Emmentaler pigeonholes

Emmental is a type of Swiss cheese that melts well and features a nutty, buttery flavor. It's one of two main kinds of cheese used for making fondue. Emmental has walnut-sized holes. The internet is like that. With extra holes.

Memcrached

The Memcached vulnerability has been used to create record-breaking distributed denial-of-service attacks. Memcached-based amplification/reflection attacks amplify the bandwidth of the DDoS attacks by a factor of around 50,000 by exploiting thousands of misconfigured Memcached servers that were left exposed on the Internet.

→ Read more...

Call for papers: Within limits

A great deal of computing research focuses on one particular type of future, one very much like the present, only more so. Often, looking forward assumes that current ever-increasing economic growth will continue. Not surprising, after a period of remarkable industrial and technological expansion. And there are a variety of planet-scale limits, the very matter, the consequences of which many people are already experiencing, yet not at “the top” or “in the computing field”, hence the signals go (mostly) ignored.

The Cassandra's among us (like me) may feel some relief with Within Limits (on the impact of present and future ecological, material, energetic, and societal limits on computing).

→ Read more...

Google fined by France

The CNIL’s restricted committee imposes a financial penalty of 50 Million euros against GOOGLE LLC because it agrees with complaints brought by activists: user consent is insufficient.

Under the GDPR, all companies, including tech giants like Google, must give users clear and comprehensive information about the data they collect from them. They must also give control to users and provide simple tools so that users can consent to having their personal information used. Opt-in instead of opt-out. According to the French regulator, Google failed on both accounts.


Chalubo

ChachaDDoS is a relatively new strain of malware used to wage denial-of-service attacks on other sites. The malware offers a variety of advanced features, including ways to prevent administrators from easily finding it on servers and analysing it. It runs on 32- and 64-bit ARM, x86, x86_64, MIPS, MIPSEL, and PowerPC. Researchers from Sophos described it as part of a newly discovered DDoS botnet they call Chalubo.

→ Read more...

VestaCP

October 2018, an altered installation script for the VestaCP control-panel interface was found by ESET. The interface is used by system administrators to manage servers. The altered script reports back generated admin credentials. An Internet scan from Censys shows that there are more than 132,000 unexpired related TLS certificates.

  • The hack most likely started by exploiting a critical vulnerability on the VestaCP server.
  • Attackers added the password-sniffing functions to the installation source code. VestaCP software already contained code sending statistical information from user servers back to the vestacp.com website. The hackers simply added code to include encoded passwords.
  • The hackers retrieved the passwords from the VestaCP server.
  • Using SSH, the attackers infected the with the passwords gained servers with ChachaDDoS, a relatively new strain of malware.

The modified installation script was visible in the VestaCP source code management on GitHub between May 31 and June 13. And this is from April, long before May, and this is a snapshot of continued problems from September, well after June.


Colourama

October 2018 the PyPI repo is found tainted again. Colourama, when run on Windows servers, adds a script which monitors the server’s clipboard for signs that a user is about to make a cryptocurrency payment and if so, diverts the payments from the wallet address contained in the clipboard to an attacker-owned wallet. Bertus reports it has probably been downloaded 55 times, and is possibly in use in software that has incorporated it.

→ Read more...

Older entries >>