Slam the Online Scam

Twitter Goodies



12 point smartcard checklist for merchants

Checklist for merchants
00 title smartcard checklist

Just about a year from now, retail merchants who currently accept only magnetic stripe payment cards will have to start accepting chip-based smart cards as well. If they don't, they become liable for any fraud that results from them not being able to accept the chip cards.

The name for the new card standard is EMV -- Europay, MasterCard and Visa -- named after the companies who first initiated the technology. The US is the last major country in the world to switch over.

To read this article in full or to leave a comment, please click here

Central European Computer Collecting

During Hackaday’s short trip to Czech, we were lucky enough to run into someone who had recently had one of his projects featured on Hackaday. It’s [Martin]‘s multi-target IDE for 8-bit CPUs, written entirely in JavaScript, and a full development suite for anything with a 6502, 6800, 6809, Z80, 8080, and 8085. [Martin] was kind enough to sit down and give us the scoop on why he’s interested in old computers, and why he developed his 8-bit IDE project, ASM80.

[Martin] grew up in the days of computer magazines, and originally wanted to build his own computer. That plan didn’t work out, but his parents did get him a Speccy in 1986, but the love of old hardware is still there. Over the years, this evolved into computer collecting, with the old ZX Spectrum, an Commodore 64, ORICs, and Acorns rounding out his collection. As we learned at the Computeum, there the middle of Europe had computers that just aren’t seen on the English-speaking Internet, and [Martin]‘s collection is no exception.

In addition to doing some very cool stuff for some very old computers, [Martin] also donated something to the Hackaday Hackaspace. It’s a PMI-80, a single board computer made for university computer science students, and basically a KIM-1, but based on a Czechoslovak clone of the Intel 8080 made by Tesla. There is 1k of RAM and 1k of ROM on this board, a calculator keypad, and a few seven segment displays. For the time, it was a great ‘student’ computer, and not really rare in Europe, but this is the first one I’ve seen on my side of the Atlantic.

You can see some pics of the PMI-80 below with [Martin]‘s interview. [Martin] also promised to write-up a short history of classic central european computers, a subject there isn’t much written about in the anglosphere. We’ll post a link to that when he finishes that up.

case block diagram index PMI
Filed under: classic hacks

Scientists Find Mysterious Object In Night Sky: Rogue Black Hole?

Twin bright spots in the galaxy's center are consistent with recent star formation, a disturbance that hints this galaxy may have merged with another. Image Credit: Credit: W. M. Keck Observatory/M. Koss (ETH Zurich) et al.

Twin bright spots in the galaxy’s center are consistent with recent star formation, a disturbance that hints this galaxy may have merged with another. Image Credit: Credit: W. M. Keck Observatory/M. Koss (ETH Zurich) et al.

An international team of researchers analyzing decades of observations from many facilities, including NASA’s Swift satellite, the W. M. Keck Observatory on Mauna Kea and the Pan-STARRS1 telescope on Haleakala, has discovered an object in space called SDSS1133, that might be a black hole catapulted out of a galaxy. Or it might be a giant star that is exploding over an exceptionally long period of several decades. In any case, one thing is certain: this mysterious object is something quite unique, a source of fascination for physicists the world over because of its potential to provide experimental confirmation of the much-discussed gravitational waves predicted by Albert Einstein.

“With the data we have in hand, we can’t yet distinguish between these two scenarios,” said lead researcher Michael Koss, an astronomer at ETH Zurich, the Swiss Federal Institute of Technology. “One exciting discovery made with NASA’s Swift is that the brightness of SDSS1133 has changed little in optical or ultraviolet light for a decade, which is not something typically seen in a young supernova remnant.” The study will be published in the Nov. 21 edition of Monthly Notices of the Royal Astronomical Society.

The mystery object is part of the dwarf galaxy Markarian 177, located in the bowl of the Big Dipper, a well-known star pattern within the constellation Ursa Major. Although supermassive black holes usually occupy galactic centers, SDSS1133 is located at least 2,600 light-years from its host galaxy’s core. The team was able to detect it in astronomical surveys dating back more than 60 years.

The researchers first realized that SDSS1133 was a unique object last year, while observing it with a reflecting telescope at the Keck Observatory in Hawaii. Comparisons with an astronomical map from 2001 showed that it was already ten times weaker last year than in 2001 – and although the object was visible on maps from the 1950s and 1990s, it could only be seen very weakly. SDSS1133 shone very brightly in 2001 but did not go completely dark afterwards, which showed that it cannot be a normal supernova – the life-ending explosion of a star – because supernovae tend to be detectable for only a few months before fading significantly.

