Tag: russian

Five Major Credit Cards Are Now Blocking Cryptocurrency Purchases

An anonymous reader quotes CNBC: J.P. Morgan Chase, Bank of America and Citigroup said Friday they are no longer allowing customers to buy cryptocurrencies using credit cards. “At this time, we are not processing cryptocurrency purchases using credit cards, due to the volatility and risk involved, ” a J.P. Morgan Chase spokesperson said in a statement to CNBC. “We will review the issue as the market evolves.” A Bank of America spokesperson also said in an email that the bank has decided to decline credit card purchases of cryptocurrencies. Citigroup said in a statement that it has “made the decision to no longer permit credit card purchases of cryptocurrency. We will continue to review our policy as this market evolves.” Earlier in January, Capital One Financial said it has decided to ban cryptocurrency purchases with its cards. Discover Financial Services has effectively prohibited cryptocurrency purchases with its credit cards since 2015. Read more of this story at Slashdot.

View original post here:
Five Major Credit Cards Are Now Blocking Cryptocurrency Purchases

‘Very High Level of Confidence’ Russia Used Kaspersky Software For Devastating NSA Leaks

bricko shares a report from Yahoo Finance: Three months after U.S. officials asserted that Russian intelligence used popular antivirus company Kaspersky to steal U.S. classified information, there are indications that the alleged espionage is related to a public campaign of highly damaging NSA leaks by a mysterious group called the Shadow Brokers. In August 2016, the Shadow Brokers began leaking classified NSA exploit code that amounted to hacking manuals. In October 2017, U.S. officials told major U.S. newspapers that Russian intelligence leveraged software sold by Kaspersky to exfiltrate classified documents from certain computers. (Kaspersky software, like all antivirus software, requires access to everything stored on a computer so that it can scan for malicious software.) And last week the Wall Street Journal reported that U.S. investigators “now believe that those manuals [leaked by Shadow Brokers] may have been obtained using Kaspersky to scan computers on which they were stored.” Members of the computer security industry agree with that suspicion. “I think there’s a very high level of confidence that the Shadow Brokers dump was directly related to Kaspersky … and it’s very much attributable, ” David Kennedy, CEO of TrustedSec, told Yahoo Finance. “Unfortunately, we can only hear that from the intelligence side about how they got that information to see if it’s legitimate.” Read more of this story at Slashdot.

See more here:
‘Very High Level of Confidence’ Russia Used Kaspersky Software For Devastating NSA Leaks

Russia is planning to put a luxury hotel on the ISS

While American private corporations are working to offer paying customers a short trip to space (or the edge of it ), Russia is cooking up something grander. According to Popular Mechanics , it saw a proposal detailing Russian space corporation Roscosmos’ plan to build a luxury hotel on the ISS. Anybody whose pockets are deep enough to shell out at least $40 million for the experience can stay there for a week or two. An additional $20 million will buy them the chance to go on a spacewalk with a cosmonaut. The publication says Russian space contractor RKK Energia conjured up the strategy to be able to pay for the construction of the second module it’s building that will set it back $279 to $446 million. RKK Energia is already building the first of the two modules to serve as a science laboratory and power supply station. Although the second module has always been part of the plan, the Russian government is only paying for the first one. The tourist module will reportedly look like the first one from the outside — you can see an illustration of the science module below: [Image credit: Anatoly Zak/Russianspaceweb.com] The inside, however, will have four sleeping quarters around two cubic meters each with 9-inch windows. It will also have two “medical and hygiene” stations, as well as a lounge area with a 16-inch window — after all, if Russia wants guests to pay tens of millions, it will have to be worth it. RKK Energia is hoping to fly one or two tourists per Soyuz flight after NASA stops buying seats on the capsule for astronauts headed to the ISS, which will happen once Boeing’s and SpaceX’s commercial crew program vehicles are ready. To be able to jump-start construction, it has to find 12 (wealthy) passengers willing to pay $4 million up front. And if at least six passengers pay for a week-long stay at the space hotel per year, the company can recoup its investment within seven years. As Popular Mechanics noted, though, the ISS is scheduled to be decommissioned in 2028. The space contractor said the module takes five years to finish, so it will have to start building soon. Source: Popular Mechanics

