Russian Hackers Stockpiling Stolen Data

A group of Russian hackers known as CyberVor has accumulated more than 1.2 billion unique usernames, passwords, and email addresses, making it the largest stockpile of stolen Internet credentials in history according to the researchers who discovered the breaches. The hackers gathered the data over several years from 420,000 websites, according to Hold Security, a corporate-website security consultancy. Hold did not disclose additional details but stated that companies of all sizes were targeted and that the hackers apparently used the stolen information to send out spam designed to sell bogus products. Although they initially bought user data on the black market, they eventually used bots to look for vulnerabilities on websites. (National Public Radio)(BBC)(The Wall Street Journal)(Krebs on Security)(The Washington Post)(Forbes)

Court Orders Microsoft to Return Data Stored Overseas to US

A US judge has ordered Microsoft return all the data it stores outside the US to servers in the country. This could be a blow for privacy protection in the US as well as for those businesses with data storage operations. The decision, based on a case in which a search warrant for email related to a narcotics case that is stored in Ireland, was rendered based on the court’s finding that because the US-based Microsoft controls the data it stores overseas, its foreign subsidiaries are equally subject to US law. US District Judge Loretta Preska in New York said the ruling will be stayed to let Microsoft appeal the decision. She said the issue “is a question of control, not a question of the location of the information.” Microsoft challenged the ruling, saying local laws must apply in each jurisdiction. Stated Microsoft general counsel Brad Smith, “We will appeal promptly and continue to advocate that people’s email deserves strong privacy protection in the US and around the world.” Apple, AT&T, Cisco Systems, and Verizon Communications and AT&T have supported Microsoft’s position via amicus briefs. In the European Union, authorities contend that regardless of where an EU-based company's parent firm is based, that subsidiary must abide by European law. (ZDNet)(Associated Press @ San Jose Mercury News)(Reuters)

Two Threats Place Most Smartphone Users at Risk of Data Theft, Hacking

Security researchers have revealed two threats that could put up to 90 percent of the world’s smartphone users at risk for problems such as having hackers take over their devices or steal their passwords or data. One threat is related to how device makers have implemented an obscure industry standard in smartphone management software, according to researchers with security firm Accuvant. The researchers found they could use a third-party vendor’s device management tool for remote configuration as an entry point into a cellular network. Hackers could change the functionality of the network and firmware updates as well as execute malicious code and install malware. The other threat, which Bluebox Security discovered, leverages malicious applications disguised as trusted software that are able to gain access to secured areas of Android devices without issuing any user notification. This Fake ID vulnerability affects Android systems starting with version 2.1. Google says it has already issued a fix for the Fake ID flaw. (Reuters)(The Daily Mail)(Dark Reading)(Wired)

New Motion Tracking Technology Provides US Football Teams and Fans with Player Information

New shoulder pad-mounted motion sensors will give fans, coaching staffs, and players with detailed information about US football teams’ players. Zebra Technologies’ RFID systems will provide real-time information about every National Football League player’s position and following plays, his speed, distance travelled, acceleration, and other performance-related metrics. A coach could see, for example, the distance between an offensive player and the defender assigned to cover him. Teams could use this information to, for example, change their strategy during a game. As for enhancing the fan experience, neither the league nor Zebra provided specific information about how the information would be conveyed from the database it will use to store the gathered data. The statement only mentioned that the data would “be outputted to generate new experiences built around this additional data.” Whether it will be used on displays in the stadium or mobile device applications remains open to conjecture. Zebra will install the technology in 15 sports stadiums hosting 2014 Thursday night football games—in Atlanta; Baltimore; Charlotte, N.C. (home of the Carolina Panthers); Chicago; Cincinnati; Denver; Foxborough, Mass. (home of the New England Patriots); Green Bay, Wisc.; Houston; Jacksonville, Florida; Miami; Oakland; San Francisco; St. Louis; and Washington, D.C.—as well as Detroit and New Orleans. (TechCrunch)(Zebra Technologies @ PR NewsWire)

Android’s Share of Smartphone Market Reaches New High

Google’s Android operating system can now be found in 85 percent of all smartphones shipped in the second quarter of 2014. This is a new high for the OS, according to a recent Strategy Analytics report of smartphone activity in that time period, during which Apple, Windows Phone, and BlackBerry lost market share. According to Strategy Analytics, 295.2 million smartphone shipped that quarter, roughly half the number shipped a year ago during the same time period. Samsung continued to lead the market with a 25 percent market share, having shipped 74.5 million units. A year ago, its share was roughly 33 percent. Apple is shipping more units than a year ago – having shipped 35.2 million units--, but despite this, its market share dropped from 13 to 12 percent. (Tech Crunch)(Strategy Analytics @ PR Newswire)

