Tag: vanity-fair

Computer intrusion inflicts massive damage on German steel factory

A German steel factory suffered significant damage after attackers gained unauthorized access to computerized systems that help control its blast furnace, according to a report published Friday by IDG News. The attackers took control of the factory’s production network through a spear phishing campaign, IDG said, citing a report published Wednesday by the German government’s Federal Office for Information Security. Once the attackers compromised the network, individual components or possibly entire systems failed. IDG reporter Loek Essers wrote: Due to these failures, one of the plant’s blast furnaces could not be shut down in a controlled manner, which resulted in “massive damage to plant,” the BSI said, describing the technical skills of the attacker as “very advanced.” The attack involved the compromise of a variety of different internal systems and industrial components, BSI said, noting that not only was there evidence of a strong knowledge of IT security but also extended know-how of the industrial control and production process. The incident is notable because it’s one of the few computer intrusions to cause physical damage. The Stuxnet worm that targeted Iran’s uranium enrichment program has been dubbed the world’s first digital weapon, destroying an estimated 1,000 centrifuges. Last week, Bloomberg News reported that a fiery blast in 2008 that hit a Turkish oil pipeline was the result of hacking , although it’s not clear if the attackers relied on physical access to computerized controllers to pull it off. The suspected sabotage of a Siberian pipeline in 1982 is believed to have used a logic bomb. Critics have long argued that much of the world’s factories and critical infrastructure aren’t properly protected against hackers. Read on Ars Technica | Comments

Visit link:
Computer intrusion inflicts massive damage on German steel factory

NASA just e-mailed a wrench to space

When International Space Station  Commander Barry Wilmore needed a wrench,  NASA  knew just what to do. They “e-mailed” him one. This is the first time an object has been designed on Earth and then transmitted to space for manufacture. Made In Space, the California company that designed the 3D printer aboard the ISS, overheard Wilmore mentioning the need for a ratcheting socket wrench and decided to create one.  Previously, if an astronaut needed a specific tool it would have to be flown up on the next mission to the ISS , which could take months. This isn’t the first 3D-printed object made in space , but it is the first created to meet the needs of an astronaut. In November astronauts aboard the ISS printed a replacement part for the recently installed 3D printer. A total of 21 objects have now been printed in space, all of which will be brought back to Earth for testing. Read 4 remaining paragraphs | Comments

More:
NASA just e-mailed a wrench to space

FBI claims North Korean involvement in Sony Pictures attack

The Federal Bureau of Investigation’s Washington press office has issued an update on the investigation into the cyber attack on Sony Pictures Entertainment, including the conclusion that North Korea was behind it. “As a result of our investigation, and in close collaboration with other US government departments and agencies, the FBI now has enough information to conclude that the North Korean government is responsible for these actions,” the office said in a statement. However, the information cited by the FBI’s update may not be as conclusive as many would like. Other hints at the attribution were provided to news organizations off-the-record, but the FBI’s public statements are far from definitive. Read 9 remaining paragraphs | Comments

View original post here:
FBI claims North Korean involvement in Sony Pictures attack

Activist group sues San Diego Police Department over “stingray” records

A legal advocacy group has sued the San Diego Police Department (SDPD) and the city of San Diego in an attempt to force the release of public records relating to stingrays, also known as cell-site simulators. Stingrays are often used covertly by local and federal law enforcement to locate target cellphones and their respective owners. However, stingrays also sweep up cell data of innocent people nearby who have no idea that such collection is taking place. Stingrays can be used to intercept voice calls and text messages as well. Earlier this week, a local judge in Arizona ruled that a local reporter could not receive similar stingray documents from the Tucson Police Department because disclosure “would give criminals a road map for how to defeat the device, which is used not only by Tucson but other local and national police agencies.” Read 5 remaining paragraphs | Comments

Originally posted here:
Activist group sues San Diego Police Department over “stingray” records

AnandTech snapped up by parent company of Tom’s Hardware and LaptopMag

Purch, Inc. announced  on Wednesday that it had purchased AnandTech.com, ending the site’s 17-year run as an independent publication. Purch also owns a number of other long-running technology sites, including LaptopMag (founded as Laptop Magazine in 1991), Tom’s Hardware (founded 1996), and a handful of other offshoot tech publications. Purch says the acquisition will help it “dominate the tech expert and enthusiast market.” Anand Shimpi, founder and original editor-in-chief of the site, left his post for Apple in late August. Shimpi says he is “happy to see [AnandTech] end up with a partner committed to taking good care of the brand and its readers.” Current Editor-In-Chief Ryan Smith says the site has “grown by leaps and bounds over the past several years” but that it was “nearing what’s possible as an independent company.” Smith goes on to say that Purch values AnandTech’s exhaustive hardware testing and reviews, and that Purch would enable the site to grow “without compromising the quality that made us who we are today.” Under Smith, AnandTech has continued to run reviews of individual PC components and, less frequently, complete consumer products like laptops, phones, and operating systems. While the site misses Shimpi’s voice and expertise (and that of former mobile editor Brian Klug, who also left for Apple this year), its coverage and testing procedures continue to be deep and thorough, and they will hopefully remain that way post-acquisition. Read 1 remaining paragraphs | Comments

Read More:
AnandTech snapped up by parent company of Tom’s Hardware and LaptopMag

