FBI Seizes Control of Russian Botnet

it - Posted On:2018-05-23 21:29:59 Source: slashdot

The Daily Beast reports that the FBI has seized control of a key server in the Kremlin's global botnet of 500,000 hacked routers. "The move positions the bureau to build a comprehensive list of victims of the attack, and short-circuits Moscow's ability to reinfect its targets," writes Kevin Poulsen. From the report: The FBI counter-operation goes after "VPN Filter," a piece of sophisticated malware linked to the same Russian hacking group, known as Fancy Bear, that breached the Democratic National Committee and the Hillary Clinton campaign during the 2016 election. On Wednesday security researchers at Cisco and Symantec separately provided new details on the malware, which has turned up in 54 countries including the United States. VPN Filter uses known vulnerabilities to infect home office routers made by Linksys, MikroTik, NETGEAR, and TP-Link. Once in place, the malware reports back to a command-and-control infrastructure that can install purpose-built plug-ins, according to the researchers. One plug-in lets the hackers eavesdrop on the victim's Internet traffic to steal website credentials; another targets a protocol used in industrial control networks, such as those in the electric grid. A third lets the attacker cripple any or all of the infected devices at will. Read more of this story at Slashdot.

Read More

Facebook Asks British Users To Submit Their Nudes as Protection Against Revenge Porn

technology - Posted On:2018-05-23 17:30:00 Source: slashdot

Mark Wilson writes: Following on from a trial in Australia, Facebook is rolling out anti-revenge porn measures to the UK. In order that it can protect British users from failing victim to revenge porn, the social network is asking them to send in naked photos of themselves. The basic premise of the idea is: send us nudes, and we'll stop others from seeing them . Read more of this story at Slashdot.

Read More

Uber Shutting Down Self-Driving Operations In Arizona After Fatal Crash

technology - Posted On:2018-05-23 17:00:00 Source: slashdot

An anonymous reader quotes a report from The Arizona Republic: Uber is shutting down its self-driving car tests in Arizona, where one of the cars was involved in a fatal crash with a pedestrian in March, the company said Wednesday. The company notified about 300 Arizona workers in the self-driving program that they were being terminated just before 9 a.m. Wednesday. The shutdown should take several weeks. Test drivers for the autonomous cars have not worked since the accident in Tempe, but Uber said they continued to be paid. The company's self-driving trucks have also been shelved since the accident. Uber plans to restart testing self-driving cars in Pittsburgh once federal investigators conclude their inquiry into the Tempe crash. The company also said it is having discussions with California leaders to restart testing. Read more of this story at Slashdot.

Read More

Personal Records of Nearly 1 Million South Africans Leaked Online

it - Posted On:2018-05-23 16:14:59 Source: slashdot

Tefo Mohapi, reporting for iAfrikan: Barely a year after South Africa's largest data leak was revealed in 2017, the country has suffered yet another data leak as 934,000 personal records of South Africans have been leaked publicly online. The data includes, among others, national identity numbers (ID numbers), e-mail addresses, full names, as well as plain text passwords to what appears to be a traffic fines related online system. Working together with Troy Hunt, an Australian Security consultant and founder of haveibeenpwned, along with an anonymous source that has been communicating with iAfrikan and Hunt, we've managed to establish that the data was backed up or posted publicly by one of the companies responsible for traffic fines online payments in South Africa. "I have a new leak which might be worthwhile, the database leak contains 1 million records of personal information of South African citizens. Including Identity numbers, cell phone numbers, email addresses, and passwords. I am aware of the website this was leaked from," said our source upon initial contact. Read more of this story at Slashdot.

Read More

President Trump Can't Block People On Twitter, Court Rules

technology - Posted On:2018-05-23 14:15:00 Source: slashdot

Reader drunken_boxer777 writes: US District Judge Buchwald issued a 75-page ruling today clearly articulating why Donald Trump cannot block Twitter users, as it violates their First Amendment rights. "Turning to the merits of plaintiffs' First Amendment claim, we hold that the speech in which they seek to engage is protected by the First Amendment and that the President and Scavino exert governmental control over certain aspects of the @realDonaldTrump account, including the interactive space of the tweets sent from the account. That interactive space is susceptible to analysis under the Supreme Court's forum doctrines, and is properly characterized as a designated public forum. The viewpoint-based exclusion of the individual plaintiffs from that designated public forum is proscribed by the First Amendment and cannot be justified by the President's personal First Amendment interests." Further reading: Bloomberg. Read more of this story at Slashdot.

Read More

Backdoor Account Found in D-Link DIR-620 Routers

technology - Posted On:2018-05-23 11:15:00 Source: slashdot

Catalin Cimpanu, writing for BleepingComputer: Security researchers have found a backdoor account in the firmware of D-Link DIR-620 routers that allows hackers to take over any device reachable via the Internet. Discovered by Kaspersky Lab researchers, this backdoor grants an attacker access to the device's web panel, and there's no way in which device owners can disable this secret account. The only way to protect devices from getting hacked is to avoid having the router expose its admin panel on the WAN interface, and hence, reachable from anywhere on the Internet. Read more of this story at Slashdot.

Read More

Cyber Firms Warn on Suspected Russian Plan To Attack Ukraine

it - Posted On:2018-05-23 09:44:57 Source: slashdot

Jim Finkle, reporting for Reuters: Cisco Systems on Wednesday warned that hackers have infected at least 500,000 routers and storage devices in dozens of countries with highly sophisticated malicious software, possibly in preparation for another massive cyber attack on Ukraine. Cisco's Talos cyber intelligence unit said it has high confidence that the Russian government is behind the campaign, dubbed VPNFilter, because the hacking software shares code with malware used in previous cyber attacks that the U.S. government has attributed to Moscow. Cisco said the malware could be used for espionage, to interfere with internet communications or launch destructive attacks on Ukraine, which has previously blamed Russia for massive hacks that took out parts of its energy grid and shuttered factories. Head of Ukraine's cyber police said on Wednesday that the agency is aware of new large malware campaign, and that it is working to protect Ukraine against possible new cyber threat. Read more of this story at Slashdot.

Read More

Microsoft Also Has An AI Bot That Makes Phone Calls To Humans

technology - Posted On:2018-05-23 09:14:56 Source: slashdot

An anonymous reader quotes a report from The Verge: At an AI event in London today, Microsoft CEO Satya Nadella showed off the company's Xiaoice (pronounced "SHAO-ICE") social chat bot. Microsoft has been testing Xiaoice in China, and Nadella revealed the bot has 500 million "friends" and more than 16 channels for Chinese users to interact with it through WeChat and other popular messaging services. Microsoft has turned Xiaoice, which is Chinese for "little Bing," into a friendly bot that has convinced some of its users that the bot is a friend or a human being. "Xiaoice has her own TV show, it writes poetry, and it does many interesting things," reveals Nadella. "It's a bit of a celebrity." While most of Xiaoice's interactions have been in text conversations, Microsoft has started allowing the chat bot to call people on their phones. It's not exactly the same as Google Duplex, which uses the Assistant to make calls on your behalf, but instead it holds a phone conversation with you. "One of the things we started doing earlier this year is having full duplex conversations," explains Nadella. "So now Xiaoice can be conversing with you in WeChat and stop and call you. Then you can just talk to it using voice." (The term "full duplex" here refers to a conversation where both participants can speak at the same time; it's not a reference to Google's product, which was named after the same jargon.) Read more of this story at Slashdot.

Read More

People Are Losing Faith In Self-Driving Cars Following Recent Fatal Crashes

technology - Posted On:2018-05-23 06:14:57 Source: slashdot

oldgraybeard shares a report from Mashable: A new survey (PDF) released Tuesday by the American Automobile Association found that 73 percent of American drivers are scared to ride in an autonomous vehicle. That figure is up 10 percent from the end of last year. The millennial demographic has been the most affected, according to the survey of more than 1,000 drivers. From that age group, 64 percent said they're too afraid to ride in an autonomous vehicle, up from 49 percent -- making it the biggest increase of any age group surveyed. "There are news articles about the trust levels in self-driving cars going down," writes oldgraybeard. "As a technical person, I have always thought the road to driverless cars would be longer than most were talking about. What are your thoughts? As an individual with eye problems, I do like the idea. But technology is not as good as some think." The Mashable article also references a separate study from market research company Morning Consult "showing increased fear about self-driving vehicles following the deadly March crashes in the Bay Area and Arizona." Another survey from car shopping site CarGurus set to be released Wednesday found that car owners aren't quite ready to trade their conventional vehicles for self-driving ones. "Some 84 percent of the 1,873 U.S. car owners surveyed in April said they were unlikely to own a self-driving car in the next five years," reports Mashable. "79 percent of respondents said they were not excited about the new technology." Read more of this story at Slashdot.

