Hackers Flood the Internet With 100000 Malicious PDF Documents.
Category: internet – Page 180
In 2003, Lyon was just finishing school and working as a hired hacker. Companies tasked him with rooting out vulnerabilities in their systems, and he’d developed mapping tools for the job. His electronic sniffers would trace a network’s lines and nodes and report back what they found. Why not set them loose on the mother of all networks, he thought? So he did.
The resulting visualization recalled grand natural patterns, like networks of neurons or the large-scale structure of the universe. But it was at once more mundane and mind-boggling—representing, as it did, both a collection of mostly standard laptop and desktop computers connected to servers in run-of-the-mill office parks and an emerging technological force that was far more than the sum of it parts.
In 2010, Lyon updated his map using a new method. Instead of the traceroutes he used in 2003, which aren’t always accurate, he turned to a more precise mapping tool using route tables generated by the Border Gateway Protocol (BGP), the internet’s main system for efficiently routing information. And now, he’s back with a new map based on BGP routes from the University of Oregon’s Route Views project. Only this time the map moves: It’s a roughly 25-year time-lapse of the internet’s explosive growth.
Take my micro-transaction.
We may be on track to our own version of the Oasis after an announcement yesterday from Epic Games that it has raised $1 billion to put towards building “the metaverse.”
Epic Games has created multiple hugely popular video games, including Fortnite, Assassin’s Creed, and Godfall. An eye-popping demo released last May shows off Epic’s Unreal Engine 5, its next-gen computer program for making video games, interactive experiences, and augmented and virtual reality apps, set to be released later this year. The graphics are so advanced that the demo doesn’t look terribly different from a really high-quality video camera following someone around in real life—except it’s even cooler. In February Epic unveiled its MetaHuman Creator, an app that creates highly realistic “digital humans” in a fraction of the time it used to take.
So what’s “the metaverse,” anyway? The term was coined in 1992 when Neal Stephenson published his hit sci-fi novel Snow Crash, in which the protagonist moves between a virtual world and the real world fighting a computer virus. In the context of Epic Games’ announcement, the metaverse will be not just a virtual world, but the virtual world—a digitized version of life where anyone can exist as an avatar or digital human and interact with others. It will be active even when people aren’t logged into it, and would link all previously-existing virtual worlds, like an internet for virtual reality.
With full court approval.
In what’s believed to be an unprecedented move, the FBI is trying to protect hundreds of computers infected by the Hafnium hack by hacking them itself, using the original hackers’ own tools (via TechCrunch).
The hack, which affected tens of thousands of Microsoft Exchange Server customers around the world and triggered a “whole of government response” from the White House, reportedly left a number of backdoors that could let any number of hackers right into those systems again. Now, the FBI has taken advantage of this by using those same web shells / backdoors to remotely delete themselves, an operation that the agency is calling a success.
“The FBI conducted the removal by issuing a command through the web shell to the server, which was designed to cause the server to delete only the web shell (identified by its unique file path),” explains the US Justice Department.
Elon Musk’s SpaceX added more money to its February equity raise, with the amended total reaching nearly $1.2 billion.
Elon Musk’s SpaceX added more money to its most recent equity raise, according to a securities filing on Wednesday.
SpaceX held a second close of about $314 million, adding to the $850 million that CNBC reported the company raised in February. The amendment brings the round’s new total equity raised to $1.16 billion, which the company raised at a valuation of about $74 billion.
Strong demand for the company’s shares centers around its ambitious Starship and Starlink projects.
IoT, Industrial Devices Impacted
Posted in internet, robotics/AI
In real-world attacks, “a simple scenario… would have an attacker infiltrating a manufacturing network via an RCE on an exposed IoT device then causing a production line to stop by causing a DoS on an industrial controller,” Daniel dos Santos, research manager at Forescout Research Labs, said. “Similarly, the attacker could switch off the lights of a target company by leveraging a vulnerable building automation controller.”
Many of the Name: Wreck vulnerabilities stem from DNS implementations of a protocol feature called message compression. Message compression reduces the size of DNS messages, due to DNS response packets often including the same domain name. This compression mechanism has been problematic to implement on products for 20 years, said researchers, causing issues on DNS servers, enterprise devices and, more recently, TCP/IP stacks. Forescout researchers disclosed three flaws relating to message compression during previous research into TCP/IP vulnerabilities (particularly the Ripple20 and AMNESIA:33 sets of flaws). Consequently, they hunted for other similar types of flaws in other protocol stacks.
As part of the ensuing Name: Wreck research, researchers found DNS message compression vulnerabilities in four popular TCP/IP stacks, including FreeBSD (version 12.1), IPnet (version VxWorks 6.6), NetX (version 6.0.1) and Nucleus Net (version 4.3). The most critical flaws exist in FreeBSD, popular IT software used by high-performance servers in millions of IT networks, including major websites such as Netflix and Yahoo; and in Siemens’ Nucleus NET firmware, which has been used for decades by critical OT and Internet-of-Things (IoT) devices.
Shorthand, the Australian startup behind a no-code platform that allows publishers and brands to create multimedia stories, has raised $10 million Australian (just under $8 million U.S.) from Fortitude Investment Partners.
CEO Ricky Robinson told me via email that this is Shorthand’s first institutional round of funding, and that the company has been profitable for the past two years.
“We’ve been lucky enough to grow to where we are today through an entirely inbound, organic model that leverages the beautiful content that our customers create in Shorthand to generate leads,” Robinson wrote. “But we’ve been testing other channels with some success and the time is right to ramp up those other marketing initiatives. That’s where we’ll be spending this funding, while also investing heavily in our product to keep Shorthand at the cutting edge of storytelling innovation for the web.”
A new way to harvest power from 5G networks could make many of the batteries that power our devices a thing of the past, researchers say.
An ATHENA group member holds an inkjet-printed prototype of a mm-wave harvester. The researchers envision a future where IoT devices will be powered wirelessly over 5G networks. (Credit: Christopher Moore/Georgia Tech)
The researchers have developed a flexible Rotman lens-based rectifying antenna (rectenna) system capable, for the first time, of millimeter-wave harvesting in the 28-GHz band. The Rotman lens is key for beamforming networks and is frequently used in radar surveillance systems to see targets in multiple directions without physically moving the antenna system.
Electronic oscillators lie at the heart of virtually all microelectronic systems, generating the clock signals used in digital electronics and the precise frequencies that enable radio frequency (RF) sensors and communications. While an ideal oscillator provides a perfect signal at a single frequency, imperfections degrade the spectral purity of real-world components.
Such impairments, broadly quantified as phase noise, ultimately limit the performance of many military radars and commercial 5G systems. The issue is becoming increasingly burdensome as the airways become more congested and defense needs evolve.
A few weeks back we brought word that Reddit users [derekcz] and [Xerbot] had managed to receive the 2232.5 MHz telemetry downlink from a Falcon 9 upper stage and pull out some interesting plain-text strings. With further software fiddling, the vehicle’s video streams were decoded, resulting in some absolutely breathtaking shots of the rocket and its payload from low Earth orbit.
Unfortunately, it looks like those heady days are now over, as [derekcz] reports the downlink from the latest Falcon 9 mission was nothing but intelligible noise. Since the hardware and software haven’t changed on his side, the only logical conclusion is that SpaceX wasn’t too happy about radio amateurs listening in on their rocket and decided to employ some form of encryption.
Since this data has apparently been broadcast out in the clear for nearly a decade before anyone on the ground noticed, it’s easy to see this as an overreaction. After all, what’s the harm in a few geeks with hacked together antennas getting a peek at a stack of Starlink satellites? [derekcz] even mused that allowing hobbyists to capture these space views might earn the company some positive buzz, something Elon Musk never seems to get enough of.