Categories
security

Bruce Schneier: ‘The internet era of fun and games is over’

Cybersecurity expert Bruce Schneier’s take and warning of the current state of the Internet, particularly IoT. While he is coming from a neutral position, some fear that people with agenda will use this to create regulations that restrict freedom and make the current situation worse.

As the chairman pointed out, there are now computers in everything. But I want to suggest another way of thinking about it in that everything is now a computer: This is not a phone. It’s a computer that makes phone calls. A refrigerator is a computer that keeps things cold. ATM machine is a computer with money inside. Your car is not a mechanical device with a computer. It’s a computer with four wheels and an engine… And this is the Internet of Things, and this is what caused the DDoS attack we’re talking about.

Source: Bruce Schneier: ‘The internet era of fun and games is over’

Categories
security

New security camera compromised by worm within minutes of installation (twitter.com)

The IoT botnet is gaining both speed as well as volume. A security researcher had a CCTV hacked within minutes of setup. The worm was also smart enough to close the loophole to prevent other worms from infecting it.

Categories
Uncategorized

Microsoft announces the next version SQL Server for Windows and Linux

The love for Linux continues under Nadella’s stewardship. Microsoft SQL Server now available on Linux. Who would have thought. In separate news, Microsoft joins Linux foundation.

Microsoft’s announcement that it was bringing its flagship SQL Server database software to Linux came as a major surprise when the company first announced..

Source: Microsoft announces the next version SQL Server for Windows and Linux

Categories
security

Surveillance Self-Defense

Survival skills in the modern digital world. Someone should turn this into a mandatory course in school.

Tips, Tools and How-tos for Safer Online Communications

Source: Surveillance Self-Defense

Categories
Uncategorized

Play DOS games online

Modern computers and web browsers have gotten powerful enough to allow you to enjoy those old DOS games in your browser! No need to download anything.

capture

Archon for DOS

Source: Play DOS games online

Categories
security

IoT Goes Nuclear: Creating a ZigBee Chain Reaction

IoT is increasingly becoming a dirty word for botnet.

Researchers have found ways to hijack a specific type of IoT device – the popular Philips Hue lamp – via ZigBee to do what they want, and make the attack spread wirelessly.

The worm spreads by jumping directly from one lamp to its neighbors, using only their built-in ZigBee wireless connectivity and their physical proximity. The attack can start by plugging in a single infected bulb anywhere in the city, and then catastrophically spread everywhere within minutes, enabling the attacker to turn all the city lights on or off, permanently brick them, or exploit them in a massive DDOS attack.

– IoT Goes Nuclear: Creating a ZigBee Chain Reaction

Categories
sysadmin

Visual Studio Code September 2016 1.6

LOL. Microsoft accidentally “DDoS” npmjs.org in the new VS Code release. This is due to a feature in VS Code 1.7 sending a lot of non-cacheable requests. Thankfully they responded quickly and reverted VS Code to the old version.

These typings files drive the IntelliSense (code completions) experience in VS Code. The feature was so great that we started to overload the npmjs.org service.

Source: Visual Studio Code September 2016 1.6

Categories
security

“Most serious” Linux privilege-escalation bug ever is under active exploit (updated)

This is serious. Dubbed “Dirty Cow“, there are already exploit kits out there for Android and possibly others.

Lurking in the kernel for nine years, flaw gives untrusted users unfettered root access.

Source: “Most serious” Linux privilege-escalation bug ever is under active exploit (updated)

Categories
security

Singapore telco StarHub says hit by cyber attacks | Reuters

A massive DDoS attack on key DNS infrastructure happened last Friday. It appears that one of Singapore’s telco – Starhub – was also under attacked on Saturday and Monday. There was no further information whether it is from the same attackers or whether it was a copycat attack.

The company said it analysed network logs of the disruptions and found that it had experienced intentional and likely malicious distributed denial-of-service (DDoS) attacks on its domain name servers (DNS).

Source: UPDATE 1-Singapore telco StarHub says hit by cyber attacks | Reuters

Categories
security

Why Friday’s Massive DDoS Attack Should be Terrifying

Well, it didn’t take long to up the ante.
Major websites were down for a period of time due to DDoS attack. This time featuring tens of millions of IoT devices.