SI
SI
discoversearch

   Technology StocksOff Topic (Every Day Technology)


Previous 10 Next 10 
From: TimF5/16/2017 1:27:00 PM
1 Recommendation   of 1432
 
How I accidentally stopped a global Wanna Decryptor ransomware attack
A British security researcher found and pulled WannaCrypt's kill switch.
MalwareTech (UK) - May 15, 2017
arstechnica.com

Share RecommendKeepReplyMark as Last ReadRead Replies (1)


To: TimF who wrote (1401)5/16/2017 11:05:47 PM
From: Stock Puppy
   of 1432
 
It is a finger in the dyke.

All that needs to be done to make the malware virulent is to change the URL embedded in the program. If it is embedded as text, then it is embarrassingly easy to alter.

Of course, now it will be harder to spread as more systems are now patched.

Share RecommendKeepReplyMark as Last ReadRead Replies (1)


To: Stock Puppy who wrote (1402)5/18/2017 1:50:28 PM
From: TimF
2 Recommendations   of 1432
 
WannaCry Has a More Lucrative Cousin That Mines Cryptocurrency for Its Masters
The same exploits that enabled WannaCry to spread globally have been in use in another malware attack since April, making far more money in the process.

by Jamie Condliffe and Michael Reilly
May 17, 2017

The same exploits that allowed the WannaCry ransomware attack to spread so quickly have been used to set up an illicit cryptocurrency mining scheme. And it sure was worth it to the hackers.

Late last week, the world was hit by ransomware that locked up computers in hospitals, universities, and private firms, demanding Bitcoin in exchange for files being decrypted. It was able to spread so fast thanks to a Windows flaw weaponized by the U.S. National Security Agency known as EternalBlue, and a back door called DoublePulsar. Sadly, the tools were inadvertently lost and leaked because the NSA considered it wise to stockpile them for future use.

WannaCry was halted by swift work on behalf of dedicated security researchers. But during investigations into the attack, security firm Proofpoint has found that another piece of malware, called Adylkuzz, makes use of the same exploits to spread itself around the word’s insecure Windows devices.

This particular hack has gone unnoticed since April. That’s because unlike WannaCry, which demands attention to get money directly from a user, Adylkuzz simply installs a piece of software and then borrows a PC’s resources. It then sets about mining the little-known cryptocurrency called Monero using your computer. It does so in the background, with users potentially unaware of its presence—though perhaps a little frustrated because their computers are slower than usual.

It makes sense that EternalBlue and DoublePulsar are being used in this way, said Nolen Scaife, a security researcher at the University of Florida. The combination of exploits allows attackers to load just about any type of malware they want onto compromised machines. “It's important to stress that it could be anything—it could be keyloggers, for example,” he told MIT Technology Review. “But what we're seeing is that attackers are using this wherever this makes the most money.”

Interestingly, though, it’s the attack that has until now gone unnoticed that has secured the most loot. WannaCry’s attempt to extort cash in return for unlocking encrypted files has only drummed up $80,000 at the time of writing—probably because Bitcoin, the currency WannaCry’s perpetrators are demanding, is hard to use. Meanwhile one estimate suggests that the Adylkuzz attack could have already raised as much as $1 million.

In some sense, Adylkuzz is less problematic than WannaCry. It’s certainly less overtly destructive. But it does raise a more pressing cause for concern: if it’s been running since April, how many other leaked NSA tools have been used to carry out attacks that have so far gone unnoticed? Stay tuned—there may be more to come.

technologyreview.com

Share RecommendKeepReplyMark as Last Read


From: TimF6/24/2017 1:09:41 PM
3 Recommendations   of 1432
 
PC rebooted every time user flushed the toilet
Wiping out the problem needed a brush and a pump, but didn't make a stink
By Simon Sharwood, APAC Editor
23 Jun 2017 SHARE ?

On-Call Welcome yet again to On-Call, The Register's weekly column in which we take readers' tales of odd jobs in odd places, tart them up and present them to you as a bit of light relief on a Friday.

This week, meet “Gary”, who once had a trouble ticket land on his desk stating that “the PC would reset every time the customer flushed their toilet.”

Gary's first thought was that this was “probably static from the customer walking across their carpeted floor, touching the keyboard before sitting down, static discharge doing the rest.”

But then he read more closely and realised the PC was on a farm. Once he visited that farm he found that “the floors were all hard-wood, so that shot that idea to hell.”

The user then suggested Gary observe the PC as they walked to the bathroom. Gary heard the unmistakable gurgling that resulted and watched as the PC did indeed reset itself about two seconds later.

Which was so odd that Gary asked the user to flush again. This time he thought the spotted the “a slight dimming of the lights lasting all of about half a second.” Cue a series of questions about fuses, circuit breakers, power load on the circuit. To which the users answered that they'd had a brand new circuit wired for the computer, but hadn't purchased a UPS for it as they felt it shouldn't have been necessary.

