Cybersecurity firm finds evidence that Russian military unit
was behind DNC hack
… The firm
CrowdStrike linked malware used in the DNC intrusion to malware used to hack
and track an Android phone app used by the Ukrainian army in its battle against
pro-Russia separatists in eastern Ukraine from late 2014 through 2016.
While CrowdStrike, which was hired by the DNC to
investigate the intrusions and whose findings are described in a new report, had always suspected that one of the two hacker
groups that struck the DNC was the GRU, Russia’s military intelligence agency,
it had only medium confidence.
Now, said CrowdStrike co-founder Dmitri Alperovitch, “we
have high confidence” it was a unit of the GRU. CrowdStrike had dubbed that unit “Fancy Bear.”
(Related). Think of
it as a ‘Targeting” App that feeds coordinates directly to Russian artillery.
Russia Used Android Malware to Track Ukrainian Troops: Report
The Russia-linked cyberespionage group known as Fancy Bear
has tracked Ukrainian artillery forces by planting a piece of Android malware
in a legitimate military application, threat intelligence firm CrowdStrike
reported on Thursday.
… This summer, the
company’s analysts came across an Android application package (APK) file named
“Попр-Д30.apk.” The file contained
Russian-language artifacts and its name referenced the D-30, a Russian-made 122
mm towed howitzer that first entered service in the 1960s.
The D-30 is still used by the Ukrainian military and, in
2013, artillery officer Yaroslav Sherstuk created an Android app designed to
help personnel reduce the time to fire the gun from minutes to under 15
seconds. According to its developer, the
application has roughly 9,000 users.
… “CrowdStrike
Intelligence assesses a tool such as this has the potential ability to map out
a unit’s composition and hierarchy, determine their plans, and even triangulate
their approximate location. This type of
strategic analysis can enable the identification of zones in which troops are
operating and help prioritize assets within those zones for future targeting,”
CrowdStrike wrote in its report.
Ransomware is cheap, but then we (hackers) can automate
it.
How Much Do Businesses Pay for Stolen Data?
… Last week, IBM released the results of
a survey that looked at people’s attitudes toward ransomware. Among 600 U.S. business executives, nearly
half said they’d experienced attacks. And
fully 70 percent of those who’d been
attacked said they paid to get their data back.
… 45 percent of
companies that paid ransoms coughed up more than $20,000 to get their files
back, and 20 percent paid hackers more than $40,000.
This could be useful.
PersonalData.IO helps you get access to your personal data
by Sabrina
I. Pacifici on Dec 21, 2016
“PersonalData.IO is a free and open
platform for citizens to track their personal data and understand how it is
used by companies. It is part of the
MyData movement, promoting a human-centric approach to personal data
management. A lot of readers of this
blog will be familiar with Freedom of Information laws, a legal mechanism that
forces governments to be more open. Individuals, journalists, startups and other
actors can use this “right-to-know” to understand what the government is doing
and try to make it function better. There
are even platforms that help facilitate the exercise of this right, like MuckRock,
WhatDoTheyKnow or FragDenStaat. These platforms also have an education
function around information rights. In
Europe we enjoy a similar right with respect to personal data held by private
companies, but it is often very hard to exercise it. We want to change that, with PersonalData.IO.”
(Related). How law
enforcement gets your data?
US State Police Have Spent Millions on Israeli Phone Cracking
Tech
This is part
of a Motherboard mini-series on the proliferation of phone cracking technology,
the people behind it, and who is buying it. Follow along here.
When cops have a phone to break into, they just might pull
a small, laptop-sized device out of a rugged briefcase. After plugging the phone in with a cable, and
a few taps of a touch-screen, the cops have now bypassed the phone’s passcode. Almost like magic, they now have access to
call logs, text messages, and in some cases even deleted data.
… Cellebrite, an
Israel-based firm, sells tools that can pull data from most mobile phones on
the market, such as contact lists, emails, and wiped messages. Cellebrite's products can also circumvent the
passcode locks or other security protections on many current mobile phones. The gear is typically used to gather evidence
from a criminal suspect's device after it has been seized, and although not
many public examples of abuse are available, Cellebrite’s tools have been used
by non-US authorities to prosecute dissidents.
Previous reports have focused on federal agencies'
acquisition of Cellebrite tools. But as
smartphones have proliferated and increasingly become the digital center of our
lives, the demand and supply of mobile forensics tools has trickled down to
more local bodies.
… According to a
spreadsheet detailing what models of phones Cellebrite can handle, the UFED can
extract data from thousands of different mobile devices. It can’t, however, extract the passcode on the
iPhone 4s or above.
How should we take this?
Is crime up 27% or are we discovering new ways to use Facebook data to predict,
defend against, or identify the perpetrators of crime?
Governments are demanding more and more user data from
Facebook
… On Wednesday, the
social network said that government requests for user account data rose 27%
in the first half of 2016 compared to the second half of last year.
A way to ‘lock up’ academic research?
Facebook’s secretive hardware team signs rapid collaboration
deal with 17 universities
Facebook’s shadowy Building 8 research team needs help
from academia to invent futuristic hardware. But today’s pace of innovation doesn’t allow
for the standard 9-12 month turnaround time it takes universities to strike
one-off research partnerships with private companies.
Enter SARA, aka Facebook’s “Sponsored Academic Research
Agreement.” It’s a deal forged by Building 8 head Regina Dugan with 17 top universities to get collaboration
on new projects started in just weeks or even days. SARA eliminates the need for time-consuming
further negotiation and faculty approvals.
Amusing.
A Brief Economic History of Time
… Time’s
unknowable perils contributed to the flourishing of economic thought. But then something interesting happened. The creature became the creator: The economy
re-invented time. Or, to put things less
obliquely, the age of exploration and the industrial revolution completely
changed the way people measure time, understand time, and feel and talk about
time.
Just think: What do you look forward to when you’re at
work? Maybe it’s a happy hour, the
weekend, or, in the more distant future, retirement. Each of these are distinct periods of time,
and each is an invention of the last 150 years of economic change.
… Three forces
contributed to the modern invention of time. First, the conquest of foreign territories
across the ocean required precise navigation with accurate timepieces. Second, the invention of the railroad required
the standardization of time across countries, replacing the local system of
keeping time using shadows and sundials. Third, the industrial economy necessitated new
labor laws, which changed the way people think about work.
Perspective.
Report – Artificial Intelligence, Automation, and the Economy
by Sabrina
I. Pacifici on Dec 21, 2016
“Accelerating artificial intelligence (AI) capabilities
will enable automation of some tasks that have long required human labor. These transformations will open up new
opportunities for individuals, the economy, and society, but they have the
potential to disrupt the current livelihoods of millions of Americans. Whether AI leads to unemployment and increases
in inequality over the long-run depends not only on the technology itself but
also on the institutions and policies that are in place. This report examines the expected impact of
AI-driven automation on the economy, and describes broad strategies that could
increase the benefits of AI and mitigate its costs…”
Perspective. I don’t
get it, but apparently we should be teaching game creation.
Super Mario Run breaks records with 40 million downloads in
its first 4 days
… Previous
third-party estimates suggested the new game was on track to topple Pokémon Go’s previous early performance and
approach the 40 million mark, but this official number confirms it.
In a press release issued by Nintendo, the company says that in
addition to its top ranking in the “free” chart of the App Store in 140
different global markets (of the 150 where it’s available), it’s also now in
the top 10 ranking for best grossing games in 100 different markets.
For my geeks.
… PIXEL represents
our best guess as to what the majority of users are looking for in a desktop
environment: a clean, modern user interface; a curated suite of productivity
software and programming tools, both free and proprietary; and the Chromium web
browser with useful plugins, including Adobe Flash, preinstalled. And all of this is built on top of Debian,
providing instant access to thousands of free applications.
… So, after three
months of hard work from Simon and Serge, we have a Christmas treat for you: an
experimental version of Debian+PIXEL for x86 platforms. Simply download
the image, burn it onto a DVD or flash it onto a USB stick, and boot straight
into the familiar PIXEL desktop environment on your PC or Mac. Or go out and buy this month’s issue of The MagPi magazine, in stores
tomorrow, which has this rather stylish bootable DVD on the cover.
A school can now run PIXEL on its
existing installed base of PCs, just as a student can run PIXEL on her
Raspberry Pi at home. She can move back
and forth between her computing class or after-school club and home, using
exactly the same productivity software and programming tools, in exactly the
same desktop environment. There is no
learning curve, and no need to tweak her schoolwork to run on two subtly
different operating systems.
Helping my students avoid “the dog ate my homework”
syndrome.
… Ultimately, you
can never be too careful. The more backups of your data you make, the better.
In this article, I’ll highlight the best
free backup software for Windows.
I have no artistic ability. Is this as good as they say?
… For the
uninitiated, Prisma allows you to turn your photos into works of art. You choose a photo, then choose from a range
of different styles designed to emulate famous artists. And seconds later your photo looks like it has
been painted rather than shot.
You can grab the latest version of Prisma on Android and on iOS now.
No comments:
Post a Comment