The ion trap in Honeywell’s quantum computer. Source: Honeywell
Industrial technology conglomerate Honeywell says they built the most powerful quantum computer in the world.
The system will be available for use via the cloud by the middle of this year.
Honeywell CEO, Darius Adamczyk, told CNBC News the computer will have applications across a range of sectors.
“Material science, route optimization, financial software […] Anything that really overwhelms a classic computer are perfect applications for a quantum computer given the computing power that’s available,” Adamczyk said.
Financial services firm JP Morgan has already signed up to be the first public use of Honeywell’s computer when it comes online.
Honeywell also announced investments in quantum software and applications developers,
The plane — at 10,000 feet, out of signal range — sends the information to a smaller aircraft below, which relays it to a UC San Diego research team running a lab known as WIFIRE. The lab’s supercomputer produces mapping and heat-detection data within minutes, and it generates a model of how the fire might spread based on a number of factors — Eventually, such information will go to a wildfire warning center created under a new state law.
The planes are part of a pilot program. In the state’s new landscape of more frequent and more ferocious fires, it takes a village to combat the menace: private technology, state and local fire agencies and computing know-how at California’s universities.
California has already signed the program’s first two contracts. One project will use advanced computing to predict a fire’s path; the other will fund a network of “sky sensors” to detect fires as soon as they ignite and send alerts to emergency officials.
In addition to the plane pilot program, UC San Diego operates the ALERT Wildfire system with the University of Nevada and the University of Oregon, a network of almost 300 high-definition cameras trained on high-fire-threat areas. The remotely operated cameras can see up to 70 miles in daylight and 100 miles with infrared at night.
Chrome 77, which is due out in September, sites that use Extended Validation (EV) certificates will no longer have a space in the address bar to display the site owner’s name.
Something similar is happening in desktop Firefox 70, scheduled for an October release, will be the same.
Mozilla and Google are moving the EV information to behind the padlock icon, which users can click on to view certificate information. Mozilla says its change to EV indicators is about “reducing the exposure of EV information while keeping it easily accessible”.
Certificate vendors could charge more for EV certificates to owners of HTTPS websites, such banks and e-commerce sites, which would undergo an extended validation process.
Google explains that its new approach to EV certificate indicators in Chrome 77 is because the Chrome Security UX team “has determined that the EV UI does not protect users as intended”.
“Users do not appear to make secure choices (such as not entering password or credit card information) when the UI is altered or removed, as would be necessary for EV UI to provide meaningful protection,” Google says.
Additionally, EV indicators are an example of “positive indicators”, such as the padlock that still Chrome uses to indicate an HTTPS site.
Chrome will eventually remove the padlock icon for HTTPS sites and has already started instead to emphasize a red ‘Not secure’ warning for all HTTP sites. Firefox 77 will also follow Google Chrome’s lead on ‘not secure’ alerts for HTTP sites.
The DEF CON 27 IoT Village, organized by security consulting and research firm Independent Security Evaluators (ISE) will highlight the significant challenges of security and privacy within this universe of devices on August 8-10, Eldorado Ballroom at the Las Vegas Flamingo Hotel.
IoT Village is now the premier platform for the IoT hacking community to inform manufacturers and consumers about new vulnerabilities research. The past six years, IoT Village has established a worldwide reputation at DEF CON, the largest gathering for hackers, and has showcased over 50 speakers who have exposed more than 300 vulnerabilities. IoT Village has educated countless attendees and sponsors about the most innovative techniques to both hack and secure IoT.
Hidden Figure” and mathematician Dr. Gladys West has accepted the Air Force Space and Missile Pioneers award. She joined the elite list of professionals recognized by the Air Force Space Command just before 2018 came to an end. In a news release, the Air Force Space Command Public Affairs Office announced Lt. Gen. David Thompson, Air Force Space Command vice commander, presented Dr. West with one of their highest honors 19 days before Christmas.
Over the last couple of days, some users who went ahead and installed the Windows 10 October Update have complained that it deleted personal files in their documents folders. Microsoft hadn’t started pushing the update automatically via Windows Update yet, and it looks like that may be delayed since, as noticed by Techdows, it has removed the update from its download site.
Currently the newest version available to download is the old October update, and there’s the following message on its support page.
Ransomware is a form of malicious software — malware — which encrypts documents on a PC or even across a network. Victims can often only regain access to their encrypted files and PCs by paying a ransom to the criminals behind the ransomware.
A ransomware infection often starts with someone clicking on what looks like an innocent attachment, and it can be a headache for companies of all sizes if vital files and documents (think spreadsheets and invoices) are suddenly encrypted and inaccessible. But that’s not the only way to get infected.
What is the history of ransomware?
While ransomware exploded last year, increasing by an estimated 748 percent, it’s not a new phenomenon: the first instance of what we now know as ransomware appeared in 1989.
Known as AIDS or the PC Cyborg Trojan, the virus was sent to victims — mostly in the healthcare industry — on a floppy disc. The ransomware counted the number of times the PC was booted: once it hit 90, it encrypted the machine and the files on it and demanded the user ‘renew their license’ with ‘PC Cyborg Corporation ‘ by sending $189 or $378 to a post office box in Panama.
The AIDS demand for payment — by post. Image: Sophos
How did ransomware evolve?
This early ransomware was a relatively simple construct, using basic cryptography which mostly just changed the names of files, making it relatively easy to overcome.
But it set off a new branch of computer crime, which slowly but surely grew in reach — and really took off in the internet age. Before they began using advanced cryptography to target corporate networks, hackers were targeting general internet users with basic ransomware.
One of the most successful variants was ‘police ransomware’, which tried to extort victims by claiming to be associated with law enforcement. It locked the screen with a ransom note warning the user they’d committed illegal online activity, which could get them sent to jail.
However, if the victim paid a fine, the ‘police’ would let the infringement slide and restore access to the computer by handing over the decryption key.
An example of ‘police ransomware’ threatening a UK user. Image: Sophos
.
What are the main types of ransomware?
Ransomware is always evolving, with new variants continually appearing in the wild and posing new threats to businesses. However, there are certain types of ransomware which have been much more successful than others.
Perhaps the most notorious form of ransomware is Locky, which terrorised organizations across the globe throughout 2016. It infamously made headlines by infecting a Hollywood hospital. The hospital gave into the demands of cybercriminals and paid a $17,000 ransom to have its networks restored.
Locky remained successful because those behind it regularly update the code to avoid detection. They even update it with new functionality, including the ability to make ransom demands in 30 languages, so criminals can more easily target victims around the world. Locky became so successful, it rose to become most prevalent forms of malware in its own right.
Cryptowall is another form of ransomware which has found great success for a prolonged period of time. Starting life as doppelganger of Cryptolocker, it’s gone onto become one of the most successful types of ransomware.
One of the most common forms of ransomware distributed in this way is Cerber, which infected hundreds of thousands of users in just a single month. The original creators of Cerber are selling it on the Dark Web, allowing other criminals to use the code in return for 40 percent of each ransom paid.
Cerber ransomware became so successful that it surpassed Locky — which appeared to mysteriously disappear over Christmas, although reemerged in April with new attack techniques — to become the most dominant form of ransomware on the web, accounting for 90 percent of ransomware attacks on Windows as of mid-April 2017.
The cryptography behind Cerber is so advanced that there’s currently no decryption tools available to help those infected by the latest versions.
Cerber now comes with the ability to steal to steal bitcoin wallet and password information, in addition to encrypting files.
In exchange for giving up some of the profits for using Cerber, wannabe cyber-fraudsters are provided with everything they need in order to successfully make money through the extortion of victims.
What is WannaCry ransomware?
In the biggest ransomware attack to date, WannaCry — also known as WannaCrypt and Wcry — caused chaos across the globe in an attack which started on Friday 12 May 2017. WannaCrypt ransomware demands $300 in bitcoin for unlocking encrypted files — a price which doubles after three days. Users are also threatened, via a ransom note on the screen, with having all their files permanently deleted if the ransom isn’t paid within a week.
WannaCry ransomware infected Windows XP systems across the globe. Image: Cisco Talos
More than 300,000 victims in over 150 countries fell victim to the ransomware over the course of one weekend, with businesses, governments, and individuals across the globe all affected.
Healthcare organisations across the UK had systems knocked offline by the ransomware attack, forcing patient appointments to be cancelled and hospitals telling people to avoid visiting Accident and Emergency departments unless it was entirely necessary.
Of all the countries affected by the attack, Russia was hit the hardest, according to security researchers, with the WannaCry malware crashing Russian banks, telephone operators, and even IT systems supporting transport infrastructure. China was also hit hard by the attack, with 29,000 organizations in total falling victim to this particularly vicious form of ransomware.
Other high-profile targets included the car manufacturer Renault which was forced to halt production lines in several locations as the ransomware played havoc with systems.
What all the targets had in common is that they were running unsupported versions of Microsoft Windows, including Windows XP, Windows 8, and Windows Server 2003.
The ransomware worm is so potent because it exploits a known software vulnerability called EternalBlue. The Windows flaw is one of many zero-days which apparently was known by the NSA — before being leaked by the Shadow Brokers hacking collective. Microsoft released a patch for the vulnerability earlier this year — but only for the most recent operating systems.
In response to the attack, Microsoft took the unprecedented step of issuing patches for unsupported operating systems to protect against the malware.
It was almost three months before the WannaCry attackers finally withdrew the funds from the WannaCry bitcoin wallets — they made off with a total of $140,000 thanks to fluctuations in the value of bitcoin.
But despite critical patches being made available to protect systems from WannaCry and other attacks exploiting the SMB vulnerability, a large number of organisations seemingly chose not to apply the updates.
Petya ransom note Image: Symantec
But that’s a relatively modest loss in comparison to other victims of the attack: shipping and supply vessel operator Maersk and goods delivery company FedEx have both estimated losses of $300m due to the impact of Petya.
In February 2018, the governments of the United Kingdom, the United States, Australia and others officially declared that the NotPetya ransomware had been the work of the Russian military. Russian denies any involvement.
What is Bad Rabbit ransomware?
October 2017 saw the third high profile ransomware attack of the year when organizations in Russia and Ukraine fell victim to a new variant of Petya ransomware.
Dubbed Bad Rabbit, it infected at least three Russian media organisations while also infiltrating the networks of several Ukrainian organisations including the Kiev Metro and Odessa International Airport – at the time, the airport said it had fallen victim to a ‘hacker attack’.
The initial attack vector used to distribute Bad Rabbit was drive-by downloads on hacked websites – some of which had been compromised since June. No exploits were used, rather visitors were told they had to install a phony Flash update, which dropped the malware.
Bad Rabbit ransom note Image: Kaspersky Lab
Like NotPetya before it, Bad Rabbit spread through networks using a leaked NSA hacking tool – but this time it was via the EternalRomance SMB vulnerability, rather than the EternalBlue exploit.
Analysis of Bad Rabbit shared much of its code – at least 67 percent – with Peyta and researchers at Cisco Talos concluded that this, combined with how it uses SMB exploits, means there’s “high confidence” in a link between the two forms of ransomware – and that they could even share the same author.
Bad Rabbit was named after the text which appeared at the top of the Tor website hosting the ransom note. Some security researchers joked it should’ve been named after the lines in the code referencing characters from Game of Thrones.
SpriteCoin ransomware demands payment in Monero. Image: Fortinet.
How do you prevent a ransomware attack?
With email being by far the most popular attack vector for ransomware, you should provide employees with training on how to spot an incoming malware attack. Even picking up on little indicators like poor formatting or that an email purporting to be from ‘Microsoft Security’ is sent from an obscure address which doesn’t even contain the word Microsoft within it might save your network from infection. The same security policies that protect you from malware attacks in general will go some way towards protecting your company from ransom demands too.
At the very least, employers should invest in antivirus software and keep it up-to date, so that it can warn users about potentially malicious files. Backing up important files and making sure those files can’t be compromised during an attack in another key.
How long does it take to recover from a ransomware attack?
Simply put, ransomware can cripple a whole organization — an encrypted network is more or less useless and not much can be done until systems are restored.
If your organization is sensible and has backups in place, systems can be back online in the time it takes the network to be restored to functionality, although depending on the size of the company, that could range from a few hours to days.
FedEx said that it may not be able to recover all the systems affected by the Petya cyberattack, meaning that while the company is back up and running, some machines won’t ever be able to be restored.
Outside of the immediate impact ransomware can have on a network, it can result in an ongoing financial hit.
How do I get rid of ransomware?
The ‘No More Ransom’ initiative — launched in July 2016 by Europol and the Dutch National Police in collaboration with a number of cybersecurity companies including Kaspersky Lab and McAfee — offers free decryption tools for ransomware variants to help victims retrieve their encrypted data without succumbing to the will of cyber extortionists.
Initially launching as a portal offered portal offers decryption tools four for families of ransomware — Shade, Rannoh, Rakhn, and CoinVault — the scheme is regularly adding more decryption tools for even more versions of ransomware including Crypt XXX, MarsJoke, Teslacrypt, Wildfire and Nemucod.
The portal — which also contains information and advice on avoiding falling victim to ransomware in the first place — is updated as often as possible in an effort to ensure tools are available to fight the latest forms of ransomware.
No More Ransom has grown from offering a set of four tools to carrying 52 decryption tools covering hundreds of families of ransomware. So far, these tools have decrypted tens of thousands of devices, depriving criminals of millions in ransoms.
The platform is now available in over 29 languages with more than 100 partners across the public and private sectors supporting the scheme.
The No More Ransom portal offers free ransomware decryption tools. Image: Europol
Individual security companies also regularly release decryption tools to counter the ongoing evolution of ransomware — many of these will post updates about these tools on their company blogs as soon as they’ve cracked the code.
A decryption tool was recently released which may be able to help if your PC has been hit by one of the original versions of the Petya malware — the so-called Red Petya, Green Petya, and GoldenEye — and may enable you to recover the lost files (although it can’t help with PetrWrap or those hit by the Petya/NotPetya global attack). However, these tools don’t always work so it is always wise to make additional backups.
