COMPUTERS/INTERNET/SECURITY | WHAT REALLY HAPPENED


COMPUTERS/INTERNET/SECURITY

Oct 27 09:54

Mobile App Flaw Allows Hackers To Control Smart Home Devices and Spy on Owners

By Nicholas West

As people begin acquiring greater numbers of smart tech gadgets to manage their lives and homes, each one of these items is being revealed as an open invitation to be spied upon. The latest comes from LG's wide range of smart home products...

Oct 27 09:36

Twitter ‘Forgets’ to Tell US Congress They Sought RT Ad Dollars During Election

Lawmakers with the Senate Intelligence Committee have said that Twitter never informed them that they pitched Twitter to RT as an ad platform, particularly for promotions regarding 2016 presidential election. This news comes just hours after Twitter announced that they will no longer be running ads from RT or Sputnik.

Oct 27 09:01

Documents Show Twitter Encouraged RT To Spend $1.5M On U.S. Election Ads

Twitter CEO Jack Dorsey announced on Thursday that he was banning RT and Sputnik from advertising on his platform due to Russia's alleged interference in the 2016 presidential election.

RT responded by releasing internal documents showing Twitter encouraged them to spend $1.5 million dollars advertising their coverage of the 2016 election with the promise of an extra $120,000 in free media -- a factoid Jack Dorsey conveniently left out of his announcement.

Oct 27 08:12

US voting server in election security probe is mysteriously wiped

A computer at the center of a lawsuit digging into woeful cyber-security practices during the US presidential election has been wiped.

The server in question is based in Georgia – a state that narrowly backed Donald Trump, giving him 16 electoral votes – and stored the results from the state's voting systems. The deletion of its data makes analysis of whether the computer was compromised impossible to ascertain.

There is good reason to believe that the computer may have been tampered with: it is 15 years old, and could have be harboring all sorts of exploitable software and hardware vulnerabilities. No hard copies of the votes are kept, making the electronic copy the only official record.

Oct 27 07:47

True toll of cyber attack on the NHS: 20,000 appointments were cancelled as hackers hit 30 more trusts than first though in strike 'that was avoidable'

Hospitals were found to have been running out-of-date computer systems, such as Windows XP and Windows 7 – that had not been updated to secure them against such attacks. Computers at almost 600 GP surgeries were also victims.

Sir Amyas said: 'It was a relatively unsophisticated attack and could have been prevented by the NHS following basic IT security best practice.

'There are more sophisticated cyber threats out there than WannaCry so the Department of Health and the NHS need to get their act together to ensure the NHS is better protected against future attacks.'

Experts last night criticised the way the Government seemingly failed to prepare.

Oct 26 17:25

Big Brother in Little China - #NewWorldNextWeek - corbettreport


Published on Oct 26, 2017Welcome to New World Next Week – the video series from Corbett Report and Media Monarchy that covers some of the most important developments in open source intelligence news.

Oct 26 14:47

U.S. Government Targets “Homegrown Violent Extremists” In Broad Surveillance

By Aaron Kesel

The U.S. government has increased its physical and digital surveillance to now include a broad definition of “homegrown violent extremists” in the Department of Defense’s manual which isn’t clearly defined, Reuters reported.

The change actually happened last year, announced under the Obama administration but carries on to the Trump administration. This will allow some forms of monitoring of U.S. persons without a court-issued warrant, a blatant violation of the Fourth Amendment...

Oct 26 14:28

Trump’s New Presidential Memo Will Normalize Drones in American Life

By Derrick Broze

President Trump’s recent decisions on drone aircraft foreshadows the increase of the technology in civilian life and military strategy.

On Wednesday President Trump signed a Presidential Memorandum creating a new trial program for the commercial use of unmanned aerial aircraft, or drones. The memo, titled “Unmanned Aircraft Systems Integration Pilot Program,” allows certain communities to be exempt from current safety rules as they test drone operations...

Oct 26 11:19

Las Vegas Shooter’s Laptop Hard Drive Missing, Brother Charged With Child Porn

Investigators recovered a laptop computer from Las Vegas shooter Stephen Paddock’s hotel room, but its hard drive is missing. In a separate case, Paddock’s brother has been charged with possession of child pornography.

Oct 26 11:12

Kaspersky Software Caught Classified NSA Malware

Russian anti-virus company Kaspersky Lab has been increasingly vilified in the US for acquiring classified US government programs. This hs led to a full ban on Kaspersky software on federal PCs, and several retails dropping the wildly popular program.

Kaspersky Lab’s own internal investigation into the matter revealed that was indeed the case, in as much as its antivirus software “accidentally” swept up NSA malware and its adjoining source code during a 2014 malware scan, even though that malware was itself classified.

This means, however, that the antivirus software was doing exactly what it was supposed to do, sweeping up computer malware, and collecting data for analysis to improve their ability to fight off such attacks in the future.

Webmaster's Commentary: 

The bigger question is, what the heck was the NSA malware and its source code doing, out in the world, please?!?!? And which country's software was it intended to infect, Russia's?!?

Oct 26 10:45

GOOGLE, FACEBOOK & COMCAST JOINTLY LIED TO CALIFORNIA LAWMAKERS TO SCUTTLE BROADBAND PRIVACY BILL

Earlier this year the GOP and Trump administration rushed to kill consumer broadband privacy rules. While the broadband industry cried like a colicky toddler when the rules were originally proposed, they were relatively modest -- simply requiring that ISPs clearly disclose what they're selling, who they're selling it to, and provide working opt out tools. The rules were proposed after ISPs repeatedly showed they were incapable of self-regulating on this front (see Verizon's zombie cookies, AT&T's attempts to charge you more for privacy, and CableOne's declaration it wanted to use credit scores to provide even worse customer support).

Webmaster's Commentary: 

This kind of behaviour is perfectly predictable from Facebook and Google!!

Oct 26 10:16

Federal OSHA And Microwave Industry Employees Safety Regulations

By Catherine J. Frompovich

It must be noted OSHA needs to update its website to include AMI Smart Meters that operate using microwaves and radio (RF) transmitters, called ZigBee radio modules (wireless electronics), which operate/function using radiofrequencies. Therefore, there are double radiation whammies emitted by AMI Smart Meters! ...

Oct 26 09:34

'We Have to Prepare for More Significant Cyberattacks' – Expert on BadRabbit

A new ransomware has recently attacked a number of Russian media websites, as well as some Ukrainian infrastructure facilities. Radio Sputnik contacted Cong-Fook Fong, CEO of LGMS, a professional information security service firm from South Asia, to discuss the wave of BadRabbit malware.

Oct 26 09:20

EPIC Asks Senate to Probe Customs and Border Protection Nominee on Facial Recognition, Drones

By Activist Post

As we’ve been covering with increasing frequency as of late, DHS with Customs and Border Protection (CBP) has made it known that their mandate to bring in facial recognition as part of a biometric identification system for travelers is to begin full roll-out...

Oct 26 09:19

Dell web address grabbed by third party

A web address used by recovery software on Dell PCs was taken over by a third-party after a contractor apparently failed to renew it.

Dell's software checks in with the domain periodically, so whoever snapped it up could use it to distribute malware.

Security expert and author Brian Krebs - who first reported the issue - believed there was a possibility that this had happened.

Dell says no malware was transferred.

Oct 26 09:18

Massive voter registration database found to have major security flaws

For several years, a nationwide voter-fraud prevention coalition has been using poor security methods in sending and storing millions of voter registration records, according to an advocacy group’s examination of official emails pertaining to the program.

Officials running the Interstate Voter Registration Crosscheck Program have been using email to send state election officials usernames, passwords and decryption codes for databases containing records of all voters in about 30 states, reports Indivisible Chicago, a nonprofit progressive advocacy group.

Oct 26 09:15

'Downright Orwellian': journalists decry Facebook experiment's impact on democracy

Facebook has been criticised for the worrying impact on democracy of its “downright Orwellian” decision to run an experiment seeing professional media removed from the main news feed in six countries.

The experiment, which began 19 October and is still ongoing, involves limiting the core element of Facebook’s social network to only personal posts and paid adverts.

