Tuesday, December 10, 2019


Innovative hacking!
Snatch ransomware reboots PCs in Windows Safe Mode to bypass antivirus apps
Unlike most ransomware strains, the Snatch ransomware also steals files from infected networks.
The authors of the Snatch ransomware are using a never-before-seen trick to bypass antivirus software and encrypt victims' files without being detected.
The trick relies on rebooting an infected computer into Safe Mode, and running the ransomware's file encryption process from there.
The reason for this step is that most antivirus software does not start in Windows Safe Mode, a Windows state meant for debugging and recovering a corrupt operating system.




All encryption is breakable, given enough time. In theory, you could break this key in only one hour, if you used 35 million computers.
Scientists Break Largest Encryption Key Yet with Brute Force
The key, only one-third the length of most commercial encryption keys, took more than 35 million compute hours to break.
How safe is "safe"? That's the question at the heart of research into breaking encryption keys — research that has led a team in France to the most complex encryption algorithm to date. At 240 characters long, the new record bests the old decryption record by 8 characters, though it still falls far short of the complexity of the algorithms used in commercial cryptography today.
In order to break the encryption generated by the RSA algorithm, researchers used a network of computers to deliver the 35 million compute hours required to solve the problem. While mathematically and computationally interesting, the result is not seen as a harbinger of the end of effective encryption.
For more, read here.




Beware of helpful sites?
Over 750,000 applications for US birth certificate copies exposed online
An online company that allows users to obtain a copy of their birth and death certificates from U.S. state governments has exposed a massive cache of applications — including their personal information.
… The bucket wasn’t protected with a password, allowing anyone who knew the easy-to-guess web address access to the data.
Each application process differed by state, but performed the same task: allowing customers to apply to their state’s record-keeping authority — usually a state’s department of health — to obtain a copy of their historical records. The applications we reviewed contained the applicant’s name, date-of-birth, current home address, email address, phone number and historical personal information, including past addresses, names of family members and the reason for the application — such as applying for a passport or researching family history.
… Fidus and TechCrunch sent several emails prior to publication to warn of the exposed data, but we received only automated emails and no action was taken. We are not naming the company. When reached, Amazon would not intervene but said it would inform the customer.




One part GDPR, one part Big Brother? At least they are honest: governments are not like the common people.
India proposes new rules to access its citizens’ data
India has proposed groundbreaking new rules that would require companies to garner consent from citizens in the country before collecting and processing their personal data. But at the same time, the new rules also state that companies would have to hand over “non-personal” data of their users to the government, and New Delhi would also hold the power to collect any data of its citizens without consent, thereby bypassing the laws applicable to everyone else, to serve sovereignty and larger public interest.
The new rules, proposed in “Personal Data Protection Bill 2019,” a copy of which leaked on Tuesday, would permit New Delhi to “exempt any agency of government from application of Act in the interest of sovereignty and integrity of India, the security of the state, friendly relations with foreign states, public order.”




Another slice off the Internet. Has isolation ever helped a government stay in power?
Iran's internet freedom is on life support
In November, Iran's government announced a price hike on oil, leading to mass protests in Tehran. To quell the spreading unrest, the Iranian government effectively shut down the internet/ After a week of Iranian security forces cracking down on protesters, including an estimated death toll between 140 and 208, internet access was gradually restored around the country. Judging by statements made by President Hassan Rouhani, the internet shutdowns could be a harbinger of more censorship in 2020 and beyond.
Iran's intranet, known as the National Information Network, will be expanded so "people will not need foreign [networks] to meet their needs," President Rouhani said to Iran's parliament on Sunday, according to Radio Farda.




Perspective. Jeff probably doesn’t like him either.
Amazon blames Trump for losing $10 billion JEDI cloud contract to Microsoft
In a heavily redacted, 103-page document made public Monday, Amazon Web Services lays out why it’s protesting the Department of Defense’s decision to award Microsoft the JEDI (Joint Enterprise Defense Infrastructure) contract. AWS claims it didn’t win the JEDI contract, which could be worth as much as $10 billion, as a result of Trump’s repeated public and private attacks against Amazon and, specifically, its CEO Jeff Bezos.
The question is whether the President of the United States should be allowed to use the budget of DoD to pursue his own personal and political ends,” the filing states. “DoD’s substantial and pervasive errors are hard to understand and impossible to assess separate and apart from the President’s repeatedly expressed determination to, in the words of the President himself, ‘screw Amazon.’ Basic justice requires re-evaluation of proposals and a new award decision.”



No comments: