Forgot your password?

+ - New Critroni Crypto Ransomware is First to Use Tor for Command and Control

Submitted by Trailrunner7
Trailrunner7 (1100399) writes "There’s a new kid on the crypto ransomware block, known as Critroni, that’s been sold in underground forums for the last month or so and is now being dropped by the Angler exploit kit. The ransomware includes a number of unusual features and researchers say it’s the first crypto ransomware seen using the Tor network for command and control.

The Critroni ransomware is selling for around $3,000 and researchers say it is now being used by a range of attackers, some of whom are using the Angler exploit kit to drop a spambot on victims’ machines. The spambot then downloads a couple of other payloads, including Critroni. Once on a victim’s PC, Critroni encrypts a variety of files, including photos and documents, and then displays a dialogue box that informs the user of the infection and demands a payment in Bitcoins in order to decrypt the files.

“It uses C2 hidden in the Tor network. Previously we haven’t seen cryptomalware having C2 in Tor. Only banking trojans,” said Fedor Sinitsyn, senior malware analyst at Kaspersky Lab, who has been researching this threat. “Executable code for establishing Tor connection is embedded in the malware’s body. Previously the malware of this type, this was usually accomplished with a Tor.exe file. Embedding Tor functions in the malware’s body is a more difficult task from the programming point of view, but it has some profits, because it helps to avoid detection, and it is more efficient in general.”"

+ - Linux Needs Resource Management for Complex Workloads->

Submitted by storagedude
storagedude (1517243) writes "Resource management and allocation for complex workloads has been a need for some time in open systems, but no one has ever followed through on making open systems look and behave like an IBM mainframe, writes Henry Newman at Enterprise Storage Forum. Throwing more hardware at the problem is a costly solution that won’t work forever, notes Newman.

He writes: 'With next-generation technology like non-volatile memories and PCIe SSDs, there are going to be more resources in addition to the CPU that need to be scheduled to make sure everything fits in memory and does not overflow. I think the time has come for Linux – and likely other operating systems – to develop a more robust framework that can address the needs of future hardware and meet the requirements for scheduling resources. This framework is not going to be easy to develop, but it is needed by everything from databases and MapReduce to simple web queries.’"

Link to Original Source

+ - UK Government Faces Lawsuit Over emergency Surveillance Bill->

Submitted by judgecorp
judgecorp (778838) writes "The British Government has had to produce an emergency surveillance Bill after the European Court of Justice ruled that European rules on retaining metadata were illegal. That Bill has now been passed by the House of Commons with almost no debate, and will become law if approved by the House of Lords. But the so-called DRIP (Data retenteion and Investigatory Powers) Bill could face a legal challenge: the Open Rights Group (ORG) is fund-raising to bring a suit which would argue that blanket data retention is unlawful, so these emergency measures would be no more legal than the ones they replaced."
Link to Original Source

+ - The hacking of NASDAQ->

Submitted by puddingebola
puddingebola (2036796) writes "Businessweek has an account of the 2010 hacking of the NASDAQ exchange. From the article, "Intelligence and law enforcement agencies, under pressure to decipher a complex hack, struggled to provide an even moderately clear picture to policymakers. After months of work, there were still basic disagreements in different parts of government over who was behind the incident and why. “We’ve seen a nation-state gain access to at least one of our stock exchanges, I’ll put it that way, and it’s not crystal clear what their final objective is,” says House Intelligence Committee Chairman Mike Rogers, a Republican from Michigan, who agreed to talk about the incident only in general terms because the details remain classified. “The bad news of that equation is, I’m not sure you will really know until that final trigger is pulled. And you never want to get to that.”""
Link to Original Source

+ - Cosmologists Prove Negative Mass Can Exist In Our Universe

Submitted by KentuckyFC
KentuckyFC (1144503) writes "The idea of negative mass has fascinated scientists since it was first used in the 16th century to explain why metals gain weight when they are oxidised. Since then, theoretical physicists have shown how it could be used to create exotic objects such as wormholes and the Alcubierre warp drive. But cosmologists' attempts to include negative matter in any reasonable model of the cosmos have always run into trouble because negative mass violates the energy conditions required to make realistic universes with Einstein's theory of general relativity. Now a pair of cosmologists have round a way round this. By treating negative mass as a perfect fluid rather than a solid point-like object, they've shown that negative mass does not violate the energy conditions as had been thought and so must be allowed in our universe. That has important consequences. If positive and negative mass particles were created in the early universe, they would form a kind of plasma that absorbs gravitational waves. Having built a number of gravitational wave observatories that have to see a single gravitational wave, astronomers might soon need to explain the absence of observations. Negative mass would then come in extremely handy."

+ - Nearly 25 years ago, IBM helped save Macintosh->

Submitted by dcblogs
dcblogs (1096431) writes "Apple and IBM, which just announced partnership to bring iOS and cloud services to enterprises, have helped each other before. IBM played a key role in turning the Macintosh into a successful hardware platform at a point when it — and the company itself — were struggling. Nearly 25 years ago, IBM was a part of an alliance that gave Apple access to PowerPC chips for Macintosh systems that were competitive, if not better performing in some benchmarks, than the processors Intel was producing at the time for Windows PCs. In 1991, Apple was looking for a RISC-based processor to replace the Motorola 68K it had been using in its Macintosh line. "The PCs of the era were definitely outperforming the Macintoshes that were based on the 68K," he said. "Apple was definitely behind the power, performance curve," said Nathan Brookwood, principal analyst at Insight 64. The PowerPC processor that emerged from that earlier pairing changed that. PowerPC processors were used in Macintoshes for more than a decade, until 2006, when Apple switched to Intel chips."
Link to Original Source

+ - Exposing The Insecurity Of Hotel Safes

Submitted by Anonymous Coward
An anonymous reader writes "When looking at one popular safe model, G DATA SecurityLabs experts found serious security deficiencies. With a little technical effort, the safe can be hacked and cleared out in a very short time. If the safe has a magnetic card reader, it offers criminals the option of using skimming to access the data on the card and offering it for sale on the Internet or in special underground forums. The safe model investigated could be opened using the master code provided by the manufacturer, which is only supposed to be used to open it in emergencies. Many hotel owners, however, do not bother to change the default code – making life easy for thieves. Another option for opening a safe is to hack the emergency lock. The hotel manager usually has an emergency key. However, after unscrewing a plate on the front of the safe, the lock underneath can also be opened using a false key."

+ - Japan arrests woman for making a printable 3d model of her vagina

Submitted by antifoidulus
antifoidulus (807088) writes "The BBC is reporting that a Japanese woman has been arrested for making a 3d model of her vagina that can be printed using a 3d printer. Megumi Igarashi had sent the printable model to people who sent her money to create it. A police spokesman told AFP news agency she had distributed data that could "create an obscene shape". While giant phalluses are a common spectacle at Japanese fertility festivals, apparently vaginas are still considered "taboo". Ms. Igarashi is fighting the charges."

+ - Book Review:Penetration Testing with bash shell by Keith Makan.

Submitted by gaurav63
gaurav63 (3730785) writes "It is a good book for linux beginners as it drives them from basic linux commands to the kali linux specific. Also it would be great it an in depth explanation of important options of the commands wher covered. But at the last it is good book as it introduce me to kali linux bash specific commands.
Loved it."

+ - Would You Trust Tor with Your Life?->

Submitted by Nicola Hahn
Nicola Hahn (1482985) writes "If you lived in a police state where political activism could get you killed, would using Tor be enough to safeguard your identity? The general sympathy conveyed by privacy advocates is that “Tor still works.” But are these Tor supporters soft-pedaling the potential pitfalls? There are cynics in the crowd, researchers who feel that the users are being given a false sense of security, that people are depicting Tor as the digital equivalent a reinforced concrete barrier when in practice it can often be little more than a speed bump to trained spies. There’s evidence that while the NSA thinks that “Tor Stinks” there are also well-grounded reasons why spies don’t want to scare people away from using it"
Link to Original Source

+ - The Improbable Story of the 184 MPH Jet Train->

Submitted by MatthewVD
MatthewVD (2603547) writes "Almost half a century ago, New York Central Railroad engineer Don Wetzel and his team bolted two J47-19 jet engines, throttled up the engines and tore down a length of track from Butler, Indiana to Stryker, Ohio at almost 184 mph. Today, the M-497 still holds the record for America's fastest train. This is the story of how it happened."
Link to Original Source

+ - Is someone intercepting my email?

Submitted by Anonymous Coward
An anonymous reader writes "I have two virtual private servers, one in the USA and one in the UK. Using the traditional Linux traceroute from my US server to my UK server, I see 10 hops. Using tcptraceroute with port 25 (so what would be smtp traffic), I see only 3 hops. This seems a remarkably low number of hops and is different to the udp traffic from traceroute. Also, tcptraceroute on port 80 shows 10 hops — the same number of hops as the udp packets.

This seems *very* suspicious. What do other /. readers see?"

+ - U.S. Power Plant Turns to Russia for Coal Shipment-coldest winter since 2002->

Submitted by bricko
bricko (1052210) writes "U.S. Power Plant Turns to Russia for Coal Shipment

Coldest winter since March 2002 in the contiguous 48 U.S. states, according to the National Climatic Data center, boosting power demand. In spring, an increase in oil and ethanol transport clogged the railways and slowed efforts by power generators to rebuild supply.
Some utilities have as little as 20 days of reserves, Bill Davison, vice president of thermal coal sales at Alpha Natural Resources Inc. (ANR), said last month at a conference in New York.
Tennessee Valley Authority temporarily idled the Bull Run plant in May to rebuild supply, Vince Stroud, the company’s director of coal origination, said last month in an interview at the IHS McCloskey Coal USA conference in New York."

Link to Original Source

+ - The Placebo Effect occurs with Computer Applications too

Submitted by vrml
vrml (3027321) writes "In medicine, it is well-known that sugar pills sometimes produce the same effects as real drugs (Placebo Effect). But could that happen with computers too? Can it be that the things a computer application claims to do are “all in our mind” and the app is actually a sham? The first scientific study of the Placebo Effect in computing, just published by the International Journal of Human-Computer Studies , gives an affirmative answer. The experiment considered affective computing, that is those fancy applications that claim to know user’s emotions by detecting physiological parameters with sensors. Researchers took two well-known affective computing systems and used them to control in real-time the state of an avatar that looked more and more nervous as users’ stress level increased, and more and more relaxed as it decreased. But they also considered a third system in which, unbeknown to users, the sensors were disconnected from the computer and the avatar state was controlled by a random stream of physiological data instead of the real user’s data. Results show that participants believed that the sham application was able to display their stress level. Even worse, only one of the two (costly) affective computing systems produced better results than the placebo. This suggests that evaluations of such novel computer applications should include also a placebo condition, as it is routinely done in medicine but not yet in computer science."

Almost anything derogatory you could say about today's software design would be accurate. -- K.E. Iverson