New SMB Worm Uses Seven NSA Hacking Tools. WannaCry Used Just Two

An anonymous reader writes: Researchers have detected a new worm that is spreading via SMB, but unlike the worm component of the WannaCry ransomware, this one is using seven NSA tools instead of two. Named EternalRocks, the worm seems to be in a phase where it is infecting victims and building its botnet, but not delivering any malware payload. EternalRocks is far more complex than WannaCry’s SMB worm. For starters, it uses a delayed installation process that waits 24 hours before completing the install, as a way to evade sandbox environments. Further, the worm also uses the exact same filenames as WannaCry in an attempt to fool researchers of its true origin, a reason why the worm has evaded researchers almost all week, despite the attention WannaCry payloads have received. Last but not least, the worm does not have a killswitch domain, which means the worm can’t be stopped unless its author desires so. Because of the way it was designed, it is trivial for the worm’s owner to deliver any type of malware to any of the infected computers. Unfortunately, because of the way he used the DOUBLEPULSAR implant, one of the seven NSA hacking tools, other attackers can hijack its botnet and deliver their own malware as well. IOCs are available in a GitHub repo. Ars Technica quotes security researchers who say “there are at least three different groups that have been leveraging the NSA exploit to infect enterprise networks since late April… These attacks demonstrate that many endpoints may still be compromised despite having installed the latest security patch.”

Read more of this story at Slashdot.


Slashdot

Pwnd Aethra Routers Used To Brute-Force WordPress Sites

An anonymous reader writes: Security researchers found around 8,000 Aethra routers (with no admin passwords) as part of a botnet that attacked WordPress sites, trying to brute-force admin accounts. Most routers were deployed in enterprise networks in Italy. Each device could have be used to launch DDoS attacks with a capability between 1 to 10 Gbps for each device, based on the company’s bandwidth.

Things could be worse, though: Additional investigation also revealed that some of the routers were also susceptible to various reflected XSS and CSRF attacks that would also allow attackers to take control of the device, even if using different login credentials.

Using Shodan, a search engine for locating Internet-connected devices, researchers found over 12,000 of Aethra routers around the world, 10,866 in Italy alone, and over 8,000 of these devices were of the model detected in the initial brute-force attack (Aethra Telecommunications PBX series). At that time, 70% of these Aethra routers were still using their default login credentials

Read more of this story at Slashdot.


Slashdot

Why Patent Law Shouldn’t Block the Sale of Used Tech Products

An anonymous reader writes: Lexmark is best known for its printers, but even more important to its business is toner. Toner cartridges are Lexmark’s lifeblood, and they’ve been battling hard in court to protect their cashflow. The NY Times has published an editorial arguing that one of their recent strategies is bogus: making patent infringement claims on companies who refill used cartridges. Think about that, for a moment: Lexmark says that by taking one of their old, empty cartridges, refilling it with toner, and then selling it somehow infringes upon their patents to said cartridges. “This case raises important questions about the reach of American patent law and how much control a manufacturer can exert after its products have been lawfully sold. Taken to their logical conclusion, Lexmark’s arguments would mean that producers could use patent law to dictate how things like computers, printers and other patented goods are used, changed or resold and place restrictions on international trade. That makes no sense, especially in a world where technology products and components are brought and sold numerous times, which is why the court should rule in favor of Impression.” The Times paints it as the latest attack on ownership in the age of DRM.

Read more of this story at Slashdot.


Slashdot

Maliciously Crafted MKV Video Files Can Be Used To Crash Android Phones

itwbennett writes: Just days after publication of a flaw in Android’s Stagefright, which could allow attackers to compromise devices with a simple MMS message, researchers have found another Android media processing flaw. The latest vulnerability is located in Android’s mediaserver component, more specifically in how the service handles files that use the Matroska video container (MKV), Trend Micro researchers said. “When the process opens a malformed MKV file, the service may crash (and with it, the rest of the operating system). The vulnerability is caused by an integer overflow when the mediaserver service parses an MKV file. It reads memory out of buffer or writes data to NULL address when parsing audio data.”

Read more of this story at Slashdot.


Slashdot

What’s the Oldest Technology You’ve Used In a Production Environment?

itwbennett writes: Sometimes it’s a matter of ‘if it ain’t broke, don’t fix it,’ sometimes corporate inertia is to blame, but perhaps even more often what keeps old technology plugging away in businesses large and small is the sense that it does a single, specific job the way that someone wants it done. George R.R. Martin’s preference for using a DOS computer running WordStar 4 to write his Song of Ice and Fire series is one such example, but so is the hospital computer whose sole job was to search and print medical images, however badly or slowly it may have done the job. We all have such stories of obsolete tech we’ve had to use at one point or another. What’s yours?

Read more of this story at Slashdot.


Slashdot

Paper-Based 3D Printing Used To Reconstruct Bust Of 11th Century Cambodian King

To combat the loss of such artifacts, Eric Lemaresquier uses 3D scanning and printing technology expertise to restore such objects and make certain they’re not entirely lost to future generations.
Digg Top Stories

The Atrocity Propaganda Ben Franklin Used To Sway Public Opinion In America's Favor

Through these manufactured tales of atrocities perpetrated by Native Americans at the behest of the British, Franklin hoped to influence the mindset of the British public as he worked on negotiating the peace treaty that would formally end the conflict between Britain and the new United States.
Digg Top Stories

The CIA Used And Protected 1,000 Ex-Nazis During The Cold War

In the decades after World War II, the CIA and other United States agencies employed at least a thousand Nazis as Cold War spies and informants and, as recently as the 1990s, concealed the government’s ties to some still living in America, newly disclosed records and interviews show.
Digg Top Stories