View original post here:
Russia is planning to put a luxury hotel on the ISS

Russian hackers steal $10 million from ATMs through bank networks

The recent rash of bank system hacks goes deeper than you might have thought — it also includes stealing cash directly from ATMs. Researchers at Group-iB have published details of MoneyTaker, a group of Russian hackers that has stolen close to $10 million from American and Russian ATMs over the past 18 months. The attacks, which targeted 18 banks (15 of which were American), compromised interbank transfer systems to hijack payment orders — “money mules” would then withdraw the funds at machines. The first known attack was in the spring of 2016, when MoneyTaker hit First Data’s STAR network (the largest transfer messaging system for ATMs in the US). They also compromised Russia’s AW CRB network, and swiped documents for OceanSystems’ Fed Link system used by roughly 200 banks across the Americas. And in some cases, the group stuck around after the initial heist — at least one US bank’s documents were stolen twice, while the perpetrators kept spying on Russian bank networks. While it’s not clear who’s behind MoneyTaker, you’re only hearing about them now because they’re particularly clever. They’ve repeatedly switched their tools and methods to bypass software, and have taken care to erase their tracks. For instance, they’ve ‘borrowed’ security certificates from the US federal government, Bank of America, Microsoft and Yahoo. One Russian bank did manage to spot an attack and return some of the ill-gotten gains. This particular hack didn’t directly affect users, since it was more about intercepting bank-to-bank transfers than emptying personal accounts. However, it illustrates both the sophistication of modern bank hacks and the vulnerability of the banks themselves. While it would be difficult to completely prevent hacks, it’s clear that attackers are having a relatively easy time making off with funds and sensitive data. Via: Reuters Source: Group-iB (reg. required)

Excerpt from:
Russian hackers steal $10 million from ATMs through bank networks

Facebook’s ‘ticker,’ aka creeper feed, is no more

Facebook has killed one of its oldest features, the “ticker, ” that let you see at a glance what your friends were doing or sharing. First launched in 2011 , it used to appear to the right of your news feed (on the web app) showing likes, comments and other friend activities. As TechCrunch noticed, Facebook’s help community had been posting about the ticker’s disappearance, when a verified employee chimed in to see that “this feature is no longer available.” Facebook hasn’t explained exactly why it chopped the ticker, though we’ve reached out for comment. The social network is generally ruthless with features that don’t increase user engagement, and by extension, ad revenue. It’s hard to remember now, but Facebook’s feeds used to display posts in chronological order, much like Twitter ( mostly ) still does. The algorithmic feed, launched in 2011 eliminated date-ordered posts, surfacing what it thinks is more relevant information, instead. Facebook-owned Instagram made the same change early last year. The ticker was introduced along with the algorithmic feed, so that you could still monitor your friends’ activities in real time. Though often called the “creeper” feed, it didn’t really do anything that the news feed didn’t before. The algorithmic feed is ostensibly good for users, but like any algorithm, it can be gamed. That has become especially apparent with Facebook over the 18 months, when Russian operators bought ads in an attempt to influence US election results. They correctly surmised that discord increases engagement, and paid for posts that played social factions off against each other. As a result, at least 126 million Americans were exposed to articles that likely influenced election results to some degree. Via: TechCrunch Source: Facebook

Continue reading here:
Facebook’s ‘ticker,’ aka creeper feed, is no more

New Microsoft Word attacks infect PCs sans macros

Enlarge (credit: Microsoft ) Fancy Bear, the advanced hacking group researchers say is tied to the Russian government, is actively exploiting a newly revived technique that gives attackers a stealthy means of infecting computers using Microsoft Office documents, security researchers said this week. Fancy Bear is one of two Russian-sponsored hacking outfits researchers say breached Democratic National Committee networks ahead of last year’s presidential election.  The group was recently caught sending a Word document that abuses a feature known as Dynamic Data Exchange. DDE allows a file to execute code stored in another file and allows applications to send updates as new data becomes available. In a blog post published Tuesday , Trend Micro researchers said Fancy Bear was sending a document titled IsisAttackInNewYork.docx that abused the DDE feature. Once opened, the file connects to a control server to download a first-stage of piece of malware called Seduploader and installs it on a target’s computer. DDE’s potential as an infection technique has been known for years, but a post published last month by security firm SensePost has revived interest in it. The post showed how DDE could be abused to install malware using Word files that went undetected by anti-virus programs. Read 6 remaining paragraphs | Comments

View post:
New Microsoft Word attacks infect PCs sans macros

Kaspersky says it briefly possessed classified NSA files

Earlier this month, reports surfaced that classified NSA documents detailing how US agencies defend their cyber networks and how they breach foreign ones were stolen by Russian hackers in 2015. Those reports noted that the files were spotted through Kaspersky security software used by an NSA contractor who had saved the classified documents on a home computer. Well, Kaspersky has now provided some more information about the incident and it has acknowledged that it did in fact have classified NSA materials in its possession, the Associated Press reports. The company’s founder, Eugene Kaspersky, said that in 2014, Kaspersky analysts informed him that their software had plucked some classified files from an NSA contractor’s computer. Kaspersky said it was immediately clear what needed to be done — the materials had to be deleted. And so they were. However, whether the files in question were obtained purposefully or as a result of normal functions of the security software is still up in the air. As Kaspersky tells it, the company was already tracking a team of hackers called the Equation Group, which was later revealed to be part of the NSA. The NSA contractor that exposed the files had run Kaspersky software on his computer after infecting it with a bootleg copy of Microsoft Office and while the software cleaned up the viruses, it was also triggered by the Equation Group materials stored on the contractor’s computer. Those were then sent to Kaspersky headquarters for evaluation and as soon as analysts saw that the files were classified NSA documents, they alerted Eugene Kaspersky and subsequently deleted the files. Releasing this information is part of Kaspersky Lab’s recent push towards transparency as mistrust in the US has mounted over the past few months. Best Buy pulled Kaspersky software from its shelves last month and the US government banned the software in all federal agencies. Earlier this year, the FBI was reportedly discouraging private companies from using Kaspersky products, which have been a focus in government investigations of late and an interest of both the Senate and House of Representatives . Earlier this week, in order to regain some trust, Kaspersky announced that it would allow its source code to be reviewed by third parties and would open three “transparency centers” around the world. Jake Williams, a cybersecurity expert and former NSA analyst, told the AP that because Kaspersky was trying to woo US government clients at the time, it made sense that it would have chosen to delete the files. “It makes sense that they pulled those up and looked at the classification marking and then deleted them, ” he said. “I can see where it’s so toxic you may not want it on your systems.” However, he added the fact that an NSA employee put classified material on an already compromised home computer was “absolutely wild.” Source: Associated Press

