Jump to content

Search the Community

Showing results for tags 'usa'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 38 results

  1. U.S. Customs and Border Protection officials announced on Thursday that officers made a record-breaking seizure of fentanyl on the U.S.-Mexico border that was enough to kill tens of millions of Americans. "According to U.S. Customs and Border Protection, a canine officer alerted other officers to the presence of 254 pounds of fentanyl hidden inside an 18-wheeler carrying cucumbers, during a secondary inspection at the Mariposa port of entry just past noon on Saturday," The Arizona Republic reported. "This is the largest fentanyl seizure in any port of entry," CBP official Guadalupe Ramirez said. "In CBP, in the history of CBP, this is the largest fentanyl seizure." In addition to the record fentanyl seizure, agents also seized 395 pounds of methamphetamine from inside the 18-wheeler. CBP estimated the value of the fentanyl, which came in the form of powder and pills, to be approximately $3.5 million. CBP Arizona tweeted out photos from the press conference: "Authorities said it was driven by a 26-year-old man who was arrested and charged with possessing drugs with the intent to distribute them," NBC News reported. "His identity and nationality were not immediately available." The amount of fentanyl seized by agents was enough to kill well over 57,000,000 Americans, given that the DEA states that as little as 2 milligrams can be fatal. President Donald Trump weighed in on the bust, tweeting: "Our great U.S. Border Patrol Agents made the biggest Fentanyl bust in our Country’s history. Thanks, as always, for a job well done!" Fentanyl, developed in 1959, “is approximately 100 times more potent than morphine and 50 times more potent than heroin as an analgesic,” according to the DEA. "The occurrence of heroin mixed with fentanyl is also increasing," according to the DEA’s 2018 National Drug Threat Assessment. "Mexico remains the primary source of heroin available in the United States according to all available sources of intelligence, including law enforcement investigations and scientific data." The DEA further notes that "Illicit fentanyl and other synthetic opioids — primarily sourced from China and Mexico—are now the most lethal category of opioids used in the United States." The Centers for Disease Control estimated that "28,400 people died from overdoses involving synthetic opioids other than methadone in 2017," which is the latest year for which data is available. The announcement renewed calls from lawmakers about the crisis on the southern border. "Largest fentanyl bust in history. Border Patrol seized enough fentanyl to kill 57 MILLION people," Rep Jim Jordan tweeted. "That’s more than the population of Ohio, Michigan, Wisconsin, Pennsylvania, Indiana, Minnesota, and Iowa. COMBINED. We have a crisis on our southern border."
  2. AT&T already launched its initial mobile 5G network in parts of 12 U.S. cities last December, but it’s now preparing for full nationwide coverage — a dauntingly large task that its millimeter wave small cells won’t be able to handle alone. This morning, the carrier revealed that it will “offer nationwide 5G coverage with our lower band spectrum,” specifically the sub-6GHz frequencies discussed in our interview with AT&T VP Gordon Mansfield yesterday. Above: Netgear's Nighthawk 5G Mobile Hotspot is the first AT&T mobile 5G device, and already available for purchase. While the announcement isn’t entirely surprising given that AT&T began to distinguish between “5G” and “5G+” in December, noting that it planned to call high-speed millimeter wave service “5G+” and offer it only in select high-traffic areas, this is the first official confirmation that AT&T’s nationwide 5G network will rely upon aggregating lower-bandwidth radio signals, which spread more widely from larger towers. Rival T-Mobile has similarly said that it will use low-bandwidth towers for its nationwide 5G network, while Verizon has focused largely on “true 5G” using high-capacity millimeter wave spectrum. Even so, all of the carriers will eventually rely upon more than one radio band to provide 5G service. Each carrier is expected to convert some of its existing LTE spectrum into 5G spectrum, though there’s a substantial likelihood of a speed penalty for doing so — enough that there could be a noticeable performance gap between millimeter wave and sub-6GHz 5G networks. AT&T specifically says that it plans to “begin deploying that lower band spectrum in the second half of this year,” suggesting that the allocation of some existing LTE spectrum for 5G will happen sooner rather than later, supporting an already announced Samsung sub-6GHz smartphone. In the transition from 4G to 5G, AT&T says that it has brought two interim technologies into more markets than expected: 1Gbps LTE-LAA is now in parts of 55 cities, with its controversially named “5G Evolution” or “5G E” — actually just 4G LTE-Advanced — in over 400 markets, offering roughly 400Mbps speeds on select 4G devices. Towers with the 5G E hardware will be capable of flipping to actual 5G service in the near future, but until then will confuse 4G users into believing that they’re using 5G technologies. AT&T also said that it is expanding its agreement with AR purveyor Magic Leap to include business solutions, including manufacturing, retail, and health care applications. Magic Leap’s current-generation hardware has no cellular hardware, but the company is expected to offer a 5G version in the future, in partnership with AT&T. Source
  3. Two eighth grade students have been arrested after allegedly spreading a fake school shooting threat at a Maryland middle school. Earlier this month, a parent contacted Aberdeen Middle School to report seeing a social media post from a student, warning students not to come to classes the next day because another student was allegedly threatening a school shooting, the Aberdeen Police Department said in a statement Friday. After an investigation, police determined the student in question never made a threat and two eighth grade students were responsible for faking the report. One student was charged with make a false statement to a peace office and the other with disturbing school operations. False school shooting reports "will not be tolerated," the police department said. Source
  4. 'Some that have smoked are saying no, because they're scared that they may be banned for life' The mayor of Estevan, Sask., says local residents have been turned away at the nearby U.S. border after admitting to past pot use. "It is a fairly serious concern," said Roy Ludwig, mayor of the 11,258-person city located just 16 kilometres north of a North Dakota border crossing. "Even people that might have smoked it 20, 30 years ago, they're being asked, 'Have you ever smoked cannabis?' when they get to the U.S. border. We understand some people have said yes, that they have, and have been turned back." Ludwig said several Estevan residents have undergone strict questioning at the U.S. border since recreational cannabis was legalized in Canada less than two weeks ago. He said he knows of two people who were turned away and not allowed to cross the border. Recreational cannabis use is not legal in North Dakota, and pot possession is still illegal under U.S. federal law. The Canadian government warned people pre-legalization that "previous use of cannabis, or any substance prohibited by U.S. federal laws, could mean that you are denied entry to the U.S." Not everyone who wants to cross the border is reacting the same way to those rules, according Ludwig. "Some are saying the truth, saying yes, they have smoked it, and then some that have smoked are saying no because they're scared that they may be banned for life," he said. Store opening soon Estevan is one of the 32 Saskatchewan communities that either has or will have a recreational cannabis store. It's the southernmost place people will be able to buy legal cannabis in Saskatchewan. The community was originally supposed to get two stores, but the city — after consulting Estevan Police Services — asked that the second permit be put off until factors like traffic could be reviewed after the first store opened. That store is being prepared by Prairie Sky Cannabis, the same company currently operating legal pot stores in Martensville and Battleford. They operate those stores under the name Jimmy's Cannabis. Everything, except a steady supply stream, is in place for the Estevan store to open soon, said John Thomas, the president of the company. But that store will create a new wrinkle for American travellers coming to Estevan. An American customs official recently told CBC News that those found at the border with cannabis on their person, or in their car, could face arrest and prosecution by U.S. officials. That's why the Jimmy's Cannabis store in Estevan might tweak its product line compared with its sister stores. "There might be more things like pre-rolls and things that are higher-convenience for short-term use [inside Saskatchewan]," said Thomas. Stay overnight for the 'fine hotels' Ludwig said city councillors have talked about whether the flow of cannabis-craving Americans into Estevan might present the community with a business opportunity that also discourages people from driving under the influence. "People advertising and saying, 'Stay at some of our fine hotels and enjoy some of our fine restaurants and indulge in cannabis if you want to try it out. And then stay overnight and go back sober.' "We haven't done that yet," said Ludwig, "but we've definitely talked a little bit about it." Source
