Tag: score2

Anonymous Accused of Running a Botnet Using Thousands of Hacked Home Routers

An anonymous reader writes: Taking advantage of lazy security, new research says Anonymous hacktivists (among other groups) hijacked thousands of routers using remote access and default login credentials. “‘For perpetrators, this is like shooting fish in a barrel, which makes each of the scans that much more effective, ‘ the report explains. ‘Using this botnet also enables perpetrators to execute distributed scans, improving their chances against commonplace blacklisting, rate-limiting and reputation-based defense mechanisms.'” Read more of this story at Slashdot.

See the article here:
Anonymous Accused of Running a Botnet Using Thousands of Hacked Home Routers

Microsoft: No More ‘Patch Tuesday’ For Windows 10 Home Users

citpyrc writes: According to the Register, Microsoft is making some changes to how it rolls out updates in Windows 10. Home users will receive updates as they come out, rather than queueing them all up on “patch Tuesday.” Business users will have the option to set their own update cycle, so they can see if any of the patches accidentally break anything for home users before trying them out. There will also be an optional peer-to-peer updating mechanism for Windows 10. Microsoft announced a service called Advanced Threat Analytics, which employs various machine learning techniques to identify malware on a network. As a premium service, top-dollar customers can pay for Microsoft to monitor black-hat forums and alert the company if any of its employees’ identities are stolen. Read more of this story at Slashdot.

See the article here:
Microsoft: No More ‘Patch Tuesday’ For Windows 10 Home Users

Ubuntu 15.04 Received Well By Linux Community

jones_supa writes: Canonical released Ubuntu 15.04 a couple of weeks ago, and it seems that this release has been a success. The community is mostly reporting a nice experience, which is important since this is the first Ubuntu release that uses systemd instead of upstart. At Slashdot, people have been very nervous about systemd, and last year it was even asked to say something nice about it. To be fair, Ubuntu 15.04 hasn’t changed all that much. Some minor visual changes have been implemented, along with a couple of new features, but the operating system has remained pretty much the same. Most importantly it is stable, fast, and it lacks the usual problems accompanied by new releases. Read more of this story at Slashdot.

View the original here:
Ubuntu 15.04 Received Well By Linux Community

Hacking the US Prescription System

An anonymous reader writes: It appears that most pharmacies in the US are interconnected, and a breach in one leads to access to the other ones. A security advisory released [Friday] shows how a vulnerability in an online pharmacy granted access to prescription history for any US person with just their name and date of birth. From the description linked above: During the signup process, PillPack.com prompts users for their identifying information. In the end of the signup rocess, the user is shown a list of their existing prescriptions in all other pharmacies in order to make the process of transferring them to PillPack.com easier. … To replicate this issue, an attacker would be directed to the PillPack.com website and choose the signup option. As long as the full name and the date of birth entered during signup match the target, the attacker will gain access to the target’s full prescription history. Read more of this story at Slashdot.

See more here:
Hacking the US Prescription System

Unnoticed For Years, Malware Turned Linux Servers Into Spamming Machines

An anonymous reader writes: For over 5 years, and perhaps even longer, servers around the world running Linux and FreeBSD operating systems have been targeted by an individual or group that compromised them via a backdoor Trojan, then made them send out spam, ESET researchers have found. What’s more, it seems that the spammers are connected with a software company called Yellsoft, which sells DirectMailer, a “system for automated e-mail distribution” that allows users to send out anonymous email in bulk. Here’s the white paper in which the researchers explain the exploit. Read more of this story at Slashdot.

See original article:
Unnoticed For Years, Malware Turned Linux Servers Into Spamming Machines

How One Tweet Wiped $8bn Off Twitter’s Value

An anonymous reader writes: Someone mistakenly published earnings information on a Nasdaq-run investor relations page for Twitter before the company officially released the news and it sent the stock into a tailspin. Initially the earnings statement went unnoticed, but soon a Tweet with the results got a lot of attention. The stock lost more than $8 billion at one point as news spread. “We asked the New York Stock Exchange to halt trading once we discovered our Q1 numbers were out, and we published our results as soon as possible thereafter, ” said Twitter’s senior director for investor relations, Krista Bessinger. “Selerity, who provided the initial tweets with our results, informed us that earnings release was available on our Investor Relations site before the close of market. Nasdaq hosts and manages our IR website, and we explicitly instructed them not to release our results until after the market close and only upon our specific instructions, which is consistent with prior quarters. We are continuing to investigate with them exactly what occurred.” Read more of this story at Slashdot.