Link:
Kaspersky says it briefly possessed classified NSA files

First Floating Wind Farm Delivers Electricity

The world’s first floating offshore wind farm began delivering electricity to the Scottish grid today. “The 30MW installation, situated 25km (15.5mi) from Peterhead in Aberdeenshire, Scotland, will demonstrate that offshore wind energy can be harvested in deep waters, miles away from land, where installing giant turbines was once impractical or impossible, ” reports Ars Technica. “At peak capacity, the wind farm will produce enough electricity to power 20, 000 Scottish homes.” From the report: The installation, called Hywind Scotland, is also interesting because it was built by Statoil, a Norwegian mega-corporation known for offshore oil drilling. Statoil has pursued offshore wind projects in recent years, using the companyâ(TM)s experience building and managing infrastructure in difficult open sea conditions to its advantage. Hywind Scotland began producing power in September, and today it starts delivering electricity to the Scottish grid. Now, all that’s left is for Statoil and its partner company Masdar to install a 1MWh lithium-ion battery, charmingly called âoeBatwind, â on shore. Batwind will help the offshore system regulate power delivery and optimize output. After a number of small demonstration projects, the five 6MW turbines are the first commercial turbines to lack a firm attachment to the seafloor. They’re held in place using three giant suction anchors, which are commonly used in offshore oil drilling. Essentially, an enormous, empty, upside-down âoebucketâ is placed on the seafloor, and air is sucked out of the bucket, which forces the bucket downward, further into the seafloor sediment. The report mentions a 2013 video that shows how offshore wind farms work. Read more of this story at Slashdot.

Continue reading here:
First Floating Wind Farm Delivers Electricity

Holy Cow: Dubai Police Have a Freaking Hoverbike

Remember how Dubai’s police department uses a fleet of supercars as their cruisers? Now the flashy force has added another head-turning vehicle: A Scorpion 3 hoverbike built by Russian company Hoversurf . According to Autoblog , …The police force aims to deploy its latest toy as a first-responder vehicle in hard-to-reach places, such as the middle of a traffic jam. Conveyed to a staging point, the Scorpion’s 660-pound cargo capacity could carry an officer to a choke-point scene with aid before a Mercedes G-wagen or Bugatti Veyron could get through. The hoverbike also does standard drone duty with a range of up to six kilometers. I’d love to see these here in New York City. Alas, this is the NYPD’s latest vehicle.

View article:
Holy Cow: Dubai Police Have a Freaking Hoverbike

Super NES Classic hacks are now oh, so easy to pull off—you can even add features

Enlarge / The clean look of the SNES Classic gets ruined a bit the second you plug stuff in. (credit: Kyle Orland) After guesses, estimations, and positive early tests, the Super NES Classic has emerged as a hackable little piece of gaming nostalgia—and quite an easy one to hack, at that. This weekend saw the September device receive a simple exploit in the form of hakchi2 , a Windows program designed by a Russian hacker who calls himself “ClusterM,” and, among other things, it allows fans to add far more games to the system than its default set of 21. If any of that sounds familiar, as opposed to gibberish, it’s because the same program and hacker emerged shortly after the launch of 2016’s Linux-powered NES Classic. ClusterM found a way to wrap that system’s FEL-mode exploit (read lots more about that here ) in a tidy Windows GUI, which allowed fans to use Windows Explorer menus to dump game ROMs, emulator cores, and even new art into their boxy ode to ’80s Nintendo bliss. ClusterM announced plans to repeat his trick well before the SNES Classic landed in stores, and his hacking hopes looked promising with the reveal, courtesy of Eurogamer , that the SNES Classic has a near-identical chipset and board compared to the NES Classic. Initial tests of the FEL-mode exploit, which requires booting into a telnet interface to talk to Nintendo’s Linux box, proved promising, and ClusterM returned eight days after the system’s launch with a new hakchi2 version—which now works with either “Nintendo classic” system. Read 4 remaining paragraphs | Comments

See more here:
Super NES Classic hacks are now oh, so easy to pull off—you can even add features