  5. President Donald Trump said he’s ready to impose tariffs on an additional $267 billion in Chinese goods on short notice, on top of a proposed $200 billion that his administration is putting the final touches on. The implementation of tariffs on $200 billion of products from China “will take place very soon depending on what happens,” Trump told reporters Friday on Air Force One. “I hate to do this, but behind that there is another $267 billion ready to go on short notice if I want.” US stocks erased gains after Trump’s remarks, with the S&P 500 Index falling by 0.3 percent to the lowest in two weeks by 1:26 p.m. in New York. Trump latest tariffs threats, if he follows through, would more than cover the value of all goods the US buys from China, according to US government data from last year. The US imported $505 billion of Chinese products in 2017, Census Bureau figures show. Levying duties on all Chinese purchases would hit “every aspect of our American lifestyle -- so the clothes that we put on our back, the food that we eat, the cars that we drive, the shoes that we wear,” Hun Quach, vice president of international trade for the Retail Industry Leaders Association, said by phone. The Trump administration has already slapped duties on $50 billion of Chinese exports since July, which spurred immediate in-kind retaliation from Beijing. China has said it would be forced to retaliate to all of the US’s tariff measures, fanning concerns that a deepening trade war could dent the global economic outlook. Members of the public had until Thursday to comment on the administration’s plan to slap tariffs on $200 billion of Chinese goods, ranging from bicycles and baseball gloves to digital cameras, paving the way for Trump to announce the tariffs as early as Friday. There’s no final decision on that round of tariffs as the US Trade Representative’s office continues to “run their process,” White House Deputy Press Secretary Lindsay Walters said on Friday. The president’s tough line contrasted with remarks earlier from White House economic adviser Larry Kudlow, who left open the possibility of a negotiated solution to the trade dispute, but said China must show it’s open to compromise. Trade Talks While China’s response to US demands has been unsatisfactory, Trump is still speaking to Chinese President Xi Jinping, and would be open to meeting in person, said Kudlow, director of the White House’s National Economic Council. An opportunity could take place when world leaders gather at the UN General Assembly in New York this month and the Group of 20 summit in Argentina in November, he said. “It’s never too late to make good trade policy,” said Kudlow. "But I will say this: the world trading system is broken.” Trump is “dead serious” in his determination to push China to reform its trade policies, he added. Trump is getting a last-minute earful from prominent technology companies and retailers as he considers whether to follow through with his plan to ratchet up tariffs on Chinese exports. Tariff Warning On Thursday, Cisco Systems Inc., Hewlett Packard Enterprise Co. and other technology companies sent a letter to US Trade Representative Robert Lighthizer urging the administration to avoid imposing more tariffs. By increasing duties on telecommunications networking gear, the administration would raise the cost of accessing the Internet and slow the roll-out of next-generation wireless technologies, the companies said. Manufacturers, and small and mid-sized firms in particular, can’t quickly adjust and the tariffs imposed so far haven’t led to any meaningful concessions, a coalition of the National Retail Federation and 150 organizations said in separate comments to Lighthizer. The administration should cease further tariffs actions and give another shot at talks for a trade deal with with China, it said. “Tit-for-tat tariffs are counterproductive and so far have only produced increased costs for American businesses, farmers, importers, exporters and consumers,’’ the coalition said. Source
  6. Techno-dem urges DHS, NSA and NIST to rid sites of buggy legacy media player content It's bug-ridden, eternally insecure, and on death row – yet Adobe Flash persists on too many US government webpages. Now Senator Ron Wyden (D-OR) wants to hear the sound of this deity-forsaken plugin torn from .gov websites, dragged behind a shed, and a single final gunshot. Regular Reg readers will remember that even Adobe has seen written the writing on the wall, and last year set 2020 as the end-of-support date for its beleaguered exploit magnet. In a letter [PDF] to NIST under-secretary Walter Copan, NSA director, US Cyber Command commander Paul Nakasone, and secretary of Homeland Security Kirstjen Neilsen, Wyden today asked the agencies to learn from Microsoft Windows XP: it's expensive to ask vendors continue fixing up out-of-support software. In other words, stop relying on it, get rid of it, and replace Flash files with HTML5. He has the NSA, DHS and NIST in his sights because those three government organizations carry “the majority of cybersecurity guidance” to the rest of Uncle Sam's agencies. Wyden wants government officials to stop creating new Flash content within 60 days, and also asks that: Agencies remove Flash content from their websites by August 2019; To aid in that effort, the DHS's “routine cyber-hygiene scans” should identify, and list for agencies, all Flash content found; and Agencies should pilot removing Flash from staff computers, starting in March 2019, ahead of expunging it by August 1, 2019. Wyden noted that US-CERT “has warned about the risks of using Flash since 2010” – making it a latecomer: the earliest Flash fsckup we can find in El Reg's archives seems to be this directory traversal horror from 2007. When the plugin falls out of support, Wyden wrote, “cybersecurity risks will only be compounded.” We couldn't agree more. Stop using Adobe Flash. Source
  7. Here are eight AT&T-owned locations, buildings that are reportedly central to the NSA's internet spying purposes. Have you ever wondered what locations on American soil serve as backbone or “peering” facilities that the NSA might secretly be using for eavesdropping purposes? The Intercept revealed eight such AT&T-owned locations: two in California, one in Washington, another in Washington, D.C., one in New York, one in Texas, one in Illinois, and one in Georgia. You might pass by these AT&T buildings having no idea that they are “central to an NSA spying initiative that has for years monitored billions of emails, phone calls, and online chats passing across U.S. territory.” While neither AT&T nor NSA spokespeople would confirm that the NSA has tapped into data at these eight locations that normally route telecom companies’ data traffic, former AT&T employees did confirm the locations of the “backbone node with peering” facilities. AT&T refers to the peering sites as “Service Node Routing Complexes.” The Intercept explained various code-named NSA surveillance programs, previously made public thanks to Edward Snowden, which seem to have taken place at these eight AT&T facilities. In addition, the Intercept article cites “a top-secret NSA memo” that “has not been disclosed before;” the memo “explained that the agency was collecting people’s messages en masse if a single one were found to contain a ‘selector’ – like an email address or phone number – that featured on a target list.” The NSA's past activity There’s a bit of a history lesson included in the article, going over how the NSA was hoovering emails if they mentioned information about surveillance targets, including domestic communications that violated citizens’ Fourth Amendment right to be protected against unreasonable searches and seizures. The NSA moved to using a cautionary banner that warned analysts not to read the communication unless it had been lawfully obtained. The NSA acknowledged the violations in April 2017. The messages had reportedly been part of upstream surveillance allowed under Executive Order 12333. After receiving a NSA memo via Freedom Of Information Act (FOIA) request, the ACLU previously warned that NSA analysts might even be “laughing at your sex tape” thanks to surveillance under EO 12333. At any rate, according to The Intercept, the eight AT&T buildings that have secretly served as NSA spying hubs for monitoring “billions of emails, phone calls, and online chats” – codenamed FAIRVIEW for NSA surveillance – are located at: 30 E Street Southwest in Washington, D.C. 1122 3rd Avenue in Seattle, Washington 611 Folsom Street in San Francisco, California 811 10th Avenue in New York City 420 South Grand Avenue in Los Angeles, California 4211 Bryan Street in Dallas, Texas 10 South Canal Street in Chicago, Illinois 51 Peachtree Center Avenue in Atlanta, Georgia Source
  8. The unemployment rate has plunged to about the lowest level in half a century. Yet at least one group of Americans is being left behind: men who didn’t go to college. Just 78 percent of men aged 25-54 who never went to college were employed in 2016, the latest year for which data are available in the American Community Survey. That contrasts with about 90 percent for those who have at least one year of college and is a big change from the 1950s, when employment rates for college and non-college men were the same. What’s driving the employment gap, which has been with us for decades? Economists have traditionally pointed the finger at what are known as demand-side factors, such as jobs moving out of the U.S. or robots. More recently, economists have been blaming the supply side, such as growing welfare payments and better video games that glue more men to their couches. Supply side just means that the explanation has to do with the individual – the supplier of labor — as opposed to something related to a company – the demand. My research attempts to get to the bottom of why non-college men aren’t working in hopes that it can suggest the right solutions to turn this around. Employment vs. unemployment One of the most important measures of an economy is the number of jobs it’s creating, typically measured by the unemployment rate. The latest jobs report, which came out on June 1, showed that the rate dipped to 3.8 percent in May, the lowest since 2000. If it falls any more, it’ll be the lowest since 1969. But the unemployment rate doesn’t tell the full story because it only includes people actively looking for work. People who report not having looked for work in the previous four weeks are completely left out of this number. The employment rate, which is the share who are actually employed, captures the full picture. And the numbers are stark. Back in the 1950s, there was no education-based gap in employment. About 90 percent of men aged 25-54 – regardless of whether they went to college – were employed. That began to change in the 70s and 80s as non-college men left the workforce. The Great Recession was particularly painful for men without any college. By 2010, only 74 percent had a job, compared with 87 percent of those with a year or more of college. In other words, employment rates diverged over 10 percentage points in just half a century. The gap extends to the wages of those who actually had jobs as well. As recently as 1980, real hourly wages for the two groups were nearly identical at about US$13. In 2015, men with at least a little college saw their wages soar 65 percent to over $22 an hour. Meanwhile, pay for those who never attended plunged by almost half to less than $8. Modeling the economy In fact, wages reveal the answer to this puzzle. In my analysis, which I’m planning to publish, I wanted to determine whether the widening employment rate gap was caused by factors related to the supply of workers — video games and welfare — or demand — trade and robots. So I built and calibrated an economic model aimed at finding the answer. Just as an architect builds a model city to test out ideas, economists build model economies out of math. Models allow architects and economists alike to push aside the gory details of reality and cut to the gist of things. They also allow us to run experiments on what would otherwise be untestable hypotheses. An architect might ask: If I build a balcony, will that compromise the building’s structural integrity? I asked: If the only things that changed since the 1970s were supply-side factors, what would have happened to employment rates? To answer this question, I plugged employment, wage and other relevant data into my model so that it replicates the real world. I then ran different analyses on the model to try to learn things, such as the underlying causes of the fall in employment for non-college men. The intuition is like this: If a significant part of the reason non-college men dropped out of the workforce was because of supply-side factors that allowed them to remain home yet still afford their lifestyles, companies would have had to pay them more to entice them to join the labor market. On the other hand, demand-side factors would have put downward pressure on wages. That’s exactly what my model helped me identify, suggesting that all the blame goes to demand-side factors like trade and automation, not video games. An important caveat with my analysis — and economic research in general — is that our models are not reality. Economists have to make tough judgment calls in hopes of approximating reality and teasing out underlying truths that are otherwise difficult to ascertain. Work wanted All the same, I think my work reveals some important truths. While it is true that many non-college men are home playing video games, collecting welfare payments and, unfortunately, addicted to opioids, it’s by and large not because they are choosing these over a job. Rather, sadly, it’s because they couldn’t find a job in the first place. The takeaway is if the government wants to get more of these men back into the workforce, it should focus on stimulating demand or helping people learn new skills. Even though we know what the problem is, we still have a lot of work ahead to solve it and get these men back into the workforce. Source
  9. Forget the old case, DoJ tells Supremes, all hail CLOUD Act The US government has issued Microsoft with a new warrant to get access to emails held on the firm's Irish servers, while asking the Supreme Court to dismiss the existing legal battle. The long-running wrangle began back in 2014, when Microsoft was taken to court by American prosecutors who wanted access to suspects' emails that Microsoft had stored overseas. The Feds demanded the private messages under section 2703 of the US Stored Communications Act, but Redmond refused, saying that the search warrant couldn't extend beyond US borders. In July 2016, the United States Court of Appeals for the Second Circuit ruled in Microsoft's favour – a decision the Department of Justice is in the process of appealing against in the Supreme Court. However, the passage of a new law, signed off last week, known as the CLOUD Act (Clarifying Lawful Overseas Use of Data Act) has thrown a huge question mark over the dispute. In contrast to existing laws, the CLOUD Act specifies that authorities can demand that firms pass on data, even if it's held outside the US. And so the DoJ has filed a motion (PDF) with the Supreme Court saying that, given the passage of the CLOUD Act, the court should vacate the judgment made by the Court of Appeals and dismiss the case as moot. The DoJ's argument is that the CLOUD Act now directly governs the warrant that is at the heart of the dispute, which it said settles the dispute. The US government insisted it was still possible for Microsoft to fully comply and disclose the information in question under the existing warrant, but complained Microsoft wasn't playing ball. "Microsoft has refused to acknowledge either that the CLOUD Act applies to the Section 2703 warrant at issue in this case or that Microsoft plans to disclose the required information under the original warrant," the document stated. As such, the DoJ said it had decided "the most efficient means of acquiring the information sought is through a new warrant under the CLOUD Act" – and did so on 30 March – even though it maintains it shouldn't have had to issue one. The government is "unquestionably entitled" to the information, the filing stated, adding: "Microsoft no longer has any basis for suggesting that such a warrant is impermissibly extraterritorial because it reaches foreign-stored data, which was the sole contention in its motion to quash... There is thus no longer any live dispute between the parties, and the case is now moot." We asked Microsoft to comment, but a spokesperson said the company had "nothing to share". However, president Brad Smith has previously issued broadly supportive statements about the CLOUD Act. When it was passed last week, Smith blogged to say it was a "critical step forward in resolving an issue that has been the subject of litigation for over four years". It remains to be seen whether the new law is quite as water-tight in its ability to force firms to hand over any and all data as the government wants. Frank Jennings, cloud lawyer at Wallace LLP, said that although the CLOUD Act offers useful clarity for providers, it might not be the end of the dispute. "The CLOUD Act requires a provider to preserve, backup or disclose data even if the data is outside the USA. This clarity is useful... Cloud providers can now point to a clear obligation to comply with an up-to-date law," he said. "However, the battle is not over yet." Jennings said the next stage "will be for US providers to show that data outside the US is not in their 'possession, custody, or control' but that of someone else", possibly the customer or a third party. They could also offer data encryption as standard, with the customer holding the decryption keys, he said. "This is the 'You can have it but we don't know what it says' approach." The passage of the CLOUD Act and the access it grants to data held on EU servers – which has been condemned by campaign groups in the bloc – might also lead to other battles, he said. For instance, it may give new impetus to those seeking to challenge the transatlantic data transfer deal Privacy Shield, and it isn't yet clear what the EU's data protection agencies will make of it. "We await to see whether the new European Data Protection Board [which will come into being with the General Data Protection Regulation] will recognise this as a 'necessary and proportionate measure... to safeguard national security' or an attempt to overreach and undermine GDPR from afar," said Jennings. Source
