Forgot your password?
typodupeerror

+ - Scammers with a conscience emerge-> 1

Submitted by hypnosec
hypnosec (2231454) writes "A new Ransomcrypt Trojan, detected recently, lets users request a decryption key without paying – that is if they wait for a month. The ransomware is no different from any other Trojan in the same family, but the authors of the Trojan claim that if users don’t wish to pay the ransom to get the unlock key they are entitled to a free unlock if they wait for a month from the day their personal files were encrypted. “P.S. Remember, we are not scammers. We don’t need your files” reads the ‘how to get data.txt’ file that comes along with the Trojan. "If you want, you can get a decryptor for free after a month. Just send a request immediately after infection. All data will be restored absolutely. Your warranty – decrypted samples and positive feedbacks from previous users.""
Link to Original Source

+ - Microsoft to continue supporting Windows XP in China->

Submitted by hypnosec
hypnosec (2231454) writes "Microsoft has decided to continue supporting Windows XP in China unlike rest of the world where it will be pulling the plug on 14-year old operating system on April 8, 2014. Microsoft announced its decision through a post on its official Sina Weibo account on Sunday. Redmond will be partnering with local security vendors to continue supporting Windows XP. It is not yet clear how Microsoft will be chalking out the support strategy. It is not entirely clear why Microsoft is extending support for Windows XP in China as itself has noted that 70 percent of users in the country haven't updated their systems in the last 13 years."
Link to Original Source

+ - Hard-coded root password found in Synology DiskStation Manager VPN module->

Submitted by hypnosec
hypnosec (2231454) writes "Synology DiskStation Manager has a critical vulnerability wherein VPN module has a hard-coded password for root, which attackers can use to connect to Synology device and possibly other devices on the shared network. The hard-coded root password is ‘synopass’. Users will not be able to logon to the web interface of the device using the root:synopass combination; however, “when enabling the VPN server, root:synopass will get you authenticated and connected!”"
Link to Original Source

+ - The Raspberry Pi celebrates 2 years with open source graphics driver competition->

Submitted by hypnosec
hypnosec (2231454) writes "The Raspberry Pi, which was first put up for sale on February 29, 2012, has completed two years and has sold over 2.5 million units during the period. Announcing the milestone and commemorating the two years, Founder and former trustee of the Raspberry Pi Foundation, Eben Upton announced a $10,000 competition wherein developers will be required to demonstrate a satisfactory Quake III gameplay at a playable framerate on the credit card sized computer using open source drivers."
Link to Original Source

+ - In-app purchases in free-to-play games on European Commission's radar->

Submitted by hypnosec
hypnosec (2231454) writes "European Commission is meeting with consumer protection authorities in the UK, Belgium, France, Italy and members of the Consumer Protection Cooperation (CPC) network responsible for enforcing consumer rights across the EU to discuss concerns raised by consumers of free-to-pay games. The Commissions notes that more than 50 percent of the games in the EU’s online marketplace are advertised as ‘free’; however, they often include costly in-app purchases. Some of the concerns raised by consumers about free-to-play games will include misleading tactics about 'free' games and the cost involved; exhortations or persuasion tactics to make in-app purchases; explicit authorisation during in-app purchases; and contact information in case consumers want to contact vendors or register complaints."
Link to Original Source

+ - Github rolls out new text editor Atom->

Submitted by hypnosec
hypnosec (2231454) writes "Github has introduced Atom, its new text editor that allows developers to write and edit code and which has been in development for more than six years. Atom will be available as a part of an invite-only beta program. GitHub revealed that through Atom it aims to create an editor "that will be welcoming to an elementary school student on their first day learning to code, but also a tool they won’t outgrow as they develop into seasoned hackers.""
Link to Original Source

+ - Kickass.to linking blocked by Twitter->

Submitted by hypnosec
hypnosec (2231454) writes "Twitter isn't allowing users to post a link to Kickass.to stating that the URL in the tweet 'appears to link to a page that has spammy or unsafe content.' I tried clicking on one of the URLs sent to me by one of our publishers who wanted to share with us a draft copy of the soon to be published book and as soon as I clicked on it I was greeted with a rather unfamiliar message on Twitter. 'The site you were trying to visit may be unsafe! This link has been flagged as potentially harmful.' This led me to try out a little test of linking a random Kickass.to link and Twitter blocked the request with a message: 'Oops! A URL in your Tweet appears to link to a page that has spammy or unsafe content.'"
Link to Original Source

+ - Linux skills helping professional move forward - 2014 Linux Jobs Report-> 1

Submitted by hypnosec
hypnosec (2231454) writes "The Linux Foundations’ 2014 Linux Jobs Report reveals that Hiring managers are looking for professionals with Linux skills with increasing number of organisations the world over considering Linux as a core part of their businesses. The 2014 Linux Jobs Report provides a comprehensive view of career landscape in Linux right from business needs to personal incentives and job motivations that attract Linux professionals. The report comprises of views from 1,100 hiring managers and 4,000 Linux professionals. Seventy-seven percent of surveyed hiring managers have revealed that they are prioritising hires for those positions what involve Linux openings as compared to other jobs with 90 percent stating that they are planning to hire Linux professionals in the next six months. When it comes to Linux professionals, 86 percent of those surveyed revealed that Linux had helped them advance their careers. From the report it can be concluded that Linux jobs really are the best around."
Link to Original Source

+ - Facebook retaliates; says 'Princeton may be in danger of disappearing entirely'->

Submitted by hypnosec
hypnosec (2231454) writes "A recent report from two Princeton researchers claimed that Facebook is like an infectious disease currently experiencing a spike before its decline and will lose 80 percent of its user base by 2017, which caught attention of Facebook and in its reply the social networking giant claimed that ‘Princeton may be in danger of disappearing entirely’. Facebook data scientists Mike Develin, Lada Adamic, and Sean Taylor used some of the same techniques used by Princeton researchers to arrive at their conclusion. The trio used parameters such as Facebook Likes, Percentage of Princeton papers in journals, student enrolment, and Google Trends."
Link to Original Source

+ - Snapchat account registration CAPTCHA defeated->

Submitted by hypnosec
hypnosec (2231454) writes "Snapchat's security troubles continue as a security researcher has managed to hack its account registration CAPTCHA system with a program of less than 100 lines that took 30 minutes to develop. Steve Hickson, a computer engineer by education, wrote a small computer program with very little effort that identifies Snapchat’s ghost from the given set of images. Hickson equates Snapchat’s ghost very particular and calls it a template that can be matched easily using a computer program. Hickson used a combination of Open Source Computer Vision Library (OpenCV), SURF points and FLANN matching “with a uniqueness test to determine that multiple keypoints in the training image weren't being singularly matched in the testing image.”"
Link to Original Source

+ - Hortonworks marks Hadoop 2.0 for Windows as GA->

Submitted by hypnosec
hypnosec (2231454) writes "Hortonworks has announced general availability of Hadoop 2.0 for Windows – three months after it did for the Linux operating system. Hadoop 2.0 for Windows is dubbed as a true multi-use data platform as it brings with it Apache Hadoop YARN enabling users to interact with all data in both real time as well as batch processing. Hadoop 2.0 for Windows brings with it high availability support for Hadoop Distributed File System (HDFS) NameNode; phase II of Stringer initiative; and Apache HBase NoSQL database release 0.96. Developers who are new to Hadoop or HDP for windows could start off with single-node version of HDP 2.0 for Windows that includes a Microsoft Installer based setup."
Link to Original Source

+ - FreeBSD 10.0 release builds spotted->

Submitted by hypnosec
hypnosec (2231454) writes "FreeBSD 10.0 is finally available for download after a series of delays and an additional rc build. From the looks of it FreeBSD 10.0 is currently available for all the four architectures, but the official release announcement is missing. Most of the ISOs have been either signed off on January 16 or 17 meaning that the builds have been ready since three days now."
Link to Original Source

+ - Android vulnerability allows interception of VPN data, researchers claim->

Submitted by hypnosec
hypnosec (2231454) writes "Security researchers over at the Ben Gurion University (BGU), Israel claim to have discovered a vulnerability in Android that allows for interception of encrypted data travelling over a VPN in plain text. The researchers note that the vulnerability allows a malicious app to "bypass active VPN configuration" without requiring any ROOT permissions. The vulnerability, if exploited, allows for capture of data in clear text thereby leaving the information completely exposed. The researchers claim that they have tested multiple smartphones from different vendors before posting their claims. They have reported the vulnerability to Google and are awaiting the Android maker’s verdict on this."
Link to Original Source

+ - China gets government-backed operating system COS->

Submitted by hypnosec
hypnosec (2231454) writes "China has revealed its own government-backed mobile operating system dubbed China Operating System (COS) to rival the mobile OS from Google and Apple. Developed jointly by China's Institute of Software at the Chinese Academy of Sciences (ISCAS) and Shanghai Liantong Network Communications Technology, the COS is based on Linux and resembles Android to a great extent. The COS is said to support smartphones, tablets, desktop PCs as well as set-top boxes and comes with support for HTML5 apps. Unsurprisingly, the COS is not open source because of ‘safety concerns’."
Link to Original Source

When in doubt, mumble; when in trouble, delegate; when in charge, ponder. -- James H. Boren

Working...