Category Archives: business

SpaceX Raising $500 Million To Help Build Its ‘Starlink’ Satellite Broadband Network

According to the Wall Street Journal, SpaceX is raising a $500 million round of fundraising to help build its massive satellite internet project, called Starlink. "The new funding puts SpaceX's valuation at $30.5 billion," reports CNBC. "The report says the capital comes from existing shareholders as well as new investor Baillie Gifford, a Scottish investment firm." From the report: Starlink -- a name SpaceX filed to trademark last year -- is an ambition unmatched by any current satellite network. The company is attempting to build its own constellation of 4,425 broadband satellites, with another 7,518 satellites to come after. SpaceX will begin launching the constellation in 2019. The system will be operational once at least 800 satellites are deployed. Starlink would offer broadband speeds comparable to fiber optic networks.The satellites would provide direct-to-consumer wireless connections, rather the present system's redistribution of signals, transforming a traditionally high-cost, low reliability service.

Read more of this story at Slashdot.

Anti-AI activists and the death of the password: 5 cybersecurity trends for 2019 – IFSEC Global | Security and Fire News and Resources

ifsecglobal.com - Dr Nish regularly advises businesses and governments on cybersecurity and boasts experience both in investigating the technical side of attacks as well as their sociopolitical drivers. He recently pa…


Tweeted by @CYSPA_Alliance https://twitter.com/CYSPA_Alliance/status/1075091140649586688

‘Google Isn’t the Company That We Should Have Handed the Web Over To’

Iwastheone shares a report from Ars Technica's Peter Bright: With Microsoft's decision to end development of its own Web rendering engine and switch to Chromium, control over the Web has functionally been ceded to Google. That's a worrying turn of events, given the company's past behavior. Chrome itself has about 72 percent of the desktop-browser market share. Edge has about 4 percent. Opera, based on Chromium, has another 2 percent. The abandoned, no-longer-updated Internet Explorer has 5 percent, and Safari -- only available on macOS -- about 5 percent. When Microsoft's transition is complete, we're looking at a world where Chrome and Chrome-derivatives take about 80 percent of the market, with only Firefox, at 9 percent, actively maintained and available cross-platform. The mobile story has stronger representation from Safari, thanks to the iPhone, but overall tells a similar story. Chrome has 53 percent directly, plus another 6 percent from Samsung Internet, another 5 percent from Opera, and another 2 percent from Android browser. Safari has about 22 percent, with the Chinese UC Browser sitting at about 9 percent. That's two-thirds of the mobile market going to Chrome and Chrome derivatives. In terms of raw percentages, Google won't have quite as big a lock on the browser space as Microsoft did with Internet Explorer -- Internet Explorer 6 peaked at around 80 percent, and all versions of Internet Explorer together may have reached as high as 95 percent. But Google's reach is, in practice, much greater: not only is the Web a substantially more important place today than it was in the early 2000s, but also there's a whole new mobile Web that operates in addition to the desktop Web. Google has deployed proprietary technology and left the rest of the industry playing catch-up, writes Peter. The company has "tried to push the Web into a Google-controlled proprietary direction to improve the performance of Google's online services when used in conjunction with Google's browser, consolidating Google's market positioning and putting everyone else at a disadvantage." YouTube has been a particular source of problems. One example Peter provides has to do with a hidden, empty HTML element that was added to each YouTube video to disable Edge's hardware accelerated video decoding: "For no obvious reason, Google changed YouTube to add a hidden, empty HTML element that overlaid each video. This element disabled Edge's fastest, most efficient hardware accelerated video decoding. It hurt Edge's battery-life performance and took it below Chrome's. The change didn't improve Chrome's performance and didn't appear to serve any real purpose; it just hurt Edge, allowing Google to claim that Chrome's battery life was actually superior to Edge's. Microsoft asked Google if the company could remove the element, to no avail."

Read more of this story at Slashdot.

Paul Ferrillo on LinkedIn: “Since early 2018, FireEye (including our FireEye as a Service (FaaS), Mandiant Consulting, and iSIGHT Intelligence teams) has been tracking an ongoing wave of intrusions targeting engineering and maritime entities, especially those connected to South China Sea issues. The campaign is linked to a group of suspected Chinese cyber espionage actors we have tracked since 2013, dubbed TEMP.Periscope. The group has also been reported as “Leviathan” by other security firms. #maritime #cyber #hoodies”

linkedin.com - Since early 2018, FireEye (including our FireEye as a Service (FaaS), Mandiant Consulting, and iSIGHT Intelligence teams) has been tracking an ongoing wave of intrusions targeting engineering and mar…


Tweeted by @PaulFerrillo https://twitter.com/PaulFerrillo/status/1074816567861481472

Re-Evaluating Cyber Security for 2019

thecipherbrief.com - 2018 was a rough year for customers and companies impacted by cyber breaches. Businesses from Under Armour to Facebook to Marriott were targeted by hackers, leaving the data of hundreds of millions o…


Tweeted by @thecipherbrief https://twitter.com/thecipherbrief/status/1074750458588262401

Amazon Wants To Curb Selling ‘CRaP’ Items it Can’t Profit On, Like Bottled Water and Snacks: Report

Amazon is rethinking its strategy around some items it sells which it calls internally "Can't realize a profit" -- or "CRaP" for short, according to the Wall Street Journal. From the report: Inside Amazon, the items are known as CRaP, short for "Can't Realize a Profit." Think bottled beverages or snack foods [Editor's note: the link may be paywalled; alternative source]. The products tend to be priced at $15 or less, are sold directly by Amazon, and are heavy or bulky and therefore costly to ship -- characteristics that make for thin or nonexistent margins. Now, as Amazon focuses more on its bottom line in addition to its rapid growth, it is increasingly taking aim at CRaP products, according to major brand executives and people familiar with the company's thinking. In recent months, it has been eliminating unprofitable items and pressing manufacturers to change their packaging to better sell online, according to brands that sell on Amazon and consultants who work with them. One example: bottled water from Coca-Cola Co. Amazon used to have a $6.99 six-pack of Smartwater as the default order on some of its Dash buttons, a small device that allows for automatic reordering with a single press. But in August, after working with Coca-Cola to change how it ships and sells the water, Amazon notified Dash customers it was changing that default item to a 24-pack for $37.20.

Read more of this story at Slashdot.

Cyber Warfare Market Size will observe Substantial Growth by 2025; Leonardo SpA, Raytheon Company, DXC Technology Company, General Dynamics Corporation, Lockheed Martin Corporation, TRL Technology Ltd, IBM Corporation

linkewire.com - Global Info Reports render to you profound details in respect to leading participants, regions, application and type of the Cyber Warfare Market which is estimated to encounter substantial growth ove…


Tweeted by @linkewire https://twitter.com/linkewire/status/1074637634926985217

Threat Mitigation Technology Intelligence Services Market Sales, Segments and Sub-Segments, Competitive Landscape and Forecast 2018-2026 – Press Release – Digital Journal

digitaljournal.com - MarketResearchReports.biz announces the availability of a report on the evolving market of “Threat Mitigation Technology Intelligence Services Market - Global Industry Analysis, Size, Share, Growth, …


Tweeted by @KeoXes https://twitter.com/KeoXes/status/1074053768017272843

Threat Intelligence Market 2018-2023| Know about Top Players like iSIGHT Partners Inc., Symantec Corporation, Looking Glass, Inc., Dell EMC, VeriSign, Inc., Crowdstrike Inc., Alienvault, Inc., – County Telegram

countytelegram.com - Most of the industries that use threat intelligence are health services, manufacturing and financial services, since they are the most frequent targets of attacks. In addition, the most common type o…


Tweeted by @KeoXes https://twitter.com/KeoXes/status/1073958214620844032

T-Mobile, Sprint Merger Will Reportedly Be Cleared By US National Security Panel

According to CNBC, T-Mobile and Sprint are expecting their merger to be approved by a U.S. national security panel as early as next week, after their respective parent companies said they would consider dropping Huawei. From the report: U.S. government officials have been pressuring T-Mobile's German majority owner, Deutsche Telekom, to stop using Huawei equipment, the sources said, over concerns that Huawei is effectively controlled by the Chinese state and its network equipment may contain "back doors" that could enable cyber espionage, something which Huawei denies. That pressure is part of the national security review of T-Mobile's $26 billion deal to buy U.S. rival Sprint, the sources said. The Committee on Foreign Investment in the United States (CFIUS) has been conducting a national security review of the Sprint deal, which was announced in April. Negotiations between the two companies and the U.S. government have not been finalized and any deal could still fall through, the sources cautioned. Sprint's parent, SoftBank Group, plans to replace 4G network equipment from Huawei with hardware from Nokia and Ericsson, Nikkei reported on Thursday, without citing sources.

Read more of this story at Slashdot.

What Are Silicon Valley’s Highest-Paying Tech Jobs?

An anonymous reader writes: Job-search site Indeed crunched its Silicon Valley hiring numbers for 2018, looking at tech job searches, salaries, and employers, and found that engineers who combine tech skills with business skills as directors of product management earn the most, with an average salary of US $186,766. Last year, the gig came in as number two, at $173,556. Also climbing up the ranks, and now in the number two spot with an average annual salary of $181,100, is senior reliability engineer. Application security engineer is third at $173,903. Neither made the top 20 in 2017. And while it seems that machine learning engineers have been getting all the love in 2018, those jobs came in eighth place, at $159,230. That's still a bit of a leap from last year, when the job made its first appearance on Indeed's top 20 highest-paying jobs in the 13th spot at $149,519. This year's top 20 is below; last year's numbers are here. Further reading: 'Blockchain Developer' is the Fastest-Growing US Job (LinkedIn study).

Read more of this story at Slashdot.

In Booming Job Market, Workers Are ‘Ghosting’ Their Employers

A notorious millennial dating practice is starting to creep into the workplace: ghosting. Employers are noticing with increasing frequency that workers are leaving their jobs by simply not showing up and cutting off contact with their companies [Editor's note: the link may be paywalled; syndicated source]. From a report: "A number of contacts said that they had been 'ghosted,' a situation in which a worker stops coming to work without notice and then is impossible to contact," the Federal Reserve Bank of Chicago noted in December's Beige Book, which tracks employment trends. National data on economic "ghosting" is lacking. The term, which usually applies to dating, first surfaced in 2016 on Dictionary.com. But companies across the country say silent exits are on the rise. Analysts blame America's increasingly tight labor market. Job openings have surpassed the number of seekers for eight straight months, and the unemployment rate has clung to a 49-year low of 3.7 percent since September. Janitors, baristas, welders, accountants, engineers -- they're all in demand, said Michael Hicks, a labor economist at Ball State University in Indiana. More people may opt to skip tough conversations and slide right into the next thing.

Read more of this story at Slashdot.

Counter Terror & Public Safety Technology Market: Market Intelligence and Forecast – Transparency Journal

transparencyjournal.com - As traditional ways of developing law enforcement technologies become inadequate for dealing with the current strategic realities, several companies within and beyond the defence sector are partnerin…


Tweeted by @PubSafetyJobs https://twitter.com/PubSafetyJobs/status/1073618830717566976

How threat actors are using SMB vulnerabilities

Some of the most devastating ransomware and Trojan malware variants depend on vulnerabilities in the Windows Server Message Block (SMB) to propagate through an organization’s network. Windows SMB is a protocol used by PCs for file and printer sharing, as well as for access to remote services.

A patch was released by Microsoft for SMB vulnerabilities in March 2017, but many organizations and home users have still not applied it. So now, the unpatched systems allow threats that take advantage of these vulnerabilities inside, helping active malware campaigns spread like Californian wildfire.

SMB vulnerabilities have been so successful for threat actors that they’ve been used in some of the most visible ransomware outbreaks and sophisticated Trojan attacks of the last two years. In fact, our product telemetry has recorded 5,315 detections of Emotet and 6,222 of TrickBot in business networks—two Trojan variants that are using the SMB vulnerabilities—in the last 30 days alone.

What makes them so effective?

What makes some malware so widespread is the way in which it propagates. While massive spam campaigns only render a few victims that actually pay off, a worm-like infection that keeps spreading itself requires little effort for multiplying returns. And that’s exactly what the SMB vulnerabilities allow their payloads to do: spread laterally through connected systems.

For example, WannaCry ransomware (also known as WannaCrypt), which used one of the SMB vulnerabilities, was launched in May 2017, yet the infection continues to expand. Below is the graph that shows our telemetry for Ransom.WannaCrypt for the month of November 2018.

It’s been more than 1.5 years, and WannaCry continues to proliferate, thanks to the sheer number of unpatched machines connected to infected networks.

How did this come about?

At the moment, there are three exploits in the wild that use SMB vulnerabilities. These exploits have been dubbed EternalBlue (used by WannaCry and Emotet), EternalRomance (NotPetya, Bad Rabbit, and TrickBot), and EternalChampion. There is a fourth exploit called EternalSynergy, but we have only seen a Proof of Concept (PoC)—nothing has appeared yet in the wild.

All these exploits were leaked by the ShadowBrokers Group, who allegedly stole them from the NSA. Less then a month after ShadowBrokers published their “findings,” the first fully functional malware that used the EternalBlue exploit, WannaCry, was found in the wild.

Since then, multiple large-scale malware attacks have relied on the SMB vulnerabilities to penetrate organizations’ networks, including the NotPetya and Bad Rabbit ransomware campaigns in 2017, and now the Emotet and TrickBot Trojan attacks, which have been ongoing through the third and fourth quarter of 2018.

Let’s now take a closer, more technical look at each exploit and how they work.

EternalBlue

A bug in the process of converting File Extended Attributes (FEA) from OS2 structure to NT structure by the Windows SMB implementation can lead to a buffer overflow in the non-paged kernel pool. This non-paged pool consists of virtual memory addresses that are guaranteed to reside in physical memory for as long as the corresponding kernel objects are allocated.

A buffer overflow is a programming flaw that lets the data written to a reserved memory area (the buffer) go outside of bounds (overflow), allowing it to write data to adjacent memory locations. This means attackers are able to control the content of certain memory locations that they should not be able to access, which attackers then exploit to their advantage. In the case of EternalBlue, they are able to control the content of a heap that has execution permission, which leads to the Remote Code Execution (RCE) vulnerability, or the ability to execute commands on a target machine over the network.

EternalRomance

Eternal Romance is an RCE attack that exploits CVE-2017-0145 against the legacy SMBv1 file-sharing protocol. Please note that file sharing over SMB is normally used only on local networks, and the SMB ports are typically blocked from the Internet by a firewall. However, if an attacker has access to a vulnerable endpoint running SMB, the ability to run arbitrary code in kernel context from a remote location is a serious compromise.

At the core of this exploit is a type confusion vulnerability. Type confusion vulnerabilities are programming flaws that happen when a piece of code doesn’t verify the type of object that is passed to it before using it. Type confusion can allow an attacker to feed function pointers or data into the wrong piece of code. In some cases, this can lead to code execution.

In other cases, type confusion vulnerability leads to an arbitrary heap write, or heap spray. Heap spraying is a method typically used in exploits that places large amounts of code in a memory location that the attacker expects to be read. Usually, these bits of code point to the start of the actual code that the exploit wants to run in order to compromise the system that is under attack.

After the spray has finished, the exploit uses an info leak in a TRANS_PEEK_NMPIPE transaction. It uses the info leak to determine whether the target is running a 32- or 64-bit version of Windows and to get kernel pointers for various SMB objects.

EternalChampion

The issue exploited by EternalChampion is a race condition in how SMBv1 handles transactions. A race condition, or race hazard, is the behavior of a system where the output depends on the sequence or timing of other uncontrollable events. It becomes a bug when events do not happen in the order the programmer intended. Sometimes these bugs can be exploited when the outcome is predictable and works to the attackers’ advantage.

Meanwhile, a transaction is a type of request that can potentially span multiple packets. For example, if a request is too large to fit in a single server message block (SMB), a transaction of the appropriate size can be created, and this will store the data as it is received from multiple SMBs.

This vulnerability is exploited in two ways: first for an information leak, and second for remote code execution. The bug is first exploited to leak pool information via an out-of-bounds read. To do this, a single packet containing multiple SMBs is sent to the server. This packet contains three relevant pieces:

  • A primary transaction request that will immediately be executed.
  • A secondary transaction request that triggers the bug caused by the race condition.
  • Sets of primary transactions that heap spray the pool with the intention to place a transaction structure immediately behind the one that tracks the first primary transaction request.

First, a transaction is created that contains the shellcode. This does not start the exploit, it just contains the second stage payload. Next, a packet is sent that contains multiple SMBs. The packet contains all expected transaction data and immediately begins execution.

The secondary transaction handler copies the secondary transaction request’s data if it fits in the buffer. Except due to the race condition, the pointer now points to the stack of the primary transaction request handlers’ thread (as opposed to the expected pool buffer). This allows an attacker to write their data directly to the stack of another thread.

The attacker has control over the displacement, so they can choose the amount of data to copy and then copy it. This allows them to precisely overwrite a return address stored on the stack of the primary transaction request handler’s thread, and results in the ability for Remote Code Execution.

