HomeLatest ThreadsGreatest ThreadsForums & GroupsMy SubscriptionsMy Posts
DU Home » Latest Threads » steve2470 » Journal
Page: « Prev 1 ... 11 12 13 14 15 16 17 18 19 20 21 ... 181 Next »

steve2470

Profile Information

Name: Steve
Gender: Male
Hometown: Florida
Home country: US
Current location: US
Member since: Sat Oct 16, 2004, 01:04 PM
Number of posts: 26,260

Journal Archives

Mind-reading DNS security analysis offers early warning for APT attacks

(original headline)

http://www.theregister.co.uk/2015/03/06/precog_dns_security/

The application of predictive algorithms to DNS data may be able to spot malware sites before they serve up nasties.

Security firm OpenDNS is applying ideas from natural language processing to automatically identify malicious domains using a prototype tool called NLPRank, as a blog post by the firm explains.

Utilising natural language processing (NLP), the predictive model identifies potentially malicious typo-squatting/targeted phishing domains. APT groups often use spear-phishing techniques and legitimate domain spoofing as an obfuscation technique to carry out their criminal campaigns.


NLPRank is designed to detect these fraudulent branded domains that often serve as C2 domains for targeted attacks. Our system utilises heuristics such as NLP, ASN mappings and weightings, WHOIS data patterns, and HTML tag analysis to classify these type of attack domains.

more at link above

Broadband routers: SOHOpeless and vendors don't care

http://www.theregister.co.uk/2015/03/05/broadband_routers_sohopeless_and_vendors_dont_care

(yes that's the original article title)

Home and small business router security is terrible. Exploits emerge with depressing regularity, exposing millions of users to criminal activities.

Many of the holes are so simple as to be embarrassing. Hard-coded credentials are so common in small home and office routers, comparatively to other tech kit, that only those with tin-foil hats bother to suggest the flaws are deliberate.

Hacker gang Lizard Squad crystallised the dangers and opportunities presented by router vulnerabilities when over the Christmas break they crafted a slick paid denial of service stresser service that operated on hacked boxes. Customers were found paying to flood targets of choice with gigabits of bandwidth stolen from what the black hats claimed were a fleet of half a million vulnerable and subsequently hacked routers.

A year earlier, security boffins at Team Cymru warned that an unknown ganghad popped 300,000 routers in a week, altering the DNS settings to point to malicious web entities. Those routers were hacked through a self-propagating worm (PDF) that researchers had already warned about, but not yet seen. It used a mix of brute force password guessing of web admin consoles, cross-site request forgery, and known un-patched vulnerabilities.

more at link above

Obama criticises China's mandatory backdoor tech import rules

http://www.theregister.co.uk/2015/03/05/obama_criticises_china_tech_rules_backdoor_terrorism/

US prez Barack ‪Obama has criticised China's new tech rules‬, urging the country to reverse the policy if it wants a business-as-usual situation with the US to continue.

As previously reported, proposed new regulations from the Chinese government would require technology firms to create backdoors and provide source code to the Chinese government before technology sales within China would be authorised.

China is also asking that tech companies adopt Chinese encryption algorithms and disclose elements of their intellectual property.

The new requirements, laid out in a 22-page document approved late last year, are supposedly geared towards strengthening the cyber security of critical Chinese industries and guarding against terrorism.

more at link above

Colder in Detroit than Fairbanks, AK

Detroit: 9 F

Fairbanks: 28 F

Just weird.

The Only Email System The NSA Can't Access

eta: That's the original article title, I'm not making that claim of course.

https://protonmail.ch/

Interesting article, highly recommended.

FWIW, they get a grade of A to A+ at Qualys.

Ben Carson: Prisons prove being gay is a choice

http://www.cnn.com/2015/03/04/politics/ben-carson-prisons-gay-choice

Ben Carson: homophobic and dumb. Nuff said.

Washington (CNN)Ben Carson says homosexuality is a choice because many people "go into prison straight -- and when they come out, they're gay."

The neurosurgeon and potential Republican candidate for president in 2016 made the comment in an interview with CNN's Chris Cuomo that aired Wednesday on "New Day."

Asked whether being gay is a choice, Carson responded: "Absolutely."

"Because a lot of people who go into prison go into prison straight -- and when they come out, they're gay. So, did something happen while they were in there? Ask yourself that question," Carson said.


video at link

Still colder in Chicago than in Alaska....

What's up with that ?

Anchorage = 33 F

Chicago = 24 F

Buffalo's $1 homes aren't as cheap as they seem

http://money.cnn.com/2015/03/03/real_estate/buffalo-1-homes/index.html?sr=fbmoney030315dollarhomes1215story



Paying $1 for a house may seem too good to be true -- and, in many cases, it is.

In Buffalo, New York, the city is selling vacant properties for a buck to those willing to fix them up and live in them for a few years.

Buffalo's Urban Homesteading Program, which has been around for almost four decades now, requires buyers to fix any code violations within 18 months and live in the home for at least three years. In return, the owner can live off just a few hundred dollars in property taxes, insurance and other costs each year.

Yet, as a attractive as it may seem, fewer than 10 buyers close $1 sales each year, according to city officials.

more at link

Guess where the random images are (website game)

https://geoguessr.com/

You click the small map in the lower right hand corner in the area where you think the image is, then click "Make Guess". My first guess was only off by 6000 miles LOL

Apple Pay a haven for 'rampant' credit card fraud, say experts

http://www.theregister.co.uk/2015/03/03/apple_pay_plastic_fraud/

Apple and its banker pals may have inadvertently lowered the barrier to credit card fraud by adding pay-by-wave technology to iPhones, security experts fear.

Payment cards can be added to Apple Pay by taking a photo of the card, and allowing a device to run optical character recognition over the image to fill out the long card number, expiry dates and other details. These numbers can be entered manually, so physical access to a card is not needed.

After a credit or debit card is added to an iPhone's Apple Pay, the details are encrypted and sent to banks along with records on the user's iTunes account activity, transaction history and physical whereabouts, as explained in its Apple Pay support page here.

These records are used by banks to decided whether to approve adding a card to Apple Pay or to request further checks over a followup phone call. The aim is to weed out people adding stolen cards to Apple Pay.

more at link above
Go to Page: « Prev 1 ... 11 12 13 14 15 16 17 18 19 20 21 ... 181 Next »