Spy vs. Spy vs. Spy. "Who's on first?"...one's tempted to ask. How did it all get started? This incendiary piece . Summary: "The unnamed contractor removed the material from the NSA and stored it on a home computer that ran a version of Kaspersky AV. The material, according to the unnamed sources, included "details about how the NSA penetrates foreign computer networks, the computer code it uses for such spying, and how it defends networks inside the US." Sometime in 20...
"A version of CCleaner downloaded in August included remote administration tools that tried to connect to several unregistered web pages, presumably to download additional unauthorized programs, security researchers at Cisco’s Talos unit said. Talos researcher Craig Williams said it was a sophisticated attack because it penetrated an established and trusted supplier in a manner similar to June’s “NotPetya” attack on companies that downloaded infected Ukr...
More on the saga of Equifax, or, "How not to do IT". So, more has come out on how the debacle that is Equifax IT came about. First, what went wrong, and then the who. The chronology can be read here . In addition to that, the basic problem is noted: "The software problem was detected in March and a recommended software patch was released shortly afterward. Equifax said the database intrusion began in May and continued until July. Security experts said Equifax had more tha...
Not good news, folks. Equifax was breached...and potentially, the financial data of 143 million folks... "While the massive breach that Yahoo revealed last year involved more accounts, topping 1 billion, that intrusion exposed people's phone numbers and passwords. Equifax said its breach includes “names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers.” The company added that credit card ...
No, Gordon [Gekko]: Greed is not good. Google really should learn this...and be responsible as to just who and what come up as valid search results, especially when they get first place result because of advertising dollars. "Darknetmarkets.org, for all intents and purposes, is a "real" website. Its logo looks to be made of chopped-up cocaine, and the site is filled with legitimate-seeming resources for anybody looking to buy drugs on the darknet . News articles populate its...
The first sentence in Ben Tarnoff's article pretty much says it all... " What if a cold drink cost more on a hot day?". So, Amazon's purchase of Whole Foods has gone through. I promise you, Amazon will be a disruptor there, too. It's called "surge pricing". In other words, instant supply and demand determining pricing of what you eat and drink...even better, you have to believe them and trust they all aren't colluding. Because they're just so honest. and it...
Well, this important because there are a couple of graphics extensions and we all love graphics, right? According to recent Proofpoint research, eight extensions for the Google Chrome web browser have been compromised by attackers, sending malicious ads to the affected users. In a report , Proofpoint explained that the authors of these extensions had their credentials stolen, allowing the attacker to take over... The attacks occurred primarily in July and August 2017, with...
Short post...nothing but good stuff! Free stuff! 25,000 recordings digitized at present, and the library is growing. All quite legal. Here: http://www.newsworks.org/index.php/local/arts-culture/106319-philly-company-digitizes-collection-of-25000-old-records-and-growing-free-to-download?l=df Hope you find stuff you like, and that you enjoy this lovely Sunday.
I don't know if you've seen this, but since there are LastPass users here, thought I'd update you. "In November, LastPass made a big change to its service , allowing users to keep track of their passwords across all their internet-enabled mobile and desktop devices, free of charge. In addition to the free tier, the cross-platform password manager - available on iOS, Android, and Windows 10 - also offered a Premium plan with additional features, priced at $12 per ...
When MS decided not to update W10 on computers having "Clover Trail" processors, I don't think they realized they were screwing (potentially) close to 10 million computer owners by rendering their computers insecure. By anyone's thinking, that's a lot of angry people, especially when we're speaking of computers which are at most 4 years old...and hybrid 2 in 1 devices using the Atom chip starting roughly in 2012. These folks had W 8/8.1 and were assured continued ser...
An interesting concept... Microsoft is planning broadcast internet to rural areas using unused TV frequencies. "The system is known as white-spaces technology and uses wireless frequencies that are in the band reserved for over-the-air TV broadcasts but aren't currently being used. While Microsoft plans to use some of these frequencies, it wants the government to reserve at least three frequencies in each local area for use with the technology." infopackets after NYT
...
This post has zero to do with politics. I want none on it. While it is relevant to recent events, there's a lot more to it, namely how the Internet has to change for everyone's security (and why it probably won't). The simple fact it that it is extremely difficult to catch cyber criminals and not much effort is made to actually do so. Why? Because it is almost impossible to accurately attribute attacks. This is because of the way the net was designed by DARPA way back wh...
History: "Shadow Brokers" hacked the NSA in April 2016, and leaked the American cyber weapon ETERNALBLUE for the Microsoft Windows system. WannaCry's developers used ETERNALBLUE as the basis of their ransomware (not confirmed by experts), which gains access to a Windows computer, through a Windows vulnerability which was patched by MS on 3/14/17. "Organizations that lacked this security patch were affected for this reason, and there is so far n...
IBM has shipped usb flash drives infected with malware code. The Initialization Tool on the USB flash drive with the partnumber 01AC585 that shipped with the following System models may have an infected file: IBM Storwize V3500 - 2071 models 02A and 10A IBM Storwize V3700 - 2072 models 12C, 24C and 2DC IBM Storwize V5000 - 2077 models 12C and 24C IBM Storwize V5000 - 2078 models 12C and 24C IBM Storwize Systems with serial numbers starting with the cha...
Google was the victim of a phishing hack. It was a good one, and a nice guy by the name of Zach Latta actually posted the process on his twitter account as a video: https://twitter.com/zachlatta/status/859843151757955072/photo/1 "A click on the button loaded the Google Accounts website. Users who use multiple accounts on Google are asked to select one to grant permissions. A click on the name of the developer, Google Docs, reveals right on that page that something i...