“After some thinking, I asked about where their water came from,” Gary tells us, “and that's when they looked at me kind of funny and replied 'from a well across the drive by the barn'.”

At which point Gary asked when the pump had been replaced, a question the customer could not answer with any more precision that somewhere between one and two decades in the past.

Gary now developed a hypothesis he described as follows: “When the toilet was flushed, the pump had to kick in to fill the tank and that when the motor kicked in, it had such a current draw because the brushes were probably worn out.” That current draw was what dimmed the lights and therefore disrupted power supply just enough to also trip the computer.

The customer was willing to entertain that theory, found a friend willing to replace the pump and found doing so fixed the problem. And just to flush the problem completely, they bought a wee UPS too.

What's the cleverest correct diagnosis you've ever come up with? Write to share your story and you could be next week's anonymised On-Call hero

theregister.co.uk

Share RecommendKeepReplyMark as Last Read


From: TimF8/19/2017 2:53:10 AM
2 Recommendations   of 1432
 
Towards Better, More Reliable Home Wifi -- Ditch the Products Meant for the Home
August 17, 2017
coyoteblog.com

Share RecommendKeepReplyMark as Last Read


From: TimF8/19/2017 12:52:39 PM
2 Recommendations   of 1432
 
How Google fought back against a crippling IoT-powered botnet and won
Behind the scenes defending KrebsOnSecurity against record-setting DDoS attacks.
Dan Goodin - 2/2/2017, 2:12 PM
arstechnica.com

Share RecommendKeepReplyMark as Last Read


From: TimF8/21/2017 11:22:01 PM
   of 1432
 
Sites that block adblockers seem to be suffering
Martin Anderson
Thu 21 Apr 2016
For news publishers the world is constantly ending – not only in over-caffeinated headlines but behind the scenes too. It’s always been so, from Gutenberg to Wapping riots to the internet and the painful conversion from print to digital.

The latest Imminent Apocalypse is the dramatic rise in the use of adblockers – particularly new innovations in adblocking in the coveted mobile space, even at the network level.

Some news publishers have formed a small vanguard with what many business-folks might consider the ‘obvious’ response: to ban or attempt to ban users who consume their content without seeing their ads. In October of last year German publisher Axel Springer banned adblocking users from the popular Bild news website; in December Forbes put in mechanisms to impede content access to adblocking users; in February of this year Wired instituted adblock ban techniques; and in October of 2015 the City AM financial news website likewise ‘scrambled’ content for adblockers.

In all cases the warnings presented to the user instructed them to whitelist the site in their adblocker – or go away. In all cases there are various tricks, including the use of ‘reading’ mode and private browsing, which allow users to get round the blocks; but I thought it might be interesting to see how the sites in question are faring in the wake of their adblock ‘blockades’, according to internet monitoring service Alexa.

Assessing a site’s performance in relation to its efforts to block adblockers, it’s important to consider that these much-criticised measures are often likely prompted by traffic figures that may have been declining in any case, and that all we can conclude with any certainty from the (approximated) information is that the anti-adblock measures failed to reverse the trend. Furthermore one can doubtless see similar declines in sites which have either taken no action against adblocking or which have only experimented with such measures – such as GQ and the Washington Post.

In any case, this is Alexa’s view of those publishers who have not yet abandoned their anti-adblocking measures.

Wired

Wired’s anti-blocking techniques kicked in the first half of February this year, but in this case it seems to be reactive to a longer-term fall in traffic. The slow decline towards Christmas after expo season in September and October would normally be expected, with a rally from mid-January. Instead there is no evidence that Wired’s blocking policy made any difference to what appears to be a headlong traffic slump up to the present time.

Wired’s global rank fell by 174 points to 853rd (hardly shabby) in the period covered, with its bounce rate rising (that’s bad) 3% to 69.60%, daily pageviews down 4.85% to 1.57 and daily time on site down 1% to 2.53 (effectively no change).

Axel Springer / Bild

In the case of Axel Springer’s flagship news vessel, the blockade appears either to have had a disastrous direct effect on a traffic-stream that was fairly healthy, or to have coincided with massively declining website visits for other reasons. The descent begins at the moment the anti-adblock measures are put in place and describes a 45-degree plunge until relative stabilisation in the last two weeks.

Bild maintains its position as the 14th most popular site in Germany, though its global rank fell by 48 to 413 in the year covered. Bild’s bounce rate rose 2% to 38.9%, with daily pageviews little-changed at 3.54, but daily time spent on site per visitor down 6% to 7:07 – the latter figure being an impressive sustain, despite the fall.

Unlike Forbes (below) the adblocking initiative at Bild does not seem to be an exercise in anything but greed; figures were rising steadily from a healthy baseline in the time leading up to the move – declining thereafter.