  10. Facebook has been collecting call records and SMS data from Android devices for years. Several Twitter users have reported finding months or years of call history data in their downloadable Facebook data file. A number of Facebook users have been spooked by the recent Cambridge Analytica privacy scandal, prompting them to download all the data that Facebook stores on their account. The results have been alarming for some. “Oh wow my deleted Facebook Zip file contains info on every single phone cellphone call and text I made for about a year,” says ‏Twitter user Mat Johnson. Another, Dylan McKay, says “somehow it has my entire call history with my partner’s mum.” Others have found a similar pattern where it appears close contacts, like family members, are the only ones tracked in Facebook’s call records. Ars Technica reports that Facebook has been requesting access to contacts, SMS data, and call history on Android devices to improve its friend recommendation algorithm and distinguish between business contacts and your true personal friendships. Facebook appears to be gathering this data through its Messenger application, which often prompts Android users to take over as the default SMS client. Facebook has, at least recently, been offering an opt-in prompt that prods users with a big blue button to “continuously upload” contact data, including call and text history. It’s not clear when this prompt started appearing in relation to the historical data gathering, and whether it has simply been opt-in the whole time. Either way, it’s clearly alarmed some who have found call history data stored on Facebook’s servers. FACEBOOK HASN’T BEEN ABLE TO COLLECT THIS DATA ON IPHONES THANKS TO APPLE’S PRIVACY CONTROLS While the recent prompts make it clear, Ars Technica points out the troubling aspect that Facebook has been doing this for years, during a time when Android permissions were a lot less strict. Google changed Android permissions to make them more clear and granular, but developers could bypass this and continue accessing call and SMS data until Google deprecated the old Android API in October. It’s not yet clear if these prompts have been in place in the past. Facebook has responded to the findings, but the company appears to suggest it’s normal for apps to access your phone call history when you upload contacts to social apps. “The most important part of apps and services that help you make connections is to make it easy to find the people you want to connect with,” says a Facebook spokesperson, in response to a query from Ars Technica. “So, the first time you sign in on your phone to a messaging or social app, it’s a widely used practice to begin by uploading your phone contacts.” The same call record and SMS data collection has not yet been discovered on iOS devices. While Apple does allow some specialist apps to access this data in limited ways like blocking spam calls or texts, these apps have to be specifically enabled through a process that’s similar to enabling third-party keyboards. The majority of iOS apps cannot access call history or SMS messages, and Facebook’s iOS app is not able to capture this data on an iPhone. Facebook may need to answer some additional questions on this data collection, especially around when it started and whether Android users truly understood what data they were allowing Facebook to collect when they agreed to enable phone and SMS access in an Android permissions dialogue box or Facebook’s own prompt. The data collection revelations come in the same week Facebook has been dealing with the fall out from Cambridge Analytica obtaining personal information from up to 50 million Facebook users. Facebook has altered its privacy controls in recent years to prevent such an event occurring again, but the company is facing a backlash of criticism over the inadequate privacy controls that allowed this to happen. CEO Mark Zuckerberg has also been summoned to explain how data was taken without users’ consent to a UK Parliamentary committee. Source
  11. A man from Waycross, Georgia, has been left scratching his head after he discovered a “Loch Ness-type thing” washed up on a beach while out his with his son. Jeff Warren said he found the strange sea creature after going boating at Wolf Island National Wildlife Refuge in Golden Isles, Georgia, reports Action News Jax. He initially thought the animal was a dead seal, but upon closure inspection he saw it resembled something from prehistoric times. The mystery creature, which had already started being devoured by birds on the beach, stretched to around 5ft and appeared to have an elongated neck. According to First Coast News, Warren recorded the creature and spoke about it at the nearby Skipper’s Fish House, where he was told of a legend called “Alty,” or Altahama, the local equivalent of the Loch Ness Monster who is said to roam the seas in the area. However, when Action News Jax the contacted the U.S. Fish and Wildlife Service for help in understanding what the creature could be, they offered an alternative explanation. According to the Director Dan Ashe, many sea animals have a way of decomposing which means they resemble a Plesiosaur, a long-necked marine dinosaur that first existed more than 200 million years ago. Ashe said there have been examples of 30ft-long basking sharks decomposing in such a way that they look as if they have a long neck and small head, in a similar way to a prehistoric creature. The U.S. Fish and Wildlife Service has so far been unable to sufficiently determine what the creature Warren found on the Georgian beach is. There was similar confusion last September in the wake of Hurricane Harvey after Preeti Desai found a mysterious fanged creature washed up on a beach in Texas City. Desai posted a picture of the animal onto Twitter along with the caption: “ Okay, biology twitter, what the heck is this??” According to biologist and eel specialist Dr Kenneth Tighe, it was likely that the creature was a fangtooth snake-eel or a garden or conger eel as “all three of these species occur off Texas and have large fang-like teeth," he told the BBC.
  12. U.S. has not found 'one dollar' of El Chapo’s money http://assets.nydailynews.com/polopoly_fs/1.3134052.1493833448!/img/httpImage/image.jpg_gen/derivatives/article_1200/mexico-crime.jpg The feds have hit a wall when it comes to seizing El Chapo’s money. After Texas Sen. Ted Cruz proposed a plan last month to stick reputed drug cartel king El Chapo with the tab for President Trump’s much-ballyhooed border wall, it was revealed Wednesday that American authorities have not been able to find a trace of his dirty money. According to Mexico’s attorney general, getting the jailed drug lord — whose real name is Joaquin Guzman — to foot the border bill is as reasonable as expecting him to turn over a new leaf. “As of today, U.S. authorities have not found not even one dollar of El Chapo’s assets,” Mexican Attorney General Raul Cervantes said in a local TV interview. EL CHAPO Act proposes funding Trump wall with cash from drug lord A federal indictment in the United States seeks the forfeiture of more than $14 billion of drug proceeds and illicit profits allegedly derived from the Sinaloa Cartel’s activities. Mexico has only found minor assets belonging to Guzman, Cervantes said. “His money hasn’t been found because he didn’t use the financial system,” he added. Prosecutors balk at Amnesty International jail probe for El Chapo But Trump was one-upped by Cruz, his former campaign rival, who said Guzman’s money should help pay for the wall http://www.nydailynews.com/new-york/u-s-not-found-dollar-el-chapo-money-article-1.3134053
  13. High winds, rain and flooding is taking place in Scituate and the surrounding coastal areas of Massachusetts as a storm known as a 'bomb cyclone' makes it way past the East Coast. At least five people have been killed by a powerful nor’easter that blasted the East Coast Friday and early Saturday. "Take this storm seriously!" the National Weather Service in Boston warned via Twitter Friday. "This is a LIFE & DEATH situation for those living along the coast, especially those ocean-exposed shorelines." The storm picked up strength quickly Friday, undergoing what’s known as bombogenesis—when a low pressure system drops 24 millibars in 24 hours. Like the deadly storm that hit the East Coast in January, it has been dubbed a “bomb cyclone.” Trees felled by strong winds killed at least five. Among them were: A 6-year-old boy who was killed in Virginia when a tree fell on his family’s home, an 11-year-old boy killed by a falling tree in New York State, a 57-year-old man killed after a tree fell on his car in Pennsylvania, a 77-year-old woman killed by a falling branch in Baltimore and a 44-year-old male passenger in a truck killed in Virginia when a tree fell on the vehicle. Wind speeds reached 80 to 90 mph on Cape Cod, while Ohio and upstate New York were blanketed by more than a foot of snow. Heavy snow also fell on areas including Pennsylvania and New Jersey, reported ABC. Almost 1.7 million homes and businesses were without power in the Northeast and Midwest Friday. Government offices in Washington closed as winds gusted to more than 60 mph in the U.S. capital. The storm grounded 5,489 flights, both domestic and international, and scores more were delayed, according to FlightAware.com. Storm damage caused Amtrack services between Washington D.C. and Boston to be halted Friday. Virginia Governor Ralph Northam declared a state of emergency, streamlining state aid to communities harmed by high winds. Massachusetts Governor Charlie Baker said he had called in the National Guard and urged caution and vigilance. A flood surge at extreme high tide sent seawater into Boston’s coastal streets, the second time this year that the area had flooded. Wind gusts approaching 70 mph helped force in the water while downing trees and power lines. The Weather Channel reported that though flooding in Boston fell short of record levels, life threatening floods are still possible Saturday. Jim Hayes, a meteorologist with the agency’s Weather Prediction Center in College Park, Maryland, said that snow and rain are forecast to taper off through Friday night and into Saturday as skies clear. Hayes added that winds are also expected to drop somewhat overnight and into Saturday as the offshore storm system recedes. Source
