L3sPau1 - Slashdot User

Submission + - Bitcoin Trojan Found on Popular Download Sites (threatpost.com)

Submitted by msm1267 on Tuesday February 11, 2014 @08:48PM

msm1267 writes: Phony Bitcoin ticker apps hosted on popular sites Download.com and MacUpdate.com are fronts for the OSX/CoinThief Trojan, which was built to steal Bitcoin wallet credentials and keys, and to date has drained a small number of accounts.New variants of the Trojan targeting Mac OS X users were found on the sites and also include a browser extension for Firefox. Previous versions of CoinThief spread through a GitHub page that has since been taken down and included extensions for Safari and Google Chrome only.

Submission + - New 'Mask' APT Campaign Called Most Sophisticated Yet (threatpost.com)

Submitted by Gunkerty Jeb on Monday February 10, 2014 @02:09PM

Gunkerty Jeb writes: A group of high-level, nation-state attackers has been targeting government agencies, embassies, diplomatic offices and energy companies with a cyber-espionage campaign for more than five years that researchers say is the most sophisticated APT operation they’ve seen to date. The attack, dubbed the Mask, includes a number of unique components and functionality and the group behind it has been stealing sensitive data such as encryption and SSH keys and wiping and deleting other data on targeted machines.

Submission + - Near-Earth Asteroid is Stranger Than Thought (sciencemag.org)

Submitted by sciencehabit on Wednesday February 05, 2014 @10:17AM

sciencehabit writes: The oddly shaped, near-Earth asteroid 25143 Itokawa just got a lot weirder. When researchers analyzed how the object’s brightness changed over the course of 10 short intervals between 2001 and 2013, as measured by Earth-based telescopes, they found that the 535-meter-long cosmic peanut wasn’t rotating as expected. A detailed analysis suggested that Itokawa’s center of mass (about which the asteroid rotates) was 21 meters closer to the smaller end of the peanut than expected—a sign that the smaller end of the body, for whatever reason, is denser than the larger end. Although a shift of 21 meters doesn’t sound like much, that disparity suggests that the smaller end of the asteroid is more than 1.6 times as dense as the plumper end. Previously, some researchers have proposed that Itokawa is actually two asteroids in contact with one another, a scenario strongly supported by the new results, the team contends. It’s not clear whether the odd configuration results from the merger of a two-asteroid system or merely clumps of material that fell back together after a larger asteroid was blasted apart by an immense collision.

Submission + - DARPA Open Source Catalog (darpa.mil)

Submitted by Anonymous Coward on Tuesday February 04, 2014 @04:04PM

An anonymous reader writes: http://www.darpa.mil/OpenCatal... "The DARPA Open Catalog organizes publically releasable material from DARPA programs, beginning with the XDATA program in the Information Innovation Office (I2O). XDATA is developing an open source software library for big data. DARPA has an open source strategy through XDATA and other I2O programs to help increase the impact of government investments. "

Submission + - Cutwail-Like Trojan Hides In Its Own Traffic (threatpost.com)

Submitted by msm1267 on Tuesday January 21, 2014 @11:01AM

msm1267 writes: A new spambot has been discovered that generates copious amounts of network traffic in an attempt to disguise what it’s really up to and throw off the scent of detection capabilities. The spambot, identified as Wigon.PH_44, is being served on compromised websites hosted on the WordPress platform. To date, there are up to 200 sites serving the malicious executable and there have been 15,000 hits in the wild on the malware signature, most of those in the United States.

Submission + - US Congressman accuses Snowden of acting with Russia (bbc.co.uk)

Submitted by Anonymous Coward on Monday January 20, 2014 @09:27AM

An anonymous reader writes: Looks like assassination of Edward Snowden's character has begun in earnest. The BBC reports that the chairman of the US House Intelligence Committee Mike Rogers (R- Michigan) has alleged that "US intelligence leaker Edward Snowden may have collaborated with Russia. I believe there's a reason he ended up in the hands, the loving arms, of an agent in Moscow."

The BBC continues: "Mr Rogers offered no firm evidence to back his theory, and the FBI is said to remain sure Mr Snowden acted alone... some the things Mr Snowden did were 'beyond his technical capabilities'. It appeared 'he had some help and he stole things that had nothing to do with privacy', such as large amounts of data on the US military, Mr Rogers alleged."

Submission + - Linux 3.13 released 1

Submitted by diegocg on Sunday January 19, 2014 @11:36PM

diegocg writes: Linux kernel 3.8 has been released. This release includes are nftables, the successor of iptables, a revamp of the block layer designed for high-performance SSDs, a power capping framework to cap power consumption in Intel RAPL devices, improved squashfs performance, AMD Radeon power management enabled by default and automatic AMD Radeon GPU switching, improved NUMA and hugepage performance , TCP Fast Open enabled by default, support for NFC payments, support for the High-availability Seamless Redundancy protocol, new drivers and many other small improvements. Here's the full list of changes

Submission + - Weather Channel Loss: A bad thing?

Submitted by whizbang77045 on Tuesday January 14, 2014 @03:21PM

whizbang77045 writes: I find myself wondering what impact – if any – Directv dropping the Weather Channel is having on Slashdotters (http://www.usatoday.com/story/money/business/2014/01/14/directtv-weather-channel/4470233/).

