Security

Petya Ransomware Outbreak Originated In Ukraine Via Tainted Accounting Software (bleepingcomputer.com) 6

An anonymous reader quotes a report from Bleeping Computer: Today's massive ransomware outbreak was caused by a malicious software update for M.E.Doc, a popular accounting software used by Ukrainian companies. According to several researchers, such as Cisco Talos, ESET, MalwareHunter, Kaspersky Lab, and others, an unknown attacker was able to compromise the software update mechanism for M.E.Doc's servers, and deliver a malicious update to customers. When the update reached M.E.Doc's customers, the tainted software packaged delivered the Petya ransomware -- also referenced online as NotPetya, or Petna. The Ukrainian software vendor appears to have inadvertently confirmed that something was wrong when, this morning, issued a security advisory. Hours later, as the ransomware outbreak spread all over Ukraine and other countries across the globe causing huge damages, M.E.Doc denied on Facebook its servers ever served any malware. According to security researcher MalwareHunter, this is not the first time M.E.Doc has carried a malicious software update that delivered ransomware. Back in May, the company's software update mechanism also helped spread the XData ransomware.
Crime

Police Use Lyft As 'Trojan Horse' To Capture Suspect In Murder of Tech CEO (myajc.com) 27

McGruber writes: On Friday, June 23, 2017, three men broke into the home of Albert Eugene DeMagnus, the CEO of Computer Management Services. The men stabbed DeMangus, who was pronounced dead after he had been taken to a hospital. Police officers chased two of the suspects as they fled in DeMangus' gray Lexus. The Lexus crashed and the two men ran away into the woods. Police then set up a perimeter with road checkpoints. Soon, a Lyft driver approached a checkpoint and told police she was picking up a passenger nearby. "This may be one of our suspects trying to leave the scene," Fayette County, Georgia Sheriff Barry Babb thought of the person being picked up. So Babb and three officers got into his car, which happened to be identical to the Lyft driver's. They got the location of the suspect from the Lyft driver and simply drove to the suspect, posing as his ride. "The subject walked all the way up, was about to open the door and get in our vehicle, when we exited and identified ourself," said Sheriff Babb. The suspect fled and got about 100 yards into the woods before being taken into custody. "That was something that was unique for us," Babb said, "a first time for us."
Graphics

NVIDIA To Launch Graphics Cards Specifically Designed For Digital Currency Mining (cnbc.com) 46

Digital currency mining is in high demand, causing GPU prices to skyrocket. Nvidia is planning to capitalize on this trend by releasing graphics cards specifically designed for cryptocurrency. From a product listing on ASUS' website: "ASUS Mining P106 is designed for coin mining with high-efficiency components -- delivering maximum hash-rate production at minimum cost. ASUS Mining P106 enhances the megahash rate by up to 36% compared cards in the same segment that are not tailored for mining. The new card is also engineered to be seriously durable, enabling 24/7 operation for uninterrupted coin production." The ASUS Mining P106 uses an Nvidia chip, according to the specifications page on the website. CNBC reports: Nvidia, AMD and ASUS have not officially announced the digital currency mining cards, according to their website press pages. It is not certain when the cards will be available for sale. Nvidia is likely making the cards designed for this use so that the surging digital currency demand doesn't affect its ability to serve the lucrative PC gaming market.
Microsoft

Microsoft Bringing EMET Back As a Built-In Part of Windows 10 (arstechnica.com) 24

An anonymous reader quotes a report from Ars Technica: The Windows 10 Fall Creators Update will include EMET-like capabilities managed through a new feature called Windows Defender Exploit Guard. Microsoft's EMET, the Enhanced Mitigation Experience Toolkit, was a useful tool for hardening Windows systems. It used a range of techniques -- some built in to Windows, some part of EMET itself -- to make exploitable security flaws harder to reliably exploit. The idea being that, even if coding bugs should occur, turning those bugs into actual security issues should be made as difficult as possible. With Windows 10, however, EMET's development was essentially cancelled. But as more mitigation capabilities have been put into Windows, the need for a system for managing and controlling them has not gone away. Some of the mitigations introduce application compatibility issues -- a few even require applications to be deliberately written with the mitigation in mind -- which means that Windows does not simply turn on every mitigation for every application. It's here that Exploit Guard comes in.
Security