  14. U.S. and other Western scientists voice awe, and even alarm, at China’s quickening advances and spending on quantum communications and computing, revolutionary technologies that could give a huge military and commercial advantage to the nation that conquers them. The concerns echo — although to a lesser degree — the shock in the West six decades ago when the Soviets launched the Sputnik satellite, sparking a space race. In quick succession, China in recent months has utilized a quantum satellite to transmit ultra-secure data, inaugurated a 1,243-mile quantum link between Shanghai and Beijing, and announced a $10 billion quantum computing center. “To me, what is alarming is the level of coordination of what they’ve done,” said Christopher Monroe, a physicist and pioneer in quantum communication at the University of Maryland. Perhaps more than the accomplishments of the Chinese scientists, it is the resources that China is pouring into the research into how atoms, photons and other basic molecular matter can harness, process and transmit information. “It doesn’t necessarily mean that their scientists are better,” said Martin Laforest, a physicist and senior manager at the Institute for Quantum Computing at the University of Waterloo in Ontario, Canada. “It’s just that when they say, ‘We need a billion dollars to do this,’ bam, the money comes.” The engineering hurdles that China has cleared for quantum communication means that the United States will lag in that area for years. “The general feeling is that they’ll get there before us,” said Rene Copeland, a high-performance computer expert who is president of D-Wave (Government) Inc., a Vancouver-area company that uses aspects of quantum computing in its systems. But building a functioning quantum computer sets forth different kinds of challenges than mastering quantum communication, and may involve creating materials and processes that do not yet exist. Once thought to be decades off, scientists now presume a quantum computer may be built in a decade or less. The stakes are so high that advances by the U.S. government remain secret. “We don’t know exactly where the United States is. I fervently hope that a lot of this work is taking place in a classified setting,” said R. Paul Stimers, a lawyer at K&L Gates, a Washington law firm, who specializes in emerging technologies. “It is a race.” Pure quantum computers remain largely theoretical although simple prototypes exist. Many designs call for them to operate in super cold conditions, bordering on absolute zero, or around minus 458 degrees Fahrenheit, colder than outer space, without any noise or micro movements that can cause malfunction. What has made them the Holy Grail for nations and private industry is that quantum computers, in theory, are magnitudes better at sifting huge amounts of data than the binary processors that power mainframes, desktops and even smart phones today. They also can process algorithms that break all widely used encryption. Rather than doing a series of millions of computations, based on binary options of ones and zeros, quantum computers employ particles that exist in an infinite number of “superpositions” of the two states simultaneously, a condition that towering physicist Albert Einstein once labeled as “spooky.” A quantum computer “can feel all the possibilities at once,” said Warner A. Miller, a physicist at Florida Atlantic University, who, like the others, spoke last week at a forum on quantum computing at the Hudson Institute, a think tank in Washington. China splashed into the news in June when it announced that a satellite and a ground station had communicated through “entangled” quantum particles. Entangled particles, even if separated by thousands of miles, act in unison. Any change in one particle will induce a change in the other, almost as if a single particle existed in multiple places at once. Such long-distance quantum communication smashed records, occurring over 745 miles, far beyond the mile or so scientists had tested previously, and signaled Chinese mastery over a form of communication deemed ultra-secure and unhackable. “I read that on a Sunday and went, ‘oh sh-t,’” said Gregory S. Clark, an Australian-born mathematician who is chief executive of Symantec Corp., a global cybersecurity company with headquarters in Mountain View, California. Neither the U.S. military nor private industry is known to have such a capability. If the technology is refined, Clark said, it could make land-based communications infrastructure obsolete. “The whole world changes,” he said at a forum Sept. 19. In early September, China chalked up another milestone, completing a quantum communication link between its capital and Shanghai, by far the biggest such link in the world, surpassing anything in the United States or Europe. In such a link, if an encryption key used by either of two parties faces interference by a third party, the two parties know not to use it. China again demonstrated the prowess of its space-based quantum satellite, dubbed Micius, on Sept. 29 when the head of the Chinese Academy of Sciences held a video conference with an Austrian scientist over a distance of 4,630 miles. Also last month, China announced that it would build the world’s biggest quantum research facility, a $10 billion center in Hefei, capital of Anhui province, with the aim of building a working quantum computer that could break most any encryption within seconds. China already has the world’s fastest supercomputer, the Sunway TaihuLight, which captured the title in the 2016 and 2017 at a competition in Frankfurt, Germany. Monroe, the Maryland physicist, said China had set a goal of fully constructing the quantum research center within two years. “If it costs $10 billion, China will just do it without asking, and they’ll put an army together to do it,” Monroe said. “I don’t think any other government in the world is able to throw together something (so) fast.” Google, IBM and Microsoft all see huge opportunity in quantum computing and fund research labs. Commercial applications may include determining how polymers go together, mapping the genome, finding oil in complex geology, detecting cancer and handling air traffic. Quantum computers can sift through vast amounts of data. One that handles 60 quantum bits, or units of quantum information, could hold 64 exabytes of data – 2,560 times more than all the material managed by the Library of Congress, which has 838 miles of bookshelves. Military applications are vast and range beyond breaking enemy encryption to include quantum-enabled weaponry, navigation systems that can’t be jammed, and the use of quantum-powered artificial intelligence in war fighting. In those areas, China is not believed to have an advantage. “The point is, they are some distance from that quantum supremacy threshold,” said Arthur Herman, who leads the technology and defense program at the Hudson Institute. Still, Herman called for U.S. policymakers to focus hard on the quantum challenge. “We need a Manhattan Project style funding focus in order for a national quantum initiative to succeed,” Herman said, referring to the World War II era program to produce the first nuclear weapon. < Here >
  15. Two malware families battling for turf are most likely the cause of an outage suffered by Californian ISP Sierra Tel at the beginning of the month. This outage took place on April 10, 2017, when Sierra Tel customers started complaining about losing Internet and telephone connectivity. While initially there were unconfirmed rumors that the company had botched a firmware update, in a statement released the following day, on April 11, Sierra Tel admitted it was the victim of a "malicious hacking event." "Hacking event" affected only Zyxel HN-51 modems The company said someone targeted and hacked Zyxel modems model HN-51, all of which couldn't connect to its network anymore. As the number of complaining users kept growing, Sierra Tel representatives asked customers to drop their Zyxel modems at their offices, where they could get a replacement. The company underestimated the size of the incident, and after a few hours, it ran out of replacement modems, while customers formed long lines outside their offices. Subsequent clients who came to receive replacements were asked to leave their devices at the company's offices, promising that staff would repair the modem, and give them a call when it would be ready. On Saturday, April 22, almost two weeks later, Sierra Tell representatives announced they finally managed to finish repairing all the affected modems. "The Sierra Tel family is pleased to report that we have nearly completed our response to the highly disruptive impacts of the illegal hacking of the HN-51 modem," the company wrote on Facebook. BrickerBot was active on Sierra Tel's network The outage was only reported by the local press and got little attention from national media, as it only affected Sierra Tel customers in the cities of Mariposa and Oakhurst, California. The incident was brought to Bleeping Computer's attention by Janit0r, a man who claims to have developed BrickerBot, an IoT malware family that bricks unsecured IoT devices. "BrickerBot was active on the Sierra Tel network at the time their customers reported issues," Janit0r told Bleeping Computer in an email, "but their modems had also just been mass-infected with malware, so it's possible some of the network problems were caused by this concomitant activity." Janit0r suggested the other culprit was Mirai, a malware also known to cause similar issues. Last year, a hacker known as Popopret deployed a defective Mirai version that caused over 900,000 modems belonging to Deutsche Telekom to go offline for nearly a day, before the German ISP retook control over its devices via a firmware update. A week later, several British ISPs suffered the same fate. While it is impossible to say what caused the Sierra Tel modems to go offline, all clues line up with BrickerBot entering "Plan B," the sequence Janit0r says is responsible with bricking devices. In a previous interview with Bleeping Computer, Janit0r said that BrickerBot is not intentionally configured to destroy devices. The malware will first try to secure the device, but if it fails or the device cannot be secured, it will wipe its flash storage and rewrite with random data. These actions render targeted devices useless, needing repair or replacement, the exact same actions Sierra Tel took. Janit0r also said he developed BrickerBot to go after the same devices targeted by other IoT malware families, which makes pinpointing the source of Sierra Tel's outage even harder. It's quite possible that Sierra Tel's Zyxel modems went offline as the result of a secret turf war waged among various families of IoT malware, such as Mirai, BrickerBot, Hajime, Wifatch, Gafgyt, Imeij, and others. As more and more IoT malware families emerge, they will eventually cause more problems like the Sierra Tel incident. BrickerBot author congratulates ISP on its transparency "I'm worried that Sierra is unfairly getting some bad PR for being honest about the hack rather than covering it up," Janit0r wrote in another email. "I think Sierra did the right thing by being transparent to its customers. [...] I've seen other ISPs covering up such problems as 'bad firmware upgrades' or 'temporary connectivity issues'." Nevertheless, Janit0r is not willing to give Sierra Tel too many praises. "Sierra Tel should've locked down their network better, to begin with," Janit0r also added. "Having control interfaces filtered from the WAN [Internet] is critically important for any ISP deployment." The "control interface" Janit0r is referring to is most likely TR-069, known to have security issues, and which Mirai has exploited in the past. In fact, this is the same control interface that Mirai exploited in the aforementioned incidents that took place in Germany and the UK, last year, and which also involved Zyxel modems. Sierra Tel has not responded to numerous requests for comment from Bleeping Computer, but said on Facebook that is working with law enforcement to track down and catch the culprit of "this illegal and malicious hacking of the ZyXel HN51 modems." Over the weekend, Radware, the cyber-security firm who first spotted BrickerBot issued another report unveiling two newer versions of the BrickerBot malware, with different bricking techniques compared to the first samples they discovered. The company also has a series of recommandations for keeping IoT devices safe from BrickerBot and other IoT malware. Source
  16. WikiLeaks dumped 27 documents today as part of the "Vault 7" series of leaked documents, which the organization claims to belong to the CIA. Codenamed "Grasshopper," these are 27 manuals describe a CLI-based builder for assembling malware-laced Windows installers. CIA internal wiki pages describing the Grasshopper framework were first leaked at the start of March with the initial Vault 7 announcement. The Grasshopper guides leaked today contain more in-depth information and are training guides for CIA operatives. Grasshopper used to assemble the CIA's malware installers According to the leaked documents, CIA operatives must have some sort of technical information on their targets before using Grasshopper. Based on what operating system the target uses, what antivirus he's employing, and other technical details, the Grasshopper framework automatically puts together several components adequate for the job. To put together these components, operatives used a custom rule-based language to write build configs. In the end, Grasshopper delivers a Windows installer that field operatives can run on a target's machine and install their malware. The usage of a pre-infection form to deliver the most appropriate malware payload has also been seen in Fine Dining, another CIA toolkit that consists of malware-laced portable applications. Grasshopper is very modular, adapts to any operation Below is how the latest Grasshopper manual (v2.0.2) describes Grasshopper's modular architecture: As you can see, the CIA designed Grasshopper to be as malleable as possible, decoupling the installer from the final payload. The Grasshopper builder allows operatives to select the components they need for each operation and deliver a payload of their choice. The leaked documents intimate that Grasshopper installers can deliver payloads in EXE, DLL, SYS, or PIC formats, for x86 and x64 architectures, and payloads for getting persistence. In addition, Grasshopper can produce installers with built-in malicious payloads, or the payloads can be delivered at run-time from other locations. According to the leaked documents, the CIA claims "the installation executable should be loaded into and executed solely within memory," which means it is harder to pick up by traditional signature-based antivirus solutions. In fact, a lot of effort has been put into avoiding security products overall, which is consistent with the main rule of cyber-espionage, the one that says stealth is more important than results. Grasshopper borrowed code from the Carberp rootkit Along with the Grasshopper user guides, WikiLeaks also leaked the manual for Stolen Goods, one of the Grasshopper components used with installers to assure persistence on infected hosts. The document reveals that parts of Stolen Goods, as the name implies, were taken from the Carberp rootkit, used by the eponymous Russian cybercrime gang. Previously, it was discovered that the CIA also borrowed code from other malware families, such as HiKit, Shamoon, UpClicker, and the Nuclear Exploit Kit. Source
  17. The recently imposed travel restrictions by both British and US aviation authorities on the carrying of personal electronic devices while in the cabin of the aircraft have been criticized on safety grounds by the European Aviation Safety Agency. The European agency argues that the ban on allowing passengers to carry any PED(personal electronic device) larger than a smartphone in the cabin, and forcing passengers to carry any larger device in their hold luggage presents a major fire risk. As was widely covered last year with the explosive Galaxy S7 Note, the lithium batteries in many devices do hold the potential to catch fire. So as the agency as well as the European Cockpit Association, which represents over 38000 pilots, argue the piling of all PED's in the hold with no supervision leads to a major risk of in-flight fires. The US/UK ban comes in light of increased risks of terrorist explosive devices now being potentially small enough to be disguised as components within a laptop. That would theoretically be detonated against the cabin wall mid-flight, with catastrophic consequences. The UK and US ban only applies to 8 Middle Eastern and African countries and the respective UK, US agencies argue that they have consulted and considered the potential outcomes and evidence. Along with the European authorities, they have stressed that it is imperative that any PEDs in the hold must certainly be switched off and be packed carefully to avoid accidental activation. Source
  18. Back in the 90s, in 1996, when the Internet was barely a few years old, two cyber-espionage groups dominated the cyber-space: Moonlight Maze and the Equation Group. Their operations shocked the world and made people realize that hackers are also capable of stealing state secrets, not just money from bank accounts. That's when the term cyber-warfare became reality and not just the plot B-rated Hollywood movies. While details collected about the Equation Group across the years have allowed researchers to issue theories on its connections with the US National Security Agency, very few details were collected about Moonlight Maze, the first ever APT. Moonlight Maze, the first ever APT The group was active in the late 90s and seemed to have disappeared at the turn of the century. Their attacks were studied and studied again and their mode of operation became standard practice for malware and cyber-attackers. The group and its attacks achieved mythical status in the cyber-security world and were the subject of many books. Through the years, Moonlight Maze hacked many important US targets such as government agencies and top universities. Victims included the Pentagon, NASA, the US Navy, and the Department of Energy, just to name the bigger ones. Moonlight Maze group evolves, investigators fall behind For years investigators collected mountains of evidence but failed to make any headway into the investigation. They said Moonlight Maze operators stole so much information that if printed on paper it would stand three times higher than the Washington Monument. Data on all attacks was classified. As years went by, cyber-espionage became standard practice. Multiple groups had become active, and investigators needed to focus on current-day threats. That's why all Moonlight Maze data, on which the investigation was stalling, was permanently destroyed in 2008. The world seemingly forgot about the Moonlight Maze group, as its attacks stopped. In reality, they just developed new tools and deployed new infrastructure. Researchers were still detecting their attacks, but they didn't know it was this mythical group from the 90s. Researchers catch a break The mystery about Moonlight Maze's disappearance lived on until 2016 when a misredacted FOIA request revealed the name of a British sysadmin, David Hedges. A team of investigators from King's College London and Kaspersky Lab tracked down Hedges during 2016. Their persistence was eventually rewarded, as they discovered that Hedges had kept an old Linux machine that was compromised by the Moonlight Maze group in one of their operations. Called HRTest, this was a Linux server that was hacked and used as a relay point in a giant network of proxies operated by the Moonlight Maze group. Data would travel through these proxies for countless of hops until it would reach a dropping point where attackers could download it. Unknown to the Moonlight Maze group was that Hedges discovered the intrusion. Working with UK authorities he transformed the HRTest machine into a honeypot, sniffing all the traffic that went through. All traffic details (no actual stolen data) were logged and saved offline. Moonlight Maze's Linux backdoor While US authorities classified data on Moonlight Maze attacks in an attempt to safeguard the stolen data from third-party investigators, it soon became clear they didn't have the experience of security researchers working in the private sector. Investigations stalled and eventually stopped, as Moonlight Maze disappeared from the face