Saturday, May 20, 2017

Good for them.  (I hope.)
Victims Call Hackers’ Bluff as Ransomware Deadline Nears
With the clock ticking on whether a global hacking attack would wipe out his data, Bolton Jiang had no intention of paying a 21st-century ransom.
Since a week ago, when the malware first struck, Mr. Jiang has been busily fixing and replacing computers at the electronics company where he works in Shanghai.  Paying is a bother, he said, and there was no guarantee he would get his data back.
   A number of people and companies have struck a defiant tone.  The Japanese conglomerate Hitachi, which had been identified in the news media as a victim, declined to confirm those reports on Friday but said that it had no intention of paying a ransom and that it aimed to be fully secure against future attacks by Monday. [Sounds like they were not secure before.  Bob]

(Related).  Only works if you have not rebooted your machine.
WannaCry Ransomware Holding Your Windows PC Hostage? Recover It With This Tool
   Yesterday, a tool called WannaKey hit Github promising free recovery of data on PCs corrupted with Wanna Decrypter.  This tool carried a number of caveats, though, with a big one being that it's exclusive to Windows XP, and the PC could not be rebooted after being infected.
Today, another developer has built on WannaKey's abilities and released wanakiwi, a tool with the same goal of recovering data, but will work on all versions of Windows between XP and 7 (that includes Vista and server variants).  Unfortunately, this wanakiwi carries the same caveat of being useless after an infected PC has been rebooted.

(Related).  “We don’t need no stinking updates!” 
Almost all WannaCry victims were running Windows 7


Sometimes, the old reliable tired and true methods are best. 
Caitlin E. Reilly reports:
The number of organizations that fell prey to a recurring W-2 email scam that involved identity thieves posing as company executives  rose subatantially in 2017, an Internal Revenue Service official said May 18.
[…]
In the first four months of 2017, 870 organizations reported to the IRS that they received a W-2 phishing email, up from about 100 organizations in the first four months of 2016, Powell said.  Of the 870 organizations, about 200 lost data, up from about 50 in 2016, she said.
Read more on BNA.
So I guess my W-2 phishing list is doing a pretty good job of keeping up with the incidents where losses are reported.  As of today, I have 203 on the list.


No one gets a pass!  Controversy2?
Dell Cameron reports:
Controversial cellphone tracking technology is being deployed as a tool in President Donald Trump’s expanding effort to arrest and deport illegal US residents.
In March, US Immigrations and Customs Enforcement (ICE) deployed a cell-site simulator, often colloquially referred to as a “Stingray,” to track a Michigan man in the country illegally, according to recently unsealed court documents reported first by The Detroit News.
Read more on Gizmodo.


Soon we will blot out the sun!  Bwahahaha! 
You no longer have to register your drone
A federal appeals court has shot down a rule requiring hobbyists to register their drones.
Appeals court judges in Washington, D.C. agreed on Friday with a drone enthusiast’s challenge to a FAA requirement that all hobbyists register their drones in a national database and pay a $5 fee.
   The court found that the FAA’s drone registration rule, which debuted in Dec. 2015, conflicts with previous federal legislation from 2012 that said that the FAA lacks the authority to regulate “model aircraft.”  The appeals court categorizes drones as model aircraft.
   “Congress is of course always free to repeal or amend its 2012 prohibition on FAA rules regarding model aircraft,” the judges said.  “Perhaps Congress should do so.  Perhaps not.  In any event, we must follow the statute as written.”


Apparently, this was not a joke?  A whole new field for lawyers?  Government legislation to require only lukewarm coffee? 
US woman burned by Starbucks coffee awarded $100,000
Joanne Mogavero, from Florida, suffered first and second degree burns when the lid popped off a cup of coffee at a Starbucks in 2014, a jury was told.
Her lawyers had argued that Starbucks should warn its customers that lids could pop off.
The jury awarded Ms Mogavero $85,000 for pain and suffering and more than $15,000 to cover medical bills.
   In a statement, Ms Mogavero's legal team said a Starbucks representative had testified during the court hearing in Duval County, Florida, that the company gets 80 complaints a month about problems with lids popping off or leaking.


…no matter how truthful, their timing (and risk analysis) is terrible.  Perhaps we should have Canada build a fence? 
Boeing scrambles to save big Canada fighter jet deal: source
Boeing Co on Friday rushed to fix a gamble that looks to have gone wrong, with the defense unit of the U.S. plane maker seeking to fend off a Canadian threat to scrap the purchase of 18 Super Hornet jets, a source familiar with the matter told Reuters.
That move follows Canada's threat on Thursday that it could ditch its plans to buy the jets if the United States backed Boeing's claims that Canadian plane maker Bombardier Inc dumped jetliners in the U.S. market.
Political insiders say the Liberal government of Prime Minister Justin Trudeau is furious about Boeing's allegations, which comes at a time when trade relations between the United States and Canada are at a low.
   He said Boeing could lose $10 billion to $20 billion in military sales to Canada, encompassing order for jets, helicopters and maritime surveillance planes.
   The U.S. Commerce Department on Thursday launched an investigation into Boeing's claims.
"This is a strong shot across the bow to the United States to say 'Shut this thing down pretty damn quickly,'" said a Canadian defense industry source.
   The Boeing saga further increases tensions between Canada and the United States in the run-up to talks on renewing the North American Free Trade Agreement (NAFTA), with the Trump administration on Thursday setting the clock ticking toward a mid-August start of renegotiations..

(Related).  Another artful deal?
Trump’s $110 Billion Arms Deal With Saudi Arabia May Be Illegal


One of many things I did not see coming.  Note: They have not been replaced with robots (yet).
London airport's new control tower won't have anyone inside
London City Airport is installing a "digital air traffic control tower" that will be operated by controllers sitting in an English village about 70 miles away.
The new tower will use 14 high-definition cameras and various sensors to provide a 360-degree view of the airfield.  Live video and data will be sent to the remote controllers via "super-fast secure fiber connections," the airport said.
    The technology is currently only in use at two remote northern airports in Sweden, though many others around the world are expressing interest in the system, Beauchamp said.
The airport promises that the cameras and screens will provide "a level of detail greater than the human eye."
    The airport and NATS say they have the tools to keep the new system safe from hackers and other threats.  [I wish they had said they were using the tools…  Bob] 


Something I intend to arm my Ethical Hacking students with.  “Beware of geeks bearing animosity!” 
Coffee Shop Customer Delivers ‘Obnoxious’ Table Neighbors A Delicious Lesson
When recently faced with “loud and rude” people sitting next to him at a coffee shop in Paris, information security consultant Khalil Sehnaoui‏ didn’t get mad.
Instead, he got even.  After hearing that they’d just decided on what to call their brand new business, he quietly bought up the corresponding domain name.


Something to drop on my spreadsheet students.


Geek out, dudes!  (and dudettes!)


For everyone else?  Sometimes, you just want to pop the bubble wrap.

No comments: