Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - US Republican Senate Committee hacked

pdclarry writes: While all of the recent news has been about hacking the Democratic party, apparently the Republicans have also been hacked, over many months (since March 2016). This was not about politics, however; it was to steal credit card numbers. Brian Krebs reports that; "a report this past week out of The Netherlands suggests Russian hackers have for the past six months been siphoning credit card data from visitors to the Web storefront of the National Republican Senatorial Committee (NRSC)." "If you purchased a “Never Hillary” poster or donated funds to the NRSC through its Web site between March 2016 and the first week of this month [October 2016], there’s an excellent chance that your payment card data was siphoned by malware and is now for sale in the cybercrime underground." Krebs says his information comes from Dutch researcher Willem De Groot, co-founder and head of security at Dutch e-commerce site The Republicans were not alone; theirs was just one of 5,900 e-commerce sites hacked by the same Russian actors.

Comment Re: What a Surprise (Score 1) 63

No that's called farming STDs.
These kids got off so easy, they made 600k in 2 years so it isn't hard to see how they made that whimsy 10k bond. And 30 day ban from the net. Just LOLs for these kids, now they have more street cred.

They haven't gotten off. They were arrested, posted bail, and had restrictions placed on them including the 30 day ban, lifting their passports and house arrest, presumably pending the next court appearance. There's more to come.

Submission + - Alleged proprietors of "DDOS for hire" service vDOS arrested

pdclarry writes: Brian Krebs reports that the two youthful (18 YO) alleged proprietors of vDOS, the DDOS service that was reported in Slashdot September 9, have been arrested in Israel on a complaint from the FBI. They have been released on $10,000 bond each, their passports lifted, and they have been placed under house arrest, and banned from using the Internet for 30 days. They were probably identified through a massive hack of the vDOS database recently.

Krebs also reports that vDOS's DNS addresses were hijacked by the firm BankConnect Security to get out from under a sustained DDOS attack, and that his site, has been under a sustained DDOS attack since his last article was published, with the packets containing the string "godiefaggot". Those attacks continue, but, as he has been the target of many DDOS attacks in the past, he covered by a DDOS protection firm.

Submission + - Krebs: Israeli DDOS provider 'vDOS' Earned $600,000 in Two Years (

pdclarry writes: Brian Krebs ( writes that he has obtained the hacked database of an Israeli company that is responsible for most of the large-scale DDOS attacks over the past (at least) 4 years. The vDOS database, obtained by at the end of July 2016, points to two young men in Israel as the principle owners and masterminds of the attack service, with support services coming from several young hackers in the United States. Records before 2012 were not in the dump, but Krebs believes that the service has actually been operating for decades..

Submission + - Apples Fixes Three Zero Days Used in Government Targeted Attack

Trailrunner7 writes: Apple has patched three critical vulnerabilities in iOS that were identified when an attacker targeted a human rights activist in the UAE with an exploit chain that used the bugs to attempt to remotely jailbreak and infect his iPhone.

The vulnerabilities include two kernel flaws and one in WebKit and Apple released iOS 9.3.5 to fix them. The attack that set off the investigation into the vulnerabilities targeted Ahmed Mansoor, an activist living in the UAE. Earlier this month, he received a text message that included a link to what was supposedly new information on human rights abuses. Suspicious, Manor forwarded the link to researchers at the University of Toronto’s Citizen Lab, who recognized what they were looking at.

“On August 10 and 11, 2016, Mansoor received SMS text messages on his iPhone promising “new secrets” about detainees tortured in UAE jails if he clicked on an included link. Instead of clicking, Mansoor sent the messages to Citizen Lab researchers. We recognized the links as belonging to an exploit infrastructure connected to NSO Group, an Israel-based ‘cyber war’ company that sells Pegasus, a government-exclusive “lawful intercept” spyware product,” Citizen Lab said in a new report on the attack and iOS flaws.

Comment Re:What the frack (Score 1) 350

US Navy ships (and most commercial ships) have multiple backup systems. One is the shipboard inertial navigation system (SINS), which is entirely self contained once you tell it your current location. It is accurate enough to find Tokyo after leaving San Francisco if you lost GPS, LORAN and all other forms of electronic navigation. I recall reading that the current generation would be off by no more than a mile on this voyage. Since the 1940's there is the DRT (Ded Reckoning Tracer) [No, "ded" is not misspelled - it is a shortening of "deductive"]. This device was on US Navy ships during WW II; like SINS it needs a starting location, but it then monitors ship's motion to project the course on a chart. It is still carried as backup. The "ded reckoning" part is because it cannot account for currents, so errors will accumulate, and it needs to be recalibrated using either landmarks or celestial navigation. It also needs to be recalibrated when you go off the edge of the current map. There are also classified VLF systems, used mostly by submarines. The point is any military service needs multiple backups. In spite of sophisticated telephone and data systems on modern ships, they all still have point-to-point sound powered phones and voice tubes.

Comment Re:Dear Crystal author..... (Score 1) 229

I guess we will have to write apps that modify the userAgent string. I assume there is a way to do that in ios...I don't develop for ios since I am a cheap bastard who doesn't want to pay for their developer license and tools.

You can't modify the userAgent string in the built-in Safari. But there are several browser apps in the App Store that give you control over it. The only issue is that Safari is always the default browser if you click on a link in an app, email or text.

Slashdot Top Deals

Lavish spending can be disastrous. Don't buy any lavishes for a while.