Language Selection

English French German Italian Portuguese Spanish

Security: Updates, RDS, FBI, Microsoft, Google and Ransom

Filed under
Security
  • Security updates for Thursday
  • Severe Linux kernel flaw found in RDS
  • FBI Tells The Governor Of Florida About Election Hacking, But Says He Can't Tell Anyone Else

    I thought this was America, but whatever. Secrecy in all things government, despite the (often misheld) presumption that our public servants will be open and honest about issues that affect us.

    It's no secret voting systems and databases are not secure. These are problems that date back 15 years, but have shown little improvement since. Election interference is just another tool in the nation-state hacking kit, and the US is far from immune from these attacks.

    Federal agencies investigating election interference are at least speaking to officials in states affected by these efforts. But those officials are apparently not allowed to pass on this information to those affected the most: voters.

  • Microsoft’s First Windows XP Patch in Years Is a Very Bad Sign

    THIS WEEK, MICROSOFT issued patches for 79 flaws across its platforms and products. One of them merits particular attention: a bug so bad that Microsoft released a fix for it on Windows XP, an operating system it officially abandoned five years ago.

  • Google Says Titan Security Keys Could Be Hacked; Offers Free Replacement

    Today Google has announced a security flaw in its Bluetooth Titan Security Key that is used for 2-factor authentication. The security flaw could allow hackers in close proximity to bypass the security mechanism and connect their own devices.

  • Firms That Promised High-Tech Ransomware Solutions Almost Always Just Pay the Hackers

    FROM 2015 TO 2018, a strain of ransomware known as SamSam paralyzed computer networks across North America and the U.K. It caused more than $30 million in damage to at least 200 entities, including the cities of Atlanta and Newark, New Jersey, the Port of San Diego and Hollywood Presbyterian Medical Center in Los Angeles. It knocked out Atlanta’s online water service requests and billing systems, prompted the Colorado Department of Transportation to call in the National Guard, and delayed medical appointments and treatments for patients nationwide whose electronic records couldn’t be retrieved. In return for restoring access to the files, the cyberattackers collected at least $6 million in ransom.

    “You just have 7 days to send us the BitCoin,” read the ransom demand to Newark. “After 7 days we will remove your private keys and it’s impossible to recover your files.”
    At a press conference last November, then-Deputy Attorney General Rod Rosenstein announced that the U.S. Department of Justice had indicted two Iranian men on fraud charges for allegedly developing the strain and orchestrating the extortion. Many SamSam targets were “public agencies with missions that involve saving lives,” and the attackers impaired their ability to “provide health care to sick and injured people,” Rosenstein said. The hackers “knew that shutting down those computer systems could cause significant harm to innocent victims.”

More in Tux Machines

Today in Techrights

Android Leftovers

GCC vs. Clang Compiler Benchmarks On POWER9 With Raptor's Blackbird

While for Intel x86_64 with the latest compilers it's a very competitive race between LLVM Clang and GCC, how is that battle playing out on the IBM POWER9 front? Using the interesting Raptor Blackbird with IBM POWER9 4-core / 16-thread CPU, here are some recent benchmarks I did between GCC 9, GCC 10, and LLVM Clang 8. Last month using the Raptor Blackbird with quad-core / sixteen thread IBM POWER9 CPU while running Ubuntu 19.10 ppc64le, I ran compiler tests while using GCC 9.1.0 stable, GCC 10.0 snapshot from mid June, and LLVM Clang 8.0.1 as some reference tests for seeing how these compilers are performing for POWER9. All tested compilers were in their release/optimized builds and various POWER-friendly C/C++ benchmarks were carried out for checking on the performance impact of the different generated binaries. Read more

Android Leftovers