Read More

FBI Repeatedly Overstated Encryption Threat Figures To Congress, Public

it - Posted On:2018-05-23 01:14:59 Source: slashdot

mi shares a report from The Washington Post (Warning: source may be paywalled; alternative source): The FBI has repeatedly provided grossly inflated statistics to Congress and the public about the extent of problems posed by encrypted cellphones, claiming investigators were locked out of nearly 7,800 devices connected to crimes last year when the correct number was much smaller, probably between 1,000 and 2,000. Over a period of seven months, FBI Director Christopher A. Wray cited the inflated figure as the most compelling evidence for the need to address what the FBI calls "Going Dark" -- the spread of encrypted software that can block investigators' access to digital data even with a court order. "The FBI's initial assessment is that programming errors resulted in significant over-counting of mobile devices reported,'' the FBI said in a statement Tuesday. The bureau said the problem stemmed from the use of three distinct databases that led to repeated counting of phones. Tests of the methodology conducted in April 2016 failed to detect the flaw, according to people familiar with the work. Read more of this story at Slashdot.

Read More

Giant Predatory Worms Are Invading France

it - Posted On:2018-05-22 23:44:58 Source: slashdot

An anonymous reader quotes a report from Quartz: In a Peer J study published on May 22, "Giant worms chez moi!" zoologist Jean-Lou Justine of the Museum National d'Histoire Naturelle in Paris, entomologist colleagues, and Pierre Gros, outline a discovery that "highlights an unexpected blind spot of scientists and authorities facing an invasion by conspicuous large invasive animals." About 100 citizen scientists ultimately contributed to the assessment of this alien invasion, identifying five giant predatory worm species in France that grow up to 10 inches long. The study relied on contributors' worm sightings, reported "mainly by email, sometimes by telephone." Researchers requested photographs and details about locality. In 2013, the Washington Post reports, "a group of terrorized kindergartners claimed they saw a mass of writhing snakes in their play field." These were giant flatworms! The study concludes that the alien creatures appear to reproduce asexually. They prey on other, smaller earthworms, stunning them with toxins. "The planarian also produces secretions from its headplate and body that adhere it to the prey, despite often sudden violent movements of the latter during this stage of capture," researcher note. In other words, the hammerheads produce a substance that allows them to stick to victims while killing them. The study points out that invasive alien flatworms have been spotted in New Zealand, Papua New Guinea, Brazil, and Australia. But the five species of hammerhead flatworms invading France are giants, growing up to 27 centimeters. Read more of this story at Slashdot.

Read More

FBI Reportedly Overstated Encryption Threat Figures To Congress, Public

it - Posted On:2018-05-22 22:14:59 Source: slashdot

mi shares a report from The Washington Post (Warning: source may be paywalled; alternative source): The FBI has repeatedly provided grossly inflated statistics to Congress and the public about the extent of problems posed by encrypted cellphones, claiming investigators were locked out of nearly 7,800 devices connected to crimes last year when the correct number was much smaller, probably between 1,000 and 2,000. Over a period of seven months, FBI Director Christopher A. Wray cited the inflated figure as the most compelling evidence for the need to address what the FBI calls "Going Dark" -- the spread of encrypted software that can block investigators' access to digital data even with a court order. "The FBI's initial assessment is that programming errors resulted in significant over-counting of mobile devices reported,'' the FBI said in a statement Tuesday. The bureau said the problem stemmed from the use of three distinct databases that led to repeated counting of phones. Tests of the methodology conducted in April 2016 failed to detect the flaw, according to people familiar with the work. Read more of this story at Slashdot.