So-called public posts, such as those from media organisation Facebook pages, are being moved to a separate “explore” feed timeline. As a result, media organisations in the six countries containing 1% of the world’s population – Sri Lanka, Guatemala, Bolivia, Cambodia, Serbia and Slovakia – have had one of their most important publishing platforms removed overnight.

Oct 26 09:10

Smart? Don't ThinQ so! Hacked robo-vacuum could spy on your home

LG SmartThinQ smart home devices were totally hackable prior to a recent security update, according to new research.

The so-called HomeHack vulnerabilities in LG's SmartThinkQ mobile app and cloud application created a means for hackers to remotely log into the SmartThinQ cloud application and take over the user's LG account, Check Point security boffins said.

Once in control of an account, any LG device or appliance associated with that account could be controlled by the attacker – including a robot vacuum cleaner, refrigerators, ovens, dishwashers, washing machines and dryers, and air conditioners. Devices could be switched on and off, settings changed and more.

...

Users of the LG SmartThinQ mobile app and appliances should ensure they have updated to the latest software versions from the LG website.

Oct 25 15:56

Switch and bait: Apple wants us to wait in line for iPhone X so it can sell iPhone 8s

But with iPhone X, people who don’t line up hours before the store opens likely won’t be able to buy one. It’s a marketing trick. By telling customers iPhone X will be available in store, Apple basically wants to show the world that people still love the iPhone. Recent reports suggest that iPhone 8 sales aren’t exactly robust, and huge lines outside Apple Stores around the world will be nothing less than a visual refutation of the Apple-is-doomed meme.

But the real benefit of iPhone X lines will be the iPhone 8 and iPhone 8 Plus. Once customers realize that they can’t but an iPhone X (and likely won’t be able to for many weeks), an Apple specialist can swoop in to explain why iPhone 8 Plus is just as good. “It has the same processor and storage,” they’ll say. “It has wireless charging, and comes in a cool gold color. Oh, did I mention it’s $200 cheaper?” With that sales pitch, I’m willing to bet that more than a few people will opt for the downgrade.

Oct 25 15:47

Researchers Hack Tinder, Ok Cupid, Other Dating Apps to Reveal Your Location and Messages

Security researchers have uncovered numerous exploits in popular dating apps like Tinder, Bumble, and OK Cupid. Using exploits ranging from simple to complex, researchers at the Moscow-based Kaspersky Lab say they could access users’ location data, their real names and login info, their message history, and even see which profiles they’ve viewed. As the researchers note, this makes users vulnerable to blackmail and stalking.

Oct 25 15:44

Amazon to sell smart locks so it can slip packages into your home

The world’s largest online retailer on Wednesday announced Amazon Key, a lock and camera system that users control remotely to let delivery associates slip goods into their houses. Customers can create temporary passcodes for friends and other services professionals to enter as well.

Oct 25 15:41

NSA bloke used backdoored MS Office key-gen, exposed secret exploits – Kaspersky

The NSA staffer who took home top-secret US government spyware installed a backdoored key generator for a pirated copy of Microsoft Office on his PC – exposing the confidential cyber-weapons on the computer to hackers.

That's according to Kaspersky Lab, which today published a report detailing, in its view, how miscreants could have easily stolen powerful and highly confidential software exploits from the NSA employee's bedroom Windows PC.

Oct 25 15:38

FYI: iOS apps can turn on your camera any time without warning

Felix Krause, founder of Fastlane.Tools, said the way Apple's software handles camera access and recording is leaving many fans vulnerable to being spied on by apps on their gadgets without any notification or warning.

Krause explained today that because Apple only requires the user to enable camera access one time and then gives free rein without requiring a camera light or notification, a malicious application could go far beyond its intended level of access.

"iOS users often grant camera access to an app soon after they download it (e.g., to add an avatar or send a photo)," the researcher explained.

"These apps, like a messaging app or any news-feed-based app, can easily track the user's face, take pictures, or live stream the front and back camera, without the user’s consent."