“When we analyzed the Keck data, we found the emitting region of SDSS1133 is less than 40 light-years across, and that the center of Markarian 177 shows evidence of intense star formation and other features indicating a recent disturbance that matched what we expected for a recoiling black hole,” said Chao-Ling Hung, a University of Hawaii (UH) at Manoa graduate student performing the analysis of the Keck Observatory imaging in the study.

From a comparison of the wavelength spectrum of the light emitted by SDSS1133 and a nearby dwarf galaxy the scientists concluded that the object might be a black hole that belonged to this dwarf galaxy at one stage and was jettisoned out of it.

And yet the researchers are far from certain, mainly because there is a second, more exotic possibility: SDSS1133 could be a new type of long-duration outburst before a supernova within a giant star. This giant star would have lost much of its mass in a series of eruptions over the course of at least 50 years before its final explosion.

“We suspect we’re seeing the aftermath of a merger of two small galaxies and their central black holes,” said co-author Laura Blecha, an Einstein Fellow in the University of Maryland’s Department of Astronomy and a leading theorist in simulating recoils, or “kicks,” in merging black holes. “Astronomers searching for recoiling black holes have been unable to confirm a detection, so finding even one of these sources would be a major discovery.”

Scientists have already observed stars changing in this fashion: Eta Carinae, one of the most massive stars in our own galaxy, briefly became the second-brightest star in the sky in 1843. If this type of activity were also the explanation for SDSS1133, that would make it the longest continuous outbursts ever observed before a supernova.

Merging black holes release a large amount of energy in the form of gravitational radiation, a consequence of Einstein’s theory of gravity. Waves in the fabric of space-time ripple outward in all directions from accelerating masses. If both black holes have equal masses and spins, their merger emits gravitational waves uniformly in all directions. More likely, the black hole masses and spins will be different, leading to lopsided gravitational wave emission that launches the black hole in the opposite direction.

To analyze the object in greater detail, the team is planning ultraviolet observations with the Cosmic Origins Spectrograph aboard the Hubble Space Telescope in October 2015. “We found in the Pan-STARRS1 imaging that SDSS1133 has been getting significantly brighter at visible wavelengths over the last 6 months and that bolstered the black hole interpretation and our case to study SDSS1133 now with HST,” said Yanxia Li a UH Manoa graduate student involved in the analysis of the Pan-STARRS1 imaging in the study.

black hole

The dwarf galaxy Markarian 177 (center) and its unusual source SDSS1133 (blue) lie 90 million light-years away. The galaxies are located in the bowl of the Big Dipper, a well-known star pattern in the constellation Ursa Major. Image Credit: Sloan Digital Sky Survey

If SDSS1133 isn’t a black hole, then it must have been a very unusual type of star known as a Luminous Blue Variable (LBV). These stars undergo episodic eruptions that cast large amounts of mass into space long before they explode. Interpreted in this way, SDSS1133 would represent the longest period of LBV eruptions ever observed, followed by a terminal supernova explosion whose light reached Earth in 2001.

For an LBV to explain SDSS1133, the star must have been in nearly continual eruption from at least 1950 to 2001, when it reached peak brightness and went supernova. The spatial resolution and sensitivity of telescopes prior to 1950 were insufficient to detect the source. But if this was an LBV eruption, the current record already shows it to be the longest and most persistent one ever observed. An interaction between the ejected gas and the explosion’s blast wave could explain the object’s steady brightness in the ultraviolet.

“Dwarf galaxies are very common,” said Koss. “Therefore it would be highly probable that other recoil events would appear before too long. The hope is that we would be able to observe one near Earth and measure the gravitational waves.”

Whether it’s a rogue supermassive black hole or the closing act of a rare star, it seems astronomers have never seen the likes of SDSS1133 before.

Provided by


The post Scientists Find Mysterious Object In Night Sky: Rogue Black Hole? appeared first on From Quarks to Quasars.

‘Less’ means more to malware authors targeting Linux users

Using the "less" Linux command to view the contents of files downloaded from the Internet is a dangerous operation that can lead to remote code execution, according to a security researcher.

At first glance, less appears to be a harmless command that outputs a file's content to a terminal window and allows the users to navigate forward and backward through it. Less does not allow file editing, which is a job for file editors like the widely used vi, but has the benefit of displaying data on the fly without needing to load an entire file into memory. This is useful when dealing with large files.

