Exposing SMB to the Internet on unpatched Windows machines… *shaking head while chortling deeply*
NSA exploits or no NSA exploits, people who do this on purpose are idiots and better make their time.
The NSA’s Equation Group hacking tools, leaked last Friday by the Shadow Brokers, have now been used to infect thousands of Windows machines worldwide, we’re told.
On Thursday, Dan Tentler, founder of security shop Phobos Group, told The Register he’s seen rising numbers of boxes on the public internet showing signs they have DOUBLEPULSAR installed on them. These hijacked machines can be used to sling malware, spam netizens, launch further attacks on other victims, and so on.
DOUBLEPULSAR is a backdoor used to inject and run malicious code on an infected system, and is installed using the ETERNALBLUE exploit that attacks SMB file-sharing services on Windows XP to Server 2008 R2. That means to compromise a computer, it must be running a vulnerable version of Windows and expose an SMB service to the attacker. Both DOUBLEPULSAR and ETERNALBLUE are leaked Equation Group tools, now available for any script kiddie or hardened crim to download and wield against vulnerable systems.
In March, Microsoft patched the SMB Server vulnerability (MS17-010) exploited by ETERNALBLUE, and it’s clear that some people have been slow to apply the critical update, are unable to do so, or possibly just don’t care.
The fix is available for Windows Vista SP2, Windows 7, Windows 8.1, Windows RT 8.1, Windows 10, Windows Server 2008 SP2, Windows Server 2008 R2 SP1, Windows Server 2012 and Windows Server 2012 R2, Windows Server 2016, and Server Core. If you have an older vulnerable system, such as XP or Server 2003, you’re out of luck.
Via: MIT Technology Review:
Last year, a strange self-driving car was released onto the quiet roads of Monmouth County, New Jersey. The experimental vehicle, developed by researchers at the chip maker Nvidia, didn’t look different from other autonomous cars, but it was unlike anything demonstrated by Google, Tesla, or General Motors, and it showed the rising power of artificial intelligence. The car didn’t follow a single instruction provided by an engineer or programmer. Instead, it relied entirely on an algorithm that had taught itself to drive by watching a human do it.
Getting a car to drive this way was an impressive feat. But it’s also a bit unsettling, since it isn’t completely clear how the car makes its decisions. Information from the vehicle’s sensors goes straight into a huge network of artificial neurons that process the data and then deliver the commands required to operate the steering wheel, the brakes, and other systems. The result seems to match the responses you’d expect from a human driver. But what if one day it did something unexpected—crashed into a tree, or sat at a green light? As things stand now, it might be difficult to find out why. The system is so complicated that even the engineers who designed it may struggle to isolate the reason for any single action. And you can’t ask it: there is no obvious way to design such a system so that it could always explain why it did what it did.
A series of power outages in Los Angeles, San Francisco, and New York City on Friday left people across the country struggling to complete their morning commutes. There is currently no evidence to suggest that this is more than just a coincidence, despite worries about some sort of cyber attack.
New York City was hit with outages at 6 a.m., followed by an outage in Los Angeles, and San Francisco later in the morning. Officials have announced that the the San Francisco outage was caused by a substation fire. No one has identified causes for the outages in New York or Los Angeles yet, but there are a number of possibilities based on major power outages that have shut down cities over the last few decades. There have not been any reports from officials linking the outages to a cyber attack.
Britain went a full day without using coal to generate electricity for the first time since the Industrial Revolution, the National Grid says.
The energy provider said Friday’s lack of coal usage was a “watershed” moment.
Britain’s longest continuous energy period without coal until now was 19 hours – first achieved last May, and again on Thursday.
The government plans to phase out Britain’s last plants by 2025 in order to cut carbon emissions.
Friday is thought to be the first time the nation has not used coal to generate electricity since the world’s first centralised public coal-fired generator opened in 1882, at Holborn Viaduct in London.
Cordi O’Hara of the National Grid said: “To have the first working day without coal since the start of the industrial revolution is a watershed moment in how our energy system is changing.
“The UK benefits from highly diverse and flexible sources of electricity. Our energy mix continues to change and National Grid adapts system operation to embrace these changes.”
Via: New Zealand Herald:
The highly secretive meeting being held in Queenstown this weekend is a gathering of intelligence and security agencies related to the Five Eyes spying network, the Herald understands.
Among the people believed to be attending are Federal Bureau of Investigation (FBI) director James Comey and Central Intelligence Agency (CIA) director Mike Pompeo.
It is understood about 15 agencies which carry out intelligence for Five Eyes – the spying partnership of the United States, Australia, Canada, the United Kingdom and New Zealand – are attending the conference.
In a statement released yesterday, a spokesman for Prime Minister Bill English confirmed a number of senior officials were coming for a conference hosted by the Government, but would not reveal what the conference was.
Research Credit: EB
Back on April 13:
Is that Google Home device capable of voice printing people? If so, maybe the phones are too.
Well, that didn’t take long.
We’re adding the ability for up to six people to connect their account to one Google Home. So now when I ask my Google Assistant for help, it can distinguish my voice from my wife’s and I can hear my own personal playlists, my own commute time, my own schedule and more.
300km range? That’s what they’re claiming.
Hint: If you have any aviation enthusiast children, call them over to your screen, don’t tell them what they’re about to watch and hit play. I wish I had a picture of my nine-year-old’s face when he saw this.
But when I said he’d have to let the computer fly it, he rolled his eyes and walked away.
I already watch what I say around my mobile phone, so how about a brain computer interface from Facebook?
This is so far down the no-fucking-way path for me that it’s almost hilarious.
Even if people were willing to use such a thing, it’s not coming anytime soon.
Long ago, I worked for a company that claimed to have technology capable of diagnosing Alzheimer’s disease through the analysis of an individual’s EEG data alone.
Hint: It didn’t work.
In addition to running IT for those bozos, I used to be the test dummy for the EEG machine that they were building in house.
Here’s the most basic problem with EEG: Hair. I routinely got buzz cuts so I had the shortest hair of anyone in the company.
Electrode position and scalp contact have always been, and probably will always be, a hassle with this technology. Never mind how noisy EEG data is. For the sake fo discussion, assume the “former” head of DARPA has some wonder algorithm that can tune everything out but what they’re after. She probably doesn’t, but assume she does. What I’m saying is that getting good EEG data requires a skilled technician to gel up and place the electrodes!
There are, of course, some sexy fashion options for helping with this…
I was last involved with that stuff 17 years ago and the current EEG caps look pretty much identical to what we had back then.
So, will Facebook ever be able to go from this:
…while maintaining the level of resolution necessary for their box to do its thing?
I doubt it, but maybe someday. Check back with me when Musk convinces people that elective neurosurgery is a good idea for keeping an edge vs. our robot overlords.
Facebook Inc.’s research unit Building 8 is working to make it possible for people to type using signals from their brains, part of the lab’s broader effort to free people from their phones.
Regina Dugan, hired from Alphabet Inc. last year to oversee the lab, said that within “a few years’ time” Facebook aims to develop a system that can type at 100 words per minute, just from monitoring the brain, without using any kind of implant. The company is working with outside academics on the issue.
This would give “the ability to text a friend without taking out your phone or the ability to send a quick email without leaving the party,” Dugan said Wednesday at the social network operator’s F8 developer conference. The technology may not require thinking in actual letters, she said. The lab also is working on a way for people to hear through their skin.
“One day, not so far away, it may be possible for me to think in Mandarin and for you to feel it instantly in Spanish,” Dugan said.
Disclosure: I sell solar power systems in New Zealand.
Make sure to watch this in fullscreen mode and at the highest resolution your display supports. At first I thought, haha whatever roofing material they’re using looks like solar panels.
*squint at screen*
“That’s not… Can’t be. Is it?”
Yep. It is.
Aesthetically, I get flush mounting on the main building, but why not pitch them on the car parks for greater efficiency?
Via: Renewable Energy World:
The campus is powered 100 percent by renewable energy and will include 17 MW of rooftop solar. Apple Park will be one of the largest on-site solar installations in the world.
To nearly everybody’s surprise, as reported in January in the journal Nature, the bursts originated in a small “dwarf irregular” galaxy, one about a gigaparsec (just over 3 billion light years) away. This made the strength of the signal and its frequent repetitions even more astonishing. “If you’re detecting a bright flash from a gigaparsec, there’s an awful lot of energy associated with it,” Chatterjee said. “The more energy you associate with each event, the harder it gets to explain the repetition. Basically, what’s recharging the battery so quickly?”