of the Earth during the early 2000s. In reality, the group revamped all its infrastructure after attacks in 1999 became the subject of news headlines all over the world. They did this by slowly refashioning their attack tools, shifting from Linux tools to Windows malware. They did this progressively, still using some of their older tools, learning along the way. One of this tools that evolved during this transition period was a Linux malware family based on the LOKI2 backdoor published in a Phrack magazine in 1997. Despite being used in attacks for almost 17 years, Kaspersky researchers unearthed evidence of attacks with this backdoor only in 2014. At the time they didn't knew they had discovered a tool from the Moonlight Maze group and named the backdoor Penquin Turla, assigning it to a new APT discovered in the 2000s, named Turla. Moonlight Maze operators made mistakes But in 2016, data from the HRTest logs that wasn't destroyed by the FBI in 2008 came to light. This data was a goldmine for researchers, a forensics "time capsule." It also helped that Moonlight Maze operators kept their own logs, which they forgot to delete, of all the actions they took. These and the HRTest traffic logs from 1998 and 1999 revealed not only the humongous size of the Moonlight Maze network but also operational details, including the presence of the LOKI2 backdoor. Jaws dropped when researchers realized the implications. They just solved one of the biggest mysterious in cyber-security: "What happened to the mythical Moonlight Maze?" The Turla connection In a presentation at the Kaspersky Security Analyst Summit (SAS) taking place this week in St. Maarten, researchers say Moonlight Maze evolved into what today we know as the Turla APT, a Russian-speaking cyber-espionage group first spotted in 2007, which has been behind some of the advanced hacks in recent years. The group is most famous for using malware to hijack communications satellites and spy on targets in remote areas. In reality, its arsenal of tools includes many Windows malware families and UNIX attack tools. The connection between Moonlight Maze and Turla shows that a nation state has gathered a group of highly-talented hackers that are breaking ground on new ways to hack into systems. The Moonlight Gaze group was one of the first groups to launch coordinated cyber-attacks on targets across the world using the Internet, and then they shifted to using satellites in the 2010s. What's missing is a period in the early 2000s. The same research team believes that Moonlight Maze/Turla is also the group behind a series of attacks referenced as Storm Cloud, reported in 2003. These attacks targeted the Department of Defense and also used the LOKI2 backdoor. The hunt continues While 100% attribution is never certain in cyber-espionage campaigns, the clues uncovered on the HRTest server revealed more insight into Moonlight Maze operations than ever before. Kaspersky researchers are now making a public plea to other sysadmins that still have old servers running or tucked somewhere on their network. If they still have logs going back to those early days of the Internet and they have evidence the server was compromise, researchers can be reached via email. The full Kaspersky report can be found here, IOCs are here, and YARA rules for discovering Moonlight Maze malware is here. Source
  19. Requirements: 4.0+ What's New: Apr 6 | v3.18.1 - new build Voice Calls are now available in India too. Apr 3 | v3.18.1 Voice calls are now available in Europe, Africa, North and South Americas. Mar 30 | v3.18 Telegram Calls are here: secure, crystal-clear, constantly improved by artificial intelligence. We are rolling them out in Europe today, the rest of the world will get calls within a few days. Choose between 5 grades of video compression and preview the quality of your video before you send it. More Info: Downloads: Note: To make use of the voice calls feature, both the end-users should have stable/beta of this version 3.18.x or later. https://www.apkmirror.com/apk/telegram-messenger-llp/telegram/telegram-3-18-1-release/
  20. FBI Director James Comey warned Wednesday that Americans should not have expectations of "absolute privacy," adding that he planned to finish his term leading the FBI. "There is no such thing as absolute privacy in America; there is no place outside of judicial reach," Comey said at a Boston College conference on cybersecurity. He made the remark as he discussed the rise of encryption since 2013 disclosures by former National Security Agency contractor Edward Snowden revealed sensitive US spy practices. "Even our communications with our spouses, with our clergy members, with our attorneys are not absolutely private in America," Comey added. "In appropriate circumstances, a judge can compel any one of us to testify in court about those very private communications." But, he also said Americans "have a reasonable expectation of privacy in our homes, in our cars, in our devices. "It is a vital part of being an American. The government cannot invade our privacy without good reason, reviewable in court," Comey continued. In the last four months of 2016, the FBI lawfully gained access to 2,800 devices recovered in criminal, terrorism and counterintelligence investigations and the FBI was unable to open 43% of those devices, Comey said. Americans' desire for privacy and security should never be viewed as incompatible, he said. "We all value privacy. We all value security. We should never have to sacrifice one for the other," Comey said. "Our founders struck a bargain that is at the center of this amazing country of ours and has been for over two centuries." Comey's leadership of the FBI has been marked by controversy in the wake of the bureau's handling of the investigation into Hillary Clinton's email controversy and President Donald Trump's baseless accusations that President Barack Obama ordered the wiretapping of phones at Trump Tower. He did not address the wiretapping claim nor WikiLeaks' recent claim that it obtained internal CIA documents. Comey did, however, say he plans to finish out his 10-year term. "You're stuck with me for about another 6 1/2 years, and so I'd love to be invited back again," he said. By Mary Kay Mallonee and Eugene Scott http://edition.cnn.com/2017/03/08/politics/james-comey-privacy-cybersecurity/
  21. Alexander Tverdokhlebov is being held on charges of conspiring with another hacker to steal money from online bank accounts. Law enforcement authorities in Los Angeles have arrested a Russian-born individual on charges that he stole money from thousands of U.S. bank accounts in a cybercrime career dating back to at least 2008. In court papers filed in connection with the February 1 arrest, prosecuting attorneys described Alexander Tverdokhlebov as a well-connected member of several elite Russian-speaking cybercrime forums engaged in extensive money laundering services, selling stolen personal data, and malware tools. The four-count indictment against Tverdokhlebov charges him of using a botnet of around 10,000 infected computers to steal passwords and login credentials to online bank accounts which he and an accomplice, Vadim Polyakov, then used to make fraudulent purchases and illegal withdrawals. The charges in the indictment pertain specifically to wire fraud that the pair is alleged to have engaged in between May 2008 and February 2010. Court papers indicate that the government believes Tverdokhlebov was actively engaged in cybercrime activities at least untill very recently before his arrest. But the indictment itself makes no mention of what those activities might have been. Polyakov was arrested while vacationing in Spain in 2015 and extradited to the U.S. In 2016, he pled guilty to running a scam that fleeced StubHub of over $1 million and was sentenced by a New York court to between four and 12 years in state prison. After his February 1 arrest, Tverdokhlebov made an initial appearance before U.S. Magistrate Court Judge Patrick Walsh who ordered him released on bond, but the judge stayed the order at the government’s request. The U.S. Attorney’s Office for the Eastern District of Virginia, to where the case has been transferred, this week argued against Tverdokhlebov’s pretrial release citing serious flight risk concerns. They noted how during a search of Tverdokhlebov’s residence, law enforcement officials found keys to three bank safe deposit boxes that contained approximately $172,000 in $100 notes. One of Tverdokhlebevo’s partners described the boxes as something that he kept aside for a ‘bad day.’ “Defendant is an extremely sophisticated and well-connected cybercriminal,” prosecutors said in court papers arguing against Tverdokhlebov’s release on bond. As a member of several influential cybercriminal forums, Tverdokhlebov has access to co-conspirators with the ability and the resources to abet his flight. “Indeed, a review of Defendant's affiliations revealed contacts with some of the world's most notorious cybercriminals,” the government said in its motion. Though Tverdokhlebov is a U.S citizen, he apparently has little to tie him to the country. He married a U.S. citizen in 2009 and then divorced her shortly thereafter after transferring a large amount of money to her. Most of Tverdokhlebov’s family is still based in Russia, and the only significant tie he has in the U.S. is a relationship with a Russian-born woman based here. Prosecutors also believe that Tverdokhlebov has access to significant amounts of additional funds, and that he has carefully laid out plans to evade law enforcement. In conversations that he had over ICQ with others, Tverdokhlebov talked about contingency plans in case he ever gets caught, according to prosecutors. By Jai Vijayan http://www.darkreading.com/attacks-breaches/alleged-russian-hacker-with-ties-to-notorious-cybercriminals-arrested-in-la/d/d-id/1328121?
