Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Security

Rackspace Restored After DDOS Takes Out DNS 20

Posted by samzenpus
from the back-again dept.
An anonymous reader sends word that Rackspace has recovered from a severe distributed denial of service attack. "Over on the company's Google+ page Rackspace warned of 'intermittent periods of latency, packet loss, or connectivity failures when attempting to reach rackspace.com or subdomains within rackspace.com.' The company's status report later confirmed it had '... identified a UDP DDoS attack targeting the DNS servers in our IAD, ORD, and LON data centers [North Virigina, Chicago and London]. As a result of this issue, authoritative DNS resolution for any new request to the DNS servers began to fail in the affected data centers. In order to stabilize the issue, our teams placed the impacted DNS infrastructure behind mitigation services. This service is designed to protect our infrastructure, however, due to the nature of the event, a portion of legitimate traffic to our DNS infrastructure may be inadvertently blocked. Our teams are actively working to mitigate the attack and provide service stability.'"
Security

South Korea Says Nuclear Reactors Safe After Cyberattacks 44

Posted by samzenpus
from the all-clear dept.
wiredmikey writes South Korea on Thursday ruled out the possibility that recent cyber-attacks on nuclear power operator Korea Hydro and Nuclear Power Co (KHNP) could cause a malfunction at any of the country's 23 atomic reactors. Earlier this week, South Korea heightened security in the wake of the leaks, with the defense ministry's cyber warfare unit increasing its watch-level against attacks from North Korean and other hackers. On Monday, KHNP launched a two-day drill, testing its ability to thwart a cyber attack.
PlayStation (Games)

Xbox Live and PlayStation Networks Downed By Apparent Attack 122

Posted by timothy
from the no-fun-for-you dept.
mrspoonsi writes Both Xbox Live and PlayStation Network [were] down this morning, apparently due to a denial-of-service attack. The notorious hacking group Lizard Squad — which already carried out earlier attacks on Microsoft and Sony — has claimed responsibility on Twitter for these latest outages. While the group's role in all of this remains unconfirmed, it's worth noting that the group threatened last week to take down Xbox Live and PSN, according to Business Insider. And again, Lizard Squad has already proven it can successfully pull off such attacks, not to mention other malicious pranks.

Whatever the cause, the timing is obviously terrible: Plenty of people surely received one of the two consoles as Christmas presents today, while many more gamers would have happily spent the afternoon in front of the TV. In the meantime, both Sony and Microsoft have acknowledged the problem, with Sony issuing a tweet and Microsoft posting a message on its support website: "We're working to address this as quickly as we possibly can," reads its status website. "Thanks for your patience, Xbox members." In an email, a Microsoft spokesperson declined to comment further or say when the company expects to restore service. We've also asked Sony to comment and will update this post if and when it does.
The Xbox Live status page says service remains "limited," and the Playstation Network is listed as offline.
Open Source

Linux 3.19 Kernel To Start 2015 With Many New Features 53

Posted by timothy
from the presents-from-linus-and-friends dept.
An anonymous reader writes Linux 3.18 was recently released, thus making Linux 3.19 the version under development as the year comes to a close. Linux 3.19 as the first big kernel update of 2015 is bringing in the new year with many new features: among them are AMDKFD HSA kernel driver, Intel "Skylake" graphics support, Radeon and NVIDIA driver improvements, RAID5/6 improvements for Btrfs, LZ4 compression for SquashFS, better multi-touch support, new input drivers, x86 laptop improvements, etc.
Government

North Korean Defector Spills Details On the Country's Elite Hacking Force 143

Posted by timothy
from the can't-hack-in-here-this-is-the-hacking-room dept.
mattydread23 writes Business Insider interviewed Jang Se-yul, a North Korean defector who trained in the country's Mirim University alongside some of the hackers who make up its elite Bureau 121 hacking squad. He explains how they train: 'They take six 90-minute classes every day, learning different coding languages and operating systems, from C to Linux. Jang says a lot of time was spent dissecting Microsoft programs, like the Windows operating system, and how to attack the overall computer IT systems of enemy countries like the U.S. or South Korea.' He also explains that these hackers are among the elite in North Korea, and even though they have unfiltered information about the outside world that their countrymen lack, most of them would never dream of leaving. (See also this story from earlier this month about the life of North Korea's elite hackers.)
Crime

Russian Hackers Stole Millions From Banks, ATMs 49

Posted by timothy
from the where-the-money-is dept.
An anonymous reader writes Tens of millions of dollars, credit cards and intellectual property was stolen by a new group of cyber criminals. Group-IB and Fox-IT, in a joint research effort, have released a report about the Anunak hackers group (PDF). This group has been involved in targeted attacks and espionage since 2013. Anunak targets banks and payment systems in Russia and CIS countries. In Europe, the U.S., and Latin America, criminals were mainly focusing on retail networks as well as mass media resources. Anunak is unique in that it aims to target banks and e-payment systems. The goal is to get into bank networks and gain access to secured payment systems. As a result, the money is stolen not from the customers, but from the bank itself. If they manage to infect governmental networks, they use the infrastructure for espionage.
Sony

Did North Korea Really Attack Sony? 267

Posted by samzenpus
from the who's-to-blame dept.
An anonymous reader writes "Many security experts remain skeptical of North Korea's involvement in the recent Sony hacks. Schneier writes: "Clues in the hackers' attack code seem to point in all directions at once. The FBI points to reused code from previous attacks associated with North Korea, as well as similarities in the networks used to launch the attacks. Korean language in the code also suggests a Korean origin, though not necessarily a North Korean one, since North Koreans use a unique dialect. However you read it, this sort of evidence is circumstantial at best. It's easy to fake, and it's even easier to interpret it incorrectly. In general, it's a situation that rapidly devolves into storytelling, where analysts pick bits and pieces of the "evidence" to suit the narrative they already have worked out in their heads.""
Sony

Sony To Release the Interview Online Today; Apple Won't Play Ball 223

Posted by samzenpus
from the watch-it-now dept.
An anonymous reader writes "The BBC reports: "Sony Pictures is to distribute its film The Interview online, after a cyber-attack and a row over its release. The film will be offered on a dedicated website — seetheinterview.com — as well as via Google and Microsoft services." Notably absent among the services to provide The Interview is Apple. The New York Times reports: "According to people briefed on the matter, Sony had in recent days asked the White House for help in lining up a single technology partner — Apple, which operates iTunes — but the tech company was not interested, at least not on a speedy time table. An Apple spokesman declined to comment. "
Hardware Hacking

Many DDR3 Modules Vulnerable To Bit Rot By a Simple Program 130

Posted by Soulskill
from the flipping-bits-for-fun-and-profit dept.
New submitter Pelam writes: Researchers from Carnegie Mellon and Intel report that a large percentage of tested regular DDR3 modules flip bits in adjacent rows (PDF) when a voltage in a certain control line is forced to fluctuate. The program that triggers this is dead simple — just two memory reads with special relative offset and some cache control instructions in a tight loop. The researchers don't delve deeply into applications of this, but hint at possible security exploits. For example a rather theoretical attack on JVM sandbox using random bit flips (PDF) has been demonstrated before.
Open Source

Docker Image Insecurity 71

Posted by Soulskill
from the totally-secure-for-undefined-values-of-secure dept.
An anonymous reader writes Developer Jonathan Rudenberg has discovered and pointed out a glaring security hole in Docker's system. He says, "Recently while downloading an 'official' container image with Docker I saw this line: ubuntu:14.04: The image you are pulling has been verified

I assumed this referenced Docker's heavily promoted image signing system and didn't investigate further at the time. Later, while researching the cryptographic digest system that Docker tries to secure images with, I had the opportunity to explore further. What I found was a total systemic failure of all logic related to image security.

Docker's report that a downloaded image is 'verified' is based solely on the presence of a signed manifest, and Docker never verifies the image checksum from the manifest. An attacker could provide any image alongside a signed manifest. This opens the door to a number of serious vulnerabilities."
Docker's lead security engineer has responded here.
Portables (Apple)

Thunderbolt Rootkit Vector 163

Posted by Soulskill
from the like-USB-but-better dept.
New submitter Holi sends this news from PC World: Attackers can infect MacBook computers with highly persistent boot rootkits by connecting malicious devices to them over the Thunderbolt interface. The attack, dubbed Thunderstrike, installs malicious code in a MacBook's boot ROM (read-only memory), which is stored in a chip on the motherboard. It was devised by a security researcher named Trammell Hudson based on a two-year old vulnerability and will be demonstrated next week at the 31st Chaos Communication Congress in Hamburg.
OS X

Apple Pushes First Automated OS X Security Update 112

Posted by timothy
from the little-cat-feet dept.
PC Magazine reports (as does Ars Technica) that Apple this week has pushed its first automated security update, to address critical flaws relating to Network Time Protocol: The flaws were revealed last week by the Department of Homeland Security and the Carnegie Mellon University Software Engineering Institute—the latter of which identified a number of potentially affected vendors, including FreeBSD Project, NTP Project, OmniTI, and Watchguard Technologies, Inc. A number of versions of the NTP Project "allow attackers to overflow several buffers in a way that may allow malicious code to be executed," the Carnegie Mellon/DHS security bulletin said. ... The company's typical security patches come through Apple's regular software update system, and often require users to move through a series of steps before installing. This week's update, however, marks Cupertino's first implementation of its automated system, despite having introduced the function two years ago, Reuters said.
Upgrades

Samsung Announces Production of 20nm Mobile LPDDR4, Faster Than Desktop DDR4 41

Posted by timothy
from the leapfrog-is-fun dept.
MojoKid writes Samsung announced today that it has begun volume production of its 8Gb LPDDR4 memory chips, with expected commercial shipments in 2015. The announcement is noteworthy for a number of reasons. First, one of the most important characteristics of a modern mobile device is its battery life, and moving to a new memory standard should significantly reduce the memory subsystem's power consumption. Second, however, there's the clock speed. Samsung is claiming that its LPDDR4 will hit 3.2GHz, and while bus widths on mobile parts are significantly smaller than the 64-bit channels that desktops use, the higher clock speed per chip will help close that gap. In fact, multiple vendors have predicted that LPDDR4 clock speeds will actually outpace standard DDR4, with a higher amount of total bandwidth potentially delivered to tablets and smartphones than conventional PCs will see. In addition, the power savings are expected to be substantial.
Businesses

JP Morgan Breach Tied To Two-Factor Authentication Slip 71

Posted by timothy
from the something-borrowed-something-blue dept.
itwbennett writes The attackers who stole information about 83 million JPMorgan Chase customers earlier this year gained a foothold on the company's network because a server reportedly lacked two-factor authentication, despite the company's practice of using two-factor authentication on most of its systems. The story, reported in the New York Times, echoes the warnings of security experts over the years that the breach of a single server or employee computer can put an entire network at risk.
Networking

NetworkManager 1.0 Released After Ten Years Development 156

Posted by Soulskill
from the good-things-come-for-those-who-wait dept.
An anonymous reader writes: After ten years of development focused on improving and simplifying Linux networking, NetworkManager 1.0 was released. NetworkManager 1.0 brings many features including an increasingly modernized client library, improved command-line support, a lightweight internal DHCP client, better Bluetooth support, VPN enhancements, WWAN IPv6 support, and other features.
United States

North Korean Internet Is Down 360

Posted by samzenpus
from the right-back-at-you dept.
First time accepted submitter opentunings writes "Engadget and many others are reporting that North Korea's external Internet access is down. No information yet regrading whether anyone's taking responsibility. From the NYT: "Doug Madory, the director of Internet analysis at Dyn Research, an Internet performance management company, said that North Korean Internet access first became unstable late Friday. The situation worsened over the weekend, and by Monday, North Korea’s Internet was completely offline. 'Their networks are under duress,' Mr. Madory said. 'This is consistent with a DDoS attack on their routers,' he said, referring to a distributed denial of service attack, in which attackers flood a network with traffic until it collapses under the load."
Transportation

TSA Has Record-Breaking Haul In 2014: Guns, Cannons, and Swords 276

Posted by samzenpus
from the return-you-rifle-to-a-upright-and-locked-position dept.
An anonymous reader writes The TSA has gathered an impressive pile of confiscated weapons this year. In early November the agency had already discovered 1,855 firearms at checkpoints. In addition to guns, they've also collected machetes, hatchets, swords, giant scissors, brass knuckles, cannonballs, bear repellent and, this past October, an unloaded cannon. "Maybe someone has a lucky inert grenade they brought back from some war, or a nice cane was given to them and they forgot that the thing is actually a sword," said Jeff Price, author of Practical Aviation Security, "It's the people that are carrying stuff like chainsaws that make me wonder."
Security

South Korean Power Plants To Conduct Cyber-Attack Drills Following Hack 39

Posted by samzenpus
from the protect-ya-neck dept.
An anonymous reader writes South Korea's nuclear operator has been targeted in a cyber-attack, with hackers threatening people to 'stay away' from three of the country's nuclear reactors should they not cease operations by Christmas. The stolen data is thought to be non-critical information, and both the company and state officials have assured that the reactors are safe. However, KHNP has said that it will be conducting a series of security drills over the next two days at four power plants to ensure they can all withstand a cyber-attack. The hacks come amid accusations by the U.S. that North Korea may be responsible for the punishing hack on Sony Pictures. Concerns have mounted that Pyongyang may initiate cyber strikes against industrial and social targets in the U.S. and South Korea.
Government

Tor Warns of Possible Disruption of Network Through Server Seizures 19

Posted by samzenpus
from the here-it-comes dept.
itwbennett writes "Without naming the group responsible, the Tor project warned that it could face attempts to incapacitate its network in the next few days through the seizure of specialized servers called directory authorities. These servers guide Tor users on the list of distributed relays on the network that bounce communications around. 'We are taking steps now to ensure the safety of our users, and our system is already built to be redundant so that users maintain anonymity even if the network is attacked. Tor remains safe to use,' wrote 'arma' in a post Friday on the Tor project blog. The 'arma' developer handle is generally associated with project leader Roger Dingledine. There were no reports of a seizure by late Sunday. The project promised to update the blog and its Twitter account with new information."
Transportation

Major Security Vulnerabilities Uncovered At Frankfurt Airport 91

Posted by samzenpus
from the how-many-fluid-ounces-is-that? dept.
jones_supa writes "According to a report published in this Sunday's edition of the mass-circulation Bild am Sonntag newspaper, investigators sent by the European Commission found it surprisingly easy to smuggle banned items past security at Frankfurt Airport. It said undercover investigators posing as passengers were able to smuggle weapons or other dangerous items through security every second time they tried to do so. One of the biggest problems was improperly trained staff, who were often not able to recognize dangerous items when viewing the screens they use to look at x-ray images of baggage. The staff is sourced via a privately owned service provider. Germany's Federal Police said they introduced new measures immediately after learning of the security deficits to ensure that passenger safety was guaranteed. Fraport AG, the company that operates the Germany's biggest airport, also took the findings seriously and begun an operation to retrain a total of 2,500 workers."

Whom computers would destroy, they must first drive mad.

Working...