Follow Slashdot stories on Twitter


Forgot your password?
Slashdot Deals: Deal of the Day - 6 month subscription of Pandora One at 46% off. ×

Submission + - GlassRAT Targets Chinese Nationals, Lurked for 3 Years Undetected (

chicksdaddy writes: RSA researchers issued a report today ( about a remote access trojan (or RAT) program dubbed “GlassRAT” that they are linking to sophisticated and targeted attacks on “Chinese nationals associated with large multinational corporations," The Security Ledger reports. (

Discovered by RSA in February of this year, GlassRAT was first created in 2012 and “appears to have operated, stealthily, for nearly 3 years in some environments,” in part with the help of a legitimate certificate from a prominent Chinese software publisher and signed by Symantec and Verisign, RSA reports.

The software is described as a “simple but capable RAT” that packs reverse shell features that allow attackers to remotely control infected computers as well as transfer files and list active processes. The dropper program associated with the file poses as the Adobe Flash player, and was named “Flash.exe” when it was first detected.

RSA discovered it on the PC of a Chinese national working for a large, U.S. multi-national corporation. RSA had been investigating suspicious network traffic on the enterprise network. RSA says telemetry data and anecdotal reports suggest that GlassRAT may principally be targeting Chinese nationals or other Chinese speakers, in China and elsewhere, since at least early 2013.

RSA said it has discovered links between GlassRAT and earlier malware families including Mirage, Magicfire and PlugX. Those applications have been linked to targeted campaigns against the Philippine military and the Mongolian government. (

Submission + - A Secretive Air Cargo Operation Is Running in Ohio, and Signs Point to Amazon (

citadrianne writes: In 2013, at the height of the holiday season, a surge of last minute Amazon orders and bad weather left many customers without gifts under the tree on Christmas day.

Amazon said the problem was not due to issues with its warehouses or staff, but failures on the part of UPS and other shipping partners. It apologized and reimbursed some customers with $20 gift cards, but the debacle underscored for Amazon the disadvantages of relying on third party shippers for its delivery process.

Since then, Amazon has been increasingly investing in its own alternatives, from contracting additional couriers to rolling out its own trucks in some cities.

The latest rumored venture into Amazon shipping has a name: Aerosmith.

An air cargo operation by that name launched in September of this year in Wilmington, Ohio on a trial basis. The operation is being run by the Ohio-based aviation holding company Air Transport Services Group, or ATSG, out of a state-of-the art facility. It's shipping consumer goods for a mysterious client that many believe to be Amazon.

Comment Re:They aren't really still blaming DPRK, are they (Score 1) 48

Let us not forget either, that it was hardly the only high-profile hack on Sony in recent years which showed them to be exhibiting signs of severe negligence with regards to network security basics.

Sony Pictures, Sony Computer Entertainment, and Sony Music are all completely separate companies. Maybe they all have shitty security- but none of the same people are involved.

Submission + - Fake Bomb Detector, Blamed for Hundreds of Deaths, Is Still in Use writes: Murtaza Hussain writes at The Intercept that although it remains in use at sensitive security areas throughout the world, the ADE 651 is a complete fraud and the ADE-651’s manufacturer sold it with the full knowledge that it was useless at detecting explosives. There are no batteries in the unit and it consists of a swivelling aerial mounted to a hinge on a hand-grip. The device contains nothing but the type of anti-theft tag used to prevent stealing in high street stores and critics have likened it to a glorified dowsing rod.

The story of how the ADE 651 came into use involves the 2003 U.S. invasion of Iraq. At the height of the conflict, as the new Iraqi government battled a wave of deadly car bombings, it purchased more than 7,000 ADE 651 units worth tens of millions of dollars in a desperate effort to stop the attacks. Not only did the units not help, the device actually heightened the bloodshed by creating “a false sense of security” that contributed to the deaths of hundreds of Iraqi civilians. A BBC investigation led to a subsequent export ban on the devices.