  22. Four in Five Britons Fearful Trump Will Abuse their Data More than three-quarters of Britons believe incoming US President Donald Trump will use his surveillance powers for personal gain, and a similar number want reassurances from the government that data collected by GCHQ will be safeguarded against such misuse. These are the headline findings from a new Privacy International poll of over 1600 Brits on the day Trump is inaugurated as the 45th President of the most powerful nation on earth. With that role comes sweeping surveillance powers – the extent of which was only revealed after NSA whistleblower Edward Snowden went public in 2013. There are many now concerned that Trump, an eccentric reality TV star and gregarious property mogul, could abuse such powers for personal gain. That’s what 78% of UK adults polled by Privacy International believe, and 54% said they had no trust that Trump would use surveillance for legitimate purposes. Perhaps more important for those living in the United Kingdom is the extent of the information sharing partnership between the US and the UK. Some 73% of respondents said they wanted the government to explain what safeguards exist to ensure any data swept up by their domestic secret services doesn’t end up being abused by the new US administration. That fear has become even more marked since the passage of the Investigatory Powers Act or 'Snoopers’ Charter', which granted the British authorities unprecedented mass surveillance and hacking powers, as well as forcing ISPs to retain all web records for up to 12 months. Privacy International claimed that although it has privately been presented with documents detailing the info sharing partnership between the two nations, Downing Street has so far refused to make the information public. The rights group and nine others are currently appealing to the European Court of Human Rights to overturn a decision by the Investigatory Powers Tribunal (IPT) not to release information about the rules governing the US-UK agreement. “UK and the US spies have enjoyed a cosy secret relationship for a long time, sharing sensitive intelligence data with each other, without parliament knowing anything about it, and without any public consent. Slowly, we’re learning more about the staggering scale of this cooperation and a dangerous lack of sufficient oversight,” argued Privacy International research officer, Edin Omanovic. “Today, a new President will take charge of US intelligence agencies – a President whose appetite for surveillance powers and how they’re used put him at odds with British values, security, and its people… Given that our intelligence agencies are giving him unfettered access to massive troves of personal data, including potentially about British people, it is essential that the details behind all this are taken out of the shadows.” Source
  23. Anonymous to Donald Trump: We Know What You Did Last Summer Hackers threaten to leak Donald Trump’s Russian ties The messages were published by Anonymous after Donald Trump took to Twitter to suggest that outgoing CIA head John Brennan might be involved in the spreading of fake news that made the headlines in the past few weeks, including “Syria, Crimea, Ukraine and the build-up of Russian nukes.” The @YourAnonCentral Twitter handle, which has some 150,000 followers, was one of the first to reply to Donald Trump’s tweet, accusing the President-elect of being directly involved in some pretty shady activities in Russia. “[email protected] you have financial and personal ties with Russian mobsters, child traffickers, and money launderers,” Anonymous said in their first message. “This isn't the 80's any longer, information doesn't vanish, it is all out there. You are going to regret the next 4 years. We could care less about Democrats attacking you @realDonaldTrump, the fact of the matter is, you are implicated in some really heavy s**t. Roy Cohen and your daddy aren't here to protect you anymore. Oh and please tell your interns not to waste money hitting us with your Moldavian bot farm, stay frosty @realDonaldTrump.” Donald Trump tight-lipped on Anonymous’ accusations It goes without saying that Donald Trump didn’t response to Anonymous’ tweets, and there’s absolutely no chance he didn’t notice them since he’s such a big Twitter fan. In other news, Donald Trump said he would keep his personal Twitter account in the next four years, so expect similar messages to be posted occasionally during his tenure at the White House. As far as Anonymous is concerned, the hacking group hasn’t said anything about when and how it could leak the information about the new President of the United States. They did say, however, that the next four years will be very difficult for Donald Trump, so if the hackers do have evidence regarding the new President’s involvement in shady Russian activities, expect them to go online sometime in the coming years. Source
  24. Encrypted Email Sign-Ups Instantly Double In Wake of Trump Victory ProtonMail suggests fear of the Donald prompting lockdown "ProtonMail follows the Swiss policy of neutrality. We do not take any position for or against Trump," the Swiss company's CEO stated on Monday, before revealing that new user sign-ups immediately doubled following Trump's election victory. ProtonMail has published figures showing that as soon as the election results rolled in, the public began to seek out privacy-focused services such as its own. CEO Andy Yen said that, in communicating with these new users, the company found people apprehensive about the decisions that President Trump might take and what they would mean considering the surveillance activities of the National Security Agency. "Given Trump's campaign rhetoric against journalists, political enemies, immigrants, and Muslims, there is concern that Trump could use the new tools at his disposal to target certain groups," Yen said. "As the NSA currently operates completely out of the public eye with very little legal oversight, all of this could be done in secret." ProtonMail was launched back in May 2014 by scientists who had met at CERN and MIT. In response to the Snowden revelations regarding collusion between the NSA and other email providers such as Google, they created a government-resistant, end-to-end encrypted email service. The service was so popular that it was "forced to institute a waiting list for new accounts after signups exceeded 10,000 per day" within the first three days of opening, the CEO previously told The Register when ProtonMail reopened free registration to all earlier this year. ProtonMail new user signups doubled immediately after Trump's election victory Yen said his service was now "seeing an influx of liberal users" despite its popularity on both sides of the political spectrum. "ProtonMail has also long been popular with the political right, who were truly worried about big government spying, and the Obama administration having access to their communications. Now the tables have turned," Yen noted. "One of the problems with having a technological infrastructure that can be abused for mass surveillance purposes is that governments can and do change, quite regularly in fact. "The only way to protect our freedom is to build technologies, such as end-to-end encryption, which cannot be abused for mass surveillance," Yen added. "Governments can change, but the laws of mathematics upon which encryption is based are much harder to change." Source
  25. Salafi

    War : Situation In Iraq

    The end of the ISIS is near ! HQ Map of the situation in Iraq as the US backed forces try to capture the last ISIS bastion in Iraq : Mossoul. http://www.mediafire.com/view/1k1uki9c55p080l/06.11.2016.png Source : https://twitter.com/_Misrati
×
×
  • Create New...