Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×

Submission + - Threat Spotlight: Angler Lurking in the Domain Shadows

Submitted by shabah
shabah writes: Angler Exploit kit is becoming one of the most advanced exploits in use. It is now using Domain Shadowing (http://blogs.cisco.com/talos/angler-domain-shadowing) to avoid detection. Through Domain Shadowing, a virtually unlimited supply of disposable subdomains can be created under existing valid domains.

Submission + - Chicago, Argonne Lab deploy Internet of super sensors

Submitted by Presto Vivace
Presto Vivace writes: Government Computer News reports:

Federal, state and local agencies are just now beginning to explore applications of the Internet of Things (IoT), which, despite its build-up as “the next big thing,” actually seems destined to live up to the billing.

The IoT comprises networks of remote sensors capable of detecting everything from traffic to air quality, to buildings' energy consumption, to the direction of gunshots on city streets. And governments see plenty of opportunities to exploit the technology’s efficiency, energy and cost saving advantages.

I do not have a good feeling about this.

Submission + - New Zealand spied on nearly two dozen Pacific countries (zdnet.com)

Submitted by Anonymous Coward
An anonymous reader writes: New documents from Edward Snowden indicate New Zealand undertook "full take" interception of communications from Pacific nations and forwarded the data to the NSA.

The data, collected by New Zealand's Government Communications Security Bureau, was then fed into the NSA's XKeyscore search engine to allow analysts to trawl for intelligence.

The New Zealand link helped flesh out the NSA's ambitions to intercept communications globally.

Submission + - 3 open source projects that transformed Hadoop (opensource.com)

Submitted by Anonymous Coward
An anonymous reader writes: Hadoop, an open source software framework with the funny sounding name, has been a game-changer for organizations by allowing them to store, manage, and analyze massive amounts of data for actionable insights and competitive advantage.

But this wasn't always the case.

Initially, Hadoop implementation required skilled teams of engineers and data scientists, making Hadoop too costly and cumbersome for many organizations. Now, thanks to a number of open source projects, big data analytics with Hadoop has become much more affordable and mainstream.

Submission + - French nuclear industry in turmoil as manufacturer buckles (usatoday.com)

Submitted by mdsolar
mdsolar writes: France's nuclear industry is in turmoil after the country's main reactor manufacturer, Areva, reported a loss for 2014 of 4.8 billion euros ($5.3 billion) — more than its entire market value.

The government of France, the world's most nuclear dependent country, has a 29% stake in Areva, which is among the biggest global nuclear technology companies. The loss puts its future — and that of France as a leader in nuclear technology — at risk.

Energy and Environment Minister Segolene Royal said Wednesday she asked Areva and utility giant Electricite de France to work together on finding solutions, amid reports of a possible merger or other link-up.

The government said in a statement that it's working closely with Areva to restructure and secure financing, and would "take its responsibility as a shareholder" in future decisions about its direction.

Areva reported Wednesday 1 billion euros in losses on three major nuclear projects in Finland and France, among other hits.

Areva has lost money for years, in part linked to delays on those projects and to a global pullback from nuclear energy since the 2011 Fukushima accident.

Submission + - One Year Later, We're No Closer To Finding MtGox's Missing Millions (itworld.com)

Submitted by itwbennett
itwbennett writes: When Mt. Gox collapsed on Feb. 28, 2014, with liabilities of some ¥6.5 billion ($63.6 million), it said it was unable to account for some 850,000 bitcoins. Some 200,000 coins turned up in an old-format bitcoin wallet last March, bringing the tally of missing bitcoins to 650,000 (now worth about $180 million). In January, Japan’s Yomiuri Shimbun newspaper, citing sources close to a Tokyo police probe of the MtGox collapse, reported that only 7,000 of the coins appear to have been taken by hackers, with the remainder stolen through a series of fraudulent transactions. But there’s still no explanation of what happened to them, and no clear record of what happened on the exchange.

Submission + - The Mexican Drug Cartels' IT Guy (vice.com)

Submitted by sarahnaomi
sarahnaomi writes: It could have been any other morning. Felipe del Jesús Peréz García got dressed, said goodbye to his wife and kids, and drove off to work. It would be a two hour commute from their home in Monterrey, in Northeastern Mexico’s Nuevo León state, to Reynosa, in neighboring Tamaulipas state, where Felipe, an architect, would scout possible installation sites for cell phone towers for a telecommunications company before returning that evening.

That was the last time anyone saw him.

What happened to Felipe García? One theory suggests he was abducted by a sophisticated organized crime syndicate, and then forced into a hacker brigade that builds and services the cartel’s hidden, backcountry communications infrastructure. They’re the Geek Squads to some of the biggest mafia-style organizations in the world.

Submission + - Mars Curiosity experiences short circuit; rover to be stationary for days (techienews.co.uk) 1

Submitted by hypnosec
hypnosec writes: NASA has revealed that its Mars Curiosity rover has experienced a transient short circuit and has a result the rover has halted all work temporarily while its engineers analyse the situation. NASA reveled that from the telemetry data it received from Curiosity indicated a transient short circuit following which vehicle followed its programmed response, stopping the arm activity underway at the time of the irregularity in the electric current. NASA has parked Curiosity as its engineers analyse the issues and figure out if any damage has been done. NASA did say that transient short circuit would have little effect on rover's operations in some systems, but it could force the team to restrict use of rover's mechanism.

Submission + - Domain Shadowing Latest Angler Exploit Kit Evasion Technique (threatpost.com)

Submitted by msm1267
msm1267 writes: The Angler Exploit Kit continues to evolve at an alarming rate, seamlessly adding not only zero-day exploits as they become available, but also a host of evasion techniques that have elevated it to the ranks of the more formidable hacker toolkits available.

New research has been released on a technique used in a recent Angler campaign in which attackers are using stolen domain registrant credentials to create massive lists of subdomains that are used in rapid-fire fashion to either redirect victims to attack sites, or serve as hosts for malicious payloads.

The technique has been called domain shadowing, and it is considered the next evolution of fast flux; so far it has enabled attackers to have thousands of subdomains at their disposal. In this case, the attackers are taking advantage of the fact that domain owners rarely monitor their domain registration credentials, which are being stolen in phishing attacks.They’re then able to create a seemingly endless supply of subdomains to be used in additional compromises.

Submission + - Scientists Create Artificial Sunlight Real Enough To Trick the Brain 1

Submitted by HughPickens.com
HughPickens.com writes: Navanshu Agarwal writes that Italian scientists have developed an artificial LED sunlight system that looks just like real daylight streaming through a skylight. The LED skylight uses a thin coating of nanoparticles to recreate the effect that makes the sky blue, known as Rayleigh Scattering that doesn’t just light up a room but produces the texture and feel of sunlight. Paolo Di Trapani, one of the scientists who worked on the device believes that the skylight will allow developers of the future to not just build up, but also far down below the ground- without any of the dinginess that currently keeps us above ground.

CoeLux hopes to treat seasonal affective disorder, or SAD. Each year, some 10 million Americans, mostly women, find themselves sinking into a heavy malaise during the wintertime. CoeLux hopes its LED bulbs, which create the illusion of infinitely tall, bright blue skies, will help trick the brains of people with SAD, ridding them of their blues.

Submission + - GitLab acquires Gitorious (gitlab.com)

Submitted by sckirklan
sckirklan writes: QUOTE:
As reported by the Next Web GitLab and Gitorious announce today they are joining forces in an effort to strengthen the development of GitLab’s open source Git management application and provide Gitorious customers with an enhanced user experience.

Submission + - Either everyone is cyber-secure or no one is

Submitted by Presto Vivace
Presto Vivace writes: Bruce Schneier on The Democratization of Cyberattack

When I was working with the Guardian on the Snowden documents, the one top-secret program the NSA desperately did not want us to expose was QUANTUM. This is the NSA's program for what is called packet injection--basically, a technology that allows the agency to hack into computers.

Turns out, though, that the NSA was not alone in its use of this technology. The Chinese government uses packet injection to attack computers. The cyberweapons manufacturer Hacking Team sells packet injection technology to any government willing to pay for it. Criminals use it. And there are hacker tools that give the capability to individuals as well.

All of these existed before I wrote about QUANTUM. By using its knowledge to attack others rather than to build up the internet's defenses, the NSA has worked to ensure that anyone can use packet injection to hack into computers.

Slashdot Top Deals

The moon is made of green cheese. -- John Heywood

Close