Security News
The phones in trees seem to serve as master devices that dispatch routes to multiple nearby drivers in on the plot, according to drivers who have observed the process. They believe an unidentified person or entity is acting as an intermediary between Amazon and the drivers and charging drivers to secure more routes, which is against Amazon's policies.
The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country's Ministry of Intelligence and Security for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors. According to the U.S. Treasury and the Federal Bureau of Investigation, the sanctions target Rana Intelligence Computing Company, which the agencies said operated as a front for the threat group APT39, Iranian cyber espionage hacking collective active since 2014 known for its attacks on companies in the U.S. and the Middle East with an aim to pilfer personal information and advance Iran's national security objectives.
As you can probably tell from the name, it involves Windows - everyone else talks about logging in, but on Windows you've always very definitely logged on - and it is an authentication bypass, because it lets you get away with using a zero-length password. On a Windows network, the secret component is the domain password of the computer you're connecting from.
APT41 is known for nation-state-backed cyber-espionage activity as well as financial cybercrime. "Their activity traces back to 2012, when individual members of APT41 conducted primarily financially motivated operations focused on the video-game industry, before expanding into traditional espionage, most likely directed by the state. APT41's ability to successfully blend their criminal and espionage operations is remarkable."
Two people have been arrested in Malaysia as part of America's crackdown on the Chinese government's hackers. The two men, both Malaysian nationals, are not accused of breaking into computer networks.
Security researchers with Intel 471 have identified connections between cyber-activities attributed to North Korean hackers and those of Russian cybercriminals. In a report published today, Intel 471 says malware that only the North Korean hackers use "Was very likely delivered via network accesses held by Russian-speaking cybercriminals."
In the animation above, you can see how double-clicking a.theme file launches the Windows Settings app, automatically navigates to the Preferences > Themes section, and then opens, copies, selects and renders the new wallpaper file justatest. As Bohops and others have pointed out, you can use a Windows UNC path instead of a website name in a Theme file, which tells Windows to use its file-based networking instead of a regular HTTP connection to retrieve the file.
The company Edgenuity sells AI systems for grading tests. Turns out that they just search for keywords without doing any actual semantic analysis.
A former Cisco employee has pleaded guilty to hacking charges related to him accessing the networking giant's systems and causing damage. A few months after he resigned from the company, he gained unauthorized access to Cisco's AWS cloud infrastructure and deployed code that caused over 450 virtual machines associated with the Cisco Webex Teams application to be deleted.
Tyler C. King, a 31-year-old from Dallas, Texas, was sentenced this week to 57 months in prison for crimes related to the hacking of an unnamed major tech company based in New York. According to the Justice Department, King gained access to the technology firm's systems in 2015 with the help of Ashley St. Andria, who at the time was an employee of the company.