Continue reading here:
How One Tweet Wiped $8bn Off Twitter’s Value

Russian Cargo Spacehip Declared Lost

schwit1 writes: The Russians have declared lost the Progress freighter that had been launched to the ISS yesterday. They never could regain control of the craft, plus it was in an incorrect orbit. Moreover, the U.S. Air Force has detected debris nearby, suggesting a significant failure of some kind. The Russians are now considering delaying the next manned launch, scheduled for May 26, while they investigate this failure. Both Soyuz and Progress use some of the same systems, including the radar system that failed on Progress, and they want to make sure the problem won’t pop up on the manned mission. At the same time, they are also considering advancing the launch date of the next Progress to ISS from August 6. Based on these reports, I think they might swap the launch dates for the two flights. A Dragon is scheduled to go to ISS in between these missions, though that schedule could be changed as well to accommodate the Russian plans. Read more of this story at Slashdot.

Taken from:
Russian Cargo Spacehip Declared Lost

US Successfully Tests Self-Steering Bullets

mpicpp sends this report from The Independent: The United States Department of Defense has carried out what it says is its most successful test yet of a bullet that can steer itself towards moving targets. Experienced testers have used the technology to hit targets that were actively evading the shot, and even novices that were using the system for the first time were able to hit moving targets. The project, which is known as Extreme Accuracy Tasked Ordnance weapon, or Exacto, is being made for the American government’s military research agency, DARPA. It is thought to use small fins that shoot out of the bullet and re-direct its path, but the U.S. has not disclosed how it works. Technology in the bullet allows it to compensate for weather and wind, as well as the movement of people it is being fired at, and curve itself in the air as it heads towards its target. Read more of this story at Slashdot.

See the original post:
US Successfully Tests Self-Steering Bullets

New Privacy Threat: Automated Vehicle Occupancy Detection

An anonymous reader writes: The Electronic Frontier Foundation is warning against a new potential privacy threat: cameras that look inside cars and try to identify how many people are inside. This technology is a natural combination of simpler ones that have existed for years: basic object recognition software and road-side cameras (red light cameras, speeding cameras, license plate readers — you name it). Of course, we can extrapolate just a bit further, and point out that as soon as the cameras have high enough resolution, they can start running face recognition algorithms on the images, and determine the identities of a vehicle’s occupants. “The San Diego Association of Governments (SANDAG), a government umbrella group that develops transportation and public safety initiatives across the San Diego County region, estimates that 15% of drivers in High Occupancy Vehicle (HOV) lanes aren’t supposed to be there. After coming up short with earlier experimental projects, the agency is now testing a brand new technology to crack down on carpool-lane scofflaws on the I-15 freeway. … In short: the technology is looking at your image, the image of the people you’re with, your location, and your license plate. (SANDAG told CBS the systems will not be storing license plate data during the trial phase and the system will, at least for now, automatically redact images of drivers and passengers. Xerox’s software, however, allows police the option of using a weaker form of redaction that can be reversed on request.)” Read more of this story at Slashdot.

Read More:
New Privacy Threat: Automated Vehicle Occupancy Detection

TeslaCrypt Isn’t All That Cryptic

citpyrc writes: TeslaCrypt, the latest-and-greatest ransomware branch off of the CryptoWall family, claims to the unwitting user that his/her documents are encrypted with “a unique public key generated for this computer”. This coudn’t be farther from truth. In actuality, the developers of this malware appear to have been lazy and implemented encryption using symmetric AES256 with a decryption key generated on the user’s machine. If any of your machines are afflicted, Talos has developed a tool that can be used to generate the user’s machine’s symmetric key and decrypt all of the ransomed files. Read more of this story at Slashdot.

See original article:
TeslaCrypt Isn’t All That Cryptic