Oct 25 15:27

Using YouTube Takedowns As Extortion

We've made this point over and over again: if you give people the power to force down someone else's content, it will be abused. We see this most clearly in things like DMCA takedown notices, which are rife with abuse -- either through automated takedowns or just by people who want certain things to disappear. But here's a variation we haven't seen quite as much: DMCA abuse as extortion. This story involves musician/composer Keitaro Ujile who variously goes by Ujico* and Snail's House and who has a pretty big following. As an aside, he describes his electronic music as "Happy Music" and, damn, is it ever. I've been listening to it while writing this post, and you can too at Soundcloud, Bandcamp or... YouTube.

Oct 25 12:52

World War E Is Here

Oct 25 11:37

Panic of Panama Papers-style revelations follows Bermuda law firm hack

A major offshore law firm admitted it had been hacked on Tuesday, prompting fears of a Panama Papers-style exposé into the tax affairs of the super rich.

Bermuda-based Appleby only admitted it had suffered the breach – which actually happened last year – after a group of journos from the International Consortium of Investigative Journalists (ICIJ), who had seen the leaked information, began asking awkward questions.

In a statement, Appleby denied allegations of any tax evasions or other wrongdoing by itself or its clients while admitting that it was “not infallible”. The law firm went on to state that it had shored up its security since the hack.

Oct 25 08:45

Bad Rabbit: Ten things you need to know about the latest ransomware outbreak

Organisations across Russian and Ukraine -- as well as a small number in Germany, and Turkey -- have fallen victim to the ransomware. Researchers at Avast say they've also detected the malware in Poland and South Korea.

Russian cybersecurity company Group-IB confirmed at least three media organisations in the country have been hit by file-encrypting malware, while at the same time Russian news agency Interfax said its systems have been affected by a "hacker attack" -- and were seemingly knocked offline by the incident.

Other organisations in the region including Odessa International Airport and the Kiev Metro also made statements about falling victim to a cyber-attack, while CERT-UA, the Computer Emergency Response Team of Ukraine, also posted that the "possible start of a new wave of cyberattacks to Ukraine's information resources" had occurred, as reports of Bad Rabbit infections started to come in.

Oct 24 16:22

Android getting “DNS over TLS” support to stop ISPs from knowing what websites you visit

DNS over TLS is a protocol where DNS queries will be encrypted to the same level as HTTPS and thus a DNS can’t actually log or see the websites you visit. This uses TLS, or Transport Layer Security, to achieve this encryption. This does require the DNS you are using to have DNS over TLS support, though, but it’s a start. Users can switch to Google’s DNS if they wish to benefit from DNS over TLS.

Oct 24 15:37

Olympus Forcing Users to Agree to Third-Party Cookie Ad Tracker

If I didn’t have the screenshots to prove it, you’d think I was making this story up. Olympus, the camera manufacturer, is blocking their own content unless you allow third-party ad tracking from a company called Criteo.

Oct 24 15:25

Watership downtime: BadRabbit encrypts Russian media, Ukraine transport hub PCs

Computers at Russian media outlets and Ukraine's transport hubs were among Windows PCs infected and shut down today by another fast-spreading strain of ransomware.

Corporate systems within Interfax and two other major Russian news publishers have had their files encrypted and held to ransom by malware dubbed BadRabbit. In Ukraine, Odessa airport, the Kiev metro, and the Ministry of Infrastructure were also hit by the extortionware, which demands Bitcoins to restore scrambled documents.

BadRabbit may also have spread to Turkey, Bulgaria and beyond, and is a variant of Diskcoder, according to researchers at ESET. Antivirus maker Avast has detected it in Poland and South Korea.

Oct 24 15:24

Coin Hive hacked via old password to move manic miners' Monero into miscreants' pockets

Monero miner maker Coin Hive was hacked so that websites using its code inadvertently redirected their generated cryptocurrency to miscreants – after the outfit forgot to change an old password.

The team, which develops alt-coin mining JavaScript engines, said on Tuesday hackers had used an old Cloudflare account password to reconfigure coinhive.com's DNS settings. This allowed the thieves to briefly redirect downloads of its crypto-mining code to a malicious version that was hardcoded to funnel mined cyber-cash to one particular user. In other words, websites embedding Coin Hive's JavaScript were actually embedding a dodgy copy that stole any Monero created by their visitors' browsers.

