’s budget documents. The terms are “fetus, ” “transgender, ” “vulnerable, ” “entitlement, ” “diversity, ” “evidence-based” and “science-based, ” according to a story first reported on Friday in The Washington Post. But Fitzgerald said in a series of tweets on Sunday said there are “no banned words, ” while emphasizing the agency’s commitment to data-driven science. “CDC has a long-standing history of making public health and budget decisions that are based on the best available science and data and for the benefit of all people — and we will continue to do so, ” she said. A group of the agency’s policy analysts said senior officials at the CDC informed them about the banned words on Thursday, according to the Post’s report. In some cases, the analysts were reportedly given replacement phrases to use instead. But in follow-up reporting, The New York Times cited “a few” CDC officials who suggested the move was not meant as an outright ban, but rather, a technique to help secure Republican approval of the 2019 budget by eliminating certain words and phrases. A spokesperson for the Department of Health and Human Services, which oversees the CDC, said the reported decree on banned words was a misrepresentation. Read more of this story at Slashdot.

View post:
CDC Director Says No Words Are Actually Banned At the CDC

Bitcoin Jumps Another 10% in 24 Hours, Sets New Record at $19,000

An anonymous reader quotes Ars Technica: Bitcoin’s price set a new record on Saturday as the virtual currency rose above $19, 000 for the first time on the Bitstamp exchange. The gains came just hours after the currency crossed the $18, 000 mark. Bitcoin’s value has doubled over the last three weeks, and it’s up more than 20-fold over the last year. Bitcoin’s value keeps rising despite a growing chorus of experts who say the currency value is an unsustainable bubble. One CNBC survey this week found that 80 percent of Wall Street economists and market strategists saw bitcoin’s rise as a bubble, compared to just two percent who said the currency’s value was justified. Another survey reported by The Wall Street Journal this week found that 51 out of 53 economists surveyed thought bitcoin’s price was an unsustainable bubble. Less than a month ago, Bitcoin was selling for $8, 000. Read more of this story at Slashdot.

See more here:
Bitcoin Jumps Another 10% in 24 Hours, Sets New Record at $19,000

T-Mobile Is Becoming a Cable Company

T-Mobile has revealed that it’s launching a TV service in 2018, and that is has acquired Layer3 TV (a company that integrates TV, streaming and social networking) to make this happen. The company thinks people are ditching cable due to the providers, not TV itself. Engadget reports: It claims that it can “uncarrier” TV the way it did with wireless service, and has already targeted a few areas it thinks it can fix: it doesn’t like the years-long contracts, bloated bundles, outdated tech and poor customer service that are staples of TV service in the U.S. T-Mobile hasn’t gone into detail about the functionality of the service yet. How will it be delivered? How much will it cost? Where will it be available? And will this affect the company’s free Netflix offer? This is more a declaration of intent than a concrete roadmap, so it’s far from certain that the company will live up to its promises. Ultimately, the move represents a big bet on T-Mobile’s part: that people like TV and are cutting the cord based on a disdain for the companies, not the service. There’s a degree of truth to that when many Americans are all too familiar with paying ever-increasing rates to get hundreds of channels they don’t watch. However, there’s no guarantee that it’ll work in an era when many people (particularly younger people) are more likely to use Netflix, YouTube or a streaming TV service like Sling TV. Read more of this story at Slashdot.

Read More:
T-Mobile Is Becoming a Cable Company

Author of BrickerBot Malware Retires, Says He Bricked 10 Million IoT Devices

An anonymous reader writes: The author of BrickerBot — the malware that bricks IoT devices — has announced his retirement in an email to Bleeping Computer, also claiming to have bricked over 10 million devices since he started the “Internet Chemotherapy” project in November 2016. Similar to the authors of the Mirai malware, the BrickerBot developer dumped his malware’s source code online, allowing other crooks to profit from his code. The code is said to contain at least one zero-day. In a farewell message left on hundreds of hacked routers, the BrickerBot author also published a list of incidents (ISP downtimes) he caused, while also admitting he is likely to have drawn the attention of law enforcement agencies. “There’s also only so long that I can keep doing something like this before the government types are able to correlate my likely network routes (I have already been active for far too long to remain safe). For a while now my worst-case scenario hasn’t been going to jail, but simply vanishing in the middle of the night as soon as some unpleasant government figures out who I am, ” the hacker said. Read more of this story at Slashdot.

Read More:
Author of BrickerBot Malware Retires, Says He Bricked 10 Million IoT Devices

Searchable Database of 1.4 Billion Stolen Credentials Found On Dark Web

YVRGeek shares a report from IT World Canada: A security vendor has discovered a huge list of easily searchable stolen credentials in cleartext on the dark web, which it fears could lead to a new wave of cyber attacks. Julio Casal, co-founder of identity threat intelligence provider 4iQ, which has offices in California and Spain, said in a Dec. 8 blog his firm found the database of 1.4 billion username and password pairs while scanning the dark web for stolen, leaked or lost data. He said the company has verified at least a group of credentials are legitimate. What is alarming is the file is what he calls “an aggregated, interactive database that allows for fast (one second response) searches and new breach imports.” For example, searching for “admin, ” “administrator” and “root” returned 226, 631 passwords of admin users in a few seconds. As a result, the database can help attackers automate account hijacking or account takeover. The dump file was 41GB in size and was found on December 5th in an underground community forum. The total amount of credentials is 1, 400, 553, 869. Read more of this story at Slashdot.

Original post:
Searchable Database of 1.4 Billion Stolen Credentials Found On Dark Web

AI-Assisted Fake Porn Is Here and We’re All Screwed

New submitter samleecole shares a report from Motherboard: There’s a video of Gal Gadot having sex with her stepbrother on the internet. But it’s not really Gadot’s body, and it’s barely her own face. It’s an approximation, face-swapped to look like she’s performing in an existing incest-themed porn video. The video was created with a machine learning algorithm, using easily accessible materials and open-source code that anyone with a working knowledge of deep learning algorithms could put together. It’s not going to fool anyone who looks closely. Sometimes the face doesn’t track correctly and there’s an uncanny valley effect at play, but at a glance it seems believable. It’s especially striking considering that it’s allegedly the work of one person — a Redditor who goes by the name ‘deepfakes’ — not a big special effects studio that can digitally recreate a young Princess Leia in Rouge One using CGI. Instead, deepfakes uses open-source machine learning tools like TensorFlow, which Google makes freely available to researchers, graduate students, and anyone with an interest in machine learning. Anyone could do it, and that should make everyone nervous. Read more of this story at Slashdot.

View post:
AI-Assisted Fake Porn Is Here and We’re All Screwed

AMD Quietly Made Some Radeon RX 560 Graphics Cards Worse

Brad Chacos: When the Radeon RX 560 launched in April it was the only RX 500-series card with a meaningful under-the-hood tech boost compared to the RX 400-series. The graphics processor in the older RX 460 cards packed 14 compute units and 896 stream processors; the upgraded Radeon RX 560 bumped that to 16 CUs and 1, 024 SPs. Now, some — but not all — of the Radeon RX 560s you’ll find online have specs that match the older 460 cards, and sometimes run at lower clock speeds to boot. AMD’s Radeon RX 560 page was also quietly altered to include the new configurations at some point, Heise.de discovered. The last snapshot of the page by the Internet Archive’s Wayback Machine occurred on July 7 and only lists the full-fat 16 CU version of the card, so the introduction of the nerfed 896 SP model likely occurred some time after that. Sifting through all of the available Radeon RX 560s on Newegg this morning reveals a fairly even split between the two configurations, all of which are being sold under the same RX 560 name. In a statement, AMD acknowledged the existence of 14 Compute Unit (896 stream processors) and 16 Compute Unit (1024 stream processor) versions of the Radeon RX 560. “We introduced the 14CU version this summer to provide AIBs and the market with more RX 500 series options. It’s come to our attention that on certain AIB and etail websites there’s no clear delineation between the two variants. We’re taking immediate steps to remedy this: we’re working with all AIB and channel partners to make sure the product descriptions and names clarify the CU count, so that gamers and consumers know exactly what they’re buying. We apologize for the confusion this may have caused.” Read more of this story at Slashdot.

Read the article:
AMD Quietly Made Some Radeon RX 560 Graphics Cards Worse

Keylogger Found On Nearly 5,500 WordPress Sites

An anonymous reader writes: Nearly 5, 500 WordPress sites are infected with a malicious script that logs keystrokes and sometimes loads an in-browser cryptocurrency miner. The malicious script is being loaded from the “cloudflare.solutions” domain, which is not affiliated with Cloudflare in any way, and logs anything that users type inside form fields as soon as the user switches away from an input field. The script is included on both the sites’ frontends and backends, meaning it can steal both admin account credentials and credit card data from WP sites running e-commerce stores. According to site source code search engine PublicWWW, there are 5, 496 sites running this keylogger. The attacker has been active since April. Read more of this story at Slashdot.

More here:
Keylogger Found On Nearly 5,500 WordPress Sites

Zimbabwe’s Internet Went Down for About Five Hours. The Culprit Was Reportedly a Tractor.

Zimbabweans lost internet access en masse on Tuesday when a tractor reportedly cut through key fiber-optic cables in South Africa and another internet provider experienced simultaneous issues with its primary internet conduits. From a report: The outage began shortly before noon local time and persisted for more than five hours, affecting not only citizens’ day-to-day internet usage but businesses that rely upon web access. And while five internet-free hours might sound unfathomable to those of us accustomed to having the web constantly at our fingertips, large-scale internet outages — from inadvertent lapses caused by ship anchors to government-calculated blackouts designed to showcase political power — do happen, and maybe more frequently than you’d thought. According to local news sources, a tractor in South Africa damaged cables belonging to Liquid Telecom, which has an 81.5 percent market share of Zimbabwe’s international-equipped internet bandwidth as of the second quarter of 2017 and leases capacity to other internet providers. In a bad coincidence, city council employees in Kuwadzana, a suburb of Zimbabwe’s capitol city of Harare, cut an additional TelOne cable around the same time. (According to NewsDay Zimbabwe, it was an accident. The company blamed “faults that occurred on our main links through South Africa and Botswana” in a statement.) Read more of this story at Slashdot.

Read the original:
Zimbabwe’s Internet Went Down for About Five Hours. The Culprit Was Reportedly a Tractor.