New SMB Worm Uses Seven NSA Hacking Tools. WannaCry Used Just Two

An anonymous reader writes: Researchers have detected a new worm that is spreading via SMB, but unlike the worm component of the WannaCry ransomware, this one is using seven NSA tools instead of two. Named EternalRocks, the worm seems to be in a phase where it is infecting victims and building its botnet, but not delivering any malware payload. EternalRocks is far more complex than WannaCry’s SMB worm. For starters, it uses a delayed installation process that waits 24 hours before completing the install, as a way to evade sandbox environments. Further, the worm also uses the exact same filenames as WannaCry in an attempt to fool researchers of its true origin, a reason why the worm has evaded researchers almost all week, despite the attention WannaCry payloads have received. Last but not least, the worm does not have a killswitch domain, which means the worm can’t be stopped unless its author desires so. Because of the way it was designed, it is trivial for the worm’s owner to deliver any type of malware to any of the infected computers. Unfortunately, because of the way he used the DOUBLEPULSAR implant, one of the seven NSA hacking tools, other attackers can hijack its botnet and deliver their own malware as well. IOCs are available in a GitHub repo. Ars Technica quotes security researchers who say “there are at least three different groups that have been leveraging the NSA exploit to infect enterprise networks since late April… These attacks demonstrate that many endpoints may still be compromised despite having installed the latest security patch.”

Read more of this story at Slashdot.


Slashdot

‘We’re in impeachment territory’: David Gergen, former presidential adviser, on Comey’s Trump memo

‘We’re in impeachment territory’: David Gergen, former presidential adviser, on Comey’s Trump memo“After watching the Clinton impeachment, I thought I would never see another one,” David Gergen said on CNN.



Yahoo News – Latest News & Headlines

Can You Copyright a Joke?

Reader AnalogDiehard writes: Writer Alex Kaseburg has filed a lawsuit against TBS and Time Warner alleging that jokes recited on the Conan O’Brien show were stolen from his blog shortly after they were published. The case gets heard in August and could create new protections in a legal forum in which there is little precedent or clear definition in what defines a joke as “original” and subject to legal protection, especially in an industry where theft of humor occurs on a regular basis. But the outcome of any judicial decision opens a big can of worms and raises serious questions: Will YouTube videos get shut down from DMCA notices citing copyrighted jokes? Will compliance staff have to be retained to ensure that their magazine or news article, TV show, movie, or broadway act is not infringing on copyrighted jokes? Will copyrights on jokes get near-perpetual protection like the controversial Sonny Bono Copyright Extension Act? Will people be able to recite limericks without fear of infringing? Will tyrannical politicians copyright critical jokes to oppress freedom of speech? Will legal cases be filed arguing that a comedian’s joke(s) bears too much similarity to a copyrighted joke recited decades ago? Will girl scouts be free to tell copyright jokes around the campfire?

Read more of this story at Slashdot.


Slashdot

Woodward and Bernstein say Comey firing is different than Watergate

Woodward and Bernstein say Comey firing is different than WatergateBut the famed former Washington Post investigative reporters whose Pulitzer Prize-winning work ultimately led to the resignation of President Richard Nixon differ on their reasons.



Yahoo News – Latest News & Headlines

Microsoft Wants To Monitor Your Workplace With AI, Computer Vision and the Cloud

“If you’re an employee under the heel of a giant corporation you should probably be terrified by the vision of the future of connected gadgets that Microsoft just revealed at its Build developer conference here in Seattle,” warns Gizmodo. Slashdot reader dryriver writes:
Gizmodo reports on a Microsoft Workplace Monitoring demo where CCTV cameras watch a workplace — like a construction site — on 24/7 basis, and AI algorithms constantly oversee and evaluate what is happening in that workplace. The system can track where employees are, where physical equipment and tools are at what time, who does what at what time in this workplace and apparently use Cloud-based AI of some sort to evaluate what is happening in the workplace being monitored. Spotting employees misbehaving, breaking workplace rules or putting themselves and expensive equipment at risk may be the intended “value proposition” this system brings to the workplace. Another aspect may be reducing insurance premiums employers pay by creating a strict, highly monitored work environment. But the system is also very Big Brother — an AI is monitoring people and equipment in a workplace in realtime at all times, and all the data ends up being processed in the Microsoft Cloud. Gizmodo gave their article the title, “Microsoft’s Latest Workplace Tech Demos Creep Me Out.”

Read more of this story at Slashdot.


Slashdot