Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Botnet

Spam Hits Its Highest Level Since 2010 (networkworld.com) 17

Long-time Slashdot reader coondoggie quotes Network World: Spam is back in a big way -- levels that have not been seen since 2010 in fact. That's according to a blog post from Cisco Talos that stated the main culprit of the increase is largely the handiwork of the Necurs botnet... "Many of the host IPs sending Necurs' spam have been infected for more than two years.

"To help keep the full scope of the botnet hidden, Necurs will only send spam from a subset of its minions... This greatly complicates the job of security personnel who respond to spam attacks, because while they may believe the offending host was subsequently found and cleaned up, the reality is that the miscreants behind Necurs are just biding their time, and suddenly the spam starts all over again."

Before this year, the SpamCop Block List was under 200,000 IP addresses, but surged to over 450,000 addresses by the end of August. Interestingly, Proofpoint reported that between June and July, Donald Trump's name appeared in 169 times more spam emails than Hillary Clinton's.
Government

Senators Accuse Russia Of Disrupting US Election (washingtonpost.com) 99

An anonymous Slashdot reader quotes The Washington Post: Two senior Democratic lawmakers with access to classified intelligence on Thursday accused Russia of "making a serious and concerted effort to influence the U.S. election," a charge that appeared aimed at putting pressure on the Obama administration to confront Moscow... "At the least, this effort is intended to sow doubt about the security of our election and may well be intended to influence the outcomes," the statement said. "We believe that orders for the Russian intelligence agencies to conduct such actions could come only from very senior levels of the Russian government..."

White House officials have repeatedly insisted that they are awaiting the outcome of a formal FBI investigation, even though U.S. intelligence are said to have concluded with "high confidence" that Russia was responsible for the DNC breach and other attacks. The White House hesitation has become a source of frustration to critics, including senior members of Congress.

Meanwhile, U.S. intelligence officials are reportedly investigating whether Donald Trump's foreign policy adviser "opened up private communications with senior Russian officials -- including talks about the possible lifting of economic sanctions if the Republican nominee becomes president."
Security

Hacker Who Aided ISIS Gets 20 Years In Prison (softpedia.com) 111

An anonymous reader quotes a report from Softpedia: Ardit Ferizi, aka Th3Dir3ctorY, 20, a citizen of Kosovo, will spend 20 years in a U.S. prison for providing material support to ISIS hackers by handing over data for 1,351 U.S. government employees. Ferizi obtained the data by hacking into a U.S. retail company on June 13, 2015. The hacker then filtered the stolen information and put aside records related to government officials, which he later handed over to Junaid Hussain, the then leader of the Islamic State Hacking Division (ISHD). Hussain then uploaded this information online, asking fellow ISIS members to seek out these individuals and execute lone wolf attacks. Because of this leak, the U.S. Army targeted and killed Hussain in a drone strike in Syria in August 2015. Before helping ISIS, Ferizi had a prodigious hacking career as the leader of Kosova Hacker's Security (KHS) hacking crew. He was arrested on October 6, 2015, at the international airport in Kuala Lumpur, Malaysia, while trying to catch a flight back to Kosovo. Ferizi was in Kuala Lumpur studying computer science.
Yahoo!

Yahoo Sued For Gross Negligence Over Huge Hacking (reuters.com) 49

Yahoo apparently took two years to investigate and tell people that its service had been breached, and that over 500 million users were affected. Amid the announcement, a user is suing Yahoo, accusing the company of gross negligence. From a Reuters report: The lawsuit was filed in the federal court in San Jose, California, one day after Yahoo disclosed the hacking, unprecedented in size, by what it believed was a "state-sponsored actor." Ronald Schwartz, a New York resident, sued on behalf of all Yahoo users in the United States whose personal information was compromised. The lawsuit seeks class-action status and unspecified damages. A Yahoo spokeswoman said the Sunnyvale, California-based company does not discuss pending litigation. The attack could complicate Chief Executive Marissa Mayer's effort to shore up the website's flagging fortunes, two months after she agreed to a $4.8 billion sale of Yahoo's Internet business to Verizon Communications. Yahoo on Thursday said user information including names, email addresses, phone numbers, birth dates and encrypted passwords had been compromised in late 2014.
Security

Why the Silencing of KrebsOnSecurity Opens a Troubling Chapter For the Internet (arstechnica.com) 173

An anonymous reader quotes a report from Ars Technica: For the better part of a day, KrebsOnSecurity, arguably the world's most intrepid source of security news, has been silenced, presumably by a handful of individuals who didn't like a recent series of exposes reporter Brian Krebs wrote. The incident, and the record-breaking data assault that brought it on, open a troubling new chapter in the short history of the Internet. The crippling distributed denial-of-service attacks started shortly after Krebs published stories stemming from the hack of a DDoS-for-hire service known as vDOS. The first article analyzed leaked data that identified some of the previously anonymous people closely tied to vDOS. It documented how they took in more than $600,000 in two years by knocking other sites offline. A few days later, Krebs ran a follow-up piece detailing the arrests of two men who allegedly ran the service. A third post in the series is here. On Thursday morning, exactly two weeks after Krebs published his first post, he reported that a sustained attack was bombarding his site with as much as 620 gigabits per second of junk data. That staggering amount of data is among the biggest ever recorded. Krebs was able to stay online thanks to the generosity of Akamai, a network provider that supplied DDoS mitigation services to him for free. The attack showed no signs of waning as the day wore on. Some indications suggest it may have grown stronger. At 4 pm, Akamai gave Krebs two hours' notice that it would no longer assume the considerable cost of defending KrebsOnSecurity. Krebs opted to shut down the site to prevent collateral damage hitting his service provider and its customers. The assault against KrebsOnSecurity represents a much greater threat for at least two reasons. First, it's twice the size. Second and more significant, unlike the Spamhaus attacks, the staggering volume of bandwidth doesn't rely on misconfigured domain name system servers which, in the big picture, can be remedied with relative ease. The attackers used Internet-of-things devices since they're always-connected and easy to "remotely commandeer by people who turn them into digital cannons that spray the internet with shrapnel." "The biggest threats as far as I'm concerned in terms of censorship come from these ginormous weapons these guys are building," Krebs said. "The idea that tools that used to be exclusively in the hands of nation states are now in the hands of individual actors, it's kind of like the specter of a James Bond movie." While Krebs could retain a DDoS mitigation service, it would cost him between $100,000 and $200,000 per year for the type of protection he needs, which is more than he can afford. What's especially troubling is that this attack can happen to many other websites, not just KrebsOnSecurity.
Security

40 Percent of Organizations Store Admin Passwords In Word Documents, Says Survey (esecurityplanet.com) 100

While the IT industry is making progress in securing information and communications systems from cyberattacks, a new survey from cybersecurity company CyberArk says several critical areas, such as privileged account security, third-party vendor access and cloud platforms are undermining them. An anonymous Slashdot reader shares with us the details of the report via eSecurity Planet: According to the results of a recent survey of 750 IT security decision makers worldwide, 40 percent of organizations store privileged and administrative passwords in a Word document or spreadsheet, while 28 percent use a shared server or USB stick. Still, the survey, sponsored by CyberArk and conducted by Vanson Bourne, also found that 55 percent of respondents said they have evolved processes for managing privileged accounts. Fully 79 percent of respondents said they have learned lessons from major cyberattacks and have taken appropriate action to improve security. Sixty-seven percent now believe their CEO and board of directors provide sound cybersecurity leadership, up from 57 percent in 2015. Three out of four IT decision makers now believe they can prevent attackers from breaking into their internal network, a huge increase from 44 percent in 2015 -- and 82 percent believe the security industry in general is making progress against cyberattackers. Still, 36 percent believe a cyberattacker is currently on their network or has been within the past 12 months, and 46 percent believe their organization was a victim of a ransomware attack over the past two years. And while 95 percent of organizations now have a cybersecurity emergency response plan, only 45 percent communicate and regularly test that plan with all IT staff. Sixty-eight percent of organizations cite losing customer data as one of their biggest concerns following a cyberattack, and 57 percent of organizations that store information in the cloud are not completely confident in their cloud provider's ability to protect their data.
Security

Sad Reality: It's Cheaper To Get Hacked Than Build Strong IT Defenses (theregister.co.uk) 177

It's no secret that more companies are getting hacked now than ever. The government is getting hacked, major corporate companies are getting hacked, and even news outlets are getting hacked. This raises the obvious question: why aren't people investing more in bolstering their security? The answer is, as a report on The Register points out, money. Despite losing a significant sum of money on a data breach, it is still in a company's best interest to not spend on upgrading their security infrastructure. From the report: A study by the RAND Corporation, published in the Journal of Cybersecurity, looked at the frequency and cost of IT security failures in US businesses and found that the cost of a break-in is much lower than thought -- typically around $200,000 per case. With top-shelf security systems costing a lot more than that, not beefing up security looks in some ways like a smart business decision. "I've spent my life in security and everyone expects firms to invest more and more," the report's author Sasha Romanosky told The Reg. "But maybe firms are making rational investments and we shouldn't begrudge firms for taking these actions. We all do the same thing, we minimize our costs." Romanosky analyzed 12,000 incident reports and found that typically they only account for 0.4 per cent of a company's annual revenues. That compares to billing fraud, which averages at 5 per cent, or retail shrinkage (ie, shoplifting and insider theft), which accounts for 1.3 per cent of revenues. As for reputational damage, Romanosky found that it was almost impossible to quantify. He spoke to many executives and none of them could give a reliable metric for how to measure the PR cost of a public failure of IT security systems.
United States

Probe Of Leaked US NSA Hacking Tools Examines Operative's Mistake (reuters.com) 56

Joseph Menn and John Walcott, reporting for Reuters: A U.S. investigation into a leak of hacking tools used by the National Security Agency is focusing on a theory that one of its operatives carelessly left them available on a remote computer and Russian hackers found them, four people with direct knowledge of the probe told Reuters. The tools, which enable hackers to exploit software flaws in computer and communications systems from vendors such as Cisco Systems and Fortinet Inc, were dumped onto public websites last month by a group calling itself Shadow Brokers. The public release of the tools coincided with U.S. officials saying they had concluded that Russia or its proxies were responsible for hacking political party organizations in the run-up to the Nov. 8 presidential election. On Thursday, lawmakers accused Russia of being responsible. Various explanations have been floated by officials in Washington as to how the tools were stolen. Some feared it was the work of a leaker similar to former agency contractor Edward Snowden, while others suspected the Russians might have hacked into NSA headquarters in Fort Meade, Maryland.
Security

Akamai Kicked Journalist Brian Krebs' Site Off Its Servers After He Was Hit By a Record Cyberattack (businessinsider.com) 191

An anonymous reader writes:Cloud hosting giant Akamai Technologies has dumped journalist Brian Krebs from its servers after his website came under a "record" cyberattack. "It's looking likely that KrebsOnSecurity will be offline for a while," Krebs tweeted Thursday. "Akamai's kicking me off their network tonight." Since Tuesday, Krebs' site has been under sustained distributed denial-of-service (DDoS), a crude method of flooding a website with traffic in order to deny legitimate users from being able to access it. The assault has flooded Krebs' site with more than 620 Gbps per second of traffic -- nearly double what Akamai has seen in the past.
China

Taiwan Asks Google To Blur Its Military Facilities In South China Sea (nbcnews.com) 50

