yorker-vanity – Page 5 – Tech Today w/ Ken May

Researchers help shut down spam botnet that enslaved 4,000 Linux machines

A botnet that enslaved about 4,000 Linux computers and caused them to blast the Internet with spam for more than a year has finally been shut down. Known as Mumblehard, the botnet was the product of highly skilled developers . It used a custom “packer” to conceal the Perl-based source code that made it run, a backdoor that gave attackers persistent access, and a mail daemon that was able to send large volumes of spam. Command servers that coordinated the compromised machines’ operations could also send messages to Spamhaus requesting the delisting of any Mumblehard-based IP addresses that sneaked into the real-time composite blocking list , or CBL, maintained by the anti-spam service. “There was a script automatically monitoring the CBL for the IP addresses of all the spam-bots,” researchers from security firm Eset wrote in a blog post published Thursday . “If one was found to be blacklisted, this script requested the delisting of the IP address. Such requests are protected with a CAPTCHA to avoid automation, but OCR (or an external service if OCR didn’t work) was used to break the protection.” Read 2 remaining paragraphs | Comments

Nation-wide radio station hack airs hours of vulgar “furry sex” ramblings

(credit: TJJSvdM ) Some Tuesday morning listeners of KIFT, a Top 40 radio station located in Breckenridge, Colorado, were treated to a radically different programming menu. Instead of the normal fare from Taylor Swift, The Chainsmokers, or other pop stars, a hack by an unknown party caused one of the station’s signals to broadcast a sexually explicit podcast related to the erotic attraction to furry characters . The unauthorized broadcast lasted for about 90 minutes . KIFT wasn’t the only station to be hit by the hack. On the same day, Livingston, Texas-based country music station KXAX also broadcast raunchy furry-themed audio . And according to an article posted Wednesday by radio industry news site RadioInsight.com, the unauthorized broadcasts from a hobbyist group called FurCast were also forced on an unnamed station in Denver and an unidentified national syndicator. “All in all the FurCast aired for an hour, possibly two,” Jason Mclelland, owner and general manager of the KXAX Radio Group, wrote in an e-mail. “During that time they talked about sex with two guys and a girl in explicit details and rambled on with vulgar language not really having much of a point to the podcast. I’m assuming there was no real reason for this hack.” Read 6 remaining paragraphs | Comments

Originally posted here:
Nation-wide radio station hack airs hours of vulgar “furry sex” ramblings

Nvidia unveils first Pascal graphics card, the monstrous Tesla P100

The first full-fat GPU based on Nvidia’s all-new Pascal architecture is here. And while the Tesla P100 is aimed at professionals and deep learning systems rather than consumers, if consumer Pascal GPUs are anything like it—and there’s a very good chance they will be—gamers and enthusiasts alike are going to see a monumental boost in performance. The Tesla P100 is the first full-size Nvidia GPU based on the TSMC 16nm FinFET manufacturing process—like AMD, Nvidia has been stuck using an older 28nm process since 2012—and the first to feature the second generation of High Bandwidth Memory (HBM2). Samsung began mass production of faster and higher capacity HBM2 memory back in January. While recent rumours suggested that both Nvidia and AMD wouldn’t use HMB2 this year due to it being prohibitively expensive—indeed, AMD’s recent roadmap suggests that its new Polaris GPUs won’t use HBM2 —Nvidia has at least taken the leap with its professional line of GPUs. The result of the P100’s more efficient manufacturing process, architecture upgrades, and HBM2 is a big boost in performance over Nvidia’s current performance champs like the Maxwell-based Tesla M40 and the Titan X/Quadro M6000. Nvidia says the P100 reaches 21.2 teraflops of half-precision (FP16) floating point performance, 10.6 teraflops of single precision (FP32), and 5.3 teraflops (1/2 rate) of double precision. By comparison, the Titan X and Tesla M40 offer just 7 teraflops of single precision floating point performance. Read 9 remaining paragraphs | Comments

Continue Reading:
Nvidia unveils first Pascal graphics card, the monstrous Tesla P100

Reddit removes “warrant canary” from its latest transparency report

(credit: Cyrus Farivar) Reddit has removed the warrant canary posted on its website, suggesting that the company may have been served with some sort of secret court order or document for user information. At the bottom of its 2014 transparency report , the company wrote: “As of January 29, 2015, reddit has never received a National Security Letter, an order under the Foreign Intelligence Surveillance Act, or any other classified request for user information. If we ever receive such a request, we would seek to let the public know it existed.” That language was conspicuously missing from the 2015 transparency report that was published Thursday morning. Read 3 remaining paragraphs | Comments

Maryland hospital group hit by ransomware

Baltimore’s Union Memorial is one of the hopitals hit by Samsam, an autonomous ransomware strain spread by exploiting JBoss servers. (credit: MedStar) Baltimore’s Union Memorial Hospital is the epicenter of a malware attack upon its parent organization, MedStar. Data at Union Memorial and other MedStar hospitals in Maryland have been encrypted by ransomware spread across the network, and the operators of the malware are offering a bulk deal: 45 bitcoins (about $18,500) for the keys to unlock all the affected systems. Reuters reports that the FBI issued a confidential urgent “Flash” message to the industry about the threat of Samsam on March 25, seeking assistance in fighting the ransomware and pleading, “We need your help!” The FBI’s cyber center also shared signature data for Samsam activity to help organizations screen for infections. But the number of potential targets remains vast, and the FBI was concerned that entire networks could fall victim to the ransomware. According to sources who spoke to the Baltimore Sun , the malware involved in MedStar’s outages is Samsam, also known as Samas and MSIL. The subject of a recent confidential FBI cyber-alert, Samsam is form of malware that uses well-known exploits in the JBoss application server and other Java-based application platforms. As Ars reported on Monday, Samsam uses exploits published as part of JexBoss , an open-source security and penetration testing tool for checking JBoss servers for misconfiguration. Read 3 remaining paragraphs | Comments

Original post:
Maryland hospital group hit by ransomware

New ransomware installs in boot record, encrypts hard disk [Updated]

Yet another harsh lesson for people who click things they shouldn’t. A new type of malware has been described, one that takes crypto-extortion to a new level. While most cryptographic ransomware variants are selective about what they encrypt—leaving the computer usable to make it easier for the victim to pay—this new entry targets the victim’s entire startup drive, encrypting the master file table (MFT). Called Petya, the new ransomware is just the latest ransomware deliberately tailored for victims within organizations with IT support instead of a broader audience. As BleepingComputer’s Lawrence Abrams documented , Petya is currently being delivered via Dropbox links in e-mail messages targeting human resources departments at companies in Germany. The links are purported to be to an application to be installed by the HR employee. Running the attachment throws up a Windows alert; if the user clicks to continue, Petya is inserted into the master boot record (MBR) of the victim’s computer, and the system restarts. On reboot, the malware performs a fake Windows CHKDSK, warning “One of your disks contains errors and needs to be repaired,” Petya then flashes up an ASCII skull and crossbones on a red and white screen, announcing “You became victim of the PETYA RANSOMWARE!” Read 3 remaining paragraphs | Comments

AT&T boosts data caps for home Internet and steps up enforcement

AT&T CEO Randall Stephenson. (credit: AT&T) AT&T today announced that it will increase its data caps—and expand enforcement—on home Internet service. As a result, more customers will have to pay $10 overage charges for each 50GB they use beyond their monthly limit, similar to Comcast’s data cap system. AT&T will also let customers upgrade to unlimited data for an extra $30 a month. This is only necessary for Internet-only customers. People who purchase both AT&T Internet and TV in a bundle will get unlimited home Internet data at no extra charge. That applies to bundles with either DirecTV satellite or AT&T’s wireline U-verse TV system. Previously, AT&T enforced a 150GB monthly cap on its DSL network. On May 23, AT&T will expand enforcement of caps to U-verse Internet service, which brings fiber closer to the home to boost speeds, and to “Gigapower,” its all-fiber service. Read 9 remaining paragraphs | Comments

