Have you wondered if your internet-connected devices are infected with Mirai malware and were part of the DDoS attacks?In response to the recent IoT DDoS attacks, researchers at Zscaler analyzed IoT traffic patterns not only on the days of the DDoS attacks on Dyn and Krebs on Security, but going back to July.While Zscaler does not believe any of the devices connected to Zscaler Cloud had been compromised and used in the IoT botnet attacks, ThreatLabz researchers analyzed the security of five security cameras, three smart TV entertainment devices, three smart network printers and scanners, two DVRs and NVRs, two IP phones and a partridge in a pear tree. The last one of course was just to see if you were paying attention: no partridges were harmed in the course of this research.To read this article in full or to leave a comment, please click here
After Eugene Kaspersky, the founder of Kaspersky Lab, ripped into Microsoft for anti-competitive behavior in Windows 10, the Russian Federal Antimonopoly Service (FAS) opened a case against Microsoft for “abusing dominance.”Microsoft claimed to have a “long history of cooperation” with Kaspersky and that it is “committed to work in full compliance with Russian law.”Yet, Russia has already decided to block Microsoft-owned LinkedIn since the law requires Russian citizens’ personal data to be stored on servers within its country. In the past, Microsoft made LinkedIn censorship changes to cater to China, as opposed to being blocked like Google and Facebook. It remains to be seen if Microsoft will localize Russian users’ data as the country’s law demands. The New York Times added that it was unclear why LinkedIn was targeted, “rather than any other major social networking site,” but that is a “sign of growing tensions for American tech companies operating” in Russia.To read this article in full or to leave a comment, please click here
After Eugene Kaspersky, the founder of Kaspersky Lab, ripped into Microsoft for anti-competitive behavior in Windows 10, the Russian Federal Antimonopoly Service (FAS) opened a case against Microsoft for “abusing dominance.”Microsoft claimed to have a “long history of cooperation” with Kaspersky and that it is “committed to work in full compliance with Russian law.”Yet, Russia has already decided to block Microsoft-owned LinkedIn since the law requires Russian citizens’ personal data to be stored on servers within its country. In the past, Microsoft made LinkedIn censorship changes to cater to China, as opposed to being blocked like Google and Facebook. It remains to be seen if Microsoft will localize Russian users’ data as the country’s law demands. The New York Times added that it was unclear why LinkedIn was targeted, “rather than any other major social networking site,” but that is a “sign of growing tensions for American tech companies operating” in Russia.To read this article in full or to leave a comment, please click here
After Eugene Kaspersky, the founder of Kaspersky Lab, ripped into Microsoft for anticompetitive behavior in Windows 10, the Russian Federal Antimonopoly Service (FAS) opened a case against Microsoft for “abusing dominance.”Microsoft claimed to have a “long history of cooperation” with Kaspersky and that it is “committed to work in full compliance with Russian law.”Yet, Russia has already decided to block Microsoft-owned LinkedIn, since the law requires Russian citizens’ personal data to be stored on servers within its country. In the past, Microsoft made LinkedIn censorship changes to cater to China, as opposed to being blocked like Google and Facebook. It remains to be seen if Microsoft will localize Russian users’ data as the country’s law demands. The New York Times added that it was unclear why LinkedIn was targeted, “rather than any other major social networking site,” but that is a “sign of growing tensions for American tech companies operating” in Russia.To read this article in full or to leave a comment, please click here
After Eugene Kaspersky, the founder of Kaspersky Lab, ripped into Microsoft for anticompetitive behavior in Windows 10, the Russian Federal Antimonopoly Service (FAS) opened a case against Microsoft for “abusing dominance.”Microsoft claimed to have a “long history of cooperation” with Kaspersky and that it is “committed to work in full compliance with Russian law.”Yet, Russia has already decided to block Microsoft-owned LinkedIn, since the law requires Russian citizens’ personal data to be stored on servers within its country. In the past, Microsoft made LinkedIn censorship changes to cater to China, as opposed to being blocked like Google and Facebook. It remains to be seen if Microsoft will localize Russian users’ data as the country’s law demands. The New York Times added that it was unclear why LinkedIn was targeted, “rather than any other major social networking site,” but that is a “sign of growing tensions for American tech companies operating” in Russia.To read this article in full or to leave a comment, please click here
An attacker doesn’t need an IoT botnet or massive resources for a denial of service attack to knock large servers offline; researchers warned that all it takes is one laptop for a “BlackNurse” attack to bring vulnerable Cisco, SonicWall, Palo Alto and Zyxel firewalls to their knees.Danish researchers at the Security Operations Center of telecom operator TDC described BlackNurse as a low bandwidth Internet Control Message Protocol (ICMP) attack that “is capable of doing a denial of service to well-known firewalls.”In their report (pdf), the researchers wrote:To read this article in full or to leave a comment, please click here