Less is frequently used to view text files, but on many Linux distributions, including Ubuntu and CentOS, it supports many more file types including archives, images and PDF. That's because, on these systems, less is extended through a script called lesspipe that relies on different third-party tools to process files with various extensions.

To read this article in full or to leave a comment, please click here

NASA Thinks Life Can Be Found Beneath Europa’s Surface

Image credit: NASA

Image credit: NASA

Hidden beneath Europa’s icy surface is perhaps the most promising place in our solar system beyond Earth to look for present-day environments that are suitable for life. The Galileo mission found strong evidence that a subsurface ocean of salty water is in contact with a rocky seafloor. The cycling of material between the ocean and ice shell could potentially provide sources of chemical energy that could sustain simple life forms.

And then recently, in February, we received additional information that indicated that the moon is not frozen solid. The Galileo findings were bolstered by the observation of vapor plumes emanating from its surface in a new analysis of Hubble telescope data.

A new video from NASA details why Europa’s ocean world is a high priority for future exploration.

WATCH: Europa

Of course, there are some who are skeptical about the possibility of life on this world. However, Kevin Hand, an astrobiologist with NASA’s Jet Propulsion Laboratory (JPL), lays out the overwhelming evidence in the video above. Ultimately, he says there is a “high degree of confidence” that a liquid ocean on Europa exists today and has existed for billions of years. This means like life is rather likely.

“For the first time in the history of humanity we have the tools and technology and capability to potentially answer this question (of the existence of life beyond Earth), and we know where to go to find it…Jupiter’s ocean world, Europa.”

NASA may have the backing of congress. As Rep. John Culberson (R-TX), chair of the House Appropriations Subcommittee for Commerce, Justice, and Science, is especially excited about a mission to Jupiter’s moon, Europa. In an interview last December with the Houston Chronicle, he said:

I’m certain that there’s life elsewhere in the universe. And I’m also certain that the first place we will discover life on another world is Europa. It will be discovered in the oceans of Europa. And it will be a robotic mission designed and flown by NASA that discovers it. About an hour and a half ago I got off the phone with Robert Ballard, who discovered the Titanic. We’ve become friends through my interest in science. He wanted to be remembered for something other than the discovery of the Titanic. So I introduced him to the Jet Propulsion Laboratory and told him he should get involved in the Europa mission. I think he should help design a penetrator, swimmer, sniffer that would punch through the ice of Europa and find and photograph life in Europa’s oceans. I think it’s going to be a match made in heaven.

If I’m successful in becoming chairman of the subcommittee that’s going to be right when the Europa mission will need its maximum funding. It needs to be a flagship mission. The biggest and best we’ve ever flown. I really feel blessed. I feel like I’m one of the luckiest people on Earth. I’m blessed with a wonderful family, a great district, representing Houston in the greatest state in the greatest country in the world. I got on this incredible committee where I will be in exactly the right place at the right time to be able to help turn NASA around, to not only preserve America’s leadership role in space, but I also hope to be a key part in discovering life on another world for the first time. We’re only going to have one chance at this in our lifetimes. We’ve got one shot. I want to make sure you and I are here to see those first tube worms and lobsters on Europa.

Information provided by NASA, JPL

The post NASA Thinks Life Can Be Found Beneath Europa’s Surface appeared first on From Quarks to Quasars.

Direct Digital Synthesis (DDS) Explained by [Bil Herd]

One of the mnemonics you may hear thrown around is DDS which stands for Direct Digital Synthesis. DDS can be as simple as taking a digital value — a collection of ones and zeroes — and processing it through a Digital to Analog Converter (DAC) circuit. For example, if the digital source is the output of a counter that counts up to a maximum value and resets then the output of the DAC would be a ramp (analog signal) that increases in voltage until it resets back to its starting voltage.

This concept can be very useful for creating signals for use in a project or as a poor-man’s version of a signal or function generator. With this in mind I set out here to demonstrate some basic waveforms using programmable logic for flexibility, and a small collection of resistors to act as a cheap DAC. In the end I will also demonstrate an off-the-shelf and inexpensive DDS chip that can be used with any of the popular micro-controller boards available that support SPI serial communication.

All of the topics covered in the video are also discussed further after the break.

DDS Demo Hardware
DDS Demo Hardware

I chose to use Programmable Logic (PL) to build the various circuits as it was quick to configure and didn’t require very much construction while being extremely flexible. It also didn’t require any software programming, IDE, target processor board, etc. This might be an interesting project for you if you are interested in learning or exercising some basic Programmable Logic skills, here I use Altera’s free Quartus II Web version and an inexpensive programmer clone. For the first couple of examples I am using a Complex Programmable Logic Device. (CPLD)

Basic Signal Generation


Creating waveforms can also be done with dedicated logic, for example a CD4060 oscillator/counter can be used instead of the PL counter or also a microcontroller with I/O ports could be used. Note that the microcontroller version does better the more assistance it gets from dedicated peripherals such as a timer or a timer/counter that reloads without waiting for the processor to respond and reset it.

Direct Digital Synthesis (DDS) R/2R Ladder

Here are two waveforms created with a simple counter and resistors organized as an R/2R ladder. As the output of the counter increments in binary, the resulting voltage divider created by the interconnected resistors and outputs creates consistent steps between each of the counts; 256 in this case due to 8 outputs being used. Taking the most significant bit also demonstrates a symmetrical square wave.

Building Different Signals is Easy

If the counter were to count downwards upon reaching its maximum count instead of resetting to zero, then a triangle waveform would be generated. So far that’s three waveforms using just a counter and some resistors.

Triangle Waveform DDS R/2R Ladder with Comparator

On a slightly different topic, using just some I/O lines, an R/2R ladder, and an analog comparator (ala LM339) a basic type of Analog to Digital Converter (ADC) can be made. Don’t misread this, we were talking about going from digital to analog before but now we’re talking about going from analog to digital.

To describe it simply, a processor or digital counter is connected to the R/2R ladder which is connected to the input of an analog comparator. The voltage to be measured is then connected to the other input of the comparator and then the counter proceeds to count up until the R/2R ladder voltage equals or exceeds the voltage being measured. At that time the comparator trips and the equivalent digital value of the analog voltage being measured is represented by the counter value feeding the R/2R ladder.

Assuming that the voltage to be measured is somewhat stable, the process can be repeated to track the voltage as it (slowly) changes or the count can be reversed until the comparator clears and then reverses. This might be useful for measurements such as monitoring a battery voltage level, etc.

While continuing the use of an adjunctive comparator, a simple voltage to frequency converter can be made by having the counter change directions when the comparator trips. This is not a perfect converter (nothing I do is perfect, life and engineering is a compromise) as very notably the amplitude of the triangle waveform changes in amplitude, but a full voltage square wave would be easy to generate.

Basic Principles for Sine Wave Generation

DDS Sinewave
DDS Sinewave

Finally we can create a sinewave through the addition of a look-up-table that contains the appropriate data to approximate a mathematical sine function. A look-up-table (LUT) is simply a piece of memory such as Read Only Memory (ROM) in series with the data, in our case the incrementing counter represents an incrementing address, and the data output is the result of a pre-calculated Sine table.

For this I have switched to a Field Programmable Gate Array (FPGA) which has better internal memory and the ability to initialize the memory with the contents of the Sine table I created for the LUT. In the schematic for the interior of my FPGA the LUT can be seen off to the right just in front of the output pins.


Programming Complex Waveforms

One advantage of a Sine wave created by DDS is that it can be generated at a wide range of frequencies and keep its same shape (low distortion).

Just for fun and to demonstrate something that can done easily with DDS I created a non-symmetrical waveform. Looking carefully you can see two cycles of square wave, two of ramp and then two of sine wave. Any waveform that can be “drawn” in memory can be created this way.


Other DDS Hardware Options

And finally, if you need a DDS without the muss and fuss of making it out of components yourself, there is a selection of DDS components available that are low cost and accurate. Shown here is an Analog Devices 9387 in an evaluation board from the manufacturer. It is SPI serial interface driven and so can be connected to most available single board controllers.

DDS Eval AD9837
DDS Eval AD9837

Varying the frequency and phase of a signal by microprocessor control is integral to a DDS system. The software that comes with the evaluation the board shows that two frequencies and two phase offsets can be stored allowing Frequency Shift Keying (FSK) and Phase Shift Keying (PSK) as well as sweeping between two frequencies. This is a useful capability, for example the frequency response of a circuit such as a filter can be observed by sweeping a frequency on the input and then measuring the output on an oscilloscope.

Eval 9837
Eval 9837

Go Deeper

If you want to know more about DDS there is a lot of information available on manufacturer’s websites and the Internet. Advanced topics to search for include embedded sub-modulation and use with phase lock loops to reduce phase noise, up-conversion using multipliers, and other synthesis circuits used in RF telecommunications.

