Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
steve2470
steve2470's Journal
steve2470's Journal
November 16, 2017
The FBI and US Homeland Security have issued an alert about a new strain of malware infecting American corporate systems and stealing sensitive data.
The remote access trojan (RAT), dubbed Fallchill, is the work of a North Korean hacking group called Hidden Cobra, which some at US-CERT believe was responsible for the WannaCry ransomware outbreak. Businesses are urged to remove Fallchill as "the highest priority." The Feds have published a list of IP addresses of public-facing machines infected by the software nasty, and sets of network intrusion detection rules, so IT admins can quickly find out if they've been hit.
Fallchill essentially opens a backdoor into infiltrated corporations, allowing its masterminds – likely to be Kim Jong-un's North Korean government – to extract highly confidential blueprints and other documents.
"According to trusted third-party reporting, HIDDEN COBRA actors have likely been using FALLCHILL malware since 2016 to target the aerospace, telecommunications, and finance industries," the Feds' warning states. "The malware is a fully functional RAT with multiple commands that the actors can issue from a command and control (C2) server to a victim’s system via dual proxies."
Crouching cyber Hidden Cobra: US warns (North Korean) hackers are at it again with new software
http://www.theregister.co.uk/2017/11/15/hidden_cobra_north_korea_malware_fallchill/The FBI and US Homeland Security have issued an alert about a new strain of malware infecting American corporate systems and stealing sensitive data.
The remote access trojan (RAT), dubbed Fallchill, is the work of a North Korean hacking group called Hidden Cobra, which some at US-CERT believe was responsible for the WannaCry ransomware outbreak. Businesses are urged to remove Fallchill as "the highest priority." The Feds have published a list of IP addresses of public-facing machines infected by the software nasty, and sets of network intrusion detection rules, so IT admins can quickly find out if they've been hit.
Fallchill essentially opens a backdoor into infiltrated corporations, allowing its masterminds – likely to be Kim Jong-un's North Korean government – to extract highly confidential blueprints and other documents.
"According to trusted third-party reporting, HIDDEN COBRA actors have likely been using FALLCHILL malware since 2016 to target the aerospace, telecommunications, and finance industries," the Feds' warning states. "The malware is a fully functional RAT with multiple commands that the actors can issue from a command and control (C2) server to a victim’s system via dual proxies."
November 15, 2017
In a bizarre incident, an Indian adventurer has declared himself the ruler of an unclaimed strip of land in North Africa and is encouraging parties to apply for citizenship.
Hailing from Indore, the 24-year-old businessman travelled 319 km to Bir Tawil – an 800-square-mile strip of land south of the Egyptian border and the only place on Earth where humans can live and survive that is not a part of any state or country – and declared it his own.
On November 7, he added a life event on Facebook that read:
"I, Suyash Dixit, first of my name and the protector of the realm, declare myself as the king of “Kingdom of Dixit”. I call myself, King Suyash First from today. I declare this unclaimed land of Bir Tawil as my country from now to the eternity of time. I pledge to continue to work for the prosperity of my people of the country and this motherland."
Bizarre! Indore man declares himself King of 800-square-mile unclaimed land on Egypt-Sudan border
http://www.indiatvnews.com/news/world-bizarre-indore-man-declares-himself-king-of-800-square-mile-unclaimed-land-on-egypt-sudan-border-412151In a bizarre incident, an Indian adventurer has declared himself the ruler of an unclaimed strip of land in North Africa and is encouraging parties to apply for citizenship.
Hailing from Indore, the 24-year-old businessman travelled 319 km to Bir Tawil – an 800-square-mile strip of land south of the Egyptian border and the only place on Earth where humans can live and survive that is not a part of any state or country – and declared it his own.
On November 7, he added a life event on Facebook that read:
"I, Suyash Dixit, first of my name and the protector of the realm, declare myself as the king of “Kingdom of Dixit”. I call myself, King Suyash First from today. I declare this unclaimed land of Bir Tawil as my country from now to the eternity of time. I pledge to continue to work for the prosperity of my people of the country and this motherland."
November 15, 2017
Advocates cried and cheered as Orange County commissioners unanimously voted to allow medical marijuana dispensaries in the county at their meeting Tuesday night.
The vote halts the tide of Central Florida cities — including several in Orange County — that have banned dispensaries because of the restrictions placed upon them by the Florida Legislature.
In what Mayor Teresa Jacobs called a “poison pill,” the Legislature passed a law allowing dispensaries but also mandated that cities and counties couldn’t regulate them any more than pharmacies. The controversial provision came even though more than 70 percent of Florida voters approved medical marijuana in a November 2016 referendum.
But despite those concerns, commissioners said they did not want to go against the wishes of the people of Florida. More than two dozen gave emotional testimony in favor of approval.
Teresa Jacobs needs to be defeated, poison pill my ass.