An attacker doesn’t need an IoT botnet or massive resources for a denial of service attack to knock large servers offline; researchers warned that all it takes is one laptop for a “BlackNurse” attack to bring vulnerable Cisco, SonicWall, Palo Alto and Zyxel firewalls to their knees.Danish researchers at the Security Operations Center of telecom operator TDC described BlackNurse as a low bandwidth Internet Control Message Protocol (ICMP) attack that “is capable of doing a denial of service to well-known firewalls.”In their report (pdf), the researchers wrote:To read this article in full or to leave a comment, please click here
Madison County, Indiana, population of about 130,000, was the victim of a ransomware attack last week. Government workers without working computers were thrown back in the past to pen and paper, confusion abounds, and county commissioners unanimously voted to pay the ransom.Indiana State Police Capt. Dave Bursten told WTHR, “It's like when I came on in the 80s - we're doing everything with pencil and paper.”“We cannot query old information to bring up prior reports or prior court records,” Madison County Sheriff Scott Mellinger told Fox59. “If we want to bring somebody’s record up for something in the future, let’s say for somebody that has been arrested or somebody who is even in jail then we cannot look up information that would help us at a hearing. On the sheriff’s office side, we cannot book people into jail using the computers. We are using pencil and paper like the old days.”To read this article in full or to leave a comment, please click here
Madison County, Indiana, population of about 130,000, was the victim of a ransomware attack last week. Government workers without working computers were thrown back in the past to pen and paper, confusion abounds, and county commissioners unanimously voted to pay the ransom.Indiana State Police Capt. Dave Bursten told WTHR, “It's like when I came on in the 80s - we're doing everything with pencil and paper.”“We cannot query old information to bring up prior reports or prior court records,” Madison County Sheriff Scott Mellinger told Fox59. “If we want to bring somebody’s record up for something in the future, let’s say for somebody that has been arrested or somebody who is even in jail then we cannot look up information that would help us at a hearing. On the sheriff’s office side, we cannot book people into jail using the computers. We are using pencil and paper like the old days.”To read this article in full or to leave a comment, please click here
In addition to releasing 14 security updates on Election Day Patch Tuesday, six of which are rated critical, the Microsoft Security Response Center responded to requests for better access to security update information; Microsoft’s solution was to release a preview of its new Security Update Guide, “a single destination for security vulnerability information.”MSRC added, “Instead of publishing bulletins to describe related vulnerabilities, the new portal lets our customers view and search security vulnerability information in a single online database.”To read this article in full or to leave a comment, please click here
In addition to releasing 14 security updates on Election Day Patch Tuesday, six of which are rated critical, the Microsoft Security Response Center responded to requests for better access to security update information; Microsoft’s solution was to release a preview of its new Security Update Guide, “a single destination for security vulnerability information.”MSRC added, “Instead of publishing bulletins to describe related vulnerabilities, the new portal lets our customers view and search security vulnerability information in a single online database.”To read this article in full or to leave a comment, please click here
Photoshop trolls can manipulate photos, but in the future we may have a new type of troll … trolls which can easily manipulate spoken words just by typing text into an audio editing program.Last week at the Adobe Max Creativity Conference, Adobe developer Zeyu Jin mentioned that people “having been making weird stuff online” with photo editing software, before adding, now “let’s do something to human speech.”Jin gave a sneak peek of software which is like Photoshop for audio, demonstrating Project VoCo, for voice conversion, by altering a voice clip of comedian Keegan-Michael Key. The voice clip was something Key said after being nominated for an award.To read this article in full or to leave a comment, please click here
Photoshop trolls can manipulate photos, but in the future we may have a new type of troll … trolls which can easily manipulate spoken words just by typing text into an audio editing program.Last week at the Adobe Max Creativity Conference, Adobe developer Zeyu Jin mentioned that people “having been making weird stuff online” with photo editing software, before adding, now “let’s do something to human speech.”Jin gave a sneak peek of software which is like Photoshop for audio, demonstrating Project VoCo, for voice conversion, by altering a voice clip of comedian Keegan-Michael Key. The voice clip was something Key said after being nominated for an award.To read this article in full or to leave a comment, please click here