Oct 24 15:22

DUHK Attack Lets Hackers Recover Encryption Key Used in VPNs & Web Sessions

DUHK — Don't Use Hard-coded Keys — is a new 'non-trivial' cryptographic implementation vulnerability that could allow attackers to recover encryption keys that secure VPN connections and web browsing sessions.

DUHK is the third crypto-related vulnerability reported this month after KRACK Wi-Fi attack and ROCA factorization attack.

The vulnerability affects products from dozens of vendors, including Fortinet, Cisco, TechGuard, whose devices rely on ANSI X9.31 RNG — an outdated pseudorandom number generation algorithm — 'in conjunction with a hard-coded seed key.'

Oct 24 15:21

Bad Rabbit: New Ransomware Attack Rapidly Spreading Across Europe

A new widespread ransomware attack is spreading like wildfire around Europe and has already affected over 200 major organisations, primarily in Russia, Ukraine, Turkey and Germany, in the past few hours.

Dubbed "Bad Rabbit," is reportedly a new Petya-like targeted ransomware attack against corporate networks, demanding 0.05 bitcoin (~ $285) as ransom from victims to unlock their systems.

According to an initial analysis provided by the Kaspersky, the ransomware was distributed via drive-by download attacks, using fake Adobe Flash players installer to lure victims' in to install malware unwittingly.

"No exploits were used, so the victim would have to manually execute the malware dropper, which pretends to be an Adobe Flash installer. We’ve detected a number of compromised websites, all of which were news or media websites." Kaspersky Lab said.

Oct 24 13:59

New ransomware hits companies in Russia, Europe

A new wave of cyber attacks hit multiple corporate networks in Russia, Ukraine, Germany and Turkey, Russian cybersecurity company Kaspersky Lab said Tuesday.

"Our observations show that the majority of the attack's victims are located in Russia. We're also registering similar attacks in Ukraine, Turkey and Germany, but on a considerably smaller scale. The malware spreads through a number of compromised websites of Russian media outlets," the company was quoted by Russia Today as saying.

Russia's Interfax news agency, one of the country's largest news outlet, Fontanka.ru news site and another Internet-based Russian media company were reportedly under attack.

An international airport and the metro system in Ukraine's capital city Kiev were also affected.

The new cyber virus, dubbed "BadRabbit," demands a ransom payed in Bitcoin for encrypted files, which is set to go up if it is not paid in time, according to Kaspersky.

Oct 24 08:30

Please activate the anti-ransomware protection in your Windows 10 Fall Creators Update PC. Ta

A below-the-radar security feature in the Windows 10 Fall Creators Update, aka version 1709 released last week, can stop ransomware and other file-scrambling nasties dead.

The controlled folder access mechanism within Windows Defender prevents suspicious applications from changing the contents of selected protected folders.

Though controlled folder access has been known about for months – it surfaced with Insider builds earlier this summer – the feature is only now being thrust into the spotlight with the general public release of the Fall Creators Update for Windows 10.

Oct 24 08:27

Legacy kit, no antivirus, weak crypto. Yep. They're talking critical industrial networks

Traffic analysis on 375 industrial networks worldwide has confirmed the extent to which hackers target industrial control systems (ICS).

The study by CyberX also found that industrial networks are both connected to the internet and rife with vulnerabilities including legacy Windows boxes, plain-text passwords and a lack of antivirus protection.

One-third of industrial sites are connected to the internet – making them accessible by hackers and malware exploiting vulnerabilities and misconfigurations. The findings undermine the comforting notion that industrial networks don't need to be monitored or patched because they're isolated from the internet via "air gaps".

Oct 24 08:07

'Cyber Hurricane': Millions of Devices Infected in Rapidly Replicating Botnet

In a very short time, new rapidly expanding loT botnet malware, more complex and dangerous than the 2016 malicious Mirai bot that caused widespread outages in the US and beyond, has already compromised over a million devices.

Oct 24 06:59

After quietly infecting a million devices, Reaper botnet set to be worse than Mirai

Reaper is on track to become one of the largest botnets recorded in recent years — and yet nobody seems to know what it will do or when. But researchers say the damage could be bigger than last year's cyberattack.

