Secure your server FAST

AtomicSecured Linux

Slam the Online Scam

Superawesome site monitoring

Categories

Free goodies – every day!

Giveaway of the Day

Free stuff

Archives

Speedtest yourself

Speedtest.net Mini requires at least version 8 of Flash. Please update your client.

Stop Wildlife Crime

Monitor and protect your site

Sucuri Security

Visitor Stats

One Man’s Mini Symphony of Many Strings

If you don’t get along with your orchestra, screw ‘em. [Vladimir Pliassov] proves that you can play each of the virtuosic string instruments yourself, all at the same time (with the exception of the double bass of course).

For the life of me, I can’t imagine how long it took to get situated in this spider’s web of moving parts, but it’s impressive. With the help of this unique mechanical invention all his own, [Vladimir] is able to finger not only the neck of a violin and viola, but also a cello hoisted at an angel below his desk so that he can execute chords with his FEET. To help with the actual sound-making, a complex series of resinous fibers turn on a continuous mill of wooden beams and are tensioned ever so carefully over the bridge of each instrument. [Vladimir] controls which string is making contact with the turning fibers with a pulley wrapped around his thigh that rocks the body of the instrument back and forth.

[Vladimir] gives us an overview of his machine and how it works in the video below. If you’re itching to see it used for the purpose it was created for, well… there’s a video for that too. Even though the quality of the performance suffers a little due to the complicated nature of the setup, [Vladimir] is playing of all things, a piece for the pipe organ by J.S. Bach. Bach being hard mode in any case, let alone the one where you’re playing all the instruments yourself.

Thanks [tinkartank] for pointing out this unique invention. It’s definitely worthy of some awe!


Filed under: musical hacks

USBdriveby, how to compromise a PC with a $20 microcontroller

USBdriveby is a device designed to quickly and covertly install a backdoor and override DNS settings on an unlocked machine via USB.

The security experts Samy Kamkar (@SamyKamkar) has proposed a very interesting way to compromise an unlocked computer and deploy a backdoor on it simply by using a pre-programmed Teensy microcontroller.

The cheap ($20) pre-programmed Teensy microcontroller, dubbed USBdriveby, emulates a generic USB peripheral, like a keyboard or a mouse, when plugged into a machine.

USBdriveby

The pre-programmed Teensy microcontroller misuses the trust computers usually give USB devices to execute malicious applications that are used to compromise the machine.

“Specifically, when you normally plug in a mouse or keyboard into a machine, no authorization is required to begin using them. The devices can simply begin typing and clicking. We exploit this fact by sending arbitrary keystrokes meant to launch specific applications (via Spotlight/Alfred/Quicksilver), permanently evade a local firewall (Little Snitch), install a reverse shell in crontab, and even modify DNS settings without any additional permissions.” explains Kamkar.

The applications launched by the USBdriveby are able to evade the local defense, like firewall or IDS, install a reverse shell in crontab and modify DNS settings. without any additional permissions and without the machine detecting and blocking its actions.

The technical details about the creation of the USBdriveby tool are available on the official project’s page.

USBdriveby is a device you stylishly wear around your neck which can quickly and covertly install a backdoor and override DNS settings on an unlocked machine via USB in a matter of seconds. It does this by emulating a keyboard and mouse, blindly typing controlled commands, flailing the mouse pointer around and weaponizing mouse clicks.

In this project, we’ll learn how to exploit a system’s blind trust in USB devices, and learn how a $20 Teensy microcontroller can evade various security settings on a real system, open a permanent backdoor, disable a firewall, control the flow of network traffic, and all within a few seconds and permanently, even after the device has been removed.” states the official page of the project.

The USBdriveby attack is very insidious because it doesn’t request any additional permissions to run applications and without the target machine is able to detect any suspicious activity. Kamkar demonstrated that the USBdriveby works on Apple OS X systems, but the researcher confirmed that the attack can be easily modified to compromise Windows and Unix/Linux machines.