Read More

European Lawmakers Asked Mark Zuckerberg Why They Shouldn't Break Up Facebook

technology - Posted On:2018-05-22 18:44:59 Source: slashdot

European lawmakers questioned Mark Zuckerberg in Brussels today for almost an hour and a half, asking him to address concerns about the Cambridge Analytica data leak and Facebook's potential monopoly. German MEP Manfred Weber asked whether the Facebook CEO could name a single European alternative to his "empire," which includes apps like WhatsApp and Instagram in addition to Facebook. "I think it's time to discuss breaking up Facebook's monopoly, because it's already too much power in only one hand," said Weber. "So I ask you simple, and that is my final question: can you convince me not to do so?" Belgian MEP Guy Verhofstadt then chimed in and asked whether Facebook would cooperate with European antitrust authorities to determine whether the company was indeed a monopoly, and if it was, whether Facebook would accept splitting off WhatsApp or Messenger to remedy the problem. The Verge reports: The panel's format let Zuckerberg selectively reply to questions at the end of the session, and he didn't address Verhofstadt's points. Instead, he broadly outlined how Facebook views "competition" in various spaces. "We exist in a very competitive space where people use a lot of different tools for communication," said Zuckerberg. "From where I sit, it feels like there are new competitors coming up every day" in the messaging and social networking space. He also said that Facebook didn't hold an advertising monopoly because it only controlled 6 percent of the global advertising market. (It's worth noting: this is still a huge number.) And he argued that Facebook promoted competition by making it easier for small businesses to reach larger audiences -- which is basically unrelated to the question of whether Facebook itself is a monopoly. Read more of this story at Slashdot.

Read More

Senators Demand FCC Answer For Fake Comments After Realizing Their Identities Were Stolen

technology - Posted On:2018-05-22 14:30:00 Source: slashdot

Two US senators -- one Republican, one Democrat who both had their identities stolen and then used to post fake public comments on net neutrality -- are calling on FCC Chairman Ajit Pai to address how as many as two million fake comments were filed under stolen names. From a report: Senators Jeff Merkley, Democrat of Oregon, and Pat Toomey, Republican of Pennsylvania, are among the estimated "two million Americans" whose identities were used to file comments to the FCC without their consent. "The federal rulemaking process is an essential part of our democracy and allows Americans the opportunity to express their opinions on how government agencies decide important regulatory issues," the pair of lawmakers wrote [PDF]. "As such, we are concerned about the aforementioned fraudulent activity. We need to prevent the deliberate misuse of Americans' personal information and ensure that the FCC is working to protect against current and future vulnerabilities in its system. We encourage the FCC to determine who facilitated these fake comments," the letter continues. "While we understand and agree with the need to protect individuals' privacy, we request that the FCC share with the public the total number of fake comments that were filed." Read more of this story at Slashdot.

Read More

The Wayback Machine is Deleting Evidence of Malware Sold To Stalkers

technology - Posted On:2018-05-22 14:15:00 Source: slashdot

The Internet Archive's Wayback Machine is a service that preserves web pages. But the site has been deleting evidence of companies selling malware to illegally spy on spouses, Motherboard reported Tuesday. From the report: The company in question is FlexiSpy, a Thailand-based firm which offers desktop and mobile malware. The spyware can intercept phone calls, remotely turn on a device's microphone and camera, steal emails and social media messages, as well as track a target's GPS location. Previously, pages from FlexiSpy's website saved to the Wayback Machine showed a customer survey, with over 50 percent of respondents saying they were interested in a spy phone product because they believe their partner may be cheating. That particular graphic was mentioned in a recent New York Times piece on the consumer spyware market. In another example, a Wayback Machine archive of FlexiSpy's homepage showed one of the company's catchphrases: "Many spouses cheat. They all use cell phones. Their cell phone will tell you what they won't." Now, those pages are no longer on the Wayback Machine. Instead, when trying to view seemingly any page from FlexiSpy's domain on the archiving service, the page reads "This URL has been excluded from the Wayback Machine." Read more of this story at Slashdot.