EternalSynergy

The Proof of Concept for EternalSynergy shows that incoming SMB messages are copied by an initial handler into the corresponding transaction buffer. But the handler automatically assumes that the provided address is the beginning of the buffer. However, during a write transaction, the same address is automatically assumed to be the end of the existing data, and the address pointing to the beginning of the buffer is updated accordingly.

This means that an attacker can construct a secondary message in the transaction to point beyond the start of the buffer, resulting in a buffer overflow during the copy action.

EternalRocks

Looking for information about these SMB exploits, you may also run into an exploit called EternalRocks. EternalRocks was not included in the ShadowBrokers release, but was instead constructed and discovered later. EternalRocks uses seven NSA tools where, for example, WannaCry only used two (EternalBlue and another called DoublePulsar).

Prevention and remediation

Despite the significant power SMB vulnerabilities afford to attackers, there is one simple remedy to prevent them from ever becoming problematic.

Patch your systems.

The Windows Operating Systems vulnerable to the attacks found in the wild all predate Windows 10. Most attacks work only on Windows 7 and earlier, and Microsoft released patches for the vulnerabilities that were leaked under the Microsoft Security Bulletin MS17-010. This leaves little-to-no reason for networks to be vulnerable to these attacks, yet the number of current victims is overwhelming.

By applying the patch released by Microsoft in 2017, all your eternal headaches can magically disappear. And for extra measure, we also recommend you patch and update all systems, browsers, and software as soon as possible to shore up any other potential vulnerabilities in the network.

In addition, many cybersecurity solutions, including Malwarebytes Endpoint Protection, offer innovative anti-exploit technology that can block threats such as EternalBlue from ever dropping their payloads and infecting systems.

For example, Malwarebytes’ anti-exploit module detected WannaCry as Ransom.WannaCrypt right from the start. Below, we created a heat map using our telemetry, showing where the infection started and how fast it spread across the globe.

It is for good reason that most cybersecurity guides advise users to patch quickly and keep systems updated. So many of the infections seen today could be avoided with consistent monitoring and basic computer maintenance. Unfortunately, a lot of businesses believe they do not have the time or manpower to follow this advice. But when companies leave their networks unprotected, they compromise the integrity of all of our online experiences—especially when SMB vulnerabilities allow infections to spread so quickly.

Don’t be one of those companies. Get protected and stay updated!

The post How threat actors are using SMB vulnerabilities appeared first on Malwarebytes Labs.

McAfee India Hosts NASSCOM’s ‘Cyber Security Gurukul’ – An Exclusive Initiative for Women Professionals

The Cyber Security Gurukul Series is an initiative by the ‘Women Wizards Rule Tech (W2RT)’, a unique program designed exclusively for Women professionals in Core Technologies by noted industry body NASSCOM. Focused specifically on the IT-ITES/BPM, Product and R&D Firms, the key aim of this initiative is to enable women with deeper knowledge various technologies and thereby nurture them as leaders for tomorrow. It is an initiative McAfee is proud to partake in, which is why on December 4th, McAfee India hosted close to 40 female professionals from many organizations, including McAfee, as a part of NASSCOM’s Cybersecurity Gurukul series.

The half a day session started with a keynote from Venkat Krishnapur, VP Engineering & Managing Director, McAfee India. Addressing the group on “Countering Emerging Threats by Building Security DNA of your Organization”, the session discussed how the exponential growth of connected devices over the past few years has made organizations and individuals prone to cyberattacks more than ever before. Venkat also covered other key topics, such as the increase in the number of cyberattacks, variety and evolution of malware, importance of cloud security in today’s day and age, and how security organizations such as McAfee invest in both technology and people

Following Venkat’s keynote session, Sandeep Kumar Singh, Security Researcher and SSA Lead, McAfee India, hosted a two-hour session for the attendees. The session touched upon various facets of “Introduction to Security Deployment Lifecycle” why it’s imperative for organizations to invest in SDL, the key ingredients of a successful security program, and a walkthrough of key SDL activities. Sandeep also spoke to the group about how choosing a career in cybersecurity will give them a competitive edge, as a shortage of professionals in this field remains a critical vulnerability for organizations and nations alike.

Overall, the event was quite the hit with attendees – as proven by demos, quizzes, and an interactive Q&A session. Sharing their feedback on the event , one of the participants said:

“The Cyber Security session which I attended today at McAfee India will go a long way in helping us enhance our knowledge and skills. The presentation given by Sandeep was excellent and the slides prepared by him were crisp and clear. We’d like to thank NASSCOM for arranging these sessions and we are looking for more such classroom sessions coming on our way.”

Sessions and programs such as these will go a long way in ensuring that organizations are helping pave way for women to enhance their skills, as well as give them an edge in their career development. McAfee is proud to play a role in influencing the overall India/APAC digital security ecosystem through it’s thought leadership.

The post McAfee India Hosts NASSCOM’s ‘Cyber Security Gurukul’ – An Exclusive Initiative for Women Professionals appeared first on McAfee Blogs.

Smart City ICT Infrastructure Market Outlook and Opportunities in Grooming Regions : Edition 2018-2025 – Journal of Industry

industryjournal24.com - Global Smart City ICT Infrastructure Market 2018 by Manufacturers, Regions, Type and Application, Forecast to 2025 This report tracks the major market events including product launches, development t…


Tweeted by @MinSongX https://twitter.com/MinSongX/status/1073289797354078215

The Painful, Costly Journey of Returned Goods — and How You End Up Purchasing Some of Them Again

Buyers return a huge number of packages they buy from Amazon and other e-commerce sites, so much so that retailers are sometimes left with little choice but to get rid of large swaths of inventory at a cost. Last year, customers in the U.S. returned about $351 billion worth of items that they had purchased from brick-and-mortar retailers and online stores, according to estimates by National Retail Federation. CNBC: There's a good chance that the $100 printer, the $300 wide-screen monitor, or the $170 router you recently bought from Amazon weren't supplied to the e-commerce giant by their original manufacturers. In fact, the order may have been fulfilled by someone like Casey Parris, who resells items that customers previously returned to retailers. Based in Florida, Parris spends about five hours each day visiting thrift stores and scanning auction and liquidation websites for interesting items, he told CNBC. Sometimes he finds auto parts, other times it's a pair of sneakers, and occasionally he purchases printer cartridges -- all with the goal of reselling them. Walter Blake, who lives in Michigan, does the same. For years, he's been selling electronic items on Amazon that he acquires from a network of places. Blake and Parris are part of a growing cottage industry where dealers acquire discarded items at very low prices, only to resell some of them back on Amazon and eBay at a premium.

Read more of this story at Slashdot.

Project to Watch: Sentinel Protocol

The creators of Sentinel Protocol set themselves the goal of overcoming the current disadvantages of decentralization in the field of cryptocurrency technologies, turning this ecosystem into a safe and protected environment from hacker threats. Using a collective intelligence system created by using decentralization, the project combines cryptographic functions and threat analysis algorithms based on artificial […]

The post Project to Watch: Sentinel Protocol appeared first on Hacked: Hacking Finance.

Compromising vital infrastructure: the power grid

Where were you when the lights went out? That line became famous after the 1977 blackout in New York City. This power outage was caused by lightning and lasted for up to two days, depending on which part of New York you lived in. While in this case the power grid failure was a freak incident due to faulty backup equipment, it is still famous for the havoc it wreaked throughout the city—including looting and arson—during a time when national morale was already low.

Now imagine something similar happening today. Would it result in the same criminal chaos? My guess is it would depend on the circumstances and how much time it takes to restore power. Let’s hope we never find out.

Power grid hardware

The underlying hardware of the power grid has gone through a lot of improvements since 1977. And so have backup systems and procedures.

In many countries, a power interruption that lasts longer than a given threshold gives the consumer the right to claim damages from the power company. These damages are to be paid by the electricity distributor. The amount of the customer compensation and the threshold can be vary from one country to another, but you can usually look them up on the website of your provider.

This is not to say that it’s impossible to do physical damage if an attacker is determined enough, as the 2013 sniper attack on a California energy grid substation demonstrated.

Recent regulations and improvements have made it rare to experience power outages of more than a few hours in the western world—unless there are special circumstances, such as natural disasters. Tornadoes, hurricanes, earthquakes, erupting volcanoes, flooding, and wildfires can cause power outages, which makes dealing with those disasters even more difficult. Any other power outages are usually restored quickly or covered by backup systems.

Malware

We are aware of several malware variants that are used against power supplies, and some of them can be held responsible for major power outages around the globe.

Stuxnet is a worm designed to spread through Windows systems and go after certain programmable controllers by seeking out the software related to these controllers. Stuxnet is believed to be specifically designed to destroy the Iranian nuclear program, but it can also be used to bring down power plants.

A group of hackers dubbed Sandworm and suspected to be based in Russia shut down the Ukrainian power grid in December 2015 using a malware called BlackEnergy. The malware opened a backdoor that allowed the attackers to control infected machines to a level where they were able to cross over into the operational network. Once there, they started to flip switches, disabling IT infrastructure and deleting files. Earlier in 2014, the US government reported that hackers had planted BlackEnergy on the networks of American power and water utilities, but nothing came of it.

If any countermeasures were taken in the Ukraine, they turned out to be insufficient or at least unable to withstand CrashOverRide. CrashOverRide, aka Industroyer, is an adaptable malware that can automate and orchestrate mass power outages. The power grid–sabotaging malware was likely the one they used in the December 2016 cyberattack against Ukrainian electric utility Ukrenergo. The CrashOverRide malware can control legacy electricity substations’ switches and circuit breakers, allowing an attacker to simply turn off power distribution, leading to cascading failures and causing more severe damage to equipment.

Dragonfly, aka Energetic Bear, is a malware campaign that uses a variety of infection vectors in an effort to gain access to a victim’s network, including malicious emails, watering hole attacks, and Trojanized software. Part of this campaign was a malicious email disguised as an invitation to a New Year’s Eve party to targets in the energy sector in December 2015.

Sandworm malware, discovered in 2014, uses a vulnerability to launch external files from a malicious Powerpoint file. In a Sandworm attack, the malicious Powerpoint file pulls in two files from a remote server that combine to deliver the malware payload. Sandworm has been used in targeted attacks against NATO, the European Union, and companies in the telecommunications and energy sectors.

Backup systems

It may seem obvious to point out that critical systems like hospitals should have independent emergency power backup systems. And most of them do. But are they tested regularly for functionality? Do they have enough supplies to last during a prolonged power outage? Is there an option to turn them on manually if they fail to kick in automatically? And is someone available on premise who knows how to do this?

Emergency power systems come in many shapes and sizes. Standby generators are probably the most well-known, and they rely on some kind of fuel to provide the emergency power. Batteries, for example, use stored power and release this power when it’s needed. But batteries are generally only a solution for hours rather than days, and they tend to lose some power even when they are not in use. It is imperative to find a backup solution that is robust enough to meet your needs in a worst-case scenario.

control room of a nuclear power plant

Energy sources

Theoretically, there are other ways to frustrate the power grid. For example, by cutting off the resources we use to run the power plant, such as coal, water, wind, solar, nuclear, and natural gas. This is a good reason to use a wide variety of resources, and another excellent reason to use renewable energy. There is also good reason why OPEC has a lot of influence in the world of today.

To show that hacking into power supplies is not entirely theoretical, we want to mention that Iranian hackers infiltrated the control system of a small dam less than 20 miles from New York City in 2013. Unfortunately, many power plants are still accessible from the Internet in unnecessary ways that endanger their cybersecurity.

Countermeasures

Criminals have tools at their disposal with the capability to cause serious damage to the power grid. Therefore, the power industry must take precautions and upgrade cybersecurity to keep their systems safe. And they should do more than just abide by the minimum-security standard. Power grid exploitation companies and their suppliers should have themselves tested on their ability to withstand cyberattacks on a regular basis.

This is especially true for nuclear power plants, where a loss of control can have more catastrophic consequences than just the loss of power output. Since 9/11, every company operating nuclear power plants has had an NRC-approved cybersecurity program in place, but cybersecurity was not such an issue when these plants were designed.

Besides cybersecurity, there are physical measures a government could enforce to improve the stability of a stressed power grid. As Joshua Pearce, a professor of electrical and computer engineering at Michigan Technological University, put it:

If we want to have a secure grid and go full throttle on renewable energy, what it means is we need to break up the grid into a bunch of microgrids that still act together as a full grid, so that we still have all the benefits that we have today with our giant centralized grid while still having the security.

In an attack, such a microgrid could be taken out without having an ill effect on all the other microgrids—which would make a successful attack less disastrous.

It would also stand to reason to take heed of the advice of Energy Secretary Rick Perry, who told lawmakers at an appropriations hearing that cyberattacks are literally happening hundreds of thousands of times a day. He warned that the Department of Energy needs an office of cybersecurity and emergency response in order to be prepared for threats like this in the future. And looking at what’s already taken place, plus what is vulnerable to attack: We have to agree.

The post Compromising vital infrastructure: the power grid appeared first on Malwarebytes Labs.

Soft skills still drive success in an increasingly data-driven world | Articles | Chief Human Resources Officer

channels.theinnovationenterprise.com - Data runs the modern enterprise – a trend we are only going to see grow exponentially. The digital economy is giving companies access to more information than ever before and simplifying the way busi…


Tweeted by @IE_RoyAsterley https://twitter.com/IE_RoyAsterley/status/1073225155948830720

Apple To Build $1B Austin Campus, Add Thousands of Jobs in US Expansion

Apple said Thursday it plans to invest $1 billion building a new corporate campus in Austin, Texas, that could eventually create 15,000 jobs. From a report: The iPhone maker will also set up new offices in Seattle, San Diego and Culver City, Los Angeles County, as well as expanding operations in Pittsburgh, New York and Boulder, Colorado, according to the press release. The Austin campus will be located less than a mile away from Apple's existing facilities in the Texas city, which already employ 6,200 people (its largest group of employees outside Cupertino). The new area will initially hold 5,000 employees, with capacity to grow to 15,000 over time.

Read more of this story at Slashdot.

Tesla Is Seeking $167 Million From Former Employee Accused of Sabotage

An anonymous reader quotes a report from CNBC: Tesla is seeking more than $167 million in a lawsuit against former employee Martin Tripp, recent legal filings revealed. In the lawsuit, which was filed by the electric car maker in June, Tesla alleges that Tripp, a former process engineer, had illegally exported data and made false claims to reporters, among other things. Tripp had earlier claimed in a number of press interviews that Tesla engaged in poor manufacturing practices at its massive battery plant outside of Reno, Nevada, and that it may have used damaged battery modules in its Model 3 vehicles, posing a risk to drivers. An interim case management report published on Nov. 27 reveals that Tripp's attorneys aim to depose Tesla CEO Elon Musk and more than 10 people involved with the company. Tesla has refused to make Musk available and sought to limit the number of people deposed by Tripp's defense team at the law firm Tiffany & Bosco. Tripp's lawyers wrote in that report: "Tesla has objected to Mr. Tripp's desire to take more than ten depositions... In this case, where Mr. Tripp is being sued for more than $167,000,000 and has asserted counterclaims against Tesla, more than ten depositions is certainly reasonable and appropriate." Tripp attorney Robert D. Mitchell said in an email to CNBC: "The purported damage amount claimed by Tesla relates to supposed dips in Tesla's stock price by virtue of the information Mr. Tripp provided to the press last summer." He characterized the damage claims as "absurd."

Read more of this story at Slashdot.

Augmented And Virtual Reality In Healthcare Market Report Disclosing Latest Trends and Clinical Advancement 2018 to 2025 – Journal of Industry

industryjournal24.com - Global Augmented And Virtual Reality In Healthcare Market 2018 by Manufacturers, Regions, Type and Application, Forecast to 2025 This report tracks the major market events including product launches,…


Tweeted by @cyberanimax https://twitter.com/cyberanimax/status/1073006287233957889

Criminals, Not State Actors, Target Russian Oil Company in 3-Year Cyber Attack

Security researchers have uncovered a three-year cyber attack on a Russian oil company that appeared at first glance to be state-sponsored, but later was found to be the work of cyber criminals seeking financial gain. The discovery is a cautionary tale for security experts not to be too rash when  when drawing conclusions about high-profile cyber...

Read the whole entry... »

Related Stories

Amazon Fires Employees Over Data Leak As It Fights Seller Scams, Report Says

After investigating claims that its employees are taking bribes to sell internal data to merchants to help them increase their sales on the site, Amazon has reportedly fired several employees involved in the scams. The Wall Street Journal reports that Amazon let go of several workers in the U.S. and India who allegedly inappropriately accessed company data that disreputable merchants had misused. The Hill reports: Amazon is focusing its internal bribery investigation on India, a person familiar with the effort told the paper. Some employees in India and China working as customer support have said that their access to an internal database that allows them to find data about specific product performance or trending keywords has been dramatically limited. Amazon has also deleted thousand of suspect reviews, restricted sellers' access to customer data on its platform, and quashed some methods to force the site to bring up certain products higher in search results, the people told the Journal. "We have strict policies and a Code of Business Conduct & Ethics in place for our employees. We implement sophisticated systems to restrict and audit access to information," the company wrote. "We hold our employees to a high ethical standard and anyone in violation of our Code faces discipline, including termination and potential legal and criminal penalties." "In addition, we have zero tolerance for abuse of our systems and if we find bad actors who have engaged in this behavior, we will take swift action against them, including terminating their selling accounts, deleting reviews, withholding funds, and taking legal action," Amazon added.