Oct 23 17:00

Censorship Upgrade: Facebook Testing Burying Posts From News Outlets And Businesses In 6 Countries Unless They Pay

By Aaron Kesel

Facebook is currently testing a change that would force news publishers to pay to show their posts from their Facebook Pages in the timeline of Facebook users in an effort disguised to fight “fake news.”

In the test, pages are now shown in a separate Explore tab, while the main timeline only shows posts from friends, ads, and posts that companies have paid to promote, Business Insider reported...

Oct 23 12:20

FACEBOOK TESTS ‘PAY TO PLAY’ NEWS

Watch out, publishers: a nightmare scenario for Facebook may soon be a reality.

Oct 23 09:22

Google's £800 Pixel 2 XL has a serious burn-in issue that ruins screens, testers claim

It was launched to much fanfare earlier this month, but the Google Pixel 2 XL is facing complaints just weeks after it was released for testing.

Screen burn-in issues have been reported by some of the first people to get their hands on the XL model, primarily tech reviewers.

While screen burn is a problem with most types of display, for it to occur in such a short space of time is almost unheard of.

Oct 23 09:12

Man arrested after ‘good morning’ post was mistranslated by Facebook as ‘attack them’

A smiling Palestinian construction worker posted a photo of himself leaning against a bulldozer and holding a cup of coffee and a cigarette. He posted the photo on Facebook along with “good morning” in Arabic.

Israeli police, relying on Facebook’s translation service, believed the post said “attack them.” Haaretz reported, “The automatic translation service offered by Facebook uses its own proprietary algorithms. It translated ‘good morning’ as ‘attack them’ in Hebrew and ‘hurt them’ in English.”

The Palestinian man’s photo showed a bulldozer on the construction site in the Beitar Illit settlement which is located on the West Bank near Jerusalem. Bulldozers have been used in terror attacks against Israelis in the past.

Israeli police did not consult any Arabic-speaking officer, but instead relied completely on Facebook’s translation. As a result, the Palestinian man was arrested.

Oct 23 09:05

The recent catastrophic Wi-Fi vulnerability was in plain sight for 13 years behind a corporate paywall

When this week’s KRACK wi-fi vulnerabity hit, I saw a series of tweets from Emin Gür Sirer, who’s mostly tweeting on bitcoin topics but seemed to know something many didn’t about this particular Wi-Fi vulnerability: it had been in plain sight, but behind paywalls with corporate level fees, for thirteen years. That’s how long it took open source to catch up with the destructiveness of a paywall.

Apparently, WPA2 was based on IEEE standards, which are locked up behind subscription fees that are so steep that open source activists and coders are just locked out from looking at them. This, in turn, meant that this vulnerability was in plain sight for anybody who could afford to look at it for almost a decade and a half.

Oct 23 08:59

Malware hidden in vid app is so nasty, victims should wipe their Macs

It's going to be an unpleasant weekend for some Mac users who are facing a complete system wipe and reinstall – after hackers stashed malware in legitimate applications.

Eltima Software, which makes the popular Elmedia Player and download manager Folx, today confessed the latest versions of those two apps came with an unwelcome extra – the rather horrid OSX.Proton malware.

The software nasty, which was injected into downloads of the applications, was spotted by security shop ESET, which alerted Elmedia. A subsequent investigation revealed miscreants had got into the developer's servers, implanted the malware into the download files, and then let the company infect its users as they fetched the software.

Proton is a remote-control trojan designed specifically for Mac systems.

Oct 23 08:56

'We've nothing to hide': Kaspersky Lab offers to open up source code

Russian cybersecurity software flinger Kaspersky Lab has offered to open up its source code for third-party review.

The firm's Global Transparency Initiative is in response to moves to ban the use of its technology on US government systems by the Department of Homeland Security over concerns of alleged ties with the Russian government.

The initiative comes days after reports that Russian government hackers used Kaspersky antivirus software to siphon off classified material from a PC belonging to a NSA contractor.

SHARE THIS ARTICLE WITH YOUR SOCIAL MEDIA