Security

The Petya Ransomware Is Starting To Look Like a Cyberattack in Disguise (theverge.com) 80

Further research and investigation into Petya ransomware -- which has affected computers in over 60 countries -- suggest three interesting things: 1. Ukraine was the epicentre of the attack. According to Kaspersky, 60 percent of all machines infected were located within Ukraine. 2. The attackers behind the attack have made little money -- around $10,000. Which leads to speculation that perhaps money wasn't a motive at all. 3. Petya was either "incredibly buggy, or irreversibly destructive on purpose." An anonymous reader shares a report: Because the virus has proven unusually destructive in Ukraine, a number of researchers have come to suspect more sinister motives at work. Peeling apart the program's decryption failure in a post today, Comae's Matthieu Suiche concluded a nation state attack was the only plausible explanation. "Pretending to be a ransomware while being in fact a nation state attack," Suiche wrote, "is in our opinion a very subtle way from the attacker to control the narrative of the attack." Another prominent infosec figure put it more bluntly: "There's no fucking way this was criminals." There's already mounting evidence that Petya's focus on Ukraine was deliberate. The Petya virus is very good at moving within networks, but initial attacks were limited to just a few specific infections, all of which seem to have been targeted at Ukraine. The highest-profile one was a Ukrainian accounting program called MeDoc, which sent out a suspicious software update Tuesday morning that many researchers blame for the initial Petya infections. Attackers also planted malware on the homepage of a prominent Ukraine-based news outlet, according to one researcher at Kaspersky.
Businesses

Seattle's $15 Minimum Wage May Be Hurting Workers, Report Finds (usatoday.com) 268

As companies look for ways to cut costs, Seattle's $15 minimum wage law may be hurting hourly workers instead of helping them, according to a new report. From a USA Today article: A report (PDF) from the University of Washington (UW), found that when wages increased to $13 in 2016, some companies may have responded by cutting low-wage workers' hours. The study, which was funded in part by the city of Seattle, found that workers clocked 9 percent fewer hours on average, and earned $125 less each month after the most recent increase. "If you're a low-skilled worker with one of those jobs, $125 a month is a sizable amount of money," Mark Long, a UW public-policy professor and an author of the report told the Seattle Times. "It can be the difference between being able to pay your rent and not being able to pay your rent."
Businesses

More Than 40 ISPs Across the Country Tell Chairman Pai to Not Repeal Network Neutrality (eff.org) 53

An anonymous reader shares a report: One excuse FCC Chairman Ajit Pai regularly offers to explain his effort to gut net neutrality protections is the claim that open Internet rules have harmed ISPs, especially small ones. During a speech earlier this year, he stressed that 22 small ISPs told him that the 2015 Open Internet Order hurt their ability to invest and deploy. In reality, though, many more ISPs feel very differently. Today, more than 40 ISPs told the FCC that they have had no problem with the Open Internet Order (PDF) and that it hasn't hurt their ability to develop and expand their networks. What is more, that they want the FCC to do its job and address the problem Congress created when it repealed the broadband privacy rules in March.
Businesses

A New Kind of Tech Job Emphasizes Skills, Not a College Degree (nytimes.com) 166

Steve Lohr, writing for the New York Times: A few years ago, Sean Bridges lived with his mother, Linda, in Wiley Ford, W.Va. Their only income was her monthly Social Security disability check. He applied for work at Walmart and Burger King, but they were not hiring. Yet while Mr. Bridges had no work history, he had certain skills. He had built and sold some stripped-down personal computers, and he had studied information technology at a community college. When Mr. Bridges heard IBM was hiring at a nearby operations center in 2013, he applied and demonstrated those skills. Now Mr. Bridges, 25, is a computer security analyst, making $45,000 a year. In a struggling Appalachian economy, that is enough to provide him with his own apartment, a car, spending money -- and career ambitions. "I got one big break," he said. "That's what I needed." Mr. Bridges represents a new but promising category in the American labor market: people working in so-called new-collar or middle-skill jobs. As the United States struggles with how to match good jobs to the two-thirds of adults who do not have a four-year college degree, his experience shows how a worker's skills can be emphasized over traditional hiring filters like college degrees, work history and personal references. [...] On Wednesday, the approach received a strong corporate endorsement from Microsoft, which announced a grant of more than $25 million to help Skillful, a program to foster skills-oriented hiring, training and education. The initiative, led by the Markle Foundation, began last year in Colorado, and Microsoft's grant will be used to expand it there and move it into other states. "We need new approaches, or we're going to leave more and more people behind in our economy," said Brad Smith, president of Microsoft.
Businesses