Read more of this story at Slashdot.

Facebook is Starting To Test Search Ads in its Search Results and Marketplace

It's an ad duopoly battle. From a report: Facebook is starting to test search ads in its search results and Marketplace, directly competing with Google's AdWords. Facebook first tried Sponsored Results back in 2012 but eventually shut down the product in 2013. Now it's going to let a small set of automotive, retail, and ecommerce industry advertisers show users ads on the search results page on mobile in the US and Canada. They'll be repurposed News Feed ads featuring a headline, image, copy text, and a link in the static image or carousel format that can point users to external websites. Facebook declined to share screenshots as it says the exact design is still evolving. Facebook may expand search ads to more countries based on the test's performance.

Read more of this story at Slashdot.

Trump administration to condemn China over hacking and economic espionage, escalating tensions between superpowers

washingtonpost.com - By Ellen Nakashima and Ellen Nakashima National security reporter Email Bio Follow David J. Lynch David J. Lynch Financial writer covering trade and globalization Email Bio Follow December 11 at 11:3…


Tweeted by @sam_vinograd https://twitter.com/sam_vinograd/status/1072543549089112064

Data scraping treasure trove found in the wild

We bring word of yet more data exposure, in the form of “nonsensitive” data scraping to the tune of 66m records across 3 large databases. The information was apparently scraped from various sources and left to gather dust, for anyone lucky enough to stumble upon it.

What is data scraping?

The gathering of information from websites either by manual means, which isn’t time optimal, or by automated processes such as dedicated programs or bots. Often, this data scraping is for nefarious purposes and can be used for marketing or simply threatening behaviour. It also typically relies on the person being scraped to have provided much of the grabbable data upfront. It’s frowned upon, but it’s often unclear where things stand legally.

Scrape all the things

Three large databases were found by security researchers, containing a combined tally of 66,147,856 unique records. At least one instance was exposed due to a lack of authentication. The records are very business-centric, with one (for example) containing full name, email, listed location, employment history, and skills. This sounds very much like the information you see on a public facing Linkedin profile. Indeed, many people have said they received breach notifications to their Linkedin specific mail, and there’s some mention of Github too.

Elsewhere, some 22 million records were found on the second server. This related to job search aggregation data, and this included IP, name, email, and potential job locations. Number 3 sang to the tune of 48 million records, and also sounds like a generic business-centric dump. Name, phone, employer, and so on.

Is the threat serious?

The information collected isn’t exactly a red hot dump of personal information, but it’s certainly useful for phishing attempts. It could also prove useful to anyone wanting a ready made marketing list. The big problem is that even if the ones doing the data scraping had no harmful intentions, that may not apply to anybody finding the treasure trove.

Given how this information was stumbled upon in the first place, there’s no real way to know how many bad actors got their hands on it first.

How can I reduce the scraping risk?

Well, that’s a good question. Given that the data was (mostly) freely given online in terms of the Linkedin profile information, it’s all about personal choice. Take a look at your Linkedin right now. Are you happy with what’s on display? Have you hidden any of it? Perhaps it’s a good idea to remove older roles, or jobs of a sensitive nature. Maybe that phone number doesn’t need to be so prominent. How about location, does it have to be so precise? Or would a broader area suffice?

Unfortunately, many people don’t consider the information they place online to be harmful, until it suddenly is. By the time it’s been scraped, plundered, and jammed into a larger database, it’s already too late to do anything about it.

The only real solution is to control every last aspect of what you’re happy to place in front of everybody else, which for most people involves having to dredge up a list of sites and accounts then start stripping things out. That’s fine; it’s never too late to start pulling things offline that don’t need to be there.

Next steps for anyone affected?

Given the very prominent business angle to this one, it’d be wise to consider who may look to take advantage of it. Alongside the previously mentioned phishers, this is the kind of thing someone could use alongside the offer of fake jobs. If you want to become a money mule, this could definitely be the “perfect” lead in!

A common destination for business-centric grab bags such as this one are unremarkable job search sites. Be on the look out for a flood of poor quality job offer spam. Be especially wary if they come bearing gifts of paid membership, as nobody should pay someone grabbing your data free of charge then using it to spam them with nonsense.

Ah yes, spam.

Scraped email lists will inevitably be harvested, readjust quality filters if needed. The good news is, most email offerings do a pretty good job of keeping your mailbox clean.

Almost all of us will end up in a data dump at some point. Whether scraped or hacked, being cautious around strange phonecalls and peculiar emails will go a long way towards minimising any further potential harm.

The post Data scraping treasure trove found in the wild appeared first on Malwarebytes Labs.

What it’s Like To Work in the Biggest Building in the World

To build a fleet of giant airliners requires a building just as big. Boeing's Everett Factory, built to construct the famous 747, is the biggest enclosed structure in the world. BBC Future: When you're building some of the world's biggest airliners, you need an equally outsized building. When Boeing decided to build the 747 -- a plane so big it would become known around the world as the jumbo jet -- they had to build a factory large enough to build several of them at the same time. If you've ever seen a 747 from close quarters you'll know just how giant Boeing's jumbo is. So it's no surprise the factory which ended up building has to be very big indeed. How big? Try the biggest enclosed building in the world. Boeing started work on the Everett factory in 1967, just as the Boeing 747 project was starting to gather pace. Bill Allen, Boeing's charismatic chief, had realised the company would need a huge amount of space if they were going to build an airliner big enough to carry 400 passengers. They chose an area of woodland some 22 miles (35km) north of Seattle, near an airport that had served as a fighter base during World War Two. [...] Today, the Everett factory easily dwarfs any other building in the world by volume, with the Guinness Book of Records reporting that it occupies 72 million cubic feet (13.3 million cubic metres). [...] Each shift has as many as 10,000 workers, and there are three shifts each day. Over the course of 24 hours, the factory has a population only a little less than the Australian city of Alice Springs. Reese has worked for Boeing for 38 years -- 11 of them running the factory tours -- but says he can still remember his first impression of the factory. "It was very awe-inspiring the first time -- and I would have to say every day since, too. It changes constantly. Each day there's something new." The Everett factory is so big that there's a fleet of some 1,300 bicycles on hand to help cut travel time. It has its own fire station and medical services on station, and an array of cafes and restaurants to feed the thousands of workers.

Read more of this story at Slashdot.

U.S. Charges Five Chinese Military Hackers for Cyber Espionage Against U.S. Corporations and a Labor Organization for Commercial Advantage

justice.gov - A grand jury in the Western District of Pennsylvania (WDPA) indicted five Chinese military hackers for computer hacking, economic espionage and other offenses directed at six American victims in the …


Tweeted by @bonaponta https://twitter.com/bonaponta/status/1072494460687257600

31 Tech Predictions for 2019

inc.com - Predicting the future is hardly an exact science, but when you watch an industry closely it is possible to identify trends and chart a course for where things are likely headed. Here are predictions …


Tweeted by @CharlotteSweene https://twitter.com/CharlotteSweene/status/1072488737043562501

Spafax CEO predicts 2019 will be the year of cyber warfare and military resources are likely to be deployed – IT Supply Chain

itsupplychain.com - Niall McBain, CEO of leading in-flight entertainment and passenger engagement company, Spafax, is predicting that the misuse of technology could take a dark turn in 2019, and is warning business lead…


Tweeted by @IT_SupplyChain https://twitter.com/IT_SupplyChain/status/1072450819654594560

Contact Center Outsourcing Market Growing Trends, Insights and Future Scope 2018 to 2025 – Journal of Industry

industryjournal24.com - The market report is well designed to provide an all-inclusive field of vision about the Global Contact Center Outsourcing Market in terms of various factors, such as recent trends, competitive lands…


Tweeted by @performatel https://twitter.com/performatel/status/1072403412376002562

Samsung Embarrassingly Partners With Fake Supreme

An anonymous reader quotes a report from Droid Life: Samsung was doing its song and dance in China today at an event where they announced the Galaxy A8s, their first phone equipped with an Infinity-O display, only to pause midway to announce a new partnership. Samsung claimed to be partnering with iconic streetwear brand Supreme. They invited a couple of gentlemen on stage to talk about the deal, including plans for Supreme to enter China next year with a big flagship store. The thing is, those dudes don't work for Supreme and Supreme has no presence in China, nor do they plan to head there next year. Samsung appears to have been duped by a fake Supreme company or just doesn't care that anyone who pays attention to fashion will mock them for decades to come over this partnership. The Supreme that Samsung is partnering with is actually called Supreme Italia, which is a fake Supreme brand that is able to sell fake Supreme gear, thanks to some weird legal loophole or decision in Italy. They have no affiliation with the real Supreme. They are counterfeiters. As for the Galaxy A8, it too hasn't been very well received. Not only is it the first Samsung phone without a headphone jack, but it has a laser-drilled hole in the display for the front-facing camera sensor. It's not quite as obstructive as the iPhone X notch, but it still leaves a noticeable hole in the top left corner of the display.