USB Devices Vulnerable to Hacking

Hackers can load malicious software onto chips that control USB devices in which they are embedded and use the malware to take over the devices, according to newly-released study by German researchers. USB devices are vulnerable because they have no built-in security and because of hardware bugs, said SR Labs chief scientist Karsten Nohl. Nohl used a USB controller chip to download to a computer malware that let him change its domain-name-system network settings and route its Internet traffic through malicious servers. The malware would also infect USB device later attached to the infected computer. (Tech Guru Daily)(Reuters)

Some Dragonfly Malware Victims Identified

A new analysis of circumstances surrounding the Dragonfly malware attacks has identified two of the three industrial-control-system software firms that the hackers targeted. Dale Peterson, founder and CEO of security firm Digital Bond, said the companies were MB Connect Line, a German maker of industrial routers and remote access appliances; and eWon, a Belgian virtual-private-network software developer whose products access industrial control devices. Peterson stated that he knows the identity of the third company but cannot divulge it. The Dragonfly campaign used a piece of malware known as Havex against energy-grid operators, major electricity-generation firms, petroleum-pipeline operators, and industrial-equipment providers, primarily in France, Germany, Italy, Poland, Spain, Turkey, and the US. In some cases, the hackers first breached the systems of industrial-control-system vendors that sell to energy-sector companies and infected the software they sold. The energy companies became infected with the Havex remote-access Trojans when they downloaded the compromised software. Havex steals information about infected computers and networks, as well as data from e-mail address books and virtual private networks, and sends them to the hackers’ servers. Peterson said he released the names of the affected industrial-control-system software firms because other security companies weren’t doing so in a timely manner. He said, “[I]t would be helpful if these energy control system and energy sites were made public so asset owners could be alerted that they may have been compromised."(SlashDot)(Digital Bond)

Associated Press Uses Automation to Generate Stories from Data

The Associated Press says that it is generating more of its business articles automatically via technology. Software algorithms are mining data for most of the wire service’s earnings reports, enabling journalists to focus on more detailed reporting, the wire service explained. AP vice president and managing editor Lou Ferrara said “We discovered that automation technology, from a company called Automated Insights, paired with data from Zacks Investment Research, would allow us to automate short stories—150 to 300 words—about the earnings of companies in roughly the same time that it took our reporters.” And, he added, “instead of providing 300 stories manually, we can provide up to 4,400 automatically for companies throughout the United States each quarter.” The AP, which labels stories generated via technology, will not eliminate any jobs because of the new approach, according to Ferrara. Instead, reporters will now focus on analysis and other features. The AP already automates much of the information on sports statistics it provides clients. (SlashDot)(The Atlantic)

DIY Device Celebrates Game Boy’s Silver Anniversary

Nintendo’s Game Boy turns 25 this year, and to celebrate, do-it-yourselfers can make their own version of the iconic gaming device using 3D printers and electronics. Electronics vendor Adafruit is selling the DIY Game Girl, also known as the PiGRRL, which works via a Raspberry Pi computer and a thin-film transistor touch screen. Utilizing designs provided by Adafruit, users print out the housing for the components, many of which come from Super Nintendo Entertainment Systems. The files that run on the device are available via Thingiverse, a website on which participants can discover, make, and share 3D printable items. (SlashDot)(Adafruit)

Daimler Demonstrates Self-Driving 18-Wheeler

The study of autonomous vehicles has focused primarily on self-driving cars. Researchers have paid little attention to large vehicles—until now. Daimler is developing a tractor-trailer under the Mercedes brand that can drive without human guidance. The company demonstrated the “Future Truck 2025” prototype on Germany’s Autobahn highway system. Based on the Mercedes Actros, the self-guided truck can travel up to 55 mph and uses cameras and multiple radar sensors to watch the road, as well as other vehicles. A driver can override the system while it is operating. Daimler is working on various features and refinements to the truck, which currently cannot, for example, change lanes or pass other vehicles. The company says its technology may eventually extend the amount of time big rigs can stay on the road, even though truckers in many countries can only drive a certain number of hours per day. (SlashDot)(CNN)(Gizmodo)(Bloomberg)

Showing 11 - 20 of 4,456 results.
Items per Page 10
of 446