Úvodní stránka » Blogy a osobní weby » Battery for FMVNBP193

Battery for FMVNBP193

During her time in office the State Department had rules that any personal email systems have to be checked out for security, but Clinton didn’t take advantage of this. When two staff members questioned the security of her email system they were told that the server had been reviewed and approved and that they should never to speak of the Secretary’s personal email system again.Security fears were realized on January 9, 2011, when Clinton’s email server came under attack. Her technical support advisor told operations staff someone was trying to hack us and while they did not get in i didnt [sic] want to let them have the chance to. It was attacked again the next day.The third offender was Ambassador Gration between 2011 and 2012, who also used a private email account for official business. He was politely asked to stop doing so, and when he didn’t, disciplinary charges were filed. Gration resigned before these were pursued.The OIG report isn’t good news for Clinton’s presidential campaign, since it contradicts several earlier statements made by the candidate and may have a bearing on whether or not criminal charges are brought. Team Clinton has so far declined to comment. It might be time for the warlocks of the Web and brewers of JavaScript to revisit their ever-burgeoning developer wish-lists and sweep away the rubbish.