Since it's purchase by NBC Universal, I've noticed more and more reality programming, and less and less actual weather. How it may be in other areas I don't know, but in our area, the forecasts are usually wildly inaccurate. A forecast low of say, 32 degrees, will appear side by side with a current temperature of 25. Precipitation forecasts are no better.

Radar appears to be a work of fiction. It's 150 miles to the nearest weather radar, and nothing below about 22,000 feet is detected. If one goes to the National Weather Service radar site, the imagery cuts off perhaps 5 miles west of us. But while that is happening, the Weather Channel would show radar imagery as much as 150 miles beyond that. There is a huge gap in weather radar coverage beyond where we live. I'm forced to believe the radar the weather channel shows does not in reality exist.

Weather alerts have been equally silly. We were cautioned of a severe storm, which turned out to be about 100 miles away!

Claiming loss of their channel would cause a lack of weather information in our area does not appear to be valid in this area. We're really better off without thinking we know what the weather will be, 3when that's not what usually happens.

What are the feelings of other Slashdotters?

Submission + - Cisco Races to Patch Backdoor in Wireless Routers

Submitted by Trailrunner7 on Tuesday January 14, 2014 @02:01PM

Trailrunner7 writes: There is a serious vulnerability in several Cisco wireless routers that could give an attacker root level access. The bug is the result of a backdoor in the routers that was set up as a test interface, and Cisco does not yet have patches available to fix it. Worse, there is public exploit code available.

Cisco officials said the vulnerability is “an undocumented test interface” that exists in Cisco WAP4410N Wireless-N Access Point, Cisco WRVS4400N Wireless-N Gigabit Security Router and it could be used by a remote attacker to steal administrator credentials from a vulnerable router and then run arbitrary commands.

Submission + - APT Espinonage Campaign Hit 3 US Oil Companies (threatpost.com) 1

Submitted by msm1267 on Tuesday January 14, 2014 @01:00PM

msm1267 writes: The Icefog cyberespionage malware campaign uncovered last September was originally thought to be limited to the military supply chain, primarily in Japan and South Korea. But new details emerged today that a Java-based version of the malware exists and infected three US-based oil and gas companies. All three have been notified; two have removed the infections so far.

Submission + - Mobile Banking Apps for iOS Woefully Insecure (threatpost.com)

Submitted by msm1267 on Friday January 10, 2014 @12:49PM

msm1267 writes: Mobile banking applications fall short on their use of encryption, validation of digital certificates and two-factor authentication, putting financial transactions at risk worldwide. An examination of 40 iOS mobile banking apps from 60 leading banks worldwide revealed a slew of security shortcomings that also included hard-coded development credentials discovered during a static analysis of app binaries. It's a mess, and to date, most of the banks have been informed and none of provided feedback indicating the vulnerabilities were patched.

Submission + - We Will See Malware Attacks on Internet-Connected Cars, Expert Warns (ibtimes.co.uk)

Submitted by Anonymous Coward on Friday January 10, 2014 @12:12PM

An anonymous reader writes: The threat to internet-connected cars is no different to that of web browsers — only with much more serious consequences, warns API and data security expert.

Never had the worlds of motoring and technology been closer than when car manufacturers used the Consumer Electronics Show to announce a whole range of smart car features tapping into the Internet of Things, but rampant development could see major security concerns overlooked.

Speaking to IBTimes UK, Mark O'Neill, vice president of innovation at software company Axway, said: "I think we are going to see more malicious attacks [on connected vehicles]. If someone finds a vulnerability in an internet-enabled car you could have the same situation that you have now for browsers."

Submission + - Target Ups Breach Victim Total To 70 Million (networkworld.com)

Submitted by netbuzz on Friday January 10, 2014 @10:12AM

netbuzz writes: Target this morning issued an update regarding its recent catastrophic data breach that increases the number of customers victimized from 40 million to 70 million. The company also reported that even more information had been stolen than previously believed. In addition, and not surprisingly, Target told the investment world that sales are down this quarter.

Submission + - Scammers Intercept E-Mail in Targeted Attacks (sans.edu)

Submitted by UnderAttack on Wednesday January 08, 2014 @03:13PM

UnderAttack writes: In the old days, financial fraud usually relied on banking malware like Zeus. But as organizations become more aware of these threats, scammers bypass all the fancy anti-malware tools by going straight to the person with the money. In this case document by the Internet Storm Center, a scammer was able to view/intercept an e-mail exchange about a payment, and slipped in a note requesting the account number for the payment to be updated. These scams become more common as miscreants look for new ways to a get to a companies money

Submission + - The 47 dumbest moments of 2013 (time.com)

Submitted by harrymcc on Tuesday December 31, 2013 @12:07PM

harrymcc writes: Over at TIME.com, I rounded up the year's dumbest moments in technology. Yes, the launch of Healthcare.gov is included, as are Edward Snowden's revelations. But so are a bunch of people embarrassing themselves on Twitter, both BlackBerry and Lenovo hiring celebrities to (supposedly) design products, the release of glitchy products ranging from OS X 10.9 Mavericks to the new Yahoo Mail, and much more.

Slashdot Top Deals