How the Big Boys hack.
Fancy Bear,
the Russian Election Hackers, Have a Nasty New Weapon
Russia’s GRU has secretly developed and deployed
new malware that’s virtually impossible to eradicate, capable of
surviving a complete wipe of a target computer’s hard drive, and
allows the Kremlin’s hackers to return again and again.
The malware, uncovered by the European security
company ESET, works by rewriting the code flashed into a computer’s
UEFI chip, a small slab of silicon on the motherboard that controls
the boot and reboot process. Its apparent purpose is to maintain
access to a high-value target in the event the operating system gets
reinstalled or the hard drive replaced—changes that would normally
kick out an intruder.
… “There’s been no deterrence to Russian
hacking,” said former FBI counterterrorism agent Clint Watts, a
research fellow at the Foreign Policy Research Institute. “And as
long as there’s no deterrence, they’re not going to stop, and
they’re going to get more and more sophisticated.” [Thank
you Captain Obvious! Bob]
What will it take to secure the election process?
“Election machines used in more than half of
U.S. states carry a flaw disclosed more than a decade ago that makes
them vulnerable to a cyberattack, according to a report to be
delivered Thursday on Capitol Hill. The issue was found in the
widely used Model 650 high-speed ballot-counting machine made by
Election Systems & Software LLC, the nation’s leading
manufacturer of election equipment. It is one of about seven
security problems in several models of voting equipment described in
the report, which is based on research conducted
last month at the Def Con hacker conference. The flaw in the
ES&S machine stood out because it was detailed
in a security report commissioned by Ohio’s secretary of state
in 2007, said Harri Hursti, an election-security researcher who
co-wrote both the Ohio and Def Con reports. “There has been more
than plenty of time to fix it,” he said.
Copycat or continued probing for the coming
CyberWar? This may be worse than they are suggesting. Based on what
they are not saying…
San Diego
port hit by ransomware attack
The Port released a statement saying the malware
had infiltrated its computer network and was disrupting
administration systems.
It said the attack had not stopped ships or boats
using the port, or put members of the public in danger.
The FBI and Department of Homeland Security are
helping the Port investigate and clean up in the wake of the
outbreak.
"This is mainly an administrative issue and
normal Port operations are continuing as usual," Randa
Coniglio, chief executive of the port, said in a statement.
The main impact would be on the issuing of park
permits, public records requests and general business services, it
added.
Even non-IT managers can fail to secure their
assets.
Hellcat
heist: Car thieves hit Fiat Chrysler factory area third time in a
year
For the third time over the past year thieves have
stolen a batch of brand new Fiat Chrysler cars awaiting shipment near
its Jefferson North factory in Detroit.
On early Wednesday morning, a vehicle rammed
through the security fence of a separately managed shipping company
yard across the street from the plant and dropped off several crooks,
who grabbed three Dodge Challenger Hellcat muscle cars and a Jeep
Cherokee and took off, the
Detroit News reported.
The same facility was hit
in a similar fashion in July when seven vehicles were stolen,
most of which were eventually recovered. Last November, six Jeep
Grand Cherokee Trackhawks worth $86,000 each were also lifted from
the near the facility.
Inevitable.
First-Ever
Conviction For Drunken Scootering In LA
An intoxicated man who knocked over a pedestrian
while riding a scooter in West Los Angeles has become the first
person in L.A. to be convicted for a scooter-related DUI.
Nicholas Kauffroath, 28, pled no contest Thursday
to one count of operating a motorized scooter under the influence and
one count of hit-and-run. He was sentenced to 36 months of probation
and ordered to pay a $550 fine, along with restitution to the victim.
Perspective. Interesting interview.
The Supreme
Court on Smart Phones: An Interview of Bart Huffman about Law and
Technology
Curious.
The
Surprising History (and Future) of Fingerprints
Fascinating read via The
Paris Review: “…Thumb marks were used as personal seals to
close business in Babylonia, and, in 1303, a Persian vizier recounted
the use of fingerprints as signatures during the Qin and Han
Dynasties, noting, “Experience has shown that no two individuals
have fingers precisely alike.” The Chinese had realized that
before anyone: a Qin dynasty document from the third-century B.C.E,
titled “The Volume of Crime Scene Investigation—Burglary,”
pointed up fingerprints as a means of evincing whodunnit.
Worth noting.
Google
Images to Show Credit Information
Google has coordinated with international
standards organizations to show copyright and author information in
Google images. The new feature will show on images containing author
and copyright metadata.
No comments:
Post a Comment