More here:
AT&T boosts data caps for home Internet and steps up enforcement

Texas cops joke on Facebook about Ebola-tainted meth and net one arrest

A Central Texas police department issued a “breaking news alert” on Facebook, cautioning residents that meth and heroin in the Granite Shoals area “could be contaminated with the life-threatening disease Ebola .” Last week’s fake Facebook alert urged the public “NOT” to ingest those illicit drugs “until it has been properly checked for possible Ebola contamination” by the police department. The ploy netted one arrest, the Granite Shoals Police Department (GSPD) reported on Facebook. A woman allegedly brought in her meth so the police department could analyze it for Ebola: This morning, we had our first concerned citizen notify the Granite Shoals Police Department (GSPD) that they believed their methamphetamine may be tainted. Our officers gladly took the item for further testing. Results and booking photos are pending. Please continue to report any possibly tainted methamphetamine or other narcotics to the Granite Shoals Police Department. Public health and safety continue to remain our #1 priority. ‪#‎notkidding‬ For the uninitiated, there are no Ebola-contaminated drugs. The alert was a hoax played on the citizens of Granite Shoals, a town of about 5,000 northwest of Austin. But the arrest of 29-year-old Chastity Eugina Hopson is not a joke. She was accused of possessing under a gram of a controlled substance. The police department described Hopson’s arrest as “the winner of the Facebook post challenge.” Read 2 remaining paragraphs | Comments

Follow this link:
Texas cops joke on Facebook about Ebola-tainted meth and net one arrest

After Verizon breach, 1.5 million customer records put up for sale

Verizon Enterprise offers security services, but it is dealing with a breach of its own this week. (credit: Verizon ) After a data breach at Verizon Enterprise Solutions, a customer database and information about Verizon security flaws were reportedly put up for sale by criminals this week. According to KrebsOnSecurity , “a prominent member of a closely guarded underground cybercrime forum posted a new thread advertising the sale of a database containing the contact information on some 1.5 million customers of Verizon Enterprise.” The entire database was priced at $100,000, or $10,000 for each set of 100,000 customer records. “Buyers also were offered the option to purchase information about security vulnerabilities in Verizon’s Web site,” security journalist Brian Krebs reported. Verizon Enterprise is itself a seller of security products and services , often helping Fortune 500 businesses clean up after data breaches. Verizon Enterprise also sells Internet service to large businesses, along with a variety of other networking products. Read 4 remaining paragraphs | Comments

See the article here:
After Verizon breach, 1.5 million customer records put up for sale

Report: “YouTube Connect” will be a livestreaming Periscope competitor

VentureBeat has the scoop on another YouTube service: YouTube Connect. Connect would be a livestreaming service which would take on “spur-of-the-moment” live video services like Facebook Live and Twitter’s Periscope. The report says the service would include apps on Android and iOS with “much of the same functionality” as Periscope and Facebook Live. Streaming would be immediate and paired with chat and “tagging” features. There is supposedly even a “news feed” that would list videos from friends and your YouTube subscriptions. Live broadcasts would be saved for later on-demand viewing and would show up on the content creator’s YouTube channel. The new service would be yet another expansion of the YouTube brand and app lineup. Including Connect, YouTube’s video empire would be spread across a whopping seven apps: the regular YouTube app, YouTube Gaming, YouTube Music, YouTube Kids, YouTube Creator Studio, and YouTube Capture. There is also the umbrella subscription service YouTube Red. Read 3 remaining paragraphs | Comments

Follow this link:
Report: “YouTube Connect” will be a livestreaming Periscope competitor