Read More

The Whole World is Now a Computer, Says Microsoft CEO Satya Nadella

technology - Posted On:2018-05-22 13:30:00 Source: slashdot

Thanks to cloud computing, the Internet of Things and artificial intelligence, we should start to think of the planet as one giant computer, according to Microsoft chief executive Satya Nadella. From a report: "Digital technology, pervasively, is getting embedded in every place: every thing, every person, every walk of life is being fundamentally shaped by digital technology -- it is happening in our homes, our work, our places of entertainment," said Nadella speaking in London. "It's amazing to think of a world as a computer. I think that's the right metaphor for us as we go forward." [...] AI is core to Microsoft's strategy, Nadella said: "AI is the run time which is going to shape all of what we do going forward in terms of applications as well as the platform." Microsoft is rethinking its core products by using AI to connect them together, he said, giving an example of a meeting using translation, transcription, Microsoft's HoloLens and other devices to improve decision-making. "The idea that you can now use all of the computing power that is around you -- this notion of the world as a computer -- completely changes how you conduct a meeting and fundamentally what presence means for a meeting," he said. Read more of this story at Slashdot.

Read More

Twitter Is Killing Several of Its TV Apps, Too

technology - Posted On:2018-05-22 13:00:01 Source: slashdot

Twitter is shutting down its TV apps on Roku, Android TV and Xbox starting on May 24, the company announced this morning. From a report: The news of the apps' closure comes at a time when Twitter is now trying to steer its users to its first-party mobile apps and its desktop website by killing off apps used by a minority of its user base -- like the Twitter for Mac app it shut down earlier this year. And more recently, it has attempted to kill off popular third-party Mac apps with a series of unfriendly API changes. It's unclear why this has become Twitter's agenda. While it can be a burden for a company to support a broader ecosystem of apps where some only have a niche audience, in some cases those "niche" users are also the most influential and heavy users. And arguably, anyone launching Twitter's app on their TV must be a die-hard user -- because who is really watching that much Twitter on their TV? Read more of this story at Slashdot.

Read More

Faster Audio Decoding and Encoding Coming To Ogg and FLAC

technology - Posted On:2018-05-22 12:15:00 Source: slashdot

FLAC and Ogg now have faster audio encoding and decoding capabilities thanks to recent code improvements. An anonymous reader writes: Robert Kausch of the fre:ac audio converter project informed news outlet Phoronix about recent changes he has made to FLAC and Ogg for bolstering faster performance. Kausch says he updated the CRC checks within FLAC and Ogg to a faster algorithm and those patches have now been accepted upstream. The Ogg and FLAC updates were merged this week for using the optimized CRC algorithm. As a result of this, encoding and decoding FLAC is now 5 percent faster, while encoding and decoding Ogg FLAC is 10 percent and 15 percent faster, respectively. Opus sees about one percent faster decoding, while Vorbis does decoding at two percent faster pace. Read more of this story at Slashdot.

Read More

90% of Financial Institutions Targeted By Ransomware in the Last Year

it - Posted On:2018-05-22 11:45:00 Source: slashdot

An anonymous reader shares a report: A new report from cloud security specialist Carbon Black, based on responses from CISOs at 40 major financial institutions -- including six of the top 10 global banks -- seeks to better understand the attack landscape. Among the findings are that 90 percent of financial institutions report being the subject of a ransomware attack in 2017. In addition one in 10 respondents report encountering destructive attacks unrelated to ransomware, such as application attacks and fileless malware. These potentially enable cybercriminals to move freely and laterally within an organization's network and often go completely overlooked until it's too late. Read more of this story at Slashdot.

Read More

Microsoft To Block Flash In Office 365 Starting January 2019

it - Posted On:2018-05-22 10:14:57 Source: slashdot

An anonymous reader writes: Microsoft plans to soon block Flash, Shockwave, and Silverlight content from activating in Office 365, it said. The block, however, will only be applicable in Office 365 subscription clients -- and not in Office 2016, Office 2013, or Office 2010 distributions, the company added. The change is set to come into effect starting January 2019. This is a full-on block, and not just Microsoft disabling problematic controls with the option to click on a button and view its content, BleepingComputer reports. The block means that Office 365 will prevent Flash, Shockwave, or Silverlight content from playing inside Office documents altogether. Microsoft cited various reasons for taking this decision. It said that malware authors have abused this mechanism for exploit campaigns, but also that Office users rarely used these features. In addition, Microsoft said it was also taking this decision after Adobe announced Flash's end-of-life for 2020. Read more of this story at Slashdot.

Read More