Toshiba Sues Western Digital For $1 Billion in Damages (bloomberg.com) 18

Toshiba has raised the stakes in an embittered legal row with its joint venture partner, suing Western Digital for a $1bn in damages and hoping Japanese courts will quash the US firm's interference in the sale of its memory chip business. From a report: The litigation, filed Wednesday in Tokyo District Court, seeks to stop Western Digital from making ownership claims over the enterprise that Toshiba is trying to sell. The Japanese company said in a statement that Western Digital's employees improperly obtained proprietary information. The relationship between Toshiba and Western Digital has gotten more acrimonious, as Toshiba moves toward a sale of the flash-memory division. Last month, Western Digital invoked an arbitration clause in their business agreement, seeking to block Toshiba's transfer of ownership of the unit to a separate legal entity in preparation for a sale. Toshiba, which has since reversed that transfer, then had its lawyers send a letter demanding that the U.S. company stop its "harassment" as Toshiba tries to sell the business.
Businesses

President Trump Attacks Amazon, Incorrectly Claiming That It Owns The Washington Post For Tax Purposes (recode.net) 345

The Washington Post, which has been critical of Donald Trump and his administration in its coverage, has become the latest victim in Trump's Twitter tirade. On Wednesday, he accused Amazon of not "paying internet taxes (which they should)," adding that the company is using The Washington Post "in a scheme to dodge" the taxes. Quick fact check: Amazon doesn't own The Washington Post, Jeff Bezos -- in his personal capacity -- does. At any rate, Trump's furious tweets come a day after The Washington Post reported that a fake issue of Time magazine with Trump on the cover was hanging in some of the president's golf clubs. The timing of this is also awkward because just last week the president met with Bezos and other top executives to discuss ways the White House can modernize government and aid the tech industry. But the two have a long history. As Recode reminds: Meanwhile, Amazon is about to embark on what could be a lengthy government antitrust review of its bid to buy Whole Foods. Already looming large over the roughly $14 billion deal are the president's own comments: He has previously attacked Bezos and claimed the Post is a tax-dodging scheme for Amazon. "He thinks I'll go after him for antitrust," Trump said at one point during his campaign. "Because he's got a huge antitrust problem, because he's controlling so much, Amazon is controlling so much of what they are doing." Months later, Trump charged: "Believe me, if I become president, oh, do they have problems, they are going to have such problems." Meanwhile, Bezos isn't one to shy about his anti-Trump views either. At one point during the election, Bezos tweeted that he'd save a seat for Trump on his Blue Origin spacecraft, with the hashtag "sendDonaldtospace."
Yahoo!

Former Yahoo CEO Marissa Mayer Defends Former Uber CEO Travis Kalanick (sfchronicle.com) 70

An anonymous reader writes: Former Uber CEO Travis Kalanick has absorbed blistering criticism for the way he handled allegations of sexual misconduct at the San Francisco riding-hailing service. But he can at least count on the support of one big name in Silicon Valley: former Yahoo CEO Marissa Mayer. Speaking at the annual Stanford Directors' College Tuesday, Mayer defended Kalanick, suggesting that he was unaware of the toxic culture brewing at Uber because of the company's rapid growth. Mayer's name has come up in reports as a possible replacement for Kalanick at Uber, though there's no indication the company has had talks with her. "Scale is incredibly tricky," Mayer said. "I count Travis as one of my friends. I think he's a phenomenal leader; Uber is ridiculously interesting. I just don't think he knew," she said. "When your company scales that quickly, it's hard." Mayer then compared Uber's situation to the early days of Google when it first brought in Eric Schmidt as CEO to help co-founders Sergey Brin and Larry Page manage the company.
Security

Contractors Lose Jobs After Hacking CIA's In-House Vending Machines (techrepublic.com) 178

An anonymous reader quotes a report from TechRepublic: Today's vending machines are likely to be bolted to the floor or each other and are much more sophisticated -- possibly containing machine intelligence, and belonging to the Internet of Things (IoT). Hacking this kind of vending machine obviously requires a more refined approach. The type security professionals working for the U.S. Central Intelligence Agency (CIA) might conjure up, according to journalists Jason Leopold and David Mack, who first broke the story A Bunch Of CIA Contractors Got Fired For Stealing Snacks From Vending Machines. In their BuzzFeed post, the two writers state, "Several CIA contractors were kicked out of the Agency for stealing more than $3,000 in snacks from vending machines according to official documents... ." This October 2013 declassified Office of Inspector General (OIG) report is one of the documents referred to by Leopold and Mack. The reporters write that getting the records required initiating a Freedom Of Information Act lawsuit two years ago, adding that the redacted files were only recently released. The OIG report states Agency employees use an electronic payment system, developed by FreedomPay, to purchase food, beverages, and goods from the vending machines. The payment system relies on the Agency Internet Network to communicate between vending machines and the FreedomPay controlling server. The OIG report adds the party hacking the electronic payment system discovered that severing communications to the FreedomPay server by disconnecting the vending machine's network cable allows purchases to be made using unfunded FreedomPay cards.
Security

Petya Ransomware Outbreak Originated In Ukraine Via Tainted Accounting Software (bleepingcomputer.com) 21

An anonymous reader quotes a report from Bleeping Computer: Today's massive ransomware outbreak was caused by a malicious software update for M.E.Doc, a popular accounting software used by Ukrainian companies. According to several researchers, such as Cisco Talos, ESET, MalwareHunter, Kaspersky Lab, and others, an unknown attacker was able to compromise the software update mechanism for M.E.Doc's servers, and deliver a malicious update to customers. When the update reached M.E.Doc's customers, the tainted software packaged delivered the Petya ransomware -- also referenced online as NotPetya, or Petna. The Ukrainian software vendor appears to have inadvertently confirmed that something was wrong when, this morning, issued a security advisory. Hours later, as the ransomware outbreak spread all over Ukraine and other countries across the globe causing huge damages, M.E.Doc denied on Facebook its servers ever served any malware. According to security researcher MalwareHunter, this is not the first time M.E.Doc has carried a malicious software update that delivered ransomware. Back in May, the company's software update mechanism also helped spread the XData ransomware.
Graphics

NVIDIA To Launch Graphics Cards Specifically Designed For Digital Currency Mining (cnbc.com) 102

Digital currency mining is in high demand, causing GPU prices to skyrocket. Nvidia is planning to capitalize on this trend by releasing graphics cards specifically designed for cryptocurrency. From a product listing on ASUS' website: "ASUS Mining P106 is designed for coin mining with high-efficiency components -- delivering maximum hash-rate production at minimum cost. ASUS Mining P106 enhances the megahash rate by up to 36% compared cards in the same segment that are not tailored for mining. The new card is also engineered to be seriously durable, enabling 24/7 operation for uninterrupted coin production." The ASUS Mining P106 uses an Nvidia chip, according to the specifications page on the website. CNBC reports: Nvidia, AMD and ASUS have not officially announced the digital currency mining cards, according to their website press pages. It is not certain when the cards will be available for sale. Nvidia is likely making the cards designed for this use so that the surging digital currency demand doesn't affect its ability to serve the lucrative PC gaming market.
Businesses

The App Economy Will Be Worth $6 Trillion in Five Years (recode.net) 90

An anonymous reader shares a report: In five years, the app economy will be worth $6.3 trillion, up from $1.3 trillion last year, according to a report released today by app measurement company App Annie. What explains the growth? More people are spending more time and -- crucially -- more money in apps. While on average people aren't downloading many more apps, App Annie expects global app usership to nearly double to 6.3 billion people in the next five years while the time spent in apps will more than double. And, it expects the average app spend -- including app-store purchases, advertising spend and, most importantly, commerce -- to increase from $379 per person to $1,008 in 2021. The 800-pound -- or $6 trillion -- gorilla in the room is mobile commerce.
Security

Heritage Valley Health System Target Of Cyber Attack (cbslocal.com) 24

The Heritage Valley Health System says it has been hit with a cyber attack. From a report: A spokeswoman confirmed the attack Tuesday morning. "Heritage Valley Health System has been affected by a cyber security incident. The incident is widespread and is affecting the entire health system including satellite and community locations. We have implemented downtime procedures and made operational adjustments to ensure safe patient care continues un-impeded." Heritage Valley is a $480 million network that provides care for residents of Allegheny, Beaver, Butler and Lawrence counties, in Pennsylvania; parts of eastern Ohio; and the panhandle of West Virginia. Also read: Ukrainian Banks, Electricity Firm Hit by Fresh Cyber Attack; Reports Claim the Ransomware Is Quickly Spreading Across the World.
Businesses

Short of IT Workers At Home, Israeli Startups Recruit Elsewhere (reuters.com) 132

New submitter Alex Wilson shares a Reuters report: Driven by startups, Israel's technology industry is the fastest growing part of the economy. It accounts for 14 percent of economic output and 50 percent of exports. But a shortage of workers means its position at the cutting edge of global technology is at risk, with consequences for the economy and employment. When Alexey Chalimov founded software design firm Eastern Peak in Israel four years ago he knew he would not find the developers he needed at home. He went to Ukraine and hired 120 people to develop mobile apps and web platforms for international clients and smaller Israeli startups. "I worked for years in the Israeli market and I knew what the costs were in Israel and I knew there was a shortage of workers," he told Reuters.

The government's Innovation Authority forecasts a shortage of 10,000 engineers and programmers over the next decade in a market that employs 140,000. Israel has dropped six spots in three years to 17th in the World Economic Forum's ranking of the ease of finding skilled technology employees. In the meantime, many Israeli startups are looking abroad.

Security

Ukrainian Banks, Electricity Firm Hit by Fresh Cyber Attack; Reports Claim the Ransomware Is Quickly Spreading Across the World (vice.com) 106

A massive cyber attack has disrupted businesses and services in Ukraine on Tuesday, bringing down the government's website and sparking officials to warn that airline flights to and from the country's capital city Kiev could face delays. Motherboard reports that the ransomware is quickly spreading across the world. From a report: A number of Ukrainian banks and companies, including the state power distributor, were hit by a cyber attack on Tuesday that disrupted some operations (a non-paywalled source), the Ukrainian central bank said. The latest disruptions follow a spate of hacking attempts on state websites in late-2016 and repeated attacks on Ukraine's power grid that prompted security chiefs to call for improved cyber defences. The central bank said an "unknown virus" was to blame for the latest attacks, but did not give further details or say which banks and firms had been affected. "As a result of these cyber attacks these banks are having difficulties with client services and carrying out banking operations," the central bank said in a statement. BBC reports that Ukraine's aircraft manufacturer Antonov, two postal services, Russian oil producer Rosneft and Danish shipping company Maersk are also facing "disruption, including its offices in the UK and Ireland."

According to local media reports, the "unknown virus" cited above is a ransomware strain known as Petya.A. Here's how Petya encrypts files on a system (video). News outlet Motherboard reports that Petya has hit targets in Spain, France, Ukraine, Russia, and other countries as well. From the report: "We are seeing several thousands of infection attempts at the moment, comparable in size to Wannacry's first hours," Costin Raiu, a security researcher at Kaspersky Lab, told Motherboard in an online chat. Judging by photos posted to Twitter and images provided by sources, many of the alleged attacks involved a piece of ransomware that displays red text on a black background, and demands $300 worth of bitcoin. "If you see this text, then your files are no longer accessible, because they are encrypted," the text reads, according to one of the photos. "Perhaps you are busy looking for a way to recover your files, but don't waste your time. Nobody can recover your files without our decryption service."
The Almighty Buck

Fake Online Stores Reveal Gamblers' Shadow Banking System (reuters.com) 63

randomErr shares an exclusive report from Reuters: A network of dummy online stores offering household goods has been used as a front for internet gambling payments. The seven sites in Europe to sell items including fabric, DVD cases, and maps are fake outlets. The faux store fronts are a multinational system to disguise payments for the $40 billion global online gambling industry. Online gambling is illegal in many countries and some U.S. states. The dummy sites underline a strategy which regulators, card issuers and banks have yet to tackle head-on. The scheme found by Reuters involved websites which accepted payments for household items from a reporter but did not deliver any products. Instead, staff who answered helpdesk numbers on the sites said the outlets did not sell the product advertised, but that they were used to help process gambling payments, mostly for Americans.
Education

The Mere Presence of Your Smartphone Reduces Brain Power, Study Shows (utexas.edu) 142

An anonymous reader shares a study: Your cognitive capacity is significantly reduced when your smartphone is within reach -- even if it's off. That's the takeaway finding from a new study from the McCombs School of Business at The University of Texas at Austin. McCombs Assistant Professor Adrian Ward and co-authors conducted experiments with nearly 800 smartphone users in an attempt to measure, for the first time, how well people can complete tasks when they have their smartphones nearby even when they're not using them. In one experiment, the researchers asked study participants to sit at a computer and take a series of tests that required full concentration in order to score well. The tests were geared to measure participants' available cognitive capacity -- that is, the brain's ability to hold and process data at any given time. Before beginning, participants were randomly instructed to place their smartphones either on the desk face down, in their pocket or personal bag, or in another room. All participants were instructed to turn their phones to silent. The researchers found that participants with their phones in another room significantly outperformed those with their phones on the desk, and they also slightly outperformed those participants who had kept their phones in a pocket or bag.
The Almighty Buck

