Posts

Showing posts with the label #2019-Sep

Microsoft: New Nodersok malware has infected thousands of PCs

Image
  New Nodersok malware installs Node.js to turn systems into proxies, perform click-fraud. Thousands of Windows computers across the world have been infected with a new strain of malware that downloads and installs a copy of the Node.js framework to convert infected systems into proxies and perform click-fraud. The malware, named Nodersok (in a  Microsoft report ) and Divergent (in a  Cisco Talos report ), was first spotted over the summer, distributed via malicious ads that forcibly downloaded HTA (HTML application) files on users' computers. Users who found and ran these HTA files started a multi-stage infection process involving Excel, JavaScript, and PowerShell scripts that eventually downloaded and installed the Nodersok malware. The malware itself has multiple components, each with its own role. There's a PowerShell module that tries to disable Windows Defender and Windows Update, and there's a component for elevating the malware's permissions to SYSTEM level. But

Google's public image disconnect: Smart engineers and dumb algorithms

Image
  Google's search technologies struggle to identify original news stories. Google looks smart and its people behave smart, but that doesn't mean its algorithms are smart. Machine learning works well when it comes to images, not language. Google's dirty little secret is that its algorithms are quite dumb and have trouble understanding what they see and read. Take this example of Google recently saying that its search algorithm will be trained to highlight original news stories such as scoops and investigative pieces... Marc Tracy in  The New York Times  reports : "After weeks of reporting, a journalist breaks a story. Moments after it goes online, another media organization posts an imitative article recycling the scoop that often grabs as much web traffic as the original. Publishers have complained about this dynamic for years…" This has been a problem since Google News launched in September 2002. Finally, the head of Google News,  Richard Gingras , has responded:

IoT security: Now dark web hackers are targeting internet-connected gas pumps

Image
  As more and more devices get connected to the Internet of Things, researchers say compromising pumps has become a hot topic on cyber criminal forums. Cyber criminals are increasingly turning their attention to hacking Internet of Things devices as connected products proliferate – and there's one smart device in particular that is catching hackers' attention. While routers remain the top target for IoT-based cyberattacks, there's a lot of discussion in underground forums about compromising internet-connected gas pumps. This new target was uncovered by by researchers at Trend Micro, which carried out an examination of  dark web marketplaces  in five different languages – Russian, Portuguese, English, Arabic, and Spanish. The  Internet of Things in the Cybercrime Underground   report describes how the Russian market is the most sophisticated of the underground communities and one in which cyber criminals are keen to make money from attacks and exploits. One way this is alrea

Google and YouTube part with $170 million to settle alleged violations of kid's privacy

Image
  Targeting Youtube channels at kids lands Google on wrong side of Children's Online Privacy Protection Act (COPPA). Google and YouTube will pay $170 million to settle a case with the US Federal Trade Commission and New York Attorney General that alleges the tech giant illegally collected the personal information of children. Under the  Children's Online Privacy Protection Act  (COPPA), owners of online services targeted at children need to gain parental consent before collecting data on persons under 13 years of age, which also includes the use of persistent identifying cookies. The FTC and New York Attorney General put forward the argument in a  complaint [PDF]  that YouTube channels created to target children needed to comply with COPPA. "The complaint notes that the defendants knew that the YouTube platform had numerous child-directed channels," the FTC said. "YouTube marketed itself as a top destination for kids in presentations to the makers of popular chil