An anonymous reader quotes a report from Reuters: Taiwan's defense ministry said on Wednesday it is asking Google to blur satellite images showing what experts say appear to be new military installations on Itu Aba, Taipei's sole holding in the disputed South China Sea. The revelation of new military-related construction could raise tensions in the contested waterway, where China's building of airstrips and other facilities has worried other claimants and the United States. The images seen on Google Earth show four three-pronged structures sitting in a semi-circle just off the northwestern shoreline of Itu Aba, across from an upgraded airstrip and recently constructed port that can dock 3,000-ton frigates. "Under the pre-condition of protecting military secrets and security, we have requested Google blur images of important military facilities," Taiwan Defense Ministry spokesman Chen Chung-chi said on Wednesday, after local media published the images on Itu Aba. The United States has urged against the militarization of the South China Sea, following the rapid land reclamation by China on several disputed reefs through dredging, and building air fields and port facilities. Defense experts in Taiwan said that based on the imagery of the structures and their semi-circular layout, the structures were likely related to defense and could be part of an artillery foundation.
Government

Hacker Leaks Michelle Obama's Passport (nypost.com) 121

The hacker who leaked Colin Powell's private email account last week has struck again. This time they have hacked a low-level White House staffer and released a picture of Michelle Obama's passport, along with detailed schedules for top U.S. officials and private email messages. New York Post reports: The information has been posted online by the group DC Leaks. The White House staffer -- who also apparently does advance work for Hillary Clinton's presidential campaign -- is named Ian Mellul. The released documents include a PowerPoint outline of Vice President Joe Biden's recent Cleveland trip, showing his planned route, where he'll meet with individuals and other sensitive information, according to the Daily Mail. In an email to The Post, the hacker writes, "The leaked files show the security level of our government. If terrorists hack emails of White House Office staff and get such sensitive information we will see the fall of our country." The hacker adds, "We hope you will tell the people about this criminal negligence of White House Office staffers."
Security

Yahoo Confirms Massive Data Breach, 500 Million Users Impacted [Updated] (recode.net) 169

Update: 09/22 18:47 GMT by M :Yahoo has confirmed the data breach, adding that about 500 million users are impacted. Yahoo said "a copy of certain user account information was stolen from the company's network in late 2014 by what it believes is a state-sponsored actor." As Business Insider reports, this could be the largest data breach of all time. In a blog post, the company said:Yahoo is notifying potentially affected users and has taken steps to secure their accounts. These steps include invalidating unencrypted security questions and answers so that they cannot be used to access an account and asking potentially affected users to change their passwords. Yahoo is also recommending that users who haven't changed their passwords since 2014 do so. The Intercept reporter Sam Biddle commented, "It took Yahoo two years to announce that info on half a billion user accounts was stolen." Amid its talks with Verizon for a possible acquisition -- which did happen -- Yahoo knew about the attack, but didn't inform Verizon about it, Business Insider reports. Original story, from earlier today, follows.

Last month, it was reported that a hacker was selling account details of at least 200 million Yahoo users. The company's service had apparently been hacked, putting several hundred million users accounts at risk. Since then Yahoo has remained tight-lipped on the matter, but that could change very soon. Kara Swisher of Recode is reporting that Yahoo is poised to confirm that massive data breach of its service. From the report: While sources were unspecific about the extent of the incursion, since there is the likelihood of government investigations and legal action related to the breach, they noted that it is widespread and serious. Earlier this summer, Yahoo said it was investigating a data breach in which hackers claimed to have access to 200 million user accounts and was selling them online. "It's as bad as that," said one source. "Worse, really." The announcement, which is expected to come this week, also possible larger implications on the $4.8 billion sale of Yahoo's core business -- which is at the core of this hack -- to Verizon. The scale of the liability could be large and bring untold headaches to the new owners. Shareholders are likely to worry that it could lead to an adjustment in the price of the transaction.
Piracy

Hackers Seed Torrent Trackers With Malware Disguised as Popular Downloads (grahamcluley.com) 63

An anonymous reader writes: Cybercriminals are spreading malware via torrent distribution networks, using an automated tool to disguise the downloads as trending audio, video and other digital content in an attempt to infect more unsuspecting victims. Researchers at InfoArmor say they have uncovered a malicious torrent distribution network that relies on a tool called RAUM to infect computers with malware. The network begins with a torrent parser, which collects information about some of the most popular torrent files circulating around the web. Computer criminals then apply their RAUM tool to create a series of malicious files. Some are fake copies of those popular torrent files that in reality hide notorious malware such as CryptXXX, Cerber, or Dridex. Others are weaponized torrent files, while others still are parsed torrent files that rely on a high download rating, a reputation which the attackers artificially inflate by abusing compromised users' accounts to set up new seeds.
Republicans