Filed under: Featured, hardware, how-to, slider

Astronomy Photo of the Day: 11/24/14 — The Bubble Nebula

Image Credit: Jaspal Chadha (JK Observatory); Used With Permission

Image Credit: Jaspal Chadha (JK Observatory); Used With Permission

Images of far-off cosmic objects often inspire silly nicknames that make very little sense. However, in many cases, the nicknames are spot-on. And, not to mention, they are much easier to remember than the intrepid, but useful, designations astronomers use to convey the bare basics (like who discovered the object, which telescope was used and where it was cataloged).  

The nickname this region was given seems rather obvious. Formally known as NGC 7635, most people refer to it as the Bubble nebula. It lurks approximately 11,000 light-years from Earth in the constellation of Cassiopeia. 

This celestial wonderland is the result of the tireless work of one large o-type star (pictured within the bubble in the 8 o’clock position), believed to weigh as much as 45 Suns combined. Naturally, given its size, it’s also much larger and far more luminous than our Sun; characteristics that are made clear in the bubble-like cavity it spawned. The bubble formation alone, which was carved out by stellar winds, spans well over 10 light-years across!

This image of the Bubble Nebula was taken by Jaspal Chadha (from JK Observatory), using an Altair Astro RC 250TT Scope, QSI 690 CCD and Ioptron CEM 60. You can see more of his astrophotography work on flickr.

You can see a larger image here, or you can take a 3D tour here.

The post Astronomy Photo of the Day: 11/24/14 — The Bubble Nebula appeared first on From Quarks to Quasars.

5 ways to escape password hell

Security can be a vicious cycle. A breach occurs. Enterprises add a new level of security. That increases inconvenience for users, who find workarounds. Then there's another breach and the cycle begins again.

To read this article in full or to leave a comment, please click here

(Insider Story)

How to create seamless mobile security for employees

The salespeople at financial services firm Vanguard Group need on-the-go access to presentations, client data and meeting details from wherever they are without a lot of hurdles. That doesn’t mean, however, they need to access the complete suite of Vanguard applications and all of its data. So access is built around determining what users need in order to be productive without jeopardizing security by giving them too much access, says John Marcante, managing director and CIO at Valley Forge, Pa.-based Vanguard.

To read this article in full or to leave a comment, please click here

(Insider Story)

Imperva: 48% Of All Web Application Attacks Target Retail

Unless you’ve been living under a rock recently you’ll already be aware that there have been a large number of data breaches recently and that some of the higher profile among them have been aimed at retailers, including Target and Home Depot.

Now, according to a new report from Imperva Inc, retail is the number one target for the bad guys as the company urges extra vigilance among companies in that sector.


The findings, which indicate that 48% of all web application attack campaigns target retail applications, come from the recent Imperva Web Application Attack Report #5 (WAAR) which is produced by the company’s Application Defense Center (ADC) research team. The ADC analysed a subset of 99 applications protected by the Imperva SecureSphere Web Application Firewall (WAF) over a period of nine months, from August 1, 2013 to April 30, 2014. The study found that retailers are the most heavily targeted by cybercriminals, and that 40% of all SQL injection attacks and 64% of all malicious HTTP traffic campaigns target retail web sites.

Commenting on the findings from the study, Amichai Shulman, Chief Technology Officer at Imperva, said:

“Our study shows that retail sites are a big target for hackers. This is largely due to the data that retail websites store – customer names, addresses, credit card details, which cybercriminals can use and sell in the cybercrime underworld. Over the last year we have seen a number of retailers suffer data breaches and I expect this will continue. Our previous Web Application Attack Report #4, published in July 2013, also revealed that retail applications were the most heavily targeted by cybercriminals. The study showed that retail sites suffered twice as many SQL injection attacks in comparison to other industry sectors. Given that the study findings have not improved for retailers over the last year I would say this threat is not showing any signs of diminishing.”

Other findings from the study revealed that websites containing consumer information, which require some form of log-in credentials, suffer up to 59% of the attacks. This shows very clearly exactly what kind of information most motivates cybercriminals. Consumer information such as personal details and credit cards are a valuable and tradable black market piece of information.

Shulman added that:

“Retailers must take the threat of cyber attack very seriously. Over the last year we have seen some very well known, and seemingly secure, retail websites hit by devastating cyber attacks and these should act as a warning to others in the industry. Cybercriminals look at retailers as a very profitable target and they are attacking these websites relentlessly looking for a way in. Information that a hacker is able to extract from the site will very likely make its way onto sites that sell breached data. It is a big business. Retailers should be locking down their data centres and databases, ensuring all data is encrypted and that there are strong barriers in place to help keep out intruders.”

Traces of Regin malware may date back to 2006

Malware that Symantec says was probably developed by a nation state may have been used for as long as eight years, a length of time that underscores the challenges the security industry faces in detecting advanced spying tools.

On Sunday, the computer security company published a 22-page report and blog post on the Regin malware, which it described as a powerful cyberespionage platform that can be customized depending on what type of data is sought.

To read this article in full or to leave a comment, please click here

How hackers are exploiting vulnerable DVRs to conduct illegal activities

Security experts discovered a new malware that targets DVR and other Internet of Things devices recruiting them for different illegal activities.

DVR, abbreviation for Digital Video Recorders systems, from Hikvision firm are affected by vulnerabilities that allow an attacker to hack them remotely.

Digital Video Recorders are systems used to record surveillance footage of office buildings and surrounding areas in digital format on several mass storage devices.

A hacked DVR could by be abused by threat actors to manipulate the images recorded by the device, for example, deleting them from the support, as an entry point in the network that hosts the equipment or to run a DDoS attack.

Hacking a DVR could allow an attacker to target PoS systems located on the same network and any other vulnerable machines. A hacked DVR could be recruited as part of a botnet and be used for various illegal activities, such as running DDoS attacks or Brute-force attacks or to mine Bitcoins.

Security researcher Johannes Ullrich, an instructor at the SANS Technology Institute, first reported that malicious software was infecting the Hikvision DVRs trying to propagate itself to other machines on the network. The malicious code was also able to mine Bitcoins abusing of the computational resources of the digital equipment.

Despite this kind of malware is compiled for bot Windows and Linus OSs, the malicious code discovered by the researcher “was actually complied for the ARM processor that’s running these devices so they kind of knew what they were into.”

Ullrich also discovered other infections related to the same malware that compromised other devices like routers. The fact the the attacker compiled the code for ARM architecture demonstrate the great attention of cybercrime in the exploitation of resources of Internet of Things devices.

DVR surveilance

Security experts at Rapid7 discovered that nearly 150,000 of Hikvision DVRs devices exposed on the Internet could be accessed remotely due to the exploitation of a still unpatched devices.

“This is especially troubling given that a similar vulnerability (CVE-2013-4977) was reported last year, and the product still appears unpatched out of the box today,” reports Rapid7.

A blog post published by Rapid7 firm explains the impact of the vulnerabilities affecting several devices in the wild..

“Rapid7 Labs has found multiple vulnerabilities in Hikvision DVR (Digital Video Recorder) devices such as the DS-7204 and other models in the same product series that allow a remote attacker to gain full control of the device. ” states the post.

“[Hikvision] DS-7204 and other models in the same product series that allow a remote attacker to gain full control of the device. More specifically, three typical buffer overflow vulnerabilities were discovered in Hikvision’s RTSP request handling code: CVE-2014-4878, CVE-2014-4879 and CVE-2014-4880. This blog post serves as disclosure of the technical details for those vulnerabilities. In addition, a remote code execution through a Metasploit exploit module has been published.”

A Metasploit module is available to hack into unpatched DVRs exploiting the flaws.

Rapid7 attempted to report the flaw to Hikvision several times since September, but the company never replied to the security experts, which decided to publicly disclose the vulnerability.

Pierluigi Paganini

(Security Affairs –  DVR, Internet of Things)

The post How hackers are exploiting vulnerable DVRs to conduct illegal activities appeared first on Security Affairs.

Fixing Ghost Touch In The OnePlus One

The OnePlus One is the flagship phone killer for 2014, available only by invite, and thus extremely cool. So far it’s a limited production run and there will, of course, be problems with the first few thousand units. When [vantt1] got his One, he noticed a few issues with the touch screen. Some touches wouldn’t be registered, typing was unpredictable, and generally, the touchscreen was unusable. [vantt] had seen this before, though, so with a complete teardown and a quick fix he was able to turn this phone into something great.

[vantt] realized the symptoms of a crappy touchscreen were extremely similar to an iPad mini that had recently had its digitizer replace. From the Foxconn plant, the digitizer in the iPad mini is well insulated from the aluminium enclosure. When the screen and digitizer are replaced, the cable connecting it to the rest of the iPad can come in contact with the case. This leads to the same symptoms – missed touches, and unpredictable typing.

Figuring the same cure will fix the same symptoms, [vantt] tore apart his OnePlus One and carefully taped off the digitizer flex cable. Reassembling the phone, everything worked beautifully, and without any extra screws in the reassembly process. You can’t do better than that.

Filed under: repair hacks

Symantec identifies sophisticated, stealthy ‘Regin’ malware

Symantec researchers have identified a particularly sophisticated piece of malware, called "Regin" that was likely developed by a nation state and has been used to spy on governments, infrastructure operators, businesses, researchers and individuals since at least 2008.

"Regin displays a degree of technical competence rarely seen," Symantec said in a statement Sunday, released along with a technical white paper about the malware. Indications are that Regin "is one of the main cyberespionage tools used by a nation state."

To read this article in full or to leave a comment, please click here

Parted Beard

This picture is from 1912, and it shows a rather unusual style of beard. It is as if the man is parting the beard into left and right sections. Overall, a fairly well dressed man.

FUD: E-Cig chargers said to be delivering malware

There was a headline in The Guardian on Friday, related to two topics that interest me personally: malware and vaping.

What's the headline?

"Health Warning: Now e-cigarettes can give you malware"

The story is sensationalist, promoting FUD to a growing segment of the population already inundated by false claims and facts, so it needs to be debunked.

The Guardian's story is sourced entirely from a post from Reddit, where a user discussing IT support said their boss' computer was infected with malware after plugging an E-Cig charger into it. The post is here, but the story is copied below.

To read this article in full or to leave a comment, please click here

Webcam snooper now looking for a job

The developer of a widely vilified website that aggregated feeds from unsecured webcams is apparently looking for work as a remote programmer.

Insecam, which was criticized last week by the U.K.'s data protection regulator, no longer features webcam feeds but has the message: "Programmer is looking for a good remote job. Skills: Linux, FreeBSD, C/C++, Python, MySQL."

The attention drawn to Insecam is likely still driving traffic to the website, but probably not from employers eager to hire its creator. Insecam contended that it did not hack the webcams but that the devices had default credentials.

In some countries, using default credentials to access a device would still be considered illegal.

To read this article in full or to leave a comment, please click here

NASA Releases Amazing Images of Biggest Sunspot in 24 Years

Image Credit: Solar Dynamics Observatory/AIA, NASA

Image Credit: Solar Dynamics Observatory/AIA, NASA

Several weeks ago our Sun gave us quite a show. Solar active region AR2192 was the largest recorded sunspot group that we’d witnessed over the course of the last 24 years. It showed itself on the surface of our Sun for a brief time, before rotating off the Earth-facing side of the Sun at the end of October.

This region rotated into view on Oct. 18, 2014, and while it faced us, it produced an amazing six energetic X-class flares (the most extreme form of solar flare). All in all, it fired off 10 sizable solar flares as it traversed across the face of the sun. Unfortunately, it didn’t send off any Coronal Mass Ejections (CMEs), which is a little unfortunate, as they are beautiful stellar events.

Its most intense flare was captured on October 24; you can see it in this stunning image (above), which comes to you from the orbiting Solar Dynamics Observatory (SDO).

The image that you see here, unsurprisingly, is a color combination of images made at three different wavelengths of extreme ultraviolet light. NASA notes what the colors indicate: “193 angstroms are shown in blue, 171 angstroms in white, and 304 angstroms in red.” But what about all of those lines shooting out of the image? These are emissions from highly ionized Iron and Helium atoms, which trace the magnetic field lines that loop through the plasma found on the Sun’s outer chromosphere and corona.

See some more amazing images of this event in the photo below:

Image credit: NASA

Image credit: NASA

The post NASA Releases Amazing Images of Biggest Sunspot in 24 Years appeared first on From Quarks to Quasars.

Custom Filaments With A Filastruder

A while ago, when 3D printing was the new hotness, a few people looked around and said, ‘our printers are open source, why can’t we just build the machines that make our 3D printing filament?’ There was a $40,000 prize for the first person to build an open source filament extruder, resulting in a few filament fabrication machines being released into the wild. [Rupin] over in the Mumbi hackerspace has one of these filament extruders – a Filastruder - and decided to take a look at what it could do.

The experimentations began with a few kilograms of ABS pellets he found at the market, with bags of red, blue, green, and white masterbatch pellets showing up at the Hackerspace. Experimenting with these pellets, [Rupin] was able to create some very nice looking filament that printed well and changed color over the course of a print.

There were a limitations of the process, though: the filastruder has a long melt zone, so colors will invariably mix. If you’re thinking about doing a red to blue transition with filament created on a Filastruder, you’ll end up with a filament with a little bit of red, a little bit of blue, and a lot of a weird purple color. The time to create this filament is also incredibly long; over the course of two days, [Rupin] was able to make about half a kilo of filament.

Still, the results look fantastic, and now that [Rupin] has a source for masterbatch and ABS pellets, he’s able to have a steady supply of custom color filament at the hackerspace.

Filed under: 3d Printer hacks

Regin – Highly advanced spying tool discovered by Symantec

Symantec has uncovered the backdoor Regin, a highly advanced spying tool used in cyber espionage campaigns against governments and infrastructure operators.

Backdoor Regin, is the name assigned by the experts at Symantec to an advanced spying tool that has been used in cyber espionage campaigns against governments, infrastructure operators, private companies, researchers, and private individuals.

Regin appears as an high sophisticated malicious code, experts revealed that it has a degree of technical competence rarely seen, it has some resemblance with other  state-sponsored malware like Flame,Duqu and the popular Stuxnet. Also in this case Regin has a modular structure that make the malware a very flexible agent that could be used by operators to tailor campaign to individual targets, the effort necessary for its development appears significant, the experts speculates that it required months or years to be completed.

The circumstance led researchers to believe that Backdoor Regin was developed by a nation-state to spy on a wide range of international targets across several industries.

The evasion technique that allowed Regin backdoor to go undetected for years exploits a multi-staged process and each stage is hidden and encrypted. Regin is organized into five stages, each of which is encrypted except for the first one that implements the initial loader. Executing the first stage triggers a domino chain in which at each step the stage is decrypted and executed, and that in turn decrypts the successive stage, and so on.

As outlined in a new technical whitepaper from Symantec, Backdoor.Regin is a multi-staged threat and each stage is hidden and encrypted, with the exception of the first stage.  Executing the first stage starts a domino chain of decryption and loading of each subsequent stage for a total of five stages.  Each individual stage provides little information on the complete package. Only by acquiring all five stages is it possible to analyze and understand the threat.” states the blog post from Symantec.

Regin Backdoor 5 stages Symantec 2

Regin Backdoor 5 stages Symantec

The experts have identified dozens of different payloads that are used to spy on the infected machine, the principal functions implemented by the authors of Regin include code for stealing passwords, monitoring network traffic, capturing screenshots, seizing control of the target’s mouse and recovering deleted files.

Some payloads appear to be tailored to specific targets, for example, one module was designed to sniff the traffic of mobile telephone base station controllers and another to monitoring the traffic of a Microsoft IIS server.

The disconcerting aspect of the story relates to the dating of the Backdoor Regin, Symantec experts believe it was a framework that threat actors used in multiple campaigns that date back to 2008 or several years earlier. Regin is known to have been active until 2011. The name Regin was assigned by Microsoft to the underlying trojan, the malware resurfaced in 2013 when the researchers at Symantec identified it.

“Essentially, what we think we’re looking at is different campaigns where in one infection they needed to sniff your keyboard whereas in another infection they wanted grab the user name and password of the admin connected to a base station controller,” Liam O’Murchu, manager of operations for Symantec Security Response, reported to Ars.

Analyzing the distribution of targeted industries it is possible to note that Regin was used to compromise Telecom Backbon in 28 percent of the attacks, the experts believe that the operators managing the cyber espionage campaign were interested to spy on specific customers of the targeted companies.


Regin Backdoor targets

The infections of Backdoor Regin detected by Symantec are also geographically diverse, attacks were observed in mainly in ten different countries, Russian Federation (28%), Saudi Arabia (24%), Ireland (9%) and Mexico (9%) lead the list.

The investigation is still ongoing, researchers at Symantec are aware of only about 100 infections, but a so powerful platform was surely used in a larger number of targeted attacks still uncovered. The researchers haven’t yet identified the command and control servers the attackers used, the knowledge of the control infrastructure provides to the experts a huge quantity of data that could support further analysis.

“Symantec believes that many components of Regin remain undiscovered and additional functionality and versions may exist.  Additional analysis continues and Symantec will post any updates on future discoveries” states the post.

Stay tuned for further information.

Pierluigi Paganini

(Security Affairs –  Backdoor Regin, cyber espionage)

The post Regin – Highly advanced spying tool discovered by Symantec appeared first on Security Affairs.