Good grief! Has no one learned from Sony’s rootkit incident yet? If you are a Lenovo owner, you may want to check if there’s a Superfish certificate in your certificate chain by running certmgr.msc. Other than injecting unwanted ads in your browser, in theory the adware could sniff on your banking transactions ‘cos it’s performing a MiTM on your HTTPS.
The greatest bank robbery of all times? Some says hundreds of millions have been stolen, some say up to 1 billion. Given the extent of attack, it could be hard to know the exact amount. But one thing is clear, we have come a long way since the playful days of prank worms and viruses. Cyber criminals are now extremely well-organized, funded and motivated by huge monetary rewards.
A stunning look at the extent some organizations would go to achieve its objectives. From a technical perspective, it’s brilliant. This will no doubt be used as a template for other state actors to follow, as some already did earlier.
How “omnipotent” hackers tied to NSA hid for 14 years—and were found at last | Ars Technica.
A break from the usual cybersecurity stories. Here’s a nice one on obfuscated C, if you can call it that.
$ cat test.c
const int main[] = {
-443987883, 440, 113408, -1922629632,
4149, 899584, 84869120, 15544,
266023168, 1818576901, 1461743468, 1684828783,
-1017312735
};
$ gcc test.c -o a.out
$ ./a.out
Hello World!
Yes I tested and it works. Want to know how it works? Here’s the link:
Main is usually a function. So then when is it not?.
I knew about Gluster File system, but it’s the first time I heard of Bees with Machine Guns! This article provides an insider’s view on how an online magazine company scale up their back-end to prepare for Kim Kardashian’s backend ;-). If you are a sysadmin or web engineer I bet some parts of the article will make you smile.
How PAPER Magazine’s web engineers scaled Kim Kardashian’s back-end (SFW) — The Message — Medium.
This is an amazing hardware+software hack. Next time you’re using a wireless keyboard, think where all the signals might be going.
KeySweeper is a stealthy Arduino-based device, camouflaged as a functioning USB wall charger, that wirelessly and passively sniffs, decrypts, logs and reports back (over GSM) all keystrokes from any Microsoft wireless keyboard in the vicinity.
An alarmist or realist view of where society is headed in terms of increasing loss of privacy and control? Read and judge for yourself.
This is another instance where damage is no longer limited to the digital world.
Cyberattack on German steel factory causes 'massive damage' | ITworld.
This is probably the most invasive hack of 2014. It has resulted in Sony canning the movie just before release. A big win for cyber-terrorists? Is this model of data terrorism going to be emulated for future hack attacks? Only time will tell.
Bruce Schneier: Sony Hackers 'Completely Owned This Company' | Motherboard.