Trump Opposes Plan For US To Hand Over Internet Oversight To a Global Governance (reuters.com) 522

An anonymous reader quotes a report from Reuters: U.S. Republican presidential nominee Donald Trump opposes a long-planned transition of oversight of the internet's technical management from the U.S. government to a global community of stakeholders, his campaign said in a statement on Wednesday. Congress should block the handover, scheduled to occur on Oct. 1, "or internet freedom will be lost for good, since there will be no way to make it great again once it is lost," Stephen Miller, national policy director for the Trump campaign, said in a statement. Senator Ted Cruz of Texas, a former presidential primary foe of Trump's who has refused to endorse the real estate developer, has led a movement in Congress to block the transition, arguing it could cede control of the internet itself to authoritarian regimes like Russia and China and threaten online freedom. Technical experts have said those claims are baseless, and that a delay will backfire by undermining U.S. credibility in future international negotiations over internet standards and security. Publicly proposed in March 2014, the transfer of oversight of the nonprofit Internet Corporation for Assigned Names and Numbers, or ICANN, is expected to go forward unless Congress votes to block the move. Democratic presidential candidate Hillary Clinton supports the Obama administration's planned transition to a global community of technologists, civil society groups and internet users, according to policy positions available on her campaign website.
The Courts

With 3D Printer Gun Files, National Security Interest Trumps Free Speech, Court Rules (arstechnica.com) 406

A federal appeals court ruled this week against Defense Distributed, the Texas organization that promotes 3D-printed guns, in a lawsuit that it brought last year against the State Department. In a 2-1 decision, the 5th Circuit Court of Appeals was not persuaded that Defense Distributed's right to free speech under the First Amendment outweighs national security concerns. From an ArsTechnica report: The majority concluded: 'Ordinarily, of course, the protection of constitutional rights would be the highest public interest at issue in a case. That is not necessarily true here, however, because the State Department has asserted a very strong public interest in national defense and national security. Indeed, the State Department's stated interest in preventing foreign nationals -- including all manner of enemies of this country -- from obtaining technical data on how to produce weapons and weapon parts is not merely tangentially related to national defense and national security; it lies squarely within that interest.'
Security

Tesla Fixes Security Bugs After Claims of Model S Hack (reuters.com) 75

An anonymous reader quotes a report from Reuters: Tesla Motors Inc has rolled out a security patch for its electric cars after Chinese security researchers uncovered vulnerabilities they said allowed them to remotely attack a Tesla Model S sedan. The automaker said that it had patched the bugs in a statement to Reuters on Tuesday, a day after cybersecurity researchers with China'a Tencent Holdings Ltd disclosed their findings on their blog. Tesla said it was able to remedy the bugs uncovered by Tencent using an over-the-air fix to its vehicles, which saved customers the trouble of visiting dealers to obtain the update. Tencent's Keen Security Lab said on its blog that its researchers were able to remotely control some systems on the Tesla S in both driving and parking modes by exploiting the security bugs that were fixed by the automaker. The blog said that Tencent believed its researchers were the first to gain remote control of a Tesla vehicle by hacking into an onboard computer system known as a CAN bus. In a demonstration video, Tencent researchers remotely engaged the brake on a moving Tesla Model S, turned on its windshield wipers and opened the trunk. Tesla said it pushed out an over-the-air update to automatically update software on its vehicles within 10 days of learning about the bugs. It said the attack could only be triggered when a Tesla web browser was in use and the vehicle was close enough to a malicious Wi-Fi hotspot to connect to it. Slashdot reader weedjams adds some commentary: Does no one else think cars + computers + network connectivity = bad?
Security

College Student Got 15 Million Miles By Hacking United Airlines (fortune.com) 79

An anonymous reader quotes a report from Fortune: University of Georgia Tech student Ryan Pickren used to get in trouble for hacking websites -- in 2015, he hacked his college's master calendar and almost spent 15 years in prison. But now he's being rewarded for his skills. Pickren participated in United Airlines' Bug Bounty Program and earned 15 million United miles. At two cents a mile, that's about $300,000 worth. United's white hat hacking program invites computer experts to legally hack their systems, paying up to one million United miles to hackers who can reveal security flaws. At that rate, we can presume Pickren reported as many as 15 severe bugs. The only drawback to all those free miles? Taxes. Having earned $300,000 of taxable income from the Bug Bounty Program, Pickren could owe the Internal Revenue Service tens of thousands of dollars. He's not keeping all of the, though: Pickren donated five million miles to Georgia Tech. The ultimate thank-you for not pressing charges last year. In May, certified ethical hackers at Offensi.com identified a bug allowing remote code execution on one of United Airlines' sites and were rewarded with 1,000,000 Mileage Plus air miles. Instead of accepting the award themselves, they decided to distribute their air miles among three charities.
Security

Anonymous Hacker Explains His Attack On Boston Children's Hospital (huffingtonpost.com) 294

Okian Warrior writes: Martin Gottesfeld of Anonymous was arrested in connection with the Spring 2014 attacks on a number of healthcare and treatment facilities in the Boston area. The attacks were in response/defense of a patient there named Justina Pelletier. Gottesfeld now explains why he did what he did, in a statement provided to The Huffington Post. Here's an excerpt from his statement: [Why I Knocked Boston Children's Hospital Off The Internet] The answer is simpler than you might think: The defense of an innocent, learning disabled, 15-year-old girl. In the criminal complaint, she's called 'Patient A,' but to me, she has a name, Justina Pelletier. Boston Children's Hospital disagreed with her diagnosis. They said her symptoms were psychological. They made misleading statement on an affidavit, went to court, and had Justina's parents stripped of custody. They stopped her painkillers, leaving her in agony. They stopped her heart medication, leaving her tachycardic. They said she was a danger to herself, and locked her in a psych ward. They said her family was part of the problem, so they limited, monitored, and censored her contact with them..."
Security

Cisco Scrambles To Patch Second Shadow Brokers Bug In Firewalls (onthewire.io) 30

Trailrunner7 writes: Cisco is scrambling to patch another vulnerability in many of its products that was exposed as part of the Shadow Brokers dump last month. The latest vulnerability affects many different products, including all of the Cisco PIX firewalls. The latest weakness lies in the code that Cisco's IOS operating system uses to process IKEv1 packets. IKE is used in the IPSec protocol to help set up security associations, and Cisco uses it in a number of its products. The company said in an advisory that many versions of its IOS operating system are affected, including IOS XE and XR. Cisco does not have patches available for this vulnerability yet, and said there are no workarounds available to protect against attacks either. Many of the products affected by this flaw are older releases and are no longer supported, specifically the PIX firewalls, which haven't been supported since 2009.
GNU is Not Unix

Emacs 25.1 Released With Tons Of New Features (fossbytes.com) 131

After four years of development there's a major new release of Emacs, the 40-year-old libre text editor with over 2,000 built-in commands. An anonymous Slashdot reader writes: Emacs 25.1 now lets you embed GTK+ user interface widgets, including WebKitGTK+, "a full-featured WebKit port that can allow you to browse the internet and watch YouTube inside Emacs." And it can also load shared/dynamic modules, meaning it can import the extra functionality seen in Emacs Lisp programs. This version also includes enhanced the network security, experimental support for Cairo drawing, and a new "switch-to-buffer-in-dedicated-window" mode.
Emacs 25.1 is available at the GNU FTP server, and since it's the 40th anniversary of Emacs, maybe it's a good time for a discussion about text editors in general. So leave your best tips in the comments -- along with your favorite stories about Emacs, Vim, or the text editor of your choice. What comes to your mind on the 40th anniversary of Emacs?

Slashdot Top Deals