If you were the World Chess Champion and you were about to defend your title in a 12-round match against a Russian grandmaster, should you be worried about being hacked? Apparently so, since current World Chess Champion Magus Carlsen has asked Microsoft to protect him from attacks by Russian hackers.It’s not like Carlsen, who became a grandmaster at age 13, practices by playing against a computer. In fact, grandmaster and author Andrew Soltis told NPR that “Carlsen won't even play his computer. He uses it to train, to recommend moves for future competition. But he won't play it, because he just loses all the time and there's nothing more depressing than losing without even being in the game.”To read this article in full or to leave a comment, please click here
If you were the World Chess Champion and you were about to defend your title in a 12-round match against a Russian grandmaster, should you be worried about being hacked? Apparently so, since current World Chess Champion Magus Carlsen has asked Microsoft to protect him from attacks by Russian hackers.It’s not like Carlsen, who became a grandmaster at age 13, practices by playing against a computer. In fact, grandmaster and author Andrew Soltis told NPR that “Carlsen won't even play his computer. He uses it to train, to recommend moves for future competition. But he won't play it, because he just loses all the time and there's nothing more depressing than losing without even being in the game.”To read this article in full or to leave a comment, please click here
Microsoft issued a warning about the APT group most commonly known as “Fancy Bear,” or APT 28, and how it is exploiting the zero-day disclosed by Google on Halloween.Microsoft agreed that the zero-day is being actively exploited and pointed a finger of blame at a hacking group that is believed to be tied to the Russian government; the same group is believed to be responsible for hacks which resulted in data breaches at the Democratic National Committee and the Clinton campaign.Microsoft does not call the APT group “Fancy Bear” as its codename for the threat group is STRONTIUM. Terry Myerson, executive VP of Microsoft’s Windows and Devices Group, wrote:To read this article in full or to leave a comment, please click here
Microsoft issued a warning about the APT group most commonly known as “Fancy Bear,” or APT 28, and how it is exploiting the zero-day disclosed by Google on Halloween.Microsoft agreed that the zero-day is being actively exploited and pointed a finger of blame at a hacking group that is believed to be tied to the Russian government; the same group is believed to be responsible for hacks that resulted in data breaches at the Democratic National Committee and the Clinton campaign.Microsoft does not call the APT group “Fancy Bear” as its codename for the threat group is STRONTIUM. Terry Myerson, executive vice president of Microsoft’s Windows and Devices Group, wrote:To read this article in full or to leave a comment, please click here
Releasing 60 million genetically modified mosquitoes a week sounds just wrong, but in theory the mutant mosquitoes will mate with normal mosquitos so the offspring will have a genetic flaw that causes them to die quickly. There is no mention of whether or not the millions of mutant mosquitoes to be released weekly will feed on the people of Brazil. If that’s not just wrong, then the three examples below surely are.Saddam Hussein…really Apple?Apple refused to issue a male customer a refund for an iPhone 7 unless he could prove he was not Saddam Hussein – you know, the Iraqi dictator executed by hanging in 2006 – basically a decade ago. Apparently, someone working for Apple was unaware of that fact.To read this article in full or to leave a comment, please click here
Releasing 60 million genetically modified mosquitoes a week sounds just wrong, but in theory the mutant mosquitoes will mate with normal mosquitos so the offspring will have a genetic flaw that causes them to die quickly. There is no mention of whether or not the millions of mutant mosquitoes to be released weekly will feed on the people of Brazil. If that’s not just wrong, then the three examples below surely are.Saddam Hussein…really Apple?Apple refused to issue a male customer a refund for an iPhone 7 unless he could prove he was not Saddam Hussein – you know, the Iraqi dictator executed by hanging in 2006 – basically a decade ago. Apparently, someone working for Apple was unaware of that fact.To read this article in full or to leave a comment, please click here
The Shadow Brokers are back, releasing message 5 - trick or treat. This time, instead of releasing Equation Group exploit tools, the group dumped a list of servers allegedly compromised by the NSA-linked Equation Group.As usual, the Shadow Brokers included a slaughtered-English rambling message which primarily focused on the upcoming elections. One portion reads:
TheShadowBrokers is having suggestion. On November 8th, instead of not voting, maybe be stopping the vote all together? Maybe being grinch who stopped election from coming? Maybe hacking election is being the best idea? #hackelection2016.To read this article in full or to leave a comment, please click here
Ms. Smith