Another way of working around a ransomware infection is to ensure your organization regularly backs up data offline.
Should I pay a ransomware ransom?
There are those who say victims should just pay the ransom, citing it to be the quickest and easiest way to retrieve their encrypted data — and many organizations do pay even if law enforcement agencies warn against it.
WARNING: if word gets out that your organization is an easy target for cybercriminals because it paid a ransom, you could find yourself in the crosshairs of other cybercriminals who are looking to take advantage of your weak security.
A new piece of software has been trained to use wifi signals — which pass through walls, but bounce off living tissue — to monitor the movements, breathing, and heartbeats of humans on the other side of those walls. The researchers say this new tech’s promise lies in areas like remote healthcare, particularly elder care, but it’s hard to ignore slightly more dystopian applications.
Project’s leader Dina Katabi, a 2013 MacArthur “Genius Grant” Fellow who teaches electrical engineering and computer science at MIT, to talk about how the new tech may be used.
She says “We actually are tracking 14 different joints on the body … the head, the neck, the shoulders, the elbows, the wrists, the hips, the knees, and the feet,
“So you can get the full stick-figure that is dynamically moving with the individuals that are obstructed from you — and that’s something new that was not possible before.”
The Problem: identifying human activity from wifi signals isn’t really something that even humans know how to do themselves. So the team developed one A.I. program that monitored human movements with a camera, on one side of a wall, and fed that information to their wifi X-ray A.I., called RF-Pose, as it struggled to make sense of the radio waves passing through that wall on the other side.
The Goal: Katabi would like to get the RF-Pose A.I. sophisticated enough that it can help monitor a variety of human health data tied to movement, identifying the early manifestations and progression of diseases like Parkinson’s or multiple sclerosis (MS). (Prior versions of this research could already track physiological data like breathing patterns and heart rate.) She also said RF-Pose’s underlying tech could easily apply to a number of other potential uses: from search-and-rescue missions retrieving avalanche victims, to wild futuristic revivals of Xbox Kinect, to intervening in dicey hostage situations between terrorists and law enforcement.
A Canadian man has pleaded guilty to hacking charges related to a 2014 spear-phishing operation of Yahoo employees. The hack ultimately compromised 500 million Yahoo accounts.
The operative, Karim Baratov, appeared in a San Francisco federal court on Tuesday afternoon. He also admitted that his role was to “hack webmail accounts of individuals of interest to the FSB,” the Russian internal security service. Baratov then sent those passwords to his alleged co-conspirator, Dmitry Aleksandrovich Dokuchaev.
Baratov was indicted in late February 2017 along with three other men who remain in Russia.
The prosecutors said Dmitry Aleksandrovich Dokuchaev, 33, and Igor Anatolyevich Sushchin, 43—both officers of the Russian Federal Security Service—worked with two other men—Alexsey Alexseyevich Belan, 29, and Karim Baratov, 22—who were also indicted. The men gained initial access to Yahoo in early 2014 and began their reconnaissance, the indictment alleged. By November or December, Belan used the file transfer protocol to download part or all of a Yahoo database that contained user names, recovery e-mail accounts, and phone numbers. The user database (UDB) also contained the cryptographic nonces needed to generate the account-authentication browser cookies for more than 500 million accounts.
Belan also downloaded an account management tool (AMT) that Yahoo used to make and track changes to user accounts. Together, the pilfered UDB and AMT allowed Belan, Dokuchaev and Sushchin to locate Yahoo e-mail accounts of interest and to mint authentication cookies needed to access 6,500 accounts without authorization. The accounts belonged to Russian journalists, Russian and US government officials, employees of a prominent Russian security company, and employees of other Internet companies the indicted men wanted to target. Belan and Baratov also used their access to commit additional crimes, including by manipulating Yahoo search results to promote a scam involving erectile dysfunction drugs, stealing electronic gift cards, and sending spam messages to Yahoo users’ contacts.
Councillor Pete Gilbert, Conservative county councillor for Bedworth West, says libraries that look like car parks are not helping halt the slump in visitor numbers across Warwickshire. He continues to say” the biggest damage that we’ve caused ourselves is the knocking or pulling down of beautiful buildings that lived and breathed books and building these Soviet-looking flat roofed things that don’t inspire anybody.”
On the other hand in contrast to that, the county was among the best when it came to digital visits with eBook and eAudio downloads at an all-time high.
Technologies such as artificial intelligence, mixed reality and cloud computing are becoming commonplace. According to a recent Microsoft research, more than two in three (68%) GCC enterprises will invest 5% or more of their revenue in digital transformation this year. More than half (51%) will migrate to the intelligent cloud. Some 29% will look to integrate artificial intelligence into their organizations, while other adoption targets are business intelligence (41%), the Internet of Things (37%), automated workflow (25%), predictive analytics (21%) and robotics and machine automation (14%).
Society will seek today’s students to fulfill the roles that go along with these technologies, as well as to plug an increasingly wide skills gap in the field of cyber-security.
A global study by McKinsey revealed only 42% of employers believe new graduates are adequately prepared for the modern workplace, especially with regards to soft skills such as emotional and social aptitudes.
The study also showed that students receiving personalized coaching and individualized feedback perform better than 98% of students taught in a more traditional manner. While over half (51%) of teachers believed they had strong, individual relationships with their students, just over a third (34%) of students agreed. The answer lies in ensuring that teachers have time to engage effectively with students. Surveyed teachers said the right technology freed up their time – up to 30% of it – and allowed them to focus on delivering personalized, engaging experiences to students.
For years now, WPA2 was known as the best personal Wi-Fi protection you could enable . It’s a standard network security feature that enables AES encryption through a password.
Now the Wi-Fi Alliance has announced a new security protocol called WPA3, an updated standard that provides more security — arriving just the right time in a world that’s increasingly threatened by data hacks and wireless data theft.
How WPA works
WPA uses what’s usually called a “handshake” security check system. This handshake is designed to make sure that all the devices involved in the wireless connection are on the same page and working correctly.
In WPA2, that means a four-way handshake between the two client devices connected and the two wireless access points those devices are using to. The WPA2 system takes a look at all these devices and asks, does everyone have the same password? Good.
The big advantage to this system is that it prevents many casual types of data theft that could otherwise occur—or at least makes them too difficult to be worth the effort. WPA2 technology encrypts that data, making it essentially useless to hackers even if they manage to obtain it.
How WPA3 differs from WPA2
WPA2 worked very well for a long time, but it is starting to get a little outdated by the progress of technology, and the latest efforts of determined hackers trying steal your sweet data. WPA3 adds four new features to the encryption process to keep it current.
The first WPA3 devices, such as routers, should be arriving some time in 2018, allowing the conversion process to begin. In the beginning, such routers will no doubt support by WPA3 and WPA2 so devices that use either can connect.
Thursday evening, the city council in Plattsburgh, New York unanimously voted to impose an 18-month ban on Bitcoin mining in the city.
Mining is the extremely energy-intensive computational process that secures the Bitcoin blockchain and rewards miners with bitcoins. The Bitcoin ban was proposed by Plattsburgh Mayor Colin Read earlier this month after local residents began complaing about wildly inflated electricity bills in January. The ban affects only new commercial Bitcoin operations and will not affect companies that are already
Most cryptocurrencies require a “mining” process in which servers are used to guess the solution to a complex equation—the computer that gets the answer gets the newly minted coin. It takes a lot of electricity to be a miner, and the ones who are successful tend to use a large network of mining rigs. To cut down on their energy expenses, miners have flocked to cities with cheap power and we’re just beginning to learn what cost that brings for the municipalities themselves.
EFF filed a lawsuit against the Department of Justice in May 2017 seeking records about the FBI’s training and use of Best Buy Geek Squad employees to conduct warrantless searches of customers’ computers.
A federal prosecution of a doctor in California revealed that the FBI has been working for several years to cultivate informants in Best Buy’s national repair facility in Brooks, Kentucky, including reportedly paying eight Geek Squad employees as informants.
EFF sent a FOIA request to the FBI in February 2017 seeking agency records about the use of informants, training of Best Buy personnel in the detection and location of child pornography on computers, and policy statements about using informants at computer repair facilities.The FBI denied the request, saying it doesn’t confirm or deny that it has records that would reveal whether a person or organization is under investigation. A suit was filed after the Department of Justice failed to respond to our administrative appeal of the FBI’s initial denial.
When the Thanatos Ransomware infects a computer it will use a new key for each encrypted file. The problem, according to researcher Francesco Muroni, is that these keys are never saved anywhere. This means that if a user pays the ransom, the ransomware developer does not have a method that will actually be able to decrypt each file. Therefore, it is not recommended that victims pay the Thanatos ransom for any reason.
While the encryption part of Thanatos is a mess, the ransomware is the first to accept Bitcoin Cash as a ransom payment.
While Thanatos accepts both Bitcoin and Etherum as a ransom payment, this is the first time that Bitcoin Cash has been accepted as shown in the ransom note below.
Thanatos Ransom Note
How Thanatos Encrypts a File
When encrypting files it will append the .THANATOS extension to an encrypted file’s name. For example, a file named test.jpg would be encrypted and renamed as test.jpg.THANATOS.
Thanatos Encrypted Files
After the encryption process is completed, it will then connect to iplogger.com/1t3i37 URL in order to keep track of the amount of victims that have been infected.
Finally, it will generate an autorun key called “Microsoft Update System Web-Helper” that opens the README.txt ransom note every time a user logs in. This ransom note can be seen in the article’s previous section.
This ransom note contains instructions to send a $200 USD ransom payment to one of the listed Bitcoin, Ethereum, or Bitcoin Cash addresses. The user is then instructed to contact thanatos1.1@yandex.com with their unique victim ID in order to receive a decryption program.
If anyone is infected with this ransomware, they should contact us about the possible creation of a brute force program.
How to protect yourself from the Thanatos Ransomware
First and foremost, you should always have a reliable and tested backup of your data that can be restored in the case of an emergency, such as a ransomware attack.
You should also have security software that incorporates behavioral detections to combat ransomware and not just signature detections or heuristics. For example, Emsisoft Anti-Malware and Malwarebytes Anti-Malware both contain behavioral detection that can prevent many, if not most, ransomware infections from encrypting a computer.
Last, but not least, make sure you practice the following security habits, which in many cases are the most important steps of all:
Backup, Backup, Backup!
Do not open attachments if you do not know who sent them.
Do not open attachments until you confirm that the person actually sent you them,
Scan attachments with tools like VirusTotal.
Make sure all Windows updates are installed as soon as they come out! Also make sure you update all programs, especially Java, Flash, and Adobe Reader. Older programs contain security vulnerabilities that are commonly exploited by malware distributors. Therefore it is important to keep them updated.
Make sure you use have some sort of security software installed that uses behavioral detections or white list technology. White listing can be a pain to train, but if your willing to stock with it, could have the biggest payoffs.
India has a severe shortage of psychiatrists and as a result, mental illness in rural areas remain undiagnosed or does not get the proper treatment. Indian researchers have developed a virtual tool to help address this problem. It has been found that it can be used by non-psychiatrists and is as effective as a diagnosis by specialists. The expert system is called clinical decision support system (CDSS) for diagnosis and treatment of psychiatric disorders was developed at the Department of Psychiatry of the Postgraduate Institute of Medical Education and Research (PGIMER), Chandigarh.
The tool covers 18 common mental disorders-delirium, dementia, mania, depression, dysthymia, psychosis, obsessive-compulsive disorder, generalized anxiety disorder, panic disorder, phobias, reaction to severe stress and adjustment disorder, somatoform disorder, dissociative disorder, neurasthenia, sexual dysfunctions, alcohol dependence, substance dependence and mental retardation.
Mental health care is mostly unavailable or inaccessible in most parts of India. About 90 percent patients in need of psychiatric treatment do not get it due to lack of psychiatrists. That gap is filled by creating a virtual psychiatrist. The expert system can assist a non-medical person to interview a patient with mental disorders leading to an automated diagnosis. The ICT technology is very simple to use, just a computer, broadband internet, Skype and a telephone line. Telepsychiatry holds the potential to solve the massive and intertwined problems of underdiagnosing and undertreating persons with mental illness and the lack of trained workforce at the grassroots level.
The newly classified gaming disorder is now included as an affliction. Those who suffer from the disorder are said to have “impaired control over gaming. Gaming disorder is characterized by a pattern of persistent or recurrent gaming behaviour (‘digital gaming’ or ‘video-gaming’), which may be online (i.e., over the internet) or offline, manifested by: 1) impaired control over gaming (e.g., onset, frequency, intensity, duration, termination, context); 2) increasing priority given to gaming to the extent that gaming takes precedence over other life interests and daily activities; and 3) continuation or escalation of gaming despite the occurrence of negative consequences. The behaviour pattern is of sufficient severity to result in significant impairment in personal, family, social, educational, occupational or other important areas of functioning. The pattern of gaming behaviour may be continuous or episodic and recurrent. The gaming behaviour and other features are normally evident over a period of at least 12 months in order for a diagnosis to be assigned, although the required duration may be shortened if all diagnostic requirements are met and symptoms are severe.
VR can transmit students to the farthest corners of the universe in just a blink of an eye and surround them with an engaging and deeply educational environment. Students will no longer be stuck with pages upon pages of boring text, bullet points, and illustrations, but they will have a chance to actually go through the experience and get the most out of it instead.
Augmented Reality (AR)
Augmented Reality is a technology that superimposes a computer-generated image on a user’s view of the real world, thus providing a composite view. This, also, includes real-world sensory input like video, graphics, or sound [2].
When it comes to eLearning, Augmented Reality can make the learning process more interesting and easier to grasp. For instance, if you were an online instructor and your target subject was astronomy, you could offer your students a virtual tour of Mars without asking anyone to leave their home.
Artificial Intelligence (AI)
Artificial Intelligence is referred to the intelligence displayed by machines, as opposed to natural intelligence displayed by humans and animals [3]. It is revolutionizing the whole eLearning experience due to the many advantages it has to offer. AI can help highlight areas that require improvement and assist students in focusing on areas where they are lagging.
Big Data
If an employee is interacting with a training module based around company policies, their progress, social sharing, assessment results, and another relevant date that is being generated throughout the eLearning course is referred to as “big data”.
Big Data allows eLearning experts to understand how the users are digesting the information and which learning aspects appeal the most to them. In addition to that, it allows them to pinpoint learning interactions that should be fine-tuned within the eLearning module or course.
Wearable Devices
Wearable devices also referred to as wearables, are smart electronic devices that can be worn on the body as accessories or implants
Machine Learning
Machine Learning is a field of computer science that gives computers the capacity to learn without being directly programmed.
It’s called the Quad9 Domain Name System (DNS) service and it is designed to protect internet users from accessing sketchy websites that are known for spreading malware, stealing personal information and fraudulent activity.
Once set as your DNS service, every time you click on a web link, Quad9 will check the site against IBM-X-Force’s threat intelligence database of over 40 billion analyzed webpages and images.
HOW TO SET QUAD9 ON WINDOWS:
1. Pull up Network Connections by right-clicking on the Start menu.
2. Now click on “Change adapter options.” You’ll see your current network; right click and choose Properties.
3. Select Internet Protocol Version 4 (TCP/IPv4) and click on Properties.
4. On the Preferred DNS server field, type in 9.9.9.9, then click OK.
Mac users, don’t despair. Here are the steps to change your DNS settings on a MacOS:
HOW TO SET QUAD9 ON A MAC:
1. Open Settings, then select Network. Click on the Advanced button.
2. Next, go to the DNS tab.
3. Click the plus (+) sign on this tab, then type in 9.9.9.9.
4. Press OK and you’re set!
Note: You’ll need administrator rights to make these changes.
YOUR ROUTER NEEDS THIS ONE THING MANUFACTURERS DON’T TELL YOU
Checking for updates is a critical step to your computer, gadgets and installed software and applications. The reason for this is two-fold. First, you can take advantage of all the new features and improvements to the new version.
The newest developments show that using sodium, zinc, and aluminum constructed batteries make the mini-grid a solid possibility for providing 24-7, reliable and clean energy to entire small rural towns.
2-D Materials
New materials such as Graphene are emerging and are going to change the world forever. Think about the Bronze Age…the Iron Age—these newest materials each contain a single layer of atoms and are two-dimensional. The potential positive impacts of evolving materials are limitless and bound only to the reach of scientists and how far they choose to push.
Autonomous Transportation
Self-driving cars are already in the here-and-now, but just how soon will be helping to improve the lives of handicapped and elderly will change the quality of life for millions.
Personal AI
From your own personal robot assistant that can anticipate your every need and perform tasks at your whim, to entire AI environments—this could be affordable to everyone with the emerging availability of Open AI ecosystems.
Three billion Yahoo accounts — including email, Tumblr, Fantasy, and Flickr — or three times as many as the company initially reported in 2016 were hacked.
Names, email addresses, and passwords, but not financial information, were breached, Yahoo said last year
The new disclosure comes four months after Verizon (VZ, Tech30) acquired Yahoo’s core internet assets for $4.48 billion. Yahoo is part of Verizon’s digital media company, which is called Oath.
Verizon revised the number of breached accounts to three billion after receiving new information.
“The company recently obtained new intelligence and now believes, following an investigation with the assistance of outside forensic experts, that all Yahoo user accounts were affected by the August 2013 theft,” Verizon said in a statement.
Verizon would not provide any information about who the outside forensics experts are.
Yahoo will send emails to the additional affected accounts. Following the hacking revelations last year, Yahoo required password changes and invalidated unencrypted security questions to protect user information.
According to experts, it’s not uncommon for forensic investigations to expose a greater number of victims than initial estimates.
1000 Black techies, thought leaders, and entrepreneurs in 1 room for 2 days on the water in San Francisco? AfroTech, the largest black tech conference in Silicon Valley!
With two full days of the latest technologies and hottest startups, you will have a chance to learn from some of the best, and connect with fellow innovators.
Equifax was hacked and they have information on 143 million Americans. The supposed hackers have made their demands of Equifax. The hackers are asking for over 600 Bitcoin – that much Bitcoin amounts to $2.66USD million. The hackers claim that if Equifax pay up , they will delete all of the data. Equifax has until September 15th to pay up.
The hackers have told Equifax to request any part of the stolen data and they will show it to them to prove that they’re legitimate.The hackers have given Equifax until September 15 to pay the ransom or the data will be publicized.
A proposed class-action lawsuit was filed against Equifax Inc. late Thursday evening, shortly after the company reported that an unprecedented hack had compromised the private information of about 143 million people.
A complaint was filed in Portland, Ore., federal court, users alleged Equifax was negligent in failing to protect consumer data, choosing to save money instead of spending on technical safeguards that could have stopped the attack. Data revealed included Social Security numbers, addresses, driver’s license data, and birth dates. Some credit card information was also put at risk.
An artificial “earthquake” in North Korea created by a hydrogen bomb was felt throughout the region today. The “artificial quake” measured 6.3-magnitude and was followed by a 4.6-magnitude quake originating near the North’s main testing site at Punggye-ri.
The Russian ministry issued a statement on today urging immediate dialogue and negotiations. It says that’s the only way settle the Korean Peninsula’s problems, “including the nuclear one. The ministry says Russia reaffirms its readiness to participate in negotiations, “including in the context of the implementation of the Russian-Chinese road map.”
Under that proposal, North Korea would suspend nuclear and missile tests in exchange for the US and South Korea suspending their joint military exercises.
US President Donald Trump has reportedly held a 20-minute phone conversation with Japanese counterpart Shinzo Abe following North Korea’s H-bomb test.
Spokeswoman Ri Chun-hee — AkA “The Pink Lady” — announced the country’s sixth nuclear test was “a perfect success”.
In this undated image distributed on Sunday, Sept. 3, 2017, North Korean leader Kim Jong Un inspects the loading of a hydrogen bomb into a new intercontinental ballistic missile. Picture: Korean Central News Agency/Korea News Service via APSource:AP
Hackers established a searchable database named Doxagram allowing users to search for victims’ contact information for $10 per search. The hacker provided a list of 1,000 accounts they said were available for searching on Doxagram to the Daily Beast, and the list included most of the 50 most-followed accounts on the service.
Doxagram was offline Friday @ 5:50 pm. It was unclear how or when it might come back. It’s also not known if Instagram would had sought to have the site shut down.
But even with the site shut down, contact information for dozens of celebrities now appears to be floating around on the dark web. A cybersecurity firm named RepKnight s found contact information for celebrities including:
Musicians: Harry Styles, Ellie Goulding, Victoria Beckham, Beyoncé, Lady Gaga and Rihanna, Taylor Swift, Katy Perry, Adele, Snoop Dogg, Britney Spears.
Athletes: Floyd Mayweather, Zinedine Zidane, Neymar, David Beckham, Ronaldinho.
For celebrities and other high-profile users, the hack could mean having to change a phone number, email address, or both. But it can also be used along with social engineering techniques to gain access to the account itself. That seems to be what happened to Gomez, Instagram’s most-followed user. Her account was briefly taken down Monday after it was used to post nude photographs of Justin Bieber, her ex-boyfriend.
Use different passwords for each app and website. Now the National Institute of Standards and Technology is about to make all of our lives much easier. The organization recently revised its guidelines on creating passwords, and the new advice sharply diverges from previous rules.
Longer passwords that are harder for hackers to break the longer the better. Previously, security experts recommended the use of password manager apps to ensure users’ accounts were protected. The apps are useful because they completely randomize the password, but he says they aren’t necessary to maintain security.
Episode 5 of the of Game of Thrones will air on Sunday. As with episode 4, an outline of the script has been circulating online in what seems to be the latest leak from the huge HBO hack. It seemed like a big deal at first. Nearly two weeks ago, HBO confirmed that hackers had penetrated its servers and stolen some “proprietary information.” A hacker who identifies himself as “Mr. Smith” then leaked the script outlinefor episode 4 of Game of Thrones, some episodes of Ballers, as well as some information about other HBO shows, like Room 104. At the time, the hacker claimed to have stolen some 1.5 terabytes of data, including information about HBO employees, and demanded a $6 million ransom. But HBO stood fast. Variety reported that the hacked data included the some emails of a senior HBO executive. The entertainment newspaper also claimed that there is an image file that “appears to show screenshots of HBO’s internal administration tools, listing employee names and email addresses and their functions within the organization.” That’s when comparisons to the catastrophic Sony hack of 2014 really heated up. If these hackers released a boatload of private and confidential information, and if the leaked data included financial information about the company, HBO could be in real trouble.
HBO corporate is now reassuring staff that their email inboxes were not implicated in the attack.
Soniac was one of the three apps found on Google Play, according to a blog post published Thursday by a researcher from mobile security firm Lookout. The app, which had from 1,000 to 5,000 downloads before Google removed it. Soniac had the ability to record audio, take phones, make calls, send text messages, and retrieve logs, contacts, and information about Wi-Fi access points. Google ejected the app after Lookout reported it as malicious. Two other apps—one called Hulk Messenger and the other Troy Chat—were also available in Play but were later removed. It’s not clear if the developer withdrew the apps or if Google expelled them after discovering their spying capabilities. The apps are all part of a malware family Lookout calls SonicSpy.
Once installed, SonicSpy apps remove their launcher icon to hide their presence and then establish a connection to the control server located on port 2222 of arshad93.ddns[.]net.
The researcher said SonicSpy has similarities to another malicious app family called SpyNote, which security firm Palo Alto Networks reported last year. The name of the developer account—iraqwebservice—and several traits found in the apps’ code suggest the developer is located in Iraq. Additionally, much of the domain infrastructure associated with SonicSpy has references to that country. The phrase “Iraqian Shield” appears constantly. Lookout is continuing to follow leads suggesting the developer is based in that part of the world.
Hackers recently siphoned 1.5 terabytes of data from HBO, and have since leaked unaired episodes of Ballers,Room 104, and Game of Thrones. HBO says it has been looking into the hack since it was discovered, but few conclusive details are known.
The assumption is that the entertainment industry is 5-6 years behind in technology. Netflix lost 10 episodes from Orange Is The New Black‘s fifth season this year because the episodes were on servers running Windows 7. Larson Studios, the post-production company that was hacked, claims the hackers weren’t even looking for the show,just computers running Windows.
The other theory is that the hackers targeted individual employees. Even if HBO keeps all of its files and internal documents behind heavily encrypted security, it likely doesn’t extend that level of security to each individual employee.
A security researcher Marcus Hutchins, 22, a British national, who in May stopped an outbreak of the WannaCry ransomware has been arrested and detained after attending the Def Con conference in Las Vegas. Hutchins was arrested at Las Vegas airport on Wednesday by US Marshals, several close friends have confirmed.
A Justice Department spokesperson has confirmed on the phone that his arrest is in relation to his alleged role “in creating and distributing the Kronos banking Trojan.”
The indictment was dated July 11, about two weeks before he flew to the US to attend the annual security conference. The Justice Department has been after those involved with the notorious Kronos malware for more than two years.
Hutchins, also known as @MalwareTechBlog, stormed to fame after he found a kill switch in the malware, known as WannaCry, amid a global epidemic of ransomware. Hutchins registered a domain name that stemmed the infection.
He was hailed as a hero for stopping the attack, which gripped UK hospitals and other major industries around the world.
The D.C. Police Department identified the missing teens on Twitter as: Audrey Mwamikazi, 17; Aristide Irambona, 18; Kevin Sabumukiza, 17; Don Ingabire, 16; Nice Munezero, 17; and Richard Irakoze, 18.
The robotics competition, is designed to encourage youths to pursue careers in math and science, and have attracted teams of teenagers from more than 150 nations.
Competition organizers say they learned Tuesday night that the team’s mentor could not find the students. FIRST Global President Joe Sestak made the initial call to police, according to a statement issued Thursday. Two of the teens were seen crossing into Canada, D.C. police say. The members of the robotics team from the eastern African country of Burundi, who are 16, 17 and 18, disappeared Tuesday after they took part in the FIRST Global Challenge robotics competition.
The Metropolitan Police Department has received reports that Audrey Mwamikazi, 17, and Don Ingabire, 16, were seen crossing into Canada, spokeswoman Aquita Brown said Thursday morning.
Police say they have no indication of foul play in their disappearance. No additional details were released immediately. The team’s mentor said they disappeared after the competition. He said he did not know where they went. The mentor told police the teens have one-year visas to stay in the U.S.
From right to left, Nyah Beck, 18, of Northridge and Katherine Correa, 19, of Murrieta play an online game called “Overwatch” at UCI’s eSports arena during a gaming summer camp for girls. (Kevin Chang / Times OC)
Female gaming-enthusiasts have heard harsher jabs like, “Go back to the kitchen” and “We’re going to lose. We have a girl on our team.
According to New York-based market research firm SuperData, male viewership more than doubles female viewership on channels that stream eSports, such as Twitch and Azubu.
“It’s a boys’ club,” said Stephanie Llamas, vice president of research and strategy at SuperData. “You have a lot of males who have used games to feel like a community in a way they might not have otherwise felt, and feeling like someone is intruding and feeling like it’s women is a part of that.
The UCI eSports arena at UC Irvine hosted its first gaming summer camp for girls recently
Wikipedia as a classic text adventure: A “game” Wikipedia: The Text Adventure generates a list of major landmarks, and clicking any of them takes you to a landing page with a basic location description as pulled from its Wikipedia article summary, along with a list of nearby locations marked off by cardinal directions. You’re restricted to a text box, and, appropriately, typing “help” into it brings up a list of commands you can type. (Mobile users can also tap on keywords in the summaries, which isn’t as cool, but it’s a welcome alternative.)
The creation of a single file can stop the attack from infecting a machine.
However, researchers have not been able to find a so-called kill switch that would prevent the crippling ransomware from spreading to other vulnerable computers.
By creating a read-only file – named perfc – and placing it within a computer’s “C:\Windows” folder, the attack will be stopped in its tracks.