Kamkar explained that the USBdriveby could be easily ported on Arduino microcontrollers instead Teensy microcontrollers.

The experiment made Some Arduino microcontrollers can be also be used instead of a Teensy.

Below a Video POC of the USBdriveby attack:

If you are interested to proof the concept of hacking via USB, give a look to the BadUSB project, designed by Karsten Nohl and the srlabs team..

Pierluigi Paganini

(Security Affairs –  USBdriveby, hacking)

The post USBdriveby, how to compromise a PC with a $20 microcontroller appeared first on Security Affairs.

Brother Builds “Zerg-Berg” Coffee Table Media Server – 38(!) USB Drives

After [Travis]’s media server died a couple months ago, his brother [Nick] secretly plotted to replace it for Christmas. Admitting it to be an “asinine Rube Goldberg” arrangement, [Nick] wanted something custom and remarkable for his sibling. Rather than go the normal SATA route, 38 USB hot-swap laptop drives were clustered together inside a custom leather enclosure with a bronzed glass top.

[Nick] picked up 45 of the 500GB drives for only $350 and designed the project around those. He spent $1000 on matching metal docks for each of them, powered by $800 worth of PCIe quad independent USB controllers – no hubs. A $550 Xeon motherboard with 14 USB ports, 16GB of RAM, a basic video card and a 1000W power supply rounded out the electronics.

Under Windows 8.1 all drives are arranged in a single giant array under Storage Spaces, no raid.

Everything was built into a wood-framed coffee table wrapped in high-end leather that [Nick] spent 65 hours hand stitching himself. Fancy brass corner braces hold the frame square. All the wires were run underneath the table so the visible surfaces are clean and clear. The table structure is lifted up on legs made from half-inch square barstock bent into a hairpin and bolted to the underside.

All together [Travis]’s Zerg-Berg media server cost in the range of $4500. [Nick] intends it to be something that lasts him a very long time.

See the video below for [Nick]’s rationalization explanation of the hardware and methods chosen.


Filed under: computer hacks

Google is aware of NTP Exploits publicly available

Security researchers at Google have discovered several serious flaws affecting the NTP protocol, which are remotely exploitable by the attackers.

Security experts at Google have uncovered several serious flaws in the Network Time Protocol (NTP), including several buffer overflows that are remotely exploitable.

The Network Time Protocol is a networking protocol for clock synchronization between computer systems accross a network. According to the experts, all the versions of NTP prior to 4.2.8 are affected by the flaw.

The most concerning part of the discovery is that the experts have also found several exploits in the wild exploiting vulnerabilities.

A remote attacker could exploit vulnerabilities to compromise servers running older versions of the NTP protocol.

“Google Security Team researchers Neel Mehta and Stephen Roettger have coordinated multiple vulnerabilities with CERT/CC concerning the Network Time Protocol (NTP). As NTP is widely used within operational Industrial Control Systems deployments, NCCIC/ICS-CERT is providing this information for US Critical Infrastructure asset owners and operators for awareness and to identify mitigations for affected devices,” an advisory from ICS-CERT says.

“These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are publicly available.”

NTP.org issued an advisory which explains that a single packet could be enough to exploit a buffer overflow vulnerability in the NTP.

“A remote attacker can send a carefully crafted packet that can overflow a stack buffer and potentially allow malicious code to be executed with the privilege level of the ntpd process,” the advisory says.

It is not the first time that Network Time Protocol is targeted by the hackers, in the past criminal crews exploited it in the wild to run DDoS attacks taking advantage of a weakness in NTP to amplify DDoS attacks.

Earlier 2014, security researchers at Symantec have spotted a series of Network Time Protocol (NTP) reflection DDoS attacks during the Christmas Holidays.

In the following graph is reported the DDoS activity run by nearly 15000 IP addresses involved in the Network Time Protocol (NTP) reflection attack likely belonging to a botnet.

Network Time Protocol NTP reflection DDoS spike 2013 dec

The hackers exploit the NTP reflection attack, because it amplification factor that is nearly 1000. There’s more cause for alarm with NTP attacks because attackers get a better response rate.”

It is important to carefully review every network protocol that could be abused by hackers.

Pierluigi Paganini

(Security Affairs –  NTP protocol, hacking)

The post Google is aware of NTP Exploits publicly available appeared first on Security Affairs.

Enjoy the beautiful animated dynamic Christmas Night Wallpaper.

Who is waiting in the lovely creek side cabin on this snowy evening? They are staying nice as warm as you can tell from the animated smoke coming from the chimney. The creek gently flows while the snow continues to fall. All the Christmas lights blink in welcome.

Arduino Thermostat Includes Vacation Mode

When [William’s] thermostat died, he wanted an upgrade. He found a few off-the-shelf Internet enabled thermostats, but they were all very expensive. He knew he could build his own for a fraction of the cost.

The primary unit synchronizes it’s time using NTP. This automatically keeps things up to date and in sync with daylight savings time. There is also a backup real-time clock chip in case the Internet connection is lost. The unit can be controlled via the physical control panel, or via a web interface. The system includes a nifty “vacation mode” that will set the temperature to a cool 60 degrees Fahrenheit while you are away. It will then automatically adjust the temperature to something more comfortable before you return home.

[William’s] home is split into three heat zones. Each zone has its own control panel including an LCD display and simple controls. The zones can be individually configured from either their own control panel or from the central panel. The panels include a DHT22 temperature and humidity sensor, an LCD display, a keypad, and support electronics. This project was clearly well thought out, and includes a host of other small features to make it easy to use.


Filed under: Arduino Hacks, home hacks

Multiplexing Pi Cameras

The Raspberry Pi and its cool camera add-on is a great way to send images and video up to the Intertubes, but what if you want to monitor more than one scene? The IVPort can multiplex up to sixteen of these Raspi camera modules, giving the Pi sixteen different views on the world and a ridiculously high stack of boards connected to the GPIO header.

The Raspberry Pi’s CSI interface uses high-speed data lines from the camera to the CPU to get a lot of image data quickly. Controlling the camera, on the other hand, uses regular old GPIOs, the same kind that are broken out on the header. We’ve seen builds that reuse these GPIOs to blink a LED, but with a breakout board with additional camera connectors, it’s possible to use normal GPIO lines in place of the camera port GPIOs.

The result is a stackable extension board that splits the camera port in twain, allowing four Raspi cameras to be connected. Stack another board on top and you can add four more cameras. A total of four of these boards can be stacked together, multiplexing sixteen Raspberry Pi cameras.

As far as the obvious, ‘why’ question goes, there are a few interesting things you can do with a dozen or so computer controlled cameras. The obvious choice would be a bullet time camera rig, something this board should be capable of, given its time to switch between channels is only 50ns. Videos below.


Filed under: digital cameras hacks, Raspberry Pi

Why Should We Explore? (comic)

People often ask why we should bother exploring space. For example, why should we bother to send a rover to mars, why search for alien planets, why land on an asteroid, why bother going to Pluto? People say that it costs too much. They say that it’s too dangerous. They say that there are a million reasons that we shouldn’t explore space.

And I think that the latest comic from Zen Pencil puts all of this into perspective. And it’s terribly relevant. Of course, there are many reason to explore space (and to explore in general). But I think that this answers the question rather eloquently.

The quote comes from George Mallory, who was a famous English mountaineer. In 1924, he headed out in an attempt to reach the summit of Mt. Everest. No one ever saw him alive again. His climbing partner was Andrew Irvine, the pair were last seen just shy of their goal, a mere 245 meters (803 feet) from the summit. For decades, people assumed that they had perished in their attempt. Then, in 1999 (75 years after he went missing), Mallory’s body was found.

It’s still debated whether Mallory and Irvine reached the summit before their deaths.