Also see: A hidden traffic crisis among the internet’s biggest names

Forbes

Forbes started out at the same strong baseline a year ago as most of the other graphs, with the blockade apparently initiated to mitigate the effects of a persistent decline since early autumn – usually a turbulent and fruitful time for news. As with Bild, related or not, a drastic and enduring decline (aside from a brief rally in January) seems to be associated with the institution of the blockade in December, with Forbes’ traffic baseline now dramatically lowered.

Forbes’ bounce rate is up 27% to 27.9 (though this is still an extremely good score), with daily pageviews down nearly 9% to 3.16 and daily time on site per visitor reduced 9% to just under three minutes.

City AM

City AM was not starting from the same brash baseline as the other players here, and is the only site of the four whose traffic did not drop at or shortly after the time of the putting in place of anti-adblock measures. However the gentle rise in figures was arrested at the same time the blockade was initiated, and led to a four-month decline from the beginning of 2016, with the site’s baseline struggling to restore position.

City AM’s bounce rate rose 2% to 72.9%, but the domain retained its average daily pageviews of 1.46 and rose its dwell time to two minutes, a rise of 5%.

Those that retreated from blocking adblock In early September of 2015 The Washington Post ran a ‘test’ of anti-adblock measures, of which there appears to be no trace for the adblock-enabled user in this period (though it can sometimes take a number of specific actions in order to trigger a blockade, depending on the level of initial indulgence for adblockers). The Post retains its paywalled structure, which allows 10 free articles per month, apparently meted out via a combination of HTML5 storage, IP-logging, cookies and other factors, before content is restricted.

The Post’s blockade experiment does not seem to register on what appears to be a generally upward trend over the last six months, with the usual caveat of ‘peace at the holidays’ (‘no news’ being bad news):



If anything the Washington Post’s baseline seems to have risen despite its ultimate unwillingness to repel those who are adblocking. The site’s global rank is up 27 to 187, and it retains its place as the 49th most popular site in the U.S., with page views and dwell time both slightly up. Its high bounce rate of 70% likely reflects the sheer number of ‘lightning strikes’ from outward referrers that the site attracts.

In looking round for websites that have instituted blockades, I found many which seem to have repented of their hatred of adblockers – for instance, of all the news sites that The Guardian rounded up for this article about French publications blocking adblock a mere month ago, I can currently find no evidence of any adblock-block at any of the sites mentioned (though L’Equipe retains its paywall block at certain points).

All this is relatively circumstantial fare by way of arguing that deterring adblocking users deters traffic in general, but there are some unusual coincidences in the graphs.

If one was willing to read the trends with a more paranoid eye, it might seem that instituting these deterrents is financially suicidal, since the remnant audience, though fully monetised and ad-enabled, is so much smaller than the one prior to it.

thestack.com

Share RecommendKeepReplyMark as Last ReadRead Replies (2)


From: TimF8/22/2017 10:31:32 AM
   of 1432
 
The Ether Thief
by Matthew Leising
bloomberg.com

Share RecommendKeepReplyMark as Last Read


From: TimF8/22/2017 10:37:53 AM
1 Recommendation   of 1432
 
Penetrating a Casino's Network through an Internet-Connected Fish Tank
Attackers used a vulnerability in an Internet-connected fish tank to successfully penetrate a casino's network.

BoingBoing post.
schneier.com

-------

Mastermind of massive lottery fraud faces up to 25 years in prison
  • Eddie Tipton, a computer programmer at the Multi-State Lottery Association, secretly installed software that allowed him to pick winning numbers and was collecting money from jackpots in multiple states.
  • No one seemed to suspect anything: Tipton was such a trusted employee that he was promoted in 2013 to head information security, placing him in charge of protecting the lottery computer systems he had been cheating.
  • He now faces up to 25 years in prison — a hefty sentence — as prosecutors seek to make an example of his case to deter others.
https://www.cnbc.com/2017/08/20/mastermind-of-massive-lottery-fraud-faces-up-to-25-years-in-prison.html

schneier.com

Share RecommendKeepReplyMark as Last Read


To: TimF who wrote (1407)8/22/2017 4:51:04 PM
From: J.F. Sebastian
2 Recommendations   of 1432
 
While I'm glad to see that major websites blocking adblockers were seeing a negative affect from doing so, that article was published more than a year ago. I'd be interested to see if the trend has continued.

I wouldn't mind ads on webpages if many of them weren't so intrusive. Ones that flash or block content are awful. The situation on mobile devices is even worse, many sites are essentially unusable due to blocking ads and slow loading, so I go back to my computer and view the sites with an adblocker if I really want to see them.

Share RecommendKeepReplyMark as Last Read
Previous 10 Next 10 

Copyright © 1995-2017 Knight Sac Media. All rights reserved.Stock quotes are delayed at least 15 minutes - See Terms of Use.