Who Americans Spend Their Time With (theatlas.com) 113

Data scientist Henrik Lindberg has a series of fascinating charts based on data from the US Bureau of Labor Statistics that show who people in the United States spend their time with over the course of their lifetime. Check out the charts here. From a report on Quartz: Some of the relationships Lindberg found are intuitive. Time with friends drops off abruptly in the mid-30s, just as time spent with children peaks. Around the age of 60 -- nearing and then entering retirement, for many -- people stop hanging out with co-workers as much, and start spending more time with partners. Others are more surprising. Hours spent in the company of children, friends, and extended family members all plateau by our mid-50s. And from the age of 40 until death, we spend an ever-increasing amount of time alone. Those findings are consistent with research showing that the number of friends we have peaks around age 25, and plateaus between the ages of 45 and 55. Simply having fewer social connections doesn't necessarily equal loneliness. The Stanford University psychologist Linda Carstensen has found that emotional regulation improves with age, so that people derive more satisfaction from the relationships they have, whatever the number. Older people also report less stress and more happiness than younger people.
Businesses

The High-Tech Jobs That Created India's Gilded Generation Are Disappearing (washingtonpost.com) 163

An anonymous reader shares a report: Information technology services account for 9.5 percent of the India's gross domestic product, according to the India Brand Equity Foundation (IBEF), but now, after decades of boom, the future of the industry seems precarious. Since May, workers' groups have reported unusually numerous layoffs. The Forum for IT Employees (FITE) estimates that 60,000 workers have lost their jobs in the past few months (syndicated source). "Employees are being rated as poor performers so companies can get rid of them," said FITE's Chennai coordinator, Vinod A.J. IT companies and some government officials say the numbers have been exaggerated, but industry experts say the country's digital wunderkinds have much to fear. "For the first time, companies are touching middle management," said Kris Lakshmikanth, chief of a recruitment firm called Head Hunters India. Bias against Indians abroad is also compounding workers' fears of layoffs and downsizing at home. President Trump has stoked anxiety among Indian techies, who make up the majority of applicants for the H-1B visa program for highly skilled foreign workers. Trump has talked about sharply restricting H-1Bs, and this year the number of applications dropped a staggering 16 percent as companies prepared for Trump's immigration cutbacks. Instead, Indian outsourcing companies such as Infosys started recruiting Americans, bowing to Trump's calls for "America First." On Monday, India's Prime Minister Modi will meet Trump to talk about trade, visas and climate issues.
The Almighty Buck

Ethereum Exchange Reimburses Customer Losses After 'Flash Crash' (gdax.com) 73

An anonymous reader writes: "The price of ethereum crashed as low as 10 cents from around $319 in about a second on the GDAX cryptocurrency exchange on Wednesday," reports CNBC, calling it "a move that is being blamed on a 'multimillion dollar market sell' order... As the price continued to fall, another 800 stop loss orders and margin funding liquidations caused ethereum to trade as low as 10 cents." An executive for the exchange said "Our matching engine operated as intended throughout this event and trading with advanced features like margin always carries inherent risk."

Though some users complained they lost money, the price rebounded to $325 -- and according to a report on one trading site, "one person had an order in for just over 3,800 ethereum if the price fell to 10 cents on the GDAX exchange," reports CNBC. "Theoretically this person would have spent $380 to buy these coins, and when the price shot up above $300 again, the trader would be sitting on over $1 million." Yet the currency exchange announced Friday that they're honoring everyone's gains, while also reimbursing customers who suffered losses. "We view this as an opportunity to demonstrate our long-term commitment to our customers and belief in the future of this industry."

The Almighty Buck

The People GoFundMe Leaves Behind (theoutline.com) 242

citadrianne shares a report from The Outline: President Donald Trump's proposed budget seeks to slash $54 billion from social services including programs like Medicaid and Meals on Wheels. As these resources dry up, crowdfunding websites will further entrench themselves as extra-governmental welfare providers in order to fill the gap. For a lucky few, these sites are a lifeline. For most people, they are worthless. Crowdfunding's fatal flaw is that not every campaign ends up getting the money it needs. A recent study published in the journal Social Science & Medicine found that more than 90 percent of GoFundMe campaigns never meet their goal. For every crowdfunding success story, there are hundreds of failures. "As many happy stories as there are in charitable crowdfunding, there are a lot of really worthy causes when you browse these platforms that nobody has given a cent to," Rob Gleasure, professor at the business school of the National University of Ireland, Cork told The Outline. "People haven't come across them." Feller and Gleasure's report highlighted how fickle crowdfunding can be. Of all the Razoo campaigns started in 2013, they found, more than a third didn't receive any funding at all. According to their report, donors are more likely to give to campaigns that feature lots of pictures and accompanying text.

Slashdot Top Deals