Read more of this story at Slashdot.

Walmart Is Reportedly Testing a Burger-Flipping Robot

Flippy, a burger-flipping robot that's been trialed in a number of restaurants this year, is coming to Walmart's headquarters in Bentonville, Arkansas, to see whether or not it's the right fit for its in-store delis. Yahoo News reports: Flippy is the world's first autonomous robotic kitchen assistant powered by artificial intelligence from Miso Robotics, a two-year-old startup. Flippy got a gig at Dodger Stadium in Los Angeles with vending food service company Levy Restaurants, part of Compass Group, to fry up chicken tenders and tater tots. Through the World Series, Flippy churned out 17,000 pounds worth of the fried foods. It's able to fry up to eight baskets of food simultaneously. "Walmart saw what we were doing and said, 'Could you bring Flippy from Dodgers Stadium to our Culinary Institute?'" Miso Robotics CEO David Zito told Yahoo Finance. In practice, a Walmart associate would place a frozen product on the rack. Using visual recognition technology, Flippy identifies the food in the basket and sets it in the cooking oil. The machine then "agitates" the basket by shaking it to make sure the product cooks evenly. When the food is finished cooking, Flippy moves the basket to the drip rack. An associate then tests the food's internal temperature. A few minutes later, the associate can season the food before it hits the hot display case. The reason Walmart is looking at the robot is so it can do some of the more mundane and repetitive tasks at the deli. The robot is supposed to serve as an "extra set of hands," letting the associate spend less time putting potato wedges and chicken tenders in fryers and more time on other services like taking customer orders and prepping other foods.

Read more of this story at Slashdot.

GoPro To Move US-Bound Camera Production Out of China

In an effort to counter the potential impact from new tariffs, GoPro is moving most of its U.S.-bound camera production out of China by the summer of 2019. The company said international-bound camera production will remain in China. Reuters reports: The company had previously said it was being "very proactive" about the situation regarding tariffs as U.S. and China ramped up its bitter trade war, in which both nations have imposed tariffs on hundreds of billions of dollars of each other's imports. "It's important to note that we own our own production equipment while our manufacturing partner provides the facilities, so we expect to make this move at a relatively low cost," said Chief Financial Officer Brian McGee. In the company's earnings call in November, GoPro said it had the option to move U.S.-bound production out of China in the first half of 2019, if necessary.

Read more of this story at Slashdot.

Threat Intelligence Security Market : Global Size, Share, Challenges and Impediments Forecast, 2016-2024 – MRS Research Blog

mrsresearchblog.com - A fundamental outline is presented by the “Threat Intelligence Security Market: Global Industry Analysis, Size, Share, Growth, Trends, and Forecasts 2016–2024” report that entails definitions, classi…


Tweeted by @KeoXes https://twitter.com/KeoXes/status/1072231565860761600

What is the Future of Office Spaces?

An anonymous reader shares a World Economic Forum report: A lot of us spend long stretches in the office, but outdated design could be damaging our wellbeing and mental health. What's more, it's killing our productivity. One study found that office workers spend more time sitting than pensioners, which increases the risk of cardiovascular disease, type II diabetes and even cancer. That's why forward-looking designers are finding ways to build spaces that heal rather than hurt us. Going beyond the already ubiquitous standing desks and social "breakout sofas," the office of the future is healthy, harmonious and happy. Here's how it's beginning to take shape.

Read more of this story at Slashdot.

Start-Ups Aren’t Cool Anymore

A lack of personal savings, competition from abroad, and the threat of another economic downturn make it harder for Millennials to thrive as entrepreneurs. From a story: Research suggests entrepreneurial activity has declined among Millennials. The share of people under 30 who own a business has fallen to almost a quarter-century low, according to a 2015 Wall Street Journal analysis of Federal Reserve data. A survey of 1,200 Millennials conducted in 2016 by the Economic Innovation Group found that more Millennials believed they could have a successful career by staying at one company and attempting to climb the ladder than by founding a new one. Two years ago, EIG's president and co-founder, John Lettieri, testified before the U.S. Senate, "Millennials are on track to be the least entrepreneurial generation in recent history." Some of the reasons have been well-documented. The romantic view of entrepreneurship involves angel investors and venture capital funds, but in fact, the ordinary entrepreneur is more likely to fund a start-up using personal savings -- something underemployed Millennials simply could not build as they entered the workforce during or in the immediate wake of the Great Recession. Funding from friends and family is the next most common source, but this personal network could not help much during the most recent economic downturn, when so much home equity was underwater. Student debt worsened the underlying economic problems. According to a report by the Federal Reserve Bank of New York, between 2004 and 2014, the number of student borrowers rose by 89 percent. Lately, though, it seems that even those who might typically have access to other forms of funding, like venture capital, are having a hard time getting investors' attention. As Matt Krisiloff, a former director at the Y Combinator start-up accelerator in Silicon Valley, tweeted, "Start-ups are a lot less cool than they used to be." Michael Sadler, an economist at the University of Texas at Austin, is concerned about the rising concentration of start-up investment in just a few super-performing regions such as Austin, New York, and Silicon Valley. As with American politics, it appears the geography of U.S. venture capital and economic growth has become increasingly polarized.

Read more of this story at Slashdot.

Artificial Intelligence in Security Market Predicted to Witness Steady Growth during 2018 – 2022 by profiling companies Samsung Electronics, Securonix, Sentinelone, Skycure, Sparkcognition, Amazon, Antivirus Companies, Argus Cyber Security. – openPR

openpr.com - 12-10-2018 05:58 PM CET - IT, New Media & Software Print Artificial Intelligence in Security Market Predicted to Witness Steady Growth during 2018 – 2022 by profiling companies Samsung Electronics, S…


Tweeted by @Sec_Cyber https://twitter.com/Sec_Cyber/status/1072179765384241155

Qualcomm Says It Won Case Banning Sale of Older iPhones in China

Qualcomm says it has won a ruling in China against Apple that bans the sale of some iPhone models in that country. From a report: The Fuzhou Intermediate People's Court ruled that Apple is infringing two Qualcomm patents and issued injunctions against the sale of the iPhone 6S, iPhone 6S Plus, iPhone 7, iPhone 7 Plus, iPhone 8, iPhone 8 Plus and iPhone X, the San Diego, California-based chipmaker said in a statement Monday. The most recent models introduced in September, the iPhone XS, XR and XS Max, are not covered by the ban.

Read more of this story at Slashdot.

Hackers on the Naughty, Nice, and Somewhere In-Between List

When we think of cyberattacks, we often first think of a black hat hacker furiously writing code behind a computer screen, executing the right combination in order to wreak havoc on innocent devices. In tandem with these cybercriminals are the white hat hackers sworn to protect users’ devices from the very threats enacted by black hats. We all know about the protection and perils that emerge from the efforts of these two groups, but what about the gray hats who walk the fine line between the two? What about those who aren’t on the naughty or nice list, but instead lie somewhere in-between?

Defining the Gray Hat

According to Tech Target, a gray hat hacker is someone who “exploits a security weakness in a computer system or product in order to bring the weakness to the attention of the owners.” Though black hats take similar action, they do so with malicious intent, whereas a gray hat actor’s goal is to improve system and network security. A white hat, conversely, will responsibly disclose the vulnerability to the affected company before taking any action on individual devices or systems.

In fact, a gray hat hacker recently came out of the woodwork to enact such a hack. The hacker broke into people’s MikroTik routers and patched devices, so they can’t be abused by cryptojackers and cybercriminals. According to ZDNet, he “has not been trying to hide his actions and has boasted about his hobby on a Russian blogging platform. He says he accesses routers and makes changes to their settings to prevent further abuse.”

