portfolio-cond – Page 16

Faked Flash-based ads on HuffPo, other sites downloaded extortionware

Google’s DoubleClick advertising network is the lifeblood of many websites driven by ad revenue—and it’s also a potential path of attack for criminals trying to spread extortionware and other malware. Some Huffington Post readers fell victim to malicious advertisements spread through Google’s DoubleClick network early this week, but another simultaneous attack may have reached an even bigger audience. Two ad network merchants became an unwitting accomplice to attackers with similar Flash-based ads, displaying them on multiple legitimate sites. The Huffington Post advertisement—a fraudulent Hugo Boss ad which also appeared on other major legitimate sites (including the real estate site Zillow.com)—was spread through DoubleClick via the ad network AdButler, according to Malwarebytes, which tracked the attack . That attack attempted to download Cryptowall ransomware to victims’ PCs. The second attack came to DoubleClick through Merchanta, an ad network that serves up 28 billion advertisement impressions a month in the US alone. There is no estimate of how many people were exposed to the attack, but it likely cast a worldwide net and could have infected thousands of PCs with malware. Malwarebytes did not collect the malware payload of the Merchanta attack, but Malwarebytes Lab’s Jérôme Segura wrote in a post on the attack that the Flash exploit used in both attacks was identical, using the same Flash exploit kit. “It is worth noting that this malicious SWF (Flash file) had zero detection on VirusTotal when it was first submitted,” Segura said. Read 3 remaining paragraphs | Comments

Read this article:
Faked Flash-based ads on HuffPo, other sites downloaded extortionware

J.J. Abrams reveals new Force Awakens teaser, details

On Thursday, J.J. Abrams kicked off a weekend-long Star Wars convention by revealing the second teaser trailer for the upcoming Star Wars: The Force Awakens film, and it included the first reveal of Harrison Ford reprising his role as Han Solo. “Chewie, we’re home!” Ford says with Chewbacca standing behind him to close the teaser, which also included footage of a Millennium Falcon chase, a melted Darth Vader mask, a lightsaber hand-off, and Mark Hamill narrating a speech to an heir apparent (though unseen). Stormtroopers, X-Wings, TIE Fighters, new droids, and the sequel’s three new leads also feature prominently. As a lead-up to that teaser reveal, Entertainment Weekly columnist Anthony Breznican hosted a panel with Abrams and Lucasfilm president Kathleen Kennedy, where he asked questions about filming scenes in Abu Dhabi, designing new droids (including new droid “BB8,” whose impressive rolling ball design includes a head that swivels on its top), and casting the series’ three new lead actors. Read 8 remaining paragraphs | Comments

Los Angeles school district demands multi-million dollar refund from Apple

On Wednesday, the Los Angeles Unified School District (LAUSD) told Apple that it would not accept any further deliveries of Pearson curriculum, which Apple has been providing as part of a $1.6 billion plan to give every student in the nation’s second-largest school district an iPad. LAUSD also asked for a “multi-millon dollar refund” for software that had already been delivered, according to local public radio station KPCC . In 2013 the school district signed an initial $30 million deal with Apple in a program that was supposed to cost up to $1.3 billion. As part of the program, LAUSD said it would buy iPads from Apple at $768 each , and then Pearson, a subcontractor with Apple, would provide math and science curriculum for the tablets at an additional $200 per unit. Not a month after the pilot program launched, students were found disabling app and browser limitations on their tablets. A month after that, LAUSD reported that a third of the 2,100 iPads distributed during the pilot program had gone missing . A year later, media investigations revealed possible malfeasance in securing the contract with Apple and Pearson by LAUSD superintendent John Deasy. While Deasy has denied wrongdoing , he recently stepped down from his position and his successor, Ramon C. Cortines, has said he will scrap the program . Read 5 remaining paragraphs | Comments

How the heck did so much Game of Thrones leak in 2015?

As the fifth season premiere of Game of Thrones inched towards its Sunday debut, we wondered whether HBO could withstand so many fans rushing its Internet doors. Major GoT airings have made the HBO Go service falter in the past, and this time, the company’s spanking-new HBO Now offering would have to withstand a whole slew of “Thronies.” As it turns out, HBO’s servers held up just fine, but something else sprung a leak. Before the fifth season’s first episode officially aired in the United States, it had already leaked online—along with a few more episodes. The season’s first four episodes appeared on torrent sites late Saturday night, and they all appeared to have been sourced from DVD “screener” copies that had been sent to critics ahead of the season premiere. We’re used to TV episodes popping up on torrent sites as soon as they air; it doesn’t take much more than a capture card, a modern PC, and a decent broadband connection to nab some sweet Internet notoriety. But we were dumbstruck by the mess HBO found itself in. It’s 2015. What the heck were they doing? Read 14 remaining paragraphs | Comments

Universal backdoor for e-commerce platform lets hackers shop for victims

As people become more aware of the threat of targeted “phishing” attacks via e-mail and social media, malware-armed attackers are turning to new ways to target specific victims where they least expect it—by exploiting the legitimate websites they frequent and assume to be secure. Last week, Swiss security firm Hi-Tech Bridge disclosed that the Web store of a corporate customer had been used to deliver a targeted attack against a specific site visitor. The attackers were also able to retrieve the store’s customer database, which they may have used to search for desirable targets. The attack exploited a current and patched version of osCommerce Online Merchant (version 2.3.4, released last June), a common Web store content management system used by a number of high-profile companies—including Canonical’s Ubuntu Shop . The attacker inserted malicious PHP script that provided a backdoor into the site and could be configured to check users’ IP addresses and login credentials as they visit the site for specific targets. Once a desired target is detected, the script attempts to download malware to the victim from another site. The attacker can then remotely delete the backdoor and altered PHP files and replace them with the original by connecting to the script with a “?del” parameter added to its URL. The backdoor script is labeled as “osCommerce 2.x.x universal pwner by Piht0z,” and it’s just that: a generic PHP-based backdoor for osCommerce sites. According to Ilia Kolochenko, High-Tech Bridge’s CEO, there have been similar cases of targeted attacks on users of e-commerce sites before, but “it’s the first time we see a universal backdoor for a large e-commerce platform,” he said in a blog post about the discovery. “This means that hackers started using this vector on a regular basis to achieve their goals.” Read on Ars Technica | Comments

View post:
Universal backdoor for e-commerce platform lets hackers shop for victims

Sound waves separate rare cancer cells from blood

Circulating tumor cells (CTCs) are a rare type of cancer cell that are found in the blood stream of patients with localized tumors. Successful separation of CTCs from blood could serve as a liquid biopsy to help diagnose cancer and monitor treatment progress. A deeper understanding of CTCs could also lead to a better understanding of the most deadly cancer process: metastasis, where cancer cells leave established tumors and migrate to other locations in the body. Currently, CTC separation methods rely on features that distinguish CTCs from other cells—antibodies that stick to them, cell size, deformability, or even electrical properties. Scientists have also explored using sound waves to separate CTCs. Acoustic-based separation provides excellent biocompatibility and safety; it preserves the viability, function, phenotype, and genotype of cells. It also allow cells to be separated without modification. As a result, sound-based separation methods enable CTCs to be maintained in their native state throughout the separation process while avoiding invasive biopsies. Unfortunately, previous sound-based separations technologies haven’t managed to separate CTCs from clinical samples due to insufficient throughput and long-term operational instability. Recently, a team of scientists has developed an acoustic-based microfluidic device that separates CTCs from peripheral blood samples of cancer patients in a high-throughput manner. This method relies on something called tilted-angle standing surface sound waves. These standing waves contain points that “stand still,” called nodes, around which the wave oscillates. Read 7 remaining paragraphs | Comments

