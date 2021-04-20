Proprietary Software and Security
Pipeline [crackers] say they want money, not mayhem [iophk: Windows TCO]
Reuters reports that the group, dubbed DarkSide, posted on its website that “our goal is to make money, and not creating problems for society." The group did not say how much money they were demanding. They added they were "apolitical," saying observers "do not need to tie us" to any particular government.
EnergyPipeline [crackers] say their aim is cash, not chaos
The ransomware gang accused of crippling the leading U.S. fuel pipeline operator said on Monday that it never meant to create havoc, an unusual statement that experts saw as a sign the cybercriminals' scheme had gone awry.
Biden leading 'whole of government' response to Colonial Pipeline attack
Biden’s remarks came days after Colonial Pipeline, which transports around 45 percent of oil used on the East Coast, announced it had been forced to shut down all operations after its IT systems were hit by a ransomware attack.
The FBI said Monday that the company had been targeted by the “DarkSide” ransomware variant, and that cyber criminals were behind the incident, which is likely the largest successful cyberattack on a U.S. utility in history.
Colonial hack: How did cyber-attackers shut off pipeline? [iophk: Windows TCO]
In the past, criminals have cause mayhem after finding their way into the software programs responsible for operational technology.
Ransomware Attack That Halted US Fuel Pipeline a 'Criminal Act,' Biden Says [iophk: Windows TCO]
Biden, responding to a reporter’s question after he concluded his prepared statement about whether there is any evidence of involvement of Russia’s government, replied: “I’m going to be meeting with President (Vladimir) Putin. And so far, there is no evidence based on — from our intelligence people that Russia is involved.”
US pipeline attackers appear to have bitten off more than they can chew [iophk: Windows TCO]
The affiliate of ransomware operator DarkSide, the Windows malware that was used to attack the US Colonial Pipeline Company, appears to have taken on a target that was outside the parameters set down by the operator, judging from a statement made by the operator on its site on the dark web.
The cybersecurity ‘pandemic’ that led to the Colonial Pipeline disaster [iophk: Windows TCO]
The frequency and severity of attacks against utility systems is on the rise, according to the National Regulatory Research Institute. Fifty-six percent of utility professionals surveyed by Siemens in 2019 said they had experienced at least one attack over the previous year that led to an outage or a loss of private information. More than a third of the 796 “cyber incidents” reported to the Department of Homeland Security between 2013 and 2015 took place in the energy sector.
Online Cheating Charges Upend Dartmouth Medical School
At the heart of the accusations is Dartmouth’s use of the Canvas system to retroactively track student activity during remote exams without their knowledge. In the process, the medical school may have overstepped by using certain online activity data to try to pinpoint cheating, leading to some erroneous accusations, according to independent technology experts, a review of the software code and school documents obtained by The New York Times.
Dartmouth’s drive to root out cheating provides a sobering case study of how the coronavirus has accelerated colleges’ reliance on technology, normalizing student tracking in ways that are likely to endure after the pandemic.
While universities have long used anti-plagiarism software and other anti-cheating apps, the pandemic has pushed hundreds of schools that switched to remote learning to embrace more invasive tools. Over the last year, many have required students to download software that can take over their computers during remote exams or use webcams to monitor their eye movements for possibly suspicious activity, even as technology experts have warned that such tools can be invasive, insecure, unfair and inaccurate.
Apple Faces U.K. Class Action for Overcharging 20 Million Users
Apple’s 30% standard fee is “excessive” and “unlawful” the claimants said in a press release Tuesday. The claim, filed at London’s Competition Appeal Tribunal on Monday, calls for the U.S. firm to compensate U.K. iPhone and iPad users for years of alleged overcharging.
Epic and Apple are now fighting over a naked banana
And despite Apple and Epic’s often very funny debate over the definition of a game, the case will probably hinge on drier-sounding questions like those discussed by Epic’s first expert witness, the economist David Evans.
Evans argued that Apple is running an unfair single-brand monopoly: basically, it sells pricey devices that lock users into an ecosystem with no reasonable alternatives for getting certain apps, beyond tossing their phone or tablet and spending hundreds or thousands of dollars on a new one. Developers can offer cheaper in-app purchases on the web or a different platform, but Apple won’t let iOS apps direct users to these savings.
LFCA: Basic Security Tips to Protect Linux System – Part 17
Now more than ever, we are living in a world where organizations are constantly bombarded by security breaches motivated by the acquisition of highly sensitive and confidential data which is highly valuable and makes for a huge financial reward.
It’s rather surprising that despite being at a high risk of suffering from a potentially devastating cyberattack, most companies are not well prepared or simply overlook the red flags, often with devastating consequences.
Fintech Startup Offers $500 for Payroll Passwords
IBM/Red Hat/Fedora: LinuxONE, Node, and Fedora Security
Beelink GK Mini is a compact desktop for about $200
Beelink’s newest little computer is a 4.5″ x 4″ x 1.7″ PC with a quad-core Intel Celeron J4125 Gemini Lake Refresh processor, 8GB of RAM, and a 128GB SSD. The Beelink GK Mini also has two HDMI ports and an Ethernet jack. And while the system ships with Windows 10, it should support other operating systems – Beelink is an official partner of the Manjaro Linux team, and developer say they’re already working to ensure that Manjaro runs smoothly on the GK Mini.
Mozilla: mozregression, Security, SUMO, Spidermonkey, and WebAssembly
Is Slackware the Right Linux Distribution for You? What You Need to Know
Debian might be the oldest popular distribution but it's tied with Slackware as the oldest one still in existence. The Slackware project started in 1992, a year after Linux was initially released, as a way to install a Linux system that already included some core packages: the kernel, the X Window System, and other utilities. Since then, the distribution honestly hasn't changed much. Its maintainers seem to have an "If it ain't broke, don't fix it" mentality in their design decisions. Patrick Volkerding created Slackware out of his frustrations with what was the most popular early Linux distro, Softland Linux System (SLS). SLS was widely used among the early Linux community, but it was buggy. Volkerding, a computer science student at Minnesota State University Moorhead, decided to start his own distribution. Debian and OpenSUSE have similar roots in their founders becoming frustrated with SLS, so SLS in some way may be a common ancestor to most modern Linux distros. Volkerding was a member of the parody religion, Church of the SubGenius, and decided to name his new distro "Slackware" in reference to the SubGenius concept of "slack," and the rest is history. The SubGenius connection furthered with the logo of Tux with SubGenius mascot J.R. "Bobb" Dobbs' iconic pipe. Volkerding still exerts a lot of influence over the project to this day as its BDFL or Benevolent Dictator For Life. The pace of releases slowed down in the 2000s owing to Volkerding's health issues. The current LTS release as of this writing is 14.2, released in 2016.
