Follow Slashdot stories on Twitter


Forgot your password?
Slashdot Deals: Deal of the Day - 6 month subscription of Pandora One at 46% off. ×

Submission + - GlassRAT Targets Chinese Nationals, Lurked for 3 Years Undetected (

chicksdaddy writes: RSA researchers issued a report today ( about a remote access trojan (or RAT) program dubbed “GlassRAT” that they are linking to sophisticated and targeted attacks on “Chinese nationals associated with large multinational corporations," The Security Ledger reports. (

Discovered by RSA in February of this year, GlassRAT was first created in 2012 and “appears to have operated, stealthily, for nearly 3 years in some environments,” in part with the help of a legitimate certificate from a prominent Chinese software publisher and signed by Symantec and Verisign, RSA reports.

The software is described as a “simple but capable RAT” that packs reverse shell features that allow attackers to remotely control infected computers as well as transfer files and list active processes. The dropper program associated with the file poses as the Adobe Flash player, and was named “Flash.exe” when it was first detected.

RSA discovered it on the PC of a Chinese national working for a large, U.S. multi-national corporation. RSA had been investigating suspicious network traffic on the enterprise network. RSA says telemetry data and anecdotal reports suggest that GlassRAT may principally be targeting Chinese nationals or other Chinese speakers, in China and elsewhere, since at least early 2013.

RSA said it has discovered links between GlassRAT and earlier malware families including Mirage, Magicfire and PlugX. Those applications have been linked to targeted campaigns against the Philippine military and the Mongolian government. (

Submission + - A Secretive Air Cargo Operation Is Running in Ohio, and Signs Point to Amazon (

citadrianne writes: In 2013, at the height of the holiday season, a surge of last minute Amazon orders and bad weather left many customers without gifts under the tree on Christmas day.

Amazon said the problem was not due to issues with its warehouses or staff, but failures on the part of UPS and other shipping partners. It apologized and reimbursed some customers with $20 gift cards, but the debacle underscored for Amazon the disadvantages of relying on third party shippers for its delivery process.

Since then, Amazon has been increasingly investing in its own alternatives, from contracting additional couriers to rolling out its own trucks in some cities.

The latest rumored venture into Amazon shipping has a name: Aerosmith.

An air cargo operation by that name launched in September of this year in Wilmington, Ohio on a trial basis. The operation is being run by the Ohio-based aviation holding company Air Transport Services Group, or ATSG, out of a state-of-the art facility. It's shipping consumer goods for a mysterious client that many believe to be Amazon.

Submission + - Fake Bomb Detector, Blamed for Hundreds of Deaths, Is Still in Use writes: Murtaza Hussain writes at The Intercept that although it remains in use at sensitive security areas throughout the world, the ADE 651 is a complete fraud and the ADE-651’s manufacturer sold it with the full knowledge that it was useless at detecting explosives. There are no batteries in the unit and it consists of a swivelling aerial mounted to a hinge on a hand-grip. The device contains nothing but the type of anti-theft tag used to prevent stealing in high street stores and critics have likened it to a glorified dowsing rod.

The story of how the ADE 651 came into use involves the 2003 U.S. invasion of Iraq. At the height of the conflict, as the new Iraqi government battled a wave of deadly car bombings, it purchased more than 7,000 ADE 651 units worth tens of millions of dollars in a desperate effort to stop the attacks. Not only did the units not help, the device actually heightened the bloodshed by creating “a false sense of security” that contributed to the deaths of hundreds of Iraqi civilians. A BBC investigation led to a subsequent export ban on the devices.

The device is once again back in the news as it was reportedly used for security screening at hotels in the Egyptian resort city of Sharm el-Sheikh where a Russian airliner that took off from that city’s airport was recently destroyed in a likely bombing attack by the militant Islamic State group. Speaking to The Independent about the hotel screening, the U.K. Foreign Office stated it would “continue to raise concerns” over the use of the ADE 651. James McCormick, the man responsible for the manufacture and sale of the ADE 651, received a 10-year prison sentence for his part in manufacture of the devices, sold to Iraq for $40,000 each. An employee of McCormick who later became a whistleblower said that after becoming concerned and questioning McCormick about the device, McCormick told him the ADE 651 “does exactly what it’s designed to. It makes money.”

Comment Re:WTF is with the US utility tie-in? (Score 1) 140

The problem here is that there's a low-grade civil war brewing in Crimea after Russia's invasion. Wake me up when/if the US has a similar problem. Zzzzzz....

I would not be too complacent about this. Clearly we are going to reasonably wonder "could it happen here?" and what would it mean. A valid concern, but the much greater issue as I see it is that it appears Putin has a new and serious challenge on his hands. How many more problems can Russia manage before something snaps? A breakdown in Russia could be a very big problem, especially if it is chaotic.

Submission + - Anonymous Reportedly "RickRolling" Isis (

retroworks writes: According to a recent tweet from the #OpParis account, Anonymous are delivering on their threat to hack Isis [slashdot, and are now flooding all pro-Isis hastags with the grandfather of all 2007 memes — Rick Aston's "Never Gonna Give You Up" (1987) music video, aka “Rick Roll” meme. Whenever a targeted Isis account tries to spread a message, the topic will instead be flooded with countless videos of Rick Astley circa 1987.

Not all are praising Anonymous methods, however. While Metro UK reports that the attacks have been successful, finding and shutting down 5,500 Twitter accounts, the article also indicates that professional security agencies have seen sources they monitor shut down. Rick Aston drowns out intelligence as well as recruitment.

Submission + - How Close Are We To a Mission on Mars? (

destinyland writes: "NASA is developing the capabilities needed to send humans to an asteroid by 2025 and Mars in the 2030s," reads the official NASA web site. But National Geographic points out that "the details haven't been announced, in large part because such a massive, long-term spending project would require the unlikely support of several successive U.S. presidents." And yet on November 4th, NASA put out a call for astronaut applications "in anticipation of returning human spaceflight launches to American soil, and in preparation for the agency’s journey to Mars," and they're currently experimenting with growing food in space. And this week they not only ordered the first commercial mission to the International Space Station, but also quietly announced that they've now partnered with 22 private space companies.

"You can't get very far in this world without your dossier being there first." -- Arthur Miller