Orange County decides to allow medical marijuana dispensaries
http://www.orlandosentinel.com/news/politics/political-pulse/os-medical-marijuana-orange-20171114-story.htmlAdvocates cried and cheered as Orange County commissioners unanimously voted to allow medical marijuana dispensaries in the county at their meeting Tuesday night.
The vote halts the tide of Central Florida cities — including several in Orange County — that have banned dispensaries because of the restrictions placed upon them by the Florida Legislature.
In what Mayor Teresa Jacobs called a “poison pill,” the Legislature passed a law allowing dispensaries but also mandated that cities and counties couldn’t regulate them any more than pharmacies. The controversial provision came even though more than 70 percent of Florida voters approved medical marijuana in a November 2016 referendum.
But despite those concerns, commissioners said they did not want to go against the wishes of the people of Florida. More than two dozen gave emotional testimony in favor of approval.
Teresa Jacobs needs to be defeated, poison pill my ass.
November 12, 2017
(this is an account by a reddit poster, not me)
I'm ba-ack! Yes, I left a cryptic message in my last post about our coworker going insane. I admit, I may have been just a bit hyperbolic to cause anticipation, but I reserve my right to literary license for funsies. Anyway, on to the tale:
This was many years ago, around the same time as my previous posts, and involved the consulting company I (and Mark and Pink) worked for at the time (let's call it $ConsCo), a couple of good developers who also worked at $ConsCo ($D1 and $D2 for simplicity), and a client of ours (let's say $WorldCo).
I can't say much at all about $WorldCo without flat out identifying them. Suffice to say that they tried to do good things for people all over the world, which meant they had consultants-slash-employees all around the world, often in rural areas in developing countries. They came to us with a problem for which they needed a solution. We had worked with employees of $WorldCo before, so we got recommended and got the job.
This particular problem involved $WorldCo's consultants and the fact that they were frequently off the grid. They needed a system that would be able to securely sync forms and files from their laptops to a central server when they did come back online. This was long ago when likely those laptops had Windows 98, or maybe Windows 2000 on them. Much before the availability of any real off-the-shelf solutions. We actually recommended they use Lotus Notes, since it could do pretty much what they wanted with just a bit of development work. They had some issue with Notes, though, and didn't want to use it, so it was up to us to engineer something else.
have a couple more stories waiting in the wings.)
eta: there is a copyright on this sub-reddit, so only 4 paragraphs.
https://www.reddit.com/r/talesfromtechsupport/ more potentially interesting stories there
Tales from Tech Support: Client drives software developer over the edge
https://www.reddit.com/r/talesfromtechsupport/comments/6yggpa/the_one_where_our_coworker_snaps/(this is an account by a reddit poster, not me)
I'm ba-ack! Yes, I left a cryptic message in my last post about our coworker going insane. I admit, I may have been just a bit hyperbolic to cause anticipation, but I reserve my right to literary license for funsies. Anyway, on to the tale:
This was many years ago, around the same time as my previous posts, and involved the consulting company I (and Mark and Pink) worked for at the time (let's call it $ConsCo), a couple of good developers who also worked at $ConsCo ($D1 and $D2 for simplicity), and a client of ours (let's say $WorldCo).
I can't say much at all about $WorldCo without flat out identifying them. Suffice to say that they tried to do good things for people all over the world, which meant they had consultants-slash-employees all around the world, often in rural areas in developing countries. They came to us with a problem for which they needed a solution. We had worked with employees of $WorldCo before, so we got recommended and got the job.
This particular problem involved $WorldCo's consultants and the fact that they were frequently off the grid. They needed a system that would be able to securely sync forms and files from their laptops to a central server when they did come back online. This was long ago when likely those laptops had Windows 98, or maybe Windows 2000 on them. Much before the availability of any real off-the-shelf solutions. We actually recommended they use Lotus Notes, since it could do pretty much what they wanted with just a bit of development work. They had some issue with Notes, though, and didn't want to use it, so it was up to us to engineer something else.
have a couple more stories waiting in the wings.)
eta: there is a copyright on this sub-reddit, so only 4 paragraphs.
https://www.reddit.com/r/talesfromtechsupport/ more potentially interesting stories there
November 12, 2017
Fancy Bear, the advanced hacking group researchers say is tied to the Russian government, is actively exploiting a newly revived technique that gives attackers a stealthy means of infecting computers using Microsoft Office documents, security researchers said this week.
Fancy Bear is one of two Russian-sponsored hacking outfits researchers say breached Democratic National Committee networks ahead of last year's presidential election. The group was recently caught sending a Word document that abuses a feature known as Dynamic Data Exchange. DDE allows a file to execute code stored in another file and allows applications to send updates as new data becomes available.
In a blog post published Tuesday, Trend Micro researchers said Fancy Bear was sending a document titled IsisAttackInNewYork.docx that abused the DDE feature. Once opened, the file connects to a control server to download a first-stage of piece of malware called Seduploader and installs it on a target's computer. DDE's potential as an infection technique has been known for years, but a post published last month by security firm SensePost has revived interest in it. The post showed how DDE could be abused to install malware using Word files that went undetected by anti-virus programs.
A day after Trend Micro published its report about Fancy Bear, Microsoft posted an advisory explaining how Office users can protect themselves from such attacks. The easiest way to stay safe is to remain wary of unfamiliar messages that get displayed when opening a document. As SensePost first disclosed, before the DDE feature can be used, users will see a dialog box that looks something like the following:
(had to stop to comply with DU ToS, lots of good comments at the article)
New Microsoft Word attacks infect PCs sans macros
https://arstechnica.com/information-technology/2017/11/russia-linked-fancy-bear-attacks-abuse-macro-less-ms-word-to-infect-pcs/Fancy Bear, the advanced hacking group researchers say is tied to the Russian government, is actively exploiting a newly revived technique that gives attackers a stealthy means of infecting computers using Microsoft Office documents, security researchers said this week.
Fancy Bear is one of two Russian-sponsored hacking outfits researchers say breached Democratic National Committee networks ahead of last year's presidential election. The group was recently caught sending a Word document that abuses a feature known as Dynamic Data Exchange. DDE allows a file to execute code stored in another file and allows applications to send updates as new data becomes available.
In a blog post published Tuesday, Trend Micro researchers said Fancy Bear was sending a document titled IsisAttackInNewYork.docx that abused the DDE feature. Once opened, the file connects to a control server to download a first-stage of piece of malware called Seduploader and installs it on a target's computer. DDE's potential as an infection technique has been known for years, but a post published last month by security firm SensePost has revived interest in it. The post showed how DDE could be abused to install malware using Word files that went undetected by anti-virus programs.
A day after Trend Micro published its report about Fancy Bear, Microsoft posted an advisory explaining how Office users can protect themselves from such attacks. The easiest way to stay safe is to remain wary of unfamiliar messages that get displayed when opening a document. As SensePost first disclosed, before the DDE feature can be used, users will see a dialog box that looks something like the following:
(had to stop to comply with DU ToS, lots of good comments at the article)
November 12, 2017
Thought this was cool.
Neil deGrasse Tyson: "I love the smell of the universe in the morning"
https://twitter.com/neiltyson/status/929759236606824448Thought this was cool.
November 12, 2017
Feeling too hot ? -61 F (wind chill) at Summit Camp Greenland
https://www.wunderground.com/weather/gl/summit-camp
November 11, 2017
Strange bug in Twitter on 3 browsers now
Here is the bug:
https://twitter.com/donasarkar/status/929391524059549696
Try to see the replies to her. I cannot, on Edge, Chrome or Opera Beta so far. You normally see replies by left-clicking to the left of the quote icon. eta: add Firefox Nightly, Seamonkey, Vivaldi and Opera stable to that list.
Now see the difference here:
https://twitter.com/donasarkar/status/929370661465702400
If you click to the left of the quote icon, you can easily see the replies.
Ever seen this bug in Twitter before? I have not.
November 11, 2017
He has interesting maps like this one:
https://twitter.com/crankywxguy/status/929209171505041408
If you are a weather geek, consider following this guy on Twitter....
https://twitter.com/crankywxguyHe has interesting maps like this one:
https://twitter.com/crankywxguy/status/929209171505041408
November 7, 2017
A wonderfully sweet yellow Labrador retriever named Messy offered his neighbor, an anxious Siberian husky named Audi, an affectionately comforting hug over the wooden fence. Audi had escaped from his front yard when his human inadvertently left the gate open and immediately ran over to see his reassuring canine friend. Oranit Kittagul, Messy’s human told The Dodo that the two dogs had been communicating with each other for a while, but this was the first time they met face to face.
A Gentle Yellow Lab Gives a Neighboring Siberian Husky a Comforting Hug Across a Wooden Fence
https://laughingsquid.com/yellow-labrador-gives-siberian-husky-hug/A wonderfully sweet yellow Labrador retriever named Messy offered his neighbor, an anxious Siberian husky named Audi, an affectionately comforting hug over the wooden fence. Audi had escaped from his front yard when his human inadvertently left the gate open and immediately ran over to see his reassuring canine friend. Oranit Kittagul, Messy’s human told The Dodo that the two dogs had been communicating with each other for a while, but this was the first time they met face to face.
When he [Audi] feels lonely and cries, I always ask my dog to see and talk to him…My dog just looks from my fence and sometime he barks to [Audi]. I don’t know what they are communicating, but he stops crying. …He ran to my dog and they hugged each other.
Profile Information
Gender: Do not displayMember since: Sat Oct 16, 2004, 01:04 PM
Number of posts: 37,457