“Even though it will make a machine ‘immune’,” explained computer scientist Prof Alan Woodward, “It is still a ‘carrier’ (to use the biological analogy).
“It will still continue as a platform to spread the ransomware to other machines on the same network.”For the vast majority of users, simply running an up-to-date version of Windows will be sufficient to prevent the attack taking hold, were it to infect your PC.
Researchers predict the spread of this new ransomware is likely to be much slower than last month’s WannaCry attack. Code analysis showed the new attack did not attempt to spread itself beyond the network it was placed on.
Several experts are predicting that the attack will not spread significantly further than it did on Tuesday, unless it is modified.”There is low risk of new infections more than one hour after the attack,”
A large-scale cyberattack is easing its way through a number of Ukrainian and Russian targets today. So far, in Russia, oil producer Rosneft and metal company Evraz have been affected by the attack. In Ukraine, Boryspil airport, the banking system, a state power distributer and even the Ukrainian government have been hit. Flight delays are e
WannaCry ransomware that claimed hundreds of thousands of victims across 150 countries has hit speed and intersection cameras in Victoria Austrailia, Radio 3AW has reported.
According to the radio station, 55 cameras in the state belonging to vehicle monitoring and enforcement service Redflex were infected with the ransomware after a rogue USB was inserted by someone performing maintenance on the now-infected cameras.
It is understood that the infection came as a result of “human error” rather than a targeted attack aimed at holding the Australian state to ransom.
The cameras are not connected to the internet, however, which means the ransomware has not been spread throughout the field, 3AW told its listeners on Thursday.
The San Francisco metro area was the top location for venture capital investment in the country, hauling in $23.4 billion—more than triple the VC investment in Silicon Valley proper in 2016. New York had virtually zero VC-backed startups in the 1980s, but last year it took in $7.6 billion, eclipsing Silicon Valley as well. Boston and Cambridge were close, with $6 billion. Los Angeles drew $5.5 billion. The likes of Google, Apple, Microsoft, and Facebook continue to maintain suburban campuses, but more than half of venture-capital-financed startups are now in dense urban neighborhoods. Amazon’s headquarters are located in downtown Seattle, and Google has now taken over the old Port Authority building in Manhattan.
Researchers say The migration of high-tech startups to cities is less of a reversal and more of a historical correction.
For years, economists, mayors, and urbanists believed that high-tech development was an unalloyed good thing and that more high-tech startups and more venture capital investment would “lift all boats.” However, the reality is that high-tech development has caused in a new phase of what’s called winner-take-all urbanism, where a relatively small number of metro areas, and a small number of neighborhoods within them, capture most of the benefits. Middle-class neighborhoods have been hollowed out in the process. In 1970, about two-thirds of Americans lived in middle-class neighborhoods; today less than 40 percent of us do. The middle-class share of the population shrank in a whopping 203 out of 229 U.S. metro areas between 2000 and 2014. And places, where the middle class is the least include such superstar cities and tech hubs as New York, San Francisco, Boston, Los Angeles, Houston, and Washington, D.C.
The high-tech industry remains a major driver of economic progress jobs and much-needed tax revenues that cities can use to address and mitigate the problems that come with financial success.
Researchers suggest that they can work with cities to help build more housing, which would reduce housing prices.
When Apple launched its first color desktop computer, in 1990, the tech giant also created a prototype pair of sneakers with its signature rainbow logo.
They were first sold to a lucky Apple employee some time in the mid-’90s, according to BitRebels. They later sold for only $79 on eBay back in 2007.
In the years that followed, the whereabouts of the shoes were unknown — until a friend of Leon Benrimon, director of modern and contemporary art at Heritage Auctions, found them at a garage sale in San Francisco.
Now, Heritage Auctions is auctioning off the pair at its Beverly Hills location. Bidding will begin at 11 am on June 11, and the sneakers are expected to go for at least $30,000. The starting bid will be $15,000. The Adidas sneakers, size 9 and a half, are made from the typical white leather material of the times. They feature Apple’s logo on the tongue and on the side. The soles are made from rubber that supposedly doesn’t leave skid marks.
Contain the attack: Disconnect infected devices from your network to keep ransomware from spreading.
Restore your computer: If you’ve backed up your files, and removed any malware, you may be able to restore your computer. Follow the instructions from your operating system to re-boot your computer, if possible.
Contact law enforcement: Report ransomware attacks to the Internet Crime Complaint Center, FBI’s Cyber Division (CyWatch@ic.fbi.gov or 855-292-3937) or an FBI field office. Include any contact information (like the criminals’ email address) or payment information (like a Bitcoin wallet number). This may help with investigations.
Install Reputable Security Software: Your computer should have anti-virus and anti-spyware software, and a firewall. Viruses can be planted in emails or attachments to emails, in programs or files that you download, and even in Web sites that you visit. These viruses have the potential to wipe out your computer files. Anti-virus software scans everything that enters your computer, looking for these viruses. Spyware is software that tracks your computer activity, gathering information without your knowledge. Anti-spyware software blocks or removes spyware. You may obtain the anti-virus and anti-spyware software separately or as a package. For lists of security tools from legitimate security vendors, visit staysafeonline.org.
Use a Firewall: A firewall is a virtual barrier between your computer and the Internet. Everything coming into or leaving your computer must go through the firewall, which blocks anything that doesn’t meet specific security criteria. Before purchasing separate firewall hardware or software, check your operating system to see if there is a built-in firewall and whether it is turned on.
Update Operating System and Software Frequently: Computer and software companies frequently update their programs to include protection against new security threats. Update your operating system and software whenever new versions become available gives you an added measure of security. If available, activate automatic security updates so you will be alerted when updates are issued.
Avoid “Free” Security Scans: Be suspicious of an offer of a “free security scan,” especially when faced with an unexpected pop-up, email, or an ad that claims “malicious software” has been found on your computer.
Create and Protect Strong Passwords: Create strong email passwords and protect them with the following tips:
The longer the password, the tougher it is to crack. Use at least 10 characters.
Mix letters, numbers, and special characters. Try to be random – don’t use your name, birthdate, or common words.
Don’t use the same password for different accounts. If it’s stolen from you, it can be used to take over all your accounts.
Don’t share passwords on the phone, in texts or by email. Legitimate companies will not send you messages asking for your password.
Keep your passwords in a secure place, out of plain sight.
Use a Pop-up Blocker: Don’t click on links or open attachments in emails unless you know what they are, even if the emails seem to be from friends or family.
Use the Spam Filter: Utilize your email program’s automatic spam filter, which reduces the number of unwelcome email messages that make it to your inbox. Delete, without opening, any spam or “junk mail” that gets through the filter.
Backup Important Data: Copy important files onto a removable disc or an external hard drive, and store it in a safe place. If your computer is compromised, you’ll still have access to your files.
White House homeland security adviser Thomas Bossert said “the best and the brightest are working on” tracking who was behind the ransomware cyberattack.
Security researchers have discovered digital clues in the malware used in last weekend’s global ransomware attack that might indicate North Korea is involved, although they caution the evidence is not conclusive.
An early version of the ‘‘WannaCry’’ ransomware that affected more than 150 countries and major businesses and organizations shares a portion of its code with a tool from a hacker group known as Lazarus, which researchers think is linked to the North Korean government.
John Bambenek, a research manager at Fidelis Cybersecurity says “This implies there is a common source for that code, which could mean that North Korean actors wrote ‘WannaCry’ or they both used the same third-party code,’’
White House homeland security adviser Thomas Bossert said Monday that investigators were still working to determine who was behind the attack. The best and the brightest are working on it.
Several security researchers studying ‘‘WannaCry’’ on Monday found evidence of possible connections to the crippling hack on Sony Pictures Entertainment in 2014 attributed by the US government to North Korea. That hack occurred in the weeks before Sony released a satiric movie about a plot to kill North Korean leader Kim Jong Un.
However, Bambenek cautioned that the links are circumstantial. ‘‘It could be a freak coincidence,’’ he said. ‘‘The code in question is not a large portion of the overall Wannacry malware so it’s plausible that the attackers got it from somewhere else.’’
The spread of the WannaCry virus has slowed as new cyberdefenses have been put in place and some eight to 10 U.S. entities, including a few in the health-care sector, reported possible “WannaCry” infections to the Department of Homeland Security, a US official said.
Factories, hospitals, and schools were disrupted in China by the attack, the spread of the virus appeared to be slowing. State media said 29,000 institutions had been hit, along with hundreds of thousands of devices.
South Korea reported that just five companies were affected, including the country’s largest movie chain.
Researchers discovered a ‘‘kill switch’’ on the virus that stopped its spread from computer to computer, potentially saving tens of thousands of machines from further infection.
The ransomware program, which is spread through e-mail, encrypts computer files and then demands the bitcoin equivalent $300 to unlock them.
The attack hobbled operations at Russia’s Interior Ministry, Spanish telecommunications giant Telefónica, and Britain’s National Health Service.
The worm called WannaCry infected 200,000 computers in more than 150 countries, tied the UK health service in knots, took out the Spanish phone company, made train travelers in Germany chaotic, and took big swipes out of FedEx, Renault, a reported 29,000 Chinese institutions, and networks all over Russia—including the Russian Interior Ministry.
Can you get infected by Wanna Cry Ransomeware?
No. MalwareTech defanged the malware. Although there are a few extraordinary situations where the threat persists (in particular if your network blocks access to one odd website), for most people, WannaCry has been out of commission since late Friday.
Well Do I need to worry about it right now?
Yes. There have been reports from Matt Suiche of a new WannaCry variant that’s been sinkholed with 10,000 infections logged. The clones are coming, and many of them won’t be easy to stop. You have to get your Windows PC patched now.
FedEx Corp confirms it has suffered a malware attack on Friday and said its Windows-based systems were “experiencing interference” due to malware and that it was trying to fix the issue as quickly as possible. Computer systems at companies and hospitals in dozens of countries were hit Friday, apparently part of a huge extortion plot. The so-called ransomware attack appears to exploit a weakness that was purportedly identified by the U.S. National Security Agency and leaked to the internet. It encrypts data on infected computers and demands payment before the information is unencrypted..
A cyberattack that is forcing computer owners to pay hundreds of dollars in ransom to unlock their files has hit almost every corner of the world. This is the biggest ransomware outbreak in history.
Security experts from Kaspersky Lab and Avast Software say Russia was the hardest hit, followed by Ukraine and Taiwan. Researchers believe a criminal organization is behind this, given its sophistication.Russia’s Interior Ministry says it has come under cyber attack. Agency spokeswoman Irina Volk says in a statement carried by Russian news agencies that Friday’s cyber attacks hit about 1,000 computers. She said the ministry’s servers haven’t been affected. Volk also said that ministry experts are now working to recover the system and do necessary security updates.
Russian media also said that the Investigative Committee, the nation’s top criminal investigation agency, also has been targeted. The committee denied the reports.
Megafon, a top Russian mobile operator, also said it has come under cyberattacks that appeared similar to those that crippled U.K. hospitals on Friday.
Microsoft has released fixes for vulnerabilities and related tools disclosed by TheShadowBrokers, a mysterious group that has repeatedly published alleged NSA software code. But many companies and individuals haven’t installed the fixes yet, or are using older versions of Windows that Microsoft no longer supports and didn’t fix.
Hospitals in the U.K. and telecommunications companies in Spain are among those hit by a “ransomware” attack that locked up computer data and demanded payment to free it. The attacks use a malware called Wanna Decryptor, also known as WannaCry.
Two inmates incarcerated at Marion Correctional Institution, a low-security, 2,500-capacity facility which used inmate labor to recycle old computers as part of the non-profit RET3 program.Both inmates managed to squirrel away dozens of RET3 parts and construct two new machines inside MCI. The fully functional computers were “hidden on a plywood board in the ceiling above a closet” and subsequently “connected to [Ohio Department of Rehabilitation and Correction’s] computer network.”
According to the 50-page Ohio Inspector General report, the fully functional computers were “hidden on a plywood board in the ceiling above a closet” and subsequently “connected to [Ohio Department of Rehabilitation and Correction’s] computer network.” But wait—there’s more. They were able to run ethernet cables through the ceiling and down to the network switch, where it was connected to port 16, and the inmates were able to obtain internet access via credentials belonging to, a retired prison employee who now works for ODRC as a contractor. Once connected, they were able to download articles on “home-made drugs, plastics, explosives, and credit cards.” One of the inmates, according to the report, also “accessed an article online from the Bloomberg.com site detailing how to submit fraudulent tax returns and have the refunds wired to debit cards,” and stole the identity of another inmate and used his name and social security number to apply for five credit cards. The investigators found a bunch of software useful for hacking and encryption, as well as brute force password crackers, an email spamming program, and a Java-based tool used to commit man-in-the-middle attacks. Likely this cornucopia of illicit programs was how the pair were able to issue “passes for inmates to gain access to multiple areas within MCI” and gain access to “unauthorized inmate records including disciplinary records, sentencing data, and inmate locations.
How they were discovered
The two masterminds were caught due to employee bandwidth throttling. An automated message informed MCI staff that on Friday July 3, 2015 “a computer operating through the ODRC computer network had exceeded a daily internet usage threshold.” The ring of prisoners involved with this data heist have been shipped off to other facilities, and MCI are shouldering the blame for not only allowing it to happen, but failing to notify Ohio State Highway Patrol as regulations.
Dag they should do their time (be good) and apply for a computer job
WikiLeaks has published more secret hacking manuals belonging to the US Central Intelligence Agency as part of its Vault7 series of leaks. The site is billing Vault7 as the largest publication of intelligence documents ever.
Friday’s installment includes 27 documents related to “Grasshopper,” the code name for a set of software tools used to build customized malware for Windows-based computers. The Grasshopper framework provides building blocks that can be combined in unique ways to suit the requirements of a given surveillance or intelligence operation. The documents can be useful to potential CIA targets looking for signatures and other signs indicating their Windows systems were hacked. The leak will also prove useful to competing malware developers who want to learn new techniques and best practices.
Photo: Getty
)
Ongoing Information & Trends: A Weblog 
You must be logged in to post a comment.