Good Intentions, Bad Side Effects

But therein lies the issue – the abrupt exploitation of a vulnerability, even if for well-intentioned purposes, can still have a negative impact. By exploiting and publicizing these vulnerabilities, these gray hat hackers are drawing them to the attention of hackers with malicious intent. These black hats can use the knowledge of this vulnerability to enact actual schemes, collect user data, and even commit fraud.

There have even been “humorous” hacks that have begun with light-hearted intentions and ended in serious consequences. Just take Samy Kamkar’s MySpace Hack in 2005 for example. The gray hat hacker similar created a workaround so that when someone visited his profile, they would be automatically made his friend on the platform. And, of course, the bottom of their profile would now say “Samy is my hero.” But the results of the hack were not humorous at all, as it was the fastest-spreading computer worm at that period of time. Plus, it crashed MySpace. Fast forward to present day and Kamkar, similar to other gray hat hackers, now hacks into cars to prove a point.

Sifting Through Shades of Gray

When it comes to black hat attacks, the answer is clear – stop their schemes, no matter what. But with gray hats, the security community is faced with a conundrum. Do you stop or punish those that act illegally out of good will, whose actions can potentially render unforeseen consequences? Are these “ethical” hackers really making the internet a safer place?

Our recommendation: if you’re a hacker, think about the consequences behind a hack before you do it. Ask yourself, will this ultimately do more harm than good? How will this really impact users? From there, remember its always best to remain on the side of the law. A lot of good can be done and still be legally compliant. Besides, the cybersecurity industry is always looking for more valuable talent to join the white hat ranks.

To learn more about black, white, and gray hat hackers, be sure to follow us at @McAfee and @McAfee_Business.

 

 

The post Hackers on the Naughty, Nice, and Somewhere In-Between List appeared first on McAfee Blogs.

Apple Store Employees Aren’t Allowed To Say ‘Crash’, ‘Bug’, or ‘Problem’

Long-time Slashdot reader mspohr shares a Guardian article which argues that Apple Store employees "are underpaid, overhyped and characters in a well-managed fiction story" who "use emotional guile to sell products": When customers run into trouble with their products, geniuses are encouraged to sympathize, but only by apologizing that customers feel bad, lest they implicate Apple's products as the source of the trouble. In this gas-lit performance of a "problem free" brand philosophy, many words are actually verboten for staff. Do not use words like crash, hang, bug, or problem, employees are told. Instead say does not respond, stops responding, condition, issue, or situation. Avoid saying incompatible; instead use does not work with. Staff have reported the absurdist dialogues that can result, like when they are not allowed to tell customers that they cannot help even in the most hopeless cases, leading customers into circular conversations with employees able neither to help nor to refuse to do so.... [I]n a move so ridiculous it's almost certain to be a hit, the Genius Bar has been rebranded the "Genius Grove". Windows are opened to blur the distinction between inside and outside, and the stores are promoted as quasi-public spaces. "We actually don't call them stores any more," the new head of retail at Apple, former Burberry executive Angela Ahrendts (2017 salary: $24,216,072), recently told the press. "We call them town squares." The article argues that since there launch in 2001, Apple Stores "have raked in more money -- in total and per square foot -- than any other retailer on the planet, transforming Apple into the world's richest company in the process." But it also complains that Apple's wealth "flows from the privatization of publicly funded research, mixed with the ability to command the low-wage labor of our Chinese peers, sold by empathetic retailers forbidden from saying 'crash'."

Read more of this story at Slashdot.

Massive Telecom Outage In 12 Countries Caused By Ericsson Fail, Not Cyber Attack: But study and consider impact – Threat Brief

threatbrief.com - Massive telecom outages hit customers in 11 nations, with some of the worst impact reportedly in Japan. All indications this huge outage was NOT cyberwar, but studying this glitch may inform how nati…


Tweeted by @TheCyberThreat https://twitter.com/TheCyberThreat/status/1071506271071801344

12,000 Uber Drivers Claim Uber Is Now Failing To Pay Arbitration Fees

Uber's terms of service prohibit its drivers from joining class action lawsuits, Gizmodo writes, adding that over 12,000 drivers have now "found a way to weaponize the ridesharing platform's restrictive contract in what's possibly the funniest labor strategy of the year." An anonymous reader summarizes their report: Uber's contract requires that all driver lawsuits be arbitrated (instead of argued in open court), but "While arbitrating parties are responsible for paying for their own attorneys, the terms state that 'in all cases where required by law, [Uber] will pay the Arbitrator's and arbitration fees'... A group of 12,501 drivers opted to take Uber at its word, individually bringing their cases up for arbitration, overwhelming the infrastructure...." (Gizmodo calls it Uber's arbitration policy "coming back to bite it in the ass.") A petition in California's Northern District Court points out that Uber now is apparently overwhelmed. "Of those 12,501 demands, in only 296 has Uber paid the initiating filing fees necessary for an arbitration to commence [...] only 47 have appointed arbitrators, and [...] in only six instances has Uber paid the retainer fee of the arbitrator to allow the arbitration to move forward." The drivers' lawyers are now complaining that Uber's delinquincies "make clear it does not actually support arbitration; rather, it supports avoiding any method of dispute resolution, no matter the venue... At this point, it is fair to ask whether Uber's previous statements to the 9th Circuit about its desire to facilitate arbitration with its drivers were nothing more than empty promises to avoid litigating a class action."

Read more of this story at Slashdot.

4 Hybrid Tech Jobs on the Rise

aitp.org - Traditional IT roles like network engineer and software developer aren’t the only tech jobs available these days. In fact, more and more, hybrid positions that require a combination of IT skills such…


Tweeted by @CompTIA https://twitter.com/CompTIA/status/1071432216830341120

Sascha-Dominik Dov Bachmann on LinkedIn: “#research #usa #media #strategy #security #leadership John Spencer a question of threshold and modus – in terms of conventional warfare we are not at war in terms of cyber we are as well as in terms of hybrid if there was such a modus sui generis.”

linkedin.com - #research #usa #media #strategy #security #leadership John Spencer a question of threshold and modus - in terms of conventional warfare we are not at war in terms of cyber we are as well as in terms …


Tweeted by @SdBachman https://twitter.com/SdBachman/status/1071338847362007041

Amazon Targets Airports For Checkout-Free Store Expansion

An anonymous reader quotes a report from Reuters: Amazon is looking at bringing its futuristic checkout-free store format to airports in an effort to win business from hungry, time-pressed travelers, according to public records and a person familiar with the strategy. For months, the world's largest online retailer has been expanding Amazon Go, where customers scan their smartphones at a turnstile to enter, and then cameras identify what they take from the shelves. When shoppers are finished, they simply leave the store and Amazon bills their credit cards on file. Amazon is evaluating top U.S. airports for new locations, according to public records requests to several airport operators.

Read more of this story at Slashdot.

‘Send Noncompete Agreements Back To the Middle Ages’

Stephen Mihm, Bloomberg contributor and associate professor of history at the University of Georgia, argues against the use of noncompete agreements (NCAs) because they limit the free flow of employees and discourage innovation. An anonymous Slashdot reader shares an excerpt from his report: The agreements, known as NCAs, forbid workers from taking valuable skills acquired from one employer to a competing firm. They first appeared in the Middle Ages, when master artisans required them of apprentices because they didn't want to face direct competition once their proteges set up shop on their own. Courts eventually sanctioned these restraints, provided they didn't harm the public interest, establish a monopoly or unduly restrain an employee's right to work. But this trend toward wider use of the contracts, which gathered steam from the late 18th century onward, conveniently omitted that they originally applied to skilled laborers operating in a pre-capitalist society. Yet employers increasingly used noncompete clauses to limit the mobility of unskilled wage laborers along with skilled workers. Have NCAs helped or hindered economic growth? The most famous study looked at California, one of only a handful of states that do not permit NCAs. The de facto prohibition of the agreements affected skilled and non-skilled workers alike, and employees high and low could jump from job to job without any fear of legal reprisal. The mobility seems to have disseminated innovation very swiftly from company to company, creating the kind of dynamism and technological spillover that helps foster long-term success. The prohibition of NCAs clearly benefited Silicon Valley. Further proof was provided by the comparison to another claimant to high-tech supremacy: Route 128 in Massachusetts. The conclusion was that California's ban -- and the embrace of the agreements in Massachusetts -- helped tilt the balance of power to California.

Read more of this story at Slashdot.