Hacker Behind Massive Ransomware Outbreak Can't Get Emails From Victims Who Paid (vice.com) 105

Joseph Cox, reporting for Motherboard: On Tuesday, a new, worldwide ransomware outbreak took off, infecting targets in Ukraine, France, Spain, and elsewhere. The hackers hit everything from international law firms to media companies. The ransom note demands victims send bitcoin to a predefined address and contact the hacker via email to allegedly have their files decrypted. But the email company the hacker happened to use, Posteo, says it has decided to block the attacker's account, leaving victims with no obvious way to unlock their files. [...] The hacker tells victims to send $300 worth of bitcoin. But to determine who exactly has paid, the hacker also instructs people to email their bitcoin wallet ID, and their "personal installation key." This is a 60 character code made up of letters and digits generated by the malware, which is presumably unique to each infection of the ransomware. That process is not possible now, though. "Midway through today (CEST) we became aware that ransomware blackmailers are currently using a Posteo address as a means of contact," Posteo, the German email provider the hacker had an account with, wrote in a blog post. "Our anti-abuse team checked this immediately -- and blocked the account straight away.
Businesses

The App Economy Will Be Worth $6 Trillion in Five Years (recode.net) 63

An anonymous reader shares a report: In five years, the app economy will be worth $6.3 trillion, up from $1.3 trillion last year, according to a report released today by app measurement company App Annie. What explains the growth? More people are spending more time and -- crucially -- more money in apps. While on average people aren't downloading many more apps, App Annie expects global app usership to nearly double to 6.3 billion people in the next five years while the time spent in apps will more than double. And, it expects the average app spend -- including app-store purchases, advertising spend and, most importantly, commerce -- to increase from $379 per person to $1,008 in 2021. The 800-pound -- or $6 trillion -- gorilla in the room is mobile commerce.
Security

Heritage Valley Health System Target Of Cyber Attack (cbslocal.com) 23

The Heritage Valley Health System says it has been hit with a cyber attack. From a report: A spokeswoman confirmed the attack Tuesday morning. "Heritage Valley Health System has been affected by a cyber security incident. The incident is widespread and is affecting the entire health system including satellite and community locations. We have implemented downtime procedures and made operational adjustments to ensure safe patient care continues un-impeded." Heritage Valley is a $480 million network that provides care for residents of Allegheny, Beaver, Butler and Lawrence counties, in Pennsylvania; parts of eastern Ohio; and the panhandle of West Virginia. Also read: Ukrainian Banks, Electricity Firm Hit by Fresh Cyber Attack; Reports Claim the Ransomware Is Quickly Spreading Across the World.
Social Networks

Facebook Crosses 2 Billion Monthly Users (theverge.com) 75

Facebook has announced that it now has over 2 billion monthly active users. From a report: That's up from the 1.94 billion total that the company cited as part of its most recent earnings report in May. Mark Zuckerberg shared the news directly, and Fast Company has a story on Facebook's constant efforts to keep pushing growth upward. "It's an honor to be on this journey with you," Zuckerberg wrote. Facebook's other apps are faring well, too: Messenger has over 1.2 billion monthly users and Facebook-owned WhatsApp tallies a similar figure. Twitter, by comparison, has 328 million monthly active users. Instagram has over 700 million.
Transportation

Volvo's Driverless Cars 'Confused' by Kangaroos (bbc.com) 109

An anonymous reader shares a report: Volvo's self-driving technology is struggling to identify kangaroos in the road. The Swedish car-maker's 2017 S90 and XC90 models use its Large Animal Detection system to monitor the road for deer, elk and caribou. But the way kangaroos move confuses it. "We've noticed with the kangaroo being in mid-flight when it's in the air, it actually looks like it's further away, then it lands and it looks closer," its Australia technical manager said. But the problem would not delay the rollout of driverless cars in the country, David Pickett added.
China

China's All-Seeing Surveillance State Is Reading Its Citizens' Faces (wsj.com) 92

