Thursday, December 13News That Matters

Technology

Elit scripta volumus cu vim, cum no vidit prodesset interesset. Mollis legendos ne est, ex pri latine euismod apeirian. Nec molestie senserit an, eos no eirmod salutatus.

White House, UK blame Russian military for NotPetya wiper worm

White House, UK blame Russian military for NotPetya wiper worm

Technology
Enlarge / White House Press Secretary Sarah Sanders issued a statement today declaring that Russia would face "international consequences" for releasing the NotPetya malware worm. (credit: Getty Images) Following form with a finding by the government of the United Kingdom, the White House issued a statement formally blaming Russia's military for unleashing NotPetya, the destructive "wiper" worm that spread across much of the world last June. NotPetya, which at first appeared to be yet another crypto-ransomware attack similar to WannaCry, was instead designed to simply destroy data. There have been suggestions in the past that the malware was launched as part of a state-sponsored attack against Ukraine, likely by Russian attackers connected to the military. Multiple security research com...
VINCI Highways and CARFIT Partner To Strengthen Safety On Motorways

VINCI Highways and CARFIT Partner To Strengthen Safety On Motorways

Technology
As a specialist in predictive maintenance applied to the automotive sector CARFIT announces a partnership with VINCI Highways. Our latest product, CARFIT PULS, is a new connected vibration sensor marketed with a toll transceiver from VINCI Highways, to allow drivers to be better informed about the general state of their vehicles. This will increase a driver’s safety, and that of those driving on the VINCI managed highways. Our CARFIT vibration sensor will also be used to monitor the condition of the undercarriage wear to parts such as the tires, wheels, shocks absorbers and brakes. The CARFIT PULS simply sticks on the back of the steering wheel. It communicates with an application and a chatbot on the user smartphones (Android/iOS) which provides the driver with maintenance alerts a
FedEx customer data left online for anyone to rifle through

FedEx customer data left online for anyone to rifle through

Technology
Enlarge / A redacted copy of data FedEx employees left on a publicly accessible Amazon bucket. (credit: Kromtech Security Center) Passports, driver licenses, and other sensitive documentation for thousands of FedEx customers were left online, possibly for years, in a blunder that left the information available to identity thieves and other malicious actors, researchers said Thursday. In all, Kromtech Security Center said, researchers found 119,000 scanned documents stored in a publicly available Amazon S3 bucket. The photo ID scans were accompanied by completed US Postal Service forms that included names, home addresses, and phone numbers of people who requested to have mail delivered by an authorized agent. "Citizens from all over the world left their scanned IDs—Mexico, Canada, EU cou
A potent botnet is exploiting a critical router bug that may never be fixed

A potent botnet is exploiting a critical router bug that may never be fixed

Technology
A Dasan Networks router similar to this one is under active exploit by the potent Satori botnet. (credit: Dasan Networks) A fast-moving botnet that turns routers, cameras, and other types of Internet-connected devices into potent tools for theft and destruction has resurfaced again, this time by exploiting a critical vulnerability that gives attackers control over as many as 40,000 routers. Despite the high stakes, there's no indication that the bug will be fixed anytime soon, if at all. Satori, as the botnet has been dubbed, quickly made a name for itself in December, when it infected more than 100,000 routers in just 12 hours by exploiting critical vulnerabilities in two models, one made by Huawei and the other by RealTek. Last month, Satori operators released a new version that infec...
SpaceX’s satellite broadband nears FCC approval and first test launch

SpaceX’s satellite broadband nears FCC approval and first test launch

Technology
Enlarge (credit: Getty Images | Olena_T) SpaceX's satellite broadband plans are getting closer to reality. The company is about to launch two demonstration satellites, and it is on track to get the Federal Communications Commission's permission to offer satellite Internet service in the US. Neither development is surprising, but they're both necessary steps for SpaceX to enter the satellite broadband market. SpaceX is one of several companies planning low-Earth orbit satellite broadband networks that could offer much higher speeds and much lower latency than existing satellite Internet services. Today, FCC Chairman Ajit Pai proposed approving SpaceX's application "to provide broadband services using satellite technologies in the United States and on a global basis," a commission announc...
Critical Telegram flaw under attack disguised malware as benign images

Critical Telegram flaw under attack disguised malware as benign images

Technology
Enlarge (credit: Kaspersky Lab) Makers of the Telegram instant messenger have fixed a critical vulnerability that hackers were actively exploiting to install malware on users' computers, researchers said Tuesday. The flaw, which resided in the Windows version of the messaging app, allowed attackers to disguise the names of attached files, researchers from security firm Kaspersky Lab said in a blog post. By using the text-formatting standard known as Unicode, attackers were able to cause characters in file names to appear from right to left, instead of the left-to-right order that's normal for most Western languages. The technique worked by using the special Unicode formatting *U+202E* which causes text strings following it to be displayed from right to left. As a result, Telegram for Wi...
Salon to ad blockers: Can we use your browser to mine cryptocurrency?

Salon to ad blockers: Can we use your browser to mine cryptocurrency?

Technology
Enlarge / Salon's new message for ad-blockers. (credit: Salon) Salon.com has a new, cryptocurrency-driven strategy for making money when readers block ads. If you want to read Salon without seeing ads, you can do so—as long as you let the website use your spare computing power to mine some coins. If you visit Salon with an ad-blocker enabled, you might see a pop-up that asks you to disable the ad-blocker or "Block ads by allowing Salon to use your unused computing power." Salon explains what's going on in a new FAQ. "How does Salon make money by using my processing power?" the FAQ says. "We intend to use a small percentage of your spare processing power to contribute to the advancement of technological discovery, evolution, and innovation. For our beta program, we'll start by applying y
Trump’s infrastructure plan has no dedicated money for broadband

Trump’s infrastructure plan has no dedicated money for broadband

Technology
Enlarge / President Donald Trump unveils his infrastructure plan in the State Dining Room at the White House February 12, 2018 in Washington, DC. (credit: Getty Images | Chip Somodevilla ) President Trump's new 10-year plan for "rebuilding infrastructure in America" doesn't contain any funding specifically earmarked for improving Internet access. Instead, the plan sets aside a pool of funding for numerous types of infrastructure projects, and broadband is one of the eligible categories. The plan's $50 billion Rural Infrastructure Program lists broadband as one of five broad categories of eligible projects. Here's the full list: Transportation: roads, bridges, public transit, rail, airports, and maritime and inland waterway ports. Broadband (and other high-speed data and communication