The quote here is answering the question, “Why climb Everest?” But although this quote isn’t directly speaking about space exploration, I think it applies.

You can buy some awesome posters, books, and other prints from Zen Pencil here. If you love the art, be sure to support the artist. See all his comics here.

Image Credit: Zen Pencil

Image Credit: Zen Pencil

The post Why Should We Explore? (comic) appeared first on From Quarks to Quasars.

Particle-Wave Duality and the Quantum Uncertainty Principle United

Image credit: Jezper/Shutterstock.com

Image credit: Jezper/Shutterstock.com

Here’s a nice surprise: quantum physics is less complicated than we thought. An international team of researchers has proved that two peculiar features of the quantum world previously considered distinct are different manifestations of the same thing. The result is published 19 December in Nature Communications.

Patrick Coles, Jedrzej Kaniewski, and Stephanie Wehner made the breakthrough while at the Centre for Quantum Technologies at the National University of Singapore. They found that ‘wave-particle duality’ is simply the quantum ‘uncertainty principle’ in disguise, reducing two mysteries to one.

“The connection between uncertainty and wave-particle duality comes out very naturally when you consider them as questions about what information you can gain about a system. Our result highlights the power of thinking about physics from the perspective of information,” says Wehner, who is now an Associate Professor at QuTech at the Delft University of Technology in the Netherlands.

The discovery deepens our understanding of quantum physics and could prompt ideas for new applications of wave-particle duality.

Wave-particle duality is the idea that a quantum object can behave like a wave, but that the wave behaviour disappears if you try to locate the object. It’s most simply seen in a double slit experiment, where single particles, electrons, say, are fired one by one at a screen containing two narrow slits. The particles pile up behind the slits not in two heaps as classical objects would, but in a stripy pattern like you’d expect for waves interfering. At least this is what happens until you sneak a look at which slit a particle goes through – do that and the interference pattern vanishes.

The quantum uncertainty principle is the idea that it’s impossible to know certain pairs of things about a quantum particle at once. For example, the more precisely you know the position of an atom, the less precisely you can know the speed with which it’s moving. It’s a limit on the fundamental knowability of nature, not a statement on measurement skill. The new work shows that how much you can learn about the wave versus the particle behaviour of a system is constrained in exactly the same way.

Wave-particle duality and uncertainty have been fundamental concepts in quantum physics since the early 1900s. “We were guided by a gut feeling, and only a gut feeling, that there should be a connection,” says Coles, who is now a Postdoctoral Fellow at the Institute for Quantum Computing in Waterloo, Canada.

It’s possible to write equations that capture how much can be learned about pairs of properties that are affected by the uncertainty principle. Coles, Kaniewski and Wehner are experts in a form of such equations known as ‘entropic uncertainty relations’, and they discovered that all the maths previously used to describe wave-particle duality could be reformulated in terms of these relations.

“It was like we had discovered the ‘Rosetta Stone’ that connected two different languages,” says Coles. “The literature on wave-particle duality was like hieroglyphics that we could now translate into our native tongue. We had several eureka moments when we finally understood what people had done,” he says.

Because the entropic uncertainty relations used in their translation have also been used in proving the security of quantum cryptography – schemes for secure communication using quantum particles – the researchers suggest the work could help inspire new cryptography protocols.

In earlier papers, Wehner and collaborators found connections between the uncertainty principle and other physics, namely quantum ‘non-locality’ and the second law of thermodynamics. The tantalising next goal for the researchers is to think about how these pieces fit together and what bigger picture that paints of how nature is constructed.


 

Information provided by the National University of Singapore.

The post Particle-Wave Duality and the Quantum Uncertainty Principle United appeared first on From Quarks to Quasars.

TRINKET EDC CONTEST ENTRY: Lazydoro

[Vasilis] has entered Lazydoro in the Trinket Everyday Carry Contest.  Lazydoro is designed to get him up off his backside, and walking around. Recent medical research has determined that sitting too long is a bad thing. In fact,  Dr. David Agus has been quoted by Nike as saying that sitting for several hours is as bad as smoking (wayback machine link). While we’re not exactly up on the latest medical trends, we can definitely see that getting up and walking around a bit never hurt anyone. Lazydoro will alert [Vasilis] once every 20 minutes or so to get up and stretch his legs a bit.

[Vasilis] plans to pair a Pro Trinket with an accelerometer module, specifically an ADXL377 from Analog Devices. The accelerometer will allow Lazydoro to determine if [Vasilis] has moved around. If 20 or 30 minutes go by without major movement, Lazydoro will nudge him to get up and take a walk.

Since shipping to Greece takes awhile, [Vasilis] is developing with an Arduino Uno and a ADXL345 while he waits for his parts to arrive. He’s hacked this into a wrist mounted device for testing. One thing  [Vasilis]  hasn’t figured out yet is how to alert the user to move around. A small vibrating motor would probably work – but we’d suggest electric shocks. A good zap always puts the spring in our step!

There is still plenty of time to enter the Trinket Everyday Carry Contest.  The main contest runs until January 2, but we’re having random drawings every week! Don’t forget to write a project log before the next drawing at 9pm EDT on Tuesday, December 23. You and all of the other entrants have a chance to win a Cordwood Puzzle from The Hackaday Store!


Filed under: contests, Featured, news

Thermoelectric Power Plants Could Offer Economically Competitive, Renewable Energy

We all know that we have an energy issue. And a pollution issue. And a whole bunch of issues with the way that we produce and consume materials. However, a new study from Rutgers University predicts that large-scale power plants based on thermoelectric effects (like small temperature differences in ocean water) could generate electricity at a lower cost than standard power plants.

With this new kind of power plant, electricity is generated by heating cold, deep water with warm, shallow water heated by the sun. Liping Liu, Associate Professor at Rutgers University Liu has published a paper in the New Journal of Physics in which he analyzes the feasibility of such power plants.

WATCH: Oceanic Thermal Energy Conversion

If this really could work, it would be rather amazing, as the ocean is the largest accessible, sustainable energy source on Earth. This is because the sun heats the rface water of the ocean to a temperature that, in tropical regions, is about 20 K (36ºF) higher than water that is 600 m (1,900 feet) deep. In this respect, the surface water acts as a giant storage tank of solar energy.

As Liu explains,

thermoelectric power plants would work by harvesting the energy of ocean waves to pump cold water from a few hundred meters deep up through a long channel. As the cold water nears the surface, it enters a heat exchanger where it is heated by surface water on the outside. The heat exchanger acts as an electric generator, as its tubes are made of thermoelectric materials that can transfer heat through their walls and directly convert temperature differences into electricity.

What are the Advantages?

In large-scale, ocean-based thermoelectric power plants the “fuel” (the temperature differences) are free, unlimited, and easily accessible; the plants will not take up any space on land; since they have no moving solid parts, they would have low maintenance costs; the power output does not depend on the time of day or season. And finally, the method is green, as it does not release emissions. Also, up to 88,000 TWh of power could be generated a year from oceanic thermal energy conversion without impacting the ocean’s thermal structure. Another by product could be fresh water from the sea (important as populations and droughts continue to increase).

The Disadvantages:

Most commercial devices have a conversion efficiency of around 5% to 10% of the ideal Carnot efficiency, with state-of-the-art devices achievingefficiencies of up to 20%.

The In-betweeners:

The estimated cost per year of one megawatt of electricity in 2016 is about $0.83 million for conventional coal plants, compared to $1.84 million for photovoltaic power plants. Liu’s analysis estimates that a thermoelectric power plant could generate electricity for less than $1.84 million. So it’s more expensive than coal, but cheaper than other forms of production. Moreover, If water from geothermal sources is used instead, the temperature difference could be 50 K or more, resulting in an even higher power gain and lower cost per watt.

Ocean Thermal Energy Conversion technology, known as OTEC, uses the ocean’s natural thermal gradient to generate power. I. Image credit: Lockheed Martin

Ocean Thermal Energy Conversion technology, known as OTEC, uses the ocean’s natural thermal gradient to generate power. I. Image credit: Lockheed Martin

The post Thermoelectric Power Plants Could Offer Economically Competitive, Renewable Energy appeared first on From Quarks to Quasars.

Our Favorite Maps of the Year Cover Everything From Bayous to Bullet Trains

Wired features Esri maps as part of their favorite maps of 2014.

Hacklet 27 – Holiday Hacks

It’s beginning to look a lot like the holidays around here. That means it’s time for holiday hacks here on The Hacklet! This week we’re looking at the coolest festive hacks created by YOU on Hackaday.io!

xmashdrWe start with [charliex] and Cypress PSOC 4 + ESP8266 WS2812 RGB XMAS Lights. The name might be a mouthful, but the goal of the project is a simple one: Awesome Christmas lights! [Charliex] has created WiFi controllable Christmas lights. To do this, he’s utilized ARM core based PSOC4 chips from Cypress. WiFi duty is handled by the popular ESP8266 module, and the lights themselves are WS2812 addressable strips.

[charliex] really outdid himself this time, creating a complete solution from the ground up. He started with a Cypress dev board, but quickly moved to a board of his own design. The PCBs  first were milled at home, then sent out for manufacturing.
Control of the strip is via UDP through a WiFi network. [Charliex] found the strips have plenty of WiFi range to place outside his home.  The last part of the puzzle was control – which [charliex] handled in style by creating his own GUI to handle synchronizing several strips to music played on a central computer.

snowflakeNext up is [nsted] with another LED hack, Glowing Xmas Snowflake Sculpture. [Nsted] was contracted to add some extra LED bling to a sculpture. The problem was that these LEDs would be filling in gaps left in the primary interactive lighting system which ran the entire sculpture. Any time you have to meld two systems, things can get crazy. [Nsted] found this out as he added WS2812B Adafruit NeoPixel strips to the Sensacell modules already designed into the sculpture. Communications happen via RS485, with Arduino Due and Megas handling the processing. Power was a concern with this sculpture, as it was pulling over 100 amps at low voltage. Like many art installations, this was a “work down to the wire” event. Everything came together at the last-minute though, and the project was a success!

musicNext up is [Jeremy Weatherford] with Christmas Orchestra.  [Jeremy] has taken on the task of making the most epic retro electronics orchestra ever created. He’s playing Trans-Siberian Orchestra’s Wizards in Winter on four floppies, three scanners, and an ancient inkjet printer. LED strips on the moving elements add lights to the sound. An Arduino Mega with a RAMPS board controls the show. [Jeremy] had his orchestra professionally recorded both on audio and in video. We’re anxiously awaiting the final video upload so we can rock out to some old hardware!

xmaslightsFinally, we’ve got [crenn6977] with his Solar powered Christmas Light Controller. This was [crenn6977’s] entry in the The Hackaday Prize. While it didn’t take him to space, we’re sure it will bring Santa to his door. Rather than run lots of tiny solar cells for his Sun powered Christmas lights, [crenn6977] is going for a single large panel and wireless control. The nRF24L01+ is handling the wireless connectivity, while a STM32F042 ARM cortex M0 processor is the brains of the operation. Solar power demands efficient design, so [crenn6977] is digging deep into op-amp circuits to keep those LEDs running through the night, and the batteries charging through the day.

It’s just about time for us to settle our brains for a long winter’s nap, so we’ll close this edition of The Hacklet here.  As always, see you next week. Same hack time, same hack channel, bringing you the best of Hackaday.io!


Filed under: Hackaday Columns

Scientists Discover New Life & Deepest Living Fish in Mariana Trench

Deepest known fish

Deepest known fish

The Mariana Trench is a terribly inhospitable place. It is deep. It is dark. But it hosts life. A recent expedition, the Hadal Ecosystem Studies (HADES) expedition, led by co-chief scientists Jeff Drazen and Patty Fryer of the University of Hawaii, recently embarked on a journey to research the deepest trench on Earth, and what they found is simply amazing.

They used five deep sea vehicle systems called landers to search specifically targeted depths from 5000  – 10,600 meters (that’s a staggering 16,404  – 34,777 feet.).

Several records for deepest living fish, either caught or seen on video, were broken. But one takes the cake, living at a record setting 8,143 meters (26,715 feet or just over 5 miles). What’s more, this is also a newly discovered organism; what they found is a completely unknown variety of snailfish. The white translucent fish had broad wing-like fins, an eel-like tail, and it slowly glided over the bottom. of the ocean floor. Dr. Alan Jamieson stated that “when findings and records such as these can be broken so many times in a single trip, we really do get the feeling we are at the frontier of marine science.” See this amazing creature in action in the video below.

Rather than just focusing on the deepest point in the Mariana Trench, this concerted effort was made in order to gain a better understanding of the interplay between life and geologic processes across the entire hadal zone.  Dr. Drazen expressed the drive behind this method, “Many studies have rushed to the bottom of the trench, but from an ecological view that is very limiting.  It’s like trying to understand a mountain ecosystem by only looking at its summit”.

The findings from this research will help to answer important questions about Earth’s largest and least explored habitat, including what organisms live there and how life adapts to these extreme conditions, and how much carbon in the atmosphere reaches the deep sea and if it affects the food chains there.

A rattail found at around 6000 m; the fish is approximately 60-70 cm.  Photo taken by the Hadal Lander.

A rattail found at around 6000 m; the fish is approximately 60-70 cm. Photo taken by the Hadal Lander.

The post Scientists Discover New Life & Deepest Living Fish in Mariana Trench appeared first on From Quarks to Quasars.

Trojan program based on ZeuS targets 150 banks, can hijack webcams

A new computer Trojan based on the infamous ZeuS banking malware is targeting users of over 150 banks and payment systems from around the world, security researchers warn.

The new threat, dubbed Chthonic, is based on ZeusVM, a Trojan program discovered in February that is itself a modification of the much older ZeuS Trojan.

"The Trojan is apparently an evolution of ZeusVM, although it has undergone a number of significant changes," security researchers from antivirus vendor Kaspersky Lab said in a blog post. "Chthonic uses the same encryptor as Andromeda bots, the same encryption scheme as Zeus AES and Zeus V2 Trojans, and a virtual machine similar to that used in ZeusVM and KINS malware."

To read this article in full or to leave a comment, please click here

SpaceCurve unveils geospatial platform to help enterprises cope with flood of data

SpaceCurve has partnered with Esri to integrate its popular ArcGIS server into the SpaceCurve product.

25 wealthiest ZIP codes in metro Denver (interactive map)

Esri map features the 25 wealthiest ZIP codes in Denver.

Chronicles, From East to West

Esri map below shows the predominant ethnic groups, by zip code, in Southern California.

Questions remain after FBI charges North Korea with attack on Sony Pictures

The FBI formally accused North Korea of attacking Sony Pictures on Friday, citing three levels of evidence that has led to this conclusion. But does the FBI have it right, or are they missing the obvious?

There's no denying that the attack against Sony Pictures was catastrophic. To date there have been more than 230GB of data leaked by the attackers. The entire network was compromised, with each business unit being impacted.

Worse, after the attackers made thinly veiled threats of physical attacks, Sony was forced to cancel the movie The Interview, ultimately meeting one of the demands made by the attackers.

To read this article in full or to leave a comment, please click here

NASA’s Kepler Reborn: Discovers First Alien Planet of New Mission

An artist's conception portrays the first planet discovered by the Kepler spacecraft during its K2 mission. A transit of the planet was teased out of K2's noisier data using ingenious computer algorithms. The newfound planet, HIP 116454b, has a diameter of 20,000 miles (2.5 times the width of Earth).

An artist’s conception portrays the first planet discovered by the Kepler spacecraft during its K2 mission. A transit of the planet was teased out of K2’s noisier data using ingenious computer algorithms. The newfound planet, HIP 116454b, has a diameter of 20,000 miles (2.5 times the width of Earth).

In may 2013 we saw the end of an era. NASA’s Kepler Space Telescope, which was responsible for discovering nearly 1,000 alien worlds (and another 3,200 that are awaiting confirmation) stopped working. Before Kepler, we conceived of the universe as a place with an indeterminate number of planets. Indeed, 20 years ago we didn’t know of any exoplanets (planets that orbit alien suns). Now we know of thousands. And although we can’t be sure of the exact number of alien worlds, we now believe that nearly every star has at least one planet (probably more).

All thanks to Kepler. And now, it’s back.

NASA announced that Kepler had been revived, thanks to a bit of scientific ingenuity. And yesterday they stated that it had discovered another planet. This beauty is called HIP 116454b, and it is a “super Earth.” These planets are worlds that are rocky bodies (like our own) that are simply massive. This one in particular is about 2.5 times larger than our home planet. It lies 180 light-years from Earth, in the constellation Pisces — which is close enough to be studied by other instruments.

And the dicovery made a few at NASA wax poetic. “Like a phoenix rising from the ashes, Kepler has been reborn and is continuing to make discoveries. Even better, the planet it found is ripe for follow-up studies.” lead author Andrew Vanderburg, of the Harvard-Smithsonian Center for Astrophysics (CfA), said in a statement.

HIP 116454b is about 20,000 miles wide (32,000 km) and is 12 times more massive than Earth, scientists said. For comparison, Earth’s equatorial diameter is 7,926 miles (12,756 kilometers). The density of the alien world suggests that it is either primarily covered by water or is a “mini Neptune” with a large, thick atmosphere. This means that it obviously would be a good place for our kind of life.

Moreover, HIP 116454b lies just 8.4 million miles from its host star (13.5 million km), an “orange dwarf” slightly smaller and cooler than the sun, and completes one orbit every 9.1 Earth-days. So this planet is really uninhabitable for our kind of life. We all know how hostile Mercury is, the closest planet to our own Sun. But Mercury is 35.9 million miles from the Sun (57.9 million km). That’s leagues away when compared to HIP.

Kepler is able to locate planets by use of the “transit method,” which means that the little craft watches for the telltale dimming that is caused when a planet crossed in front of its parent star (this crossing is known as a “transit”). In order to accomplish this, Kepler needs to keep a steady eye on a very precise point, and this is an ability that the spacecraft lost in 2013, when the second of its four orientation-maintaining reaction wheels failed.

However, the Kepler team devised a way to increase Kepler’s stability by using the subtle pressure of sunlight, then proposed a new mission called K2, which would continue Kepler’s exoplanet hunt in a limited fashion. But “limited” is a subjective term.

Kepler K2 mission. Image credit: NASA

Kepler K2 mission. Image credit: NASA

“The Kepler mission showed us that planets larger in size than Earth and smaller than Neptune are common in the galaxy, yet they are absent in our solar system,” said Steve Howell, Kepler/K2 project scientist at NASA’s Ames Research Center in Moffett Field, California. “K2 is uniquely positioned to dramatically refine our understanding of these alien worlds and further define the boundary between rocky worlds like Earth and ice giants like Neptune.”

Since the K2 mission officially began in May 2014, it has observed more than 35,000 stars and collected data on star clusters, dense star-forming regions, and several planetary objects within our own solar system. It is currently in its third campaign.

The research paper reporting this discovery has been accepted for publication in The Astrophysical Journal.

The post NASA’s Kepler Reborn: Discovers First Alien Planet of New Mission appeared first on From Quarks to Quasars.