China's government is using facial-recognition technology to help promote good behavior and catch lawbreakers, reports the WSJ. From the article: Facial-recognition technology, once a specter of dystopian science fiction, is becoming a feature of daily life in China, where authorities are using it on streets, in subway stations, at airports and at border crossings in a vast experiment in social engineering (alternative source). Their goal: to influence behavior and identify lawbreakers. Ms. Gan, 31 years old, had been caught on camera crossing illegally here once before, allowing the system to match her two images. Text displayed on the crosswalk screens identified her as a repeat offender. "I won't ever run a red light again," she said. China is rushing to deploy new technologies to monitor its people in ways that would spook many in the U.S. and the West. Unfettered by privacy concerns or public debate, Beijing's authoritarian leaders are installing iris scanners at security checkpoints in troubled regions and using sophisticated software to monitor ramblings on social media. By 2020, the government hopes to implement a national "social credit" system that would assign every citizen a rating based on how they behave at work, in public venues and in their financial dealings.
Businesses

Samsung To Launch Refurbished Galaxy Note 7 in South Korea On July 7 (yonhapnews.co.kr) 49

South Korean news agency Yonhap reports: Samsung plans to release the refurbished edition of the ill-fated Galaxy Note 7 smartphone next month, industry sources said Tuesday. According to the sources, Samsung will release the smartphone under the name the Galaxy Note FE, with a price tag below 700,000 won (US$616). Official sales are slated to start July 7. The South Korean tech giant suspended production and sales of the Galaxy Note 7 last year amid reports that some of the devices caught fire while charging. A probe revealed that the problems were due to the non-removable battery. Accordingly, the refurbished devices will have a smaller battery capacity than the originals, along with the latest software updates.
Businesses

Short of IT Workers At Home, Israeli Startups Recruit Elsewhere (reuters.com) 107

New submitter Alex Wilson shares a Reuters report: Driven by startups, Israel's technology industry is the fastest growing part of the economy. It accounts for 14 percent of economic output and 50 percent of exports. But a shortage of workers means its position at the cutting edge of global technology is at risk, with consequences for the economy and employment. When Alexey Chalimov founded software design firm Eastern Peak in Israel four years ago he knew he would not find the developers he needed at home. He went to Ukraine and hired 120 people to develop mobile apps and web platforms for international clients and smaller Israeli startups. "I worked for years in the Israeli market and I knew what the costs were in Israel and I knew there was a shortage of workers," he told Reuters.

The government's Innovation Authority forecasts a shortage of 10,000 engineers and programmers over the next decade in a market that employs 140,000. Israel has dropped six spots in three years to 17th in the World Economic Forum's ranking of the ease of finding skilled technology employees. In the meantime, many Israeli startups are looking abroad.

Apple

The New iPad Pro Review (twitter.com) 175

An anonymous reader writes: As tech reviewers across the United States and Europe sing praises of Apple's new iPad Pro, here's what Joshua Topolsky, former editor-in-chief of The Verge and Engadget (and now with The Outline) had to say: "It [10.5-inch iPad Pro] is inferior to a laptop in almost every way, unless you like to draw. If you think you can replace you laptop with this setup: you cannot. Imagine a computer, but everything works worse than you expect. That is the new iPad. Now, I know the software is in beta, but I also know how Apple betas work. They don't massively change. I have no doubt it's a very powerful piece of hardware, and the screen is gorgeous. Garageband is a lot of fun to play with. But this doesn't COME CLOSE to replacing your laptop, even for simple things you do, like email. AND one other thing. Apple's keyboard cover is a fucking atrocity. A terrible piece of hardware. Awkward to use, poor as a cover. Okay in a pinch if you need something LIKE a keyboard. Anyhow good to know there are still Apple fanboys who get mad if you insult their products. But I don't think it's a very good product. Finally, iOS 11 is definitely a STEP in the right direction. But guys the iPad has been around forever and it still feels half-assed. I think a lot of people are willing to contort themselves around a bad UX because marketing is powerful."
Security

Ukrainian Banks, Electricity Firm Hit by Fresh Cyber Attack; Reports Claim the Ransomware Is Quickly Spreading Across the World (vice.com) 95

A massive cyber attack has disrupted businesses and services in Ukraine on Tuesday, bringing down the government's website and sparking officials to warn that airline flights to and from the country's capital city Kiev could face delays. Motherboard reports that the ransomware is quickly spreading across the world. From a report: A number of Ukrainian banks and companies, including the state power distributor, were hit by a cyber attack on Tuesday that disrupted some operations (a non-paywalled source), the Ukrainian central bank said. The latest disruptions follow a spate of hacking attempts on state websites in late-2016 and repeated attacks on Ukraine's power grid that prompted security chiefs to call for improved cyber defences. The central bank said an "unknown virus" was to blame for the latest attacks, but did not give further details or say which banks and firms had been affected. "As a result of these cyber attacks these banks are having difficulties with client services and carrying out banking operations," the central bank said in a statement. BBC reports that Ukraine's aircraft manufacturer Antonov, two postal services, Russian oil producer Rosneft and Danish shipping company Maersk are also facing "disruption, including its offices in the UK and Ireland."

According to local media reports, the "unknown virus" cited above is a ransomware strain known as Petya.A. Here's how Petya encrypts files on a system (video). News outlet Motherboard reports that Petya has hit targets in Spain, France, Ukraine, Russia, and other countries as well. From the report: "We are seeing several thousands of infection attempts at the moment, comparable in size to Wannacry's first hours," Costin Raiu, a security researcher at Kaspersky Lab, told Motherboard in an online chat. Judging by photos posted to Twitter and images provided by sources, many of the alleged attacks involved a piece of ransomware that displays red text on a black background, and demands $300 worth of bitcoin. "If you see this text, then your files are no longer accessible, because they are encrypted," the text reads, according to one of the photos. "Perhaps you are busy looking for a way to recover your files, but don't waste your time. Nobody can recover your files without our decryption service."
Google

Google Slapped With $2.7 Billion By EU For Skewing Searches (bloomberg.com) 297

Google suffered a major regulatory blow on Tuesday after European antitrust officials fined the search giant 2.4 billion euros, or $2.7 billion, for unfairly favoring some of its own search services over those of rivals. The European Commission concluded that the search giant abused its near-monopoly in online search to "give illegal advantage" to its own Shopping service. Margrethe Vestager, the EU's competition commissioner, said Google "denied other companies the chance to compete" and left consumers without "genuine choice." The hefty fine marks the latest chapter in a lengthy standoff between Europe and Google, which also faces two separate charges under the region's competition rules related to Android, its popular mobile software, and to some of its advertising products. From a report: Google has 90 days to "stop its illegal conduct" and give equal treatment to rival price-comparison services, according to a binding order from the European Commission on Tuesday. It's up to Google to choose how it does this and it must tell the EU within 60 days of its plans. Failure to comply brings a risk of fines of up to 5 percent of its daily revenue. [...] "I expect the Commission now to swiftly conclude the other two ongoing investigations against Google," Markus Ferber, a member of the European Parliament from Germany. "Unfortunately, the Google case also illustrates that competition cases tend to drag on for far too long before they are eventually resolved. In a fast-moving digital economy this means often enough that market abuse actually pays off and the abuser succeeds in eliminating the competition." Google has been pushing its own comparison shopping service since 2008, systematically giving it prominent placement when people search for an item, the EU said. Rival comparison sites usually only appear on page four of search results, effectively denying them a massive audience as the first page attracts 95 percent of all clicks. In a blog post, Google said the EU has "underestimated" the value Google's services brings to the table. "We believe the European Commission's online shopping decision underestimates the value of those kinds of fast and easy connections. While some comparison shopping sites naturally want Google to show them more prominently, our data show that people usually prefer links that take them directly to the products they want, not to websites where they have to repeat their searches. We think our current shopping results are useful and are a much-improved version of the text-only ads we showed a decade ago. Showing ads that include pictures, ratings, and prices benefits us, our advertisers, and most of all, our users. And we show them only when your feedback tells us they are relevant. Thousands of European merchants use these ads to compete with larger companies like Amazon and eBay. [...] Given the evidence, we respectfully disagree with the conclusions announced today. We will review the Commission's decision in detail as we consider an appeal, and we look forward to continuing to make our case," wrote Kent Walker, SVP and General Counsel at Google.

Slashdot Top Deals