ICANN e-mail accounts, zone database breached in spearphishing attack

Unknown attackers used a spearphishing campaign to compromise sensitive systems operated by the Internet Corporation for Assigned Names and Numbers (ICANN), a coup that allowed them to take control of employee e-mail accounts and access personal information of people doing business with the group. ICANN, which oversees the Internet’s address system, said in a release published Tuesday that the breach also gave attackers administrative access to all files stored in its centralized zone data system , as well as the names, postal addresses, e-mail addresses, fax and phone numbers, user names, and cryptographically hashed passwords of account holders who used the system. Domain registries use the database to help manage the current allocation of hundreds of new generic top level domains (gTLDs) currently underway. Attackers also gained unauthorized access to the content management systems of several ICANN blogs. “We believe a ‘spear phishing’ attack was initiated in late November 2014,” Tuesday’s press release stated. “It involved email messages that were crafted to appear to come from our own domain being sent to members of our staff. The attack resulted in the compromise of the email credentials of several ICANN staff members.” Read 4 remaining paragraphs | Comments

Original post:
ICANN e-mail accounts, zone database breached in spearphishing attack

Apple ceases online sales in Russia due to extreme ruble fluctuations

Bloomberg reported on Tuesday that Apple has ceased all online sales in Russia as the country has been unable to keep its currency from fluctuating dramatically. In the last month, Apple had already increased the price of its iPhone 6 in that country by 25 percent due to currency uncertainties. “Our online store in Russia is currently unavailable while we review pricing,” Alan Hely, a spokesman for the Cupertino, California-based company, told Bloomberg. “We apologize to customers for any inconvenience.” It is uncertain when Apple will reinstate its operations in Russia. Bloomberg noted that the Ruble sank 19 percent today, “with a surprise interest-rate increase failing to stem a run on the currency.” At one point during the day, the ruble sank to 80 on the dollar. Read 3 remaining paragraphs | Comments

View the original here:
Apple ceases online sales in Russia due to extreme ruble fluctuations

Feds used Adobe Flash to identify Tor users visiting child porn sites

A little more than 16 months ago, word emerged that the FBI exploited a recently patched Firefox vulnerability to unmask Tor users visiting a notorious child pornography site. It turns out that the feds had waged an even broader uncloaking campaign a year earlier by using a long-abandoned part of the open source Metasploit exploit framework to identify Tor-using suspects. According to Wired , “Operation Torpedo,” as the FBI sting operation was dubbed, targeted users of three darknet child porn sites. It came to light only after Omaha defense attorney Joseph Gross challenged the accuracy of evidence it uncovered against a Rochester, New York-based IT worker who claims he was falsely implicated in the campaign. Operation Torpedo used the Metasploit Decloaking Engine to identify careless suspects who were hiding behind Tor, a free service used by good and bad guys alike to shield their point of entry to the Internet. The Decloaking Engine went live in 2006 and used five separate methods to break anonymization systems. One method was an Adobe Flash application that initiated a direct connection with the end user, bypassing Tor protections and giving up the user’s IP address. Tor Project officials have long been aware of the vulnerability and strenuously advise against installing Flash. According to Wired: Read 1 remaining paragraphs | Comments

View article:
Feds used Adobe Flash to identify Tor users visiting child porn sites

4 seconds of body cam video can reveal a biometric fingerprint, study says

Researchers say they can have computers examine body camera video footage and accurately identify a person wearing a body-mounted device in about four seconds, according to a recently released paper . The authors of the study had their software look at biometric characteristics like height, stride length, and walking speed to find the identity of the person shooting the footage. As they point out, this could have both positive and negative implications for civilians, law enforcement, and military personnel if they’re using body-mounted cameras. (It’s important to note that this research paper,  Egocentric Video Biometrics , was posted  to the arXiv repository . As such, it’s not considered a final, peer-reviewed work.) Using static, mounted cameras to match a person’s height and gait is a relatively common and well-researched vector for narrowing down the identity of people caught in videos. The authors said that, to get an accurate read of the biometric data of the person wearing the body cam, the footage has to be from a camera secured to one point on a person’s body (handheld cameras don’t work), and it has to have at least four seconds of video of the camera-wearer walking. Despite these restrictions, the two researchers from The Hebrew University in Jerusalem noted that once the necessary information had been gathered, “the identity of the user can be determined quite reliably from a few seconds of video.” “This is like a fingerprint,” Shmuel Peleg, one of the paper’s authors, told The Verge. “In order to find the person you have to have their fingerprint beforehand. But we can compare two people and say whether two videos were shot by the same person or not.” Read 4 remaining paragraphs | Comments

More:
4 seconds of body cam video can reveal a biometric fingerprint, study says

Judge says reporter can’t get public records about cops’ “stingray” use

A local judge in Arizona ruled Friday that the Tucson Police Department (TPD) does not have to disclose records related to the use of stingrays, also known as cell-site simulators, under the state’s public records act. According to a Saturday report from Capitol Media Services , a state news wire, complying with reporter Beau Hodai ’s public records request “would give criminals a road map for how to defeat the device, which is used not only by Tucson but other local and national police agencies.” Hodai sued the TPD and the City of Tucson in March 2014 to force them to hand over such records. The devices are often used covertly by local and federal law enforcement to locate target cellphones and their respective owners. However, stingrays also sweep up cell data of innocent people nearby who have no idea that such collection is taking place. Stingrays can be used to intercept voice calls and text messages as well. Read 9 remaining paragraphs | Comments

Link:
Judge says reporter can’t get public records about cops’ “stingray” use