After 23 Years, IBM Sells Off Lotus Notes

"IBM has agreed to sell select software products to HCL Technologies," writes Slashdot reader virtig01. "Included among these is everyone's favorite email and calendaring tool, Lotus Notes and Domino." TechCrunch reports: IBM paid $3.5 billion for Lotus back in the day. The big pieces here are Lotus Notes, Domino and Portal. These were a big part of IBM's enterprise business for a long time, but last year Big Blue began to pull away, selling the development part to HCL, while maintaining control of sales and marketing. This announcement marks the end of the line for IBM involvement. With the development of the platform out of its control, and in need of cash after spending $34 billion for Red Hat, perhaps IBM simply decided it no longer made sense to keep any part of this in-house. As for HCL, it sees an opportunity to continue to build the Notes/Domino business. "The large-scale deployments of these products provide us with a great opportunity to reach and serve thousands of global enterprises across a wide range of industries and markets," C Vijayakumar, president and CEO at HCL Technologies, said in a statement announcing the deal.

Read more of this story at Slashdot.

No, we are not spending “as much on our military as all other countries combined” – and other facts about the defense budget you should know

sites.duke.edu - Apparently, some politicians have a hard time understanding the defense budget and its context. A little background: on June 22nd the local news reported that “Durham County’s Fraternal Order of Poli…


Tweeted by @CarriesGatos https://twitter.com/CarriesGatos/status/1071132895505457152

Role of the Policy Analyst

flatcanadian.blogspot.com - After spending three months researching and preparing for a Minister’s briefing, writing more than twenty versions of the approximately twelve different documents (with a combined word count of more …


Tweeted by @flatcanadian https://twitter.com/flatcanadian/status/1071093384020979713

The FTC’s Top Consumer Protection Official Can’t Go After Facebook — or 100 Other Companies

The Federal Trade Commission's top consumer protection official is prohibited from handling the cases involving 120 different companies, including Facebook, Twitter, Microsoft, and Uber, according to financial disclosure documents published by Public Citizen this week. From a report: Andrew Smith, who heads the FTCs Consumer Protection Bureau, would be in charge of handling investigations into some of the country's largest companies and any consumer protection violations that may occur. But due to his conflicts of interest, Smith is barred from participating in any investigations involving the companies he previously provided legal services for. "It's a big world out there, and the FTC has very broad jurisdictions," Smith said to The Verge. "There are plenty of investigations that I'm involved in." Smith was approved by a 3-2 Republican majority in May.

Read more of this story at Slashdot.

Contact

arakyta.com - 1447 Summit Street Toledo, Ohio 43604 This field is for validation purposes and should be left unchanged.


Tweeted by @arakyta https://twitter.com/arakyta/status/1071069352991051777

Your Apple Products Are Getting More Expensive. Here’s How They Get Away With It.

An anonymous reader shares a report: Apple has never made cheap stuff. But this fall many of its prices increased 20 percent or more. The MacBook Air went from $1,000 to $1,200. A Mac Mini leaped from $500 to $800. It felt as though the value proposition that has made Apple products no-brainers might unravel. For some perspective, we charted out the past few years of prices on a few iconic Apple products. Then we compared them with other brands and some proprietary data about Americans' phone purchase habits from mobile analytics firm BayStreet Research. What we learned: Being loyal to Apple is getting expensive. Many Apple product prices are rising faster than inflation -- faster, even, than the price of prescription drugs or going to college. Yet when Apple offers cheaper options for its most important product, the iPhone, Americans tend to take the more expensive choice. So while Apple isn't charging all customers more, it's definitely extracting more money from frequent upgraders. [...] Apple says prices go up because it introduces new technologies such as Face ID and invests in making products that last a long time. Yet it has clearly been feeling price discomfort from some quarters. This week, amid reports of lagging sales that took its stock far out of the trillion-dollar club, it dedicated its home page to a used-car sales technique that's uncharacteristic for an aspirational luxury brand. It offered a "limited-time" deal to trade in an old iPhone and get a new iPhone XR for $450, a $300 discount.

Read more of this story at Slashdot.

6 Critical Website Elements You Need to Review

By Carolina

Just like a car needs regular maintenance, your business’s website needs a review to ensure that it is performing to the best of its capabilities. Whether you have noticed a reduction in visitor numbers, or are responding to feedback from customers, reviewing your website is a business necessity. Here are 6 critical elements of your […]

This is a post from HackRead.com Read the original post: 6 Critical Website Elements You Need to Review

Global Threat Intelligence Management Market 2018 Development Factors | IBM, Dell, McAfee, Trend Micro, Symantec, Check Point – TheBuzzyFeed

thebuzzyfeed.com - Global Threat Intelligence Management Market Size, Status and Forecast 2018-2025 by Gen Market Insights provides insights of in-depth research for business strategies, growth prospects, historical an…


Tweeted by @KeoXes https://twitter.com/KeoXes/status/1070962195641569281

Global Trends

worldview.stratfor.com - The World Trade Organization is currently arbitrating a number of national security-related cases, including one regarding the U.S. justification for imposing tariffs on steel and aluminum in early 2…


Tweeted by @Stratfor https://twitter.com/Stratfor/status/1070816451139915776

Artificial Intelligence In Cyber Security Market 2018 Size, Application,Revenue, Types, Trends in Future, Scope to 2024 – FMCG Market Research

fmcgmarketresearch.com - Market Stats Report Provide the New Trending Market Research Report on Global Artificial Intelligence In Cyber Security Market under Category Technology & Media The report offers a collection of supe…


Tweeted by @UNCODED https://twitter.com/UNCODED/status/1070751618138861569

Project to Watch: Eximchain

The Eximchain project is designed to help companies organize supply chains. The solutions that will be implemented on the platform are aimed at ensuring the possibility of establishing effective and reliable business connections, transactions and information exchange. Team The American project Eximchain (Export and import on Blockchain) was founded in 2015 at the Massachusetts Institute […]

The post Project to Watch: Eximchain appeared first on Hacked: Hacking Finance.

Extending Security to the Public Cloud is the Easy Part

“The biggest challenge of securing the public cloud isn’t technical.”

That’s the opinion of an IT security analyst at a large U.S. government contractor. He should know. In the last year, his company rolled out a multi-tiered cloud environment, with instances in both Amazon Web Services (AWS) and Microsoft Azure as well as on premises.

For this company, which administers federal and state programs that directly assist a broad sector of the American population, leveraging the public cloud made sense. Using the cloud would reduce total cost of ownership (TCO), provide clients and end users with easier access to their information via web-based portals, and enable quickly ramping up or scaling down bandwidth requirements to support the widely fluctuating number of users across projects. However, cybersecurity was a critical concern.

Fast, easy deployment of cloud protection and highly granular policies

Before launching its first contracted project using a public cloud, the company thoroughly researched its cloud security options. Based on its research, the company decided to implement McAfee Cloud Workload Security to bolster the security of data within AWS and Azure. “With McAfee Cloud Workload Security, we can get very granular with our policies,” the systems analyst said. “It is a very powerful tool in [the cloud] environment. We are able to be very proactive in pushing out to endpoints [in the cloud] what they need.”

Since the company’s security team already relied on the McAfee integrated security platform and McAfee ePolicy Orchestrator (McAfee ePO) management console, deploying McAfee Cloud Workload Security was simple and took less than a week. Once the solution and its components were implemented, the company had end-to-end visibility into all cloud workloads and their underlying platforms plus insights into weak security controls, unsafe firewall and encryption settings, and indicators of compromise (IoCs).

Small IS team easily adds management of cloud protection

The company supports its 15,000 professionals and 35,000 endpoints with an information security team of only five people spread across three locations. Such a lean staff is possible primarily thanks to McAfee ePO. Adding cloud protection to the company’s security arsenal required no additional staff. The team simply extended its ability to easily set policies and monitor and manage endpoint protection from on premises into the cloud.

“Whether on premises or in the cloud, we can easily add or customize policies to meet the security needs of each specific contract and project,” the systems analyst said. “McAfee has made it very easy to bring in new workloads.” For example, one of the company’s projects involves multiple federal agencies and multiple types of workloads. These workloads include SQL and Oracle databases, imaging software (since volumes of documents must be stored digitally for years), and agency-specific and contract-specific applications.

The real challenge of securing the cloud

So, what is the difficult part of securing the public cloud?

According to the systems analyst, “The biggest challenge is overcoming the perception that the cloud can’t be secured. We have had to educate both internally and externally that we can extend our existing threat defenses beyond our physical infrastructure to the public cloud. Education is ongoing, but our success thus far at securely leveraging the public cloud is converting the naysayers.”

To read a case study and learn about how the company relies on McAfee to secure the cloud, click here. To watch a video of the systems analyst talking about his experience with McAfee, please view below.

The post Extending Security to the Public Cloud is the Easy Part appeared first on McAfee Blogs.