See more here:
Sound waves separate rare cancer cells from blood

Botnet that enslaved 770,000 PCs worldwide comes crashing down

Law enforcement groups and private security companies around the world said they have taken down a botnet that enslaved more than 770,000 computers in 190 countries, stealing owners’ banking credentials and establishing a backdoor to install still more malware. Simda, as the botnet was known, infected an additional 128,000 new computers each month over the past half year, a testament to the stealth of the underlying backdoor trojan and the organization of its creators. The backdoor morphed into a new, undetectable form every few hours, allowing it to stay one step ahead of many antivirus programs. Botnet operators used a variety of methods to infect targets, including exploiting known vulnerabilities in software such as Oracle Java , Adobe Flash , and Microsoft Silverlight . The exploits were stitched into websites by exploiting SQL injection vulnerabilities and exploit kits such as Blackhole and Styx. Other methods included sending spam and other forms of social engineering. Countries most affected by Simda included the US, with 22 percent of the infections, followed by the UK, Turkey with five percent, and Canada and Russia with four percent. The malware modified the HOSTS file Microsoft Windows machines use to map specific domain names to specific IP addresses. As a result, infected computers that attempted to visit addresses such as connect.facebook.net or google-analytics.com were surreptitiously diverted to servers under the control of the attackers. Often the booby-trapped HOSTS file remains even after the Simda backdoor has been removed. Security researchers advised anyone who may have been infected to inspect their HOSTS file, which is typically located in the directory %SYSTEM32%driversetchosts. People who want to discover if they have been infected by Simda can check this page provided by AV provider Kaspersky Lab. The page is effective as long as a person’s IP address hasn’t changed from when the infection was detected. Read 2 remaining paragraphs | Comments

View post:
Botnet that enslaved 770,000 PCs worldwide comes crashing down

Google Fiber plans expansion, then TWC makes speeds six times faster

With Google Fiber preparing an expansion into Charlotte, North Carolina, incumbent cable operator Time Warner Cable is trying to hold onto customers by dramatically increasing Internet speeds at no extra charge. “The Internet transformation will begin this summer and will include speed increases on TWC residential Internet plans at no additional cost, with customers experiencing increases up to six times faster, depending on their current level of Internet service,” Time Warner Cable announced last week . “For example, customers who subscribe to Standard, formerly up to 15Mbps, will now receive up to 50Mbps, customers who subscribe to Extreme, formerly up to 30Mbps, will now receive up to 200Mbps; and customers who subscribe to Ultimate, formerly up to 50Mbps, will receive up to 300Mbps, at no extra charge.” Google announced plans to enter Charlotte and a few other metro areas in January and is working with local officials to finalize the network design so that construction can begin. Read 5 remaining paragraphs | Comments

View post:
Google Fiber plans expansion, then TWC makes speeds six times faster

Hacked French network exposed its own passwords during TV interview

While French authorities continued investigating how the TV5Monde network had 11 of its stations’ signals interrupted the night before, one of its staffers proved just how likely a basic password theft might have led to the incident. In an interview with French news program 13 Heures , TV5Monde reporter David Delos unwittingly revealed at least one password for the station’s social media presence. That’s because he was filmed in front of a staffer’s desk—which was smothered in sticky notes and taped index cards that were covered in account usernames and passwords. Delos’s segment revealed the usernames and passwords for TV5Monde’s Twitter and Instagram accounts, but they were too difficult to read in an archived video of the broadcast . That wasn’t the case for the YouTube information, however; Twitter user pent0thal confirmed that account’s displayed password was “lemotdepassedeyoutube,” which translates in English to “the password of YouTube.” Read 2 remaining paragraphs | Comments

Continue Reading:
Hacked French network exposed its own passwords during TV interview

Eighth-grader charged with felony for shoulder-surfing teacher’s password

A 14-year-old Florida boy has been charged with felony computer intrusion after shoulder-surfing his school’s computer network password and using it to play a prank on a teacher. Domanik Green, an eighth-grader at Paul R. Smith Middle School in Holiday, Florida, was charged with an offense against a computer system and felony unauthorized access, according to a report published Thursday by The Tampa Bay Times . In late March, the youth allegedly used the administrative-level password without permission to log in to the school’s network and change the images displayed on a teacher’s computer to one of two men kissing. One of the computers accessed allegedly contained encrypted questions to the FCAT, short for the Florida Comprehensive Assessment Test . While the factual allegations laid out in the article seem to indicate the youth perpetrated some form of trespass, they also alleged a litany of poor practices on the part of school administrators. These practices include weak passwords, entering passwords in front of others, and widespread unauthorized access, possibly that went undetected. From the report: Read 1 remaining paragraphs | Comments

Original post:
Eighth-grader charged with felony for shoulder-surfing teacher’s password

Ken May

Tag: portfolio-cond