The device is once again back in the news as it was reportedly used for security screening at hotels in the Egyptian resort city of Sharm el-Sheikh where a Russian airliner that took off from that city’s airport was recently destroyed in a likely bombing attack by the militant Islamic State group. Speaking to The Independent about the hotel screening, the U.K. Foreign Office stated it would “continue to raise concerns” over the use of the ADE 651. James McCormick, the man responsible for the manufacture and sale of the ADE 651, received a 10-year prison sentence for his part in manufacture of the devices, sold to Iraq for $40,000 each. An employee of McCormick who later became a whistleblower said that after becoming concerned and questioning McCormick about the device, McCormick told him the ADE 651 “does exactly what it’s designed to. It makes money.”

Submission + - Anonymous Reportedly "RickRolling" Isis (

retroworks writes: According to a recent tweet from the #OpParis account, Anonymous are delivering on their threat to hack Isis [slashdot, and are now flooding all pro-Isis hastags with the grandfather of all 2007 memes — Rick Aston's "Never Gonna Give You Up" (1987) music video, aka “Rick Roll” meme. Whenever a targeted Isis account tries to spread a message, the topic will instead be flooded with countless videos of Rick Astley circa 1987.

Not all are praising Anonymous methods, however. While Metro UK reports that the attacks have been successful, finding and shutting down 5,500 Twitter accounts, the article also indicates that professional security agencies have seen sources they monitor shut down. Rick Aston drowns out intelligence as well as recruitment.

Submission + - How Close Are We To a Mission on Mars? (

destinyland writes: "NASA is developing the capabilities needed to send humans to an asteroid by 2025 and Mars in the 2030s," reads the official NASA web site. But National Geographic points out that "the details haven't been announced, in large part because such a massive, long-term spending project would require the unlikely support of several successive U.S. presidents." And yet on November 4th, NASA put out a call for astronaut applications "in anticipation of returning human spaceflight launches to American soil, and in preparation for the agency’s journey to Mars," and they're currently experimenting with growing food in space. And this week they not only ordered the first commercial mission to the International Space Station, but also quietly announced that they've now partnered with 22 private space companies.

Comment Re:This is great (Score 3, Interesting) 73

A similar idea is to use electric vehicles in people's garages to "time shift" demand. Nevada Power (and I'm sure others) offers a rate plan for EV owners where power is much cheaper after 11pm and more expensive in the afternoons. Cars can already be set to start to wait until a set time to begin charging.

Power companies spend a lot of money building "peaker" power plants that are only needed between 4pm and 7pm. Theoretically, when a power company hits its supply limit, it could put a call out to any EV currently plugged in saying "I'll pay 6 cents per kWh for what's in your battery". If they don't get as much power as they need, they would put out another request at 7 cents. If you paid 4 cents the previous night, that's a good deal for everyone. The car would be set up with rules about what price you want and how much power you're willing to part with.

Submission + - Tape Disintegration Threatens Historical Records, But Chemistry Can Help (

An anonymous reader writes: Modern storage methods are designed with longevity in mind. But we haven't always had the scientific knowledge or the foresight to do so. From the late 60s to the late 80s, much of the world's cultural history was recorded on magnetic tapes. Several decades on, those tapes are disintegrating, and we're faced with the permanent loss of that data. "The Cultural Heritage Index estimates that there are 46 million magnetic tapes in museums and archives in the U.S. alone—and about 40 percent of them are of unknown quality. (The remaining 60 percent are known to be either already disintegrated or in good enough condition to be played.)" Fortunately, researchers have worked out a method to determine which copies are recoverable. They "combined a laptop-sized infrared spectrometer with an algorithm that uses multivariate statistics to pick up patterns of all the absorption peaks." Here's the abstract from their research paper. "As the tapes go through the breakdown reaction, the chemical changes give off tiny signals in the form of compounds, which can be seen with infrared light—and when the patterns of reactions are analyzed with the model, it can predict which tapes are playable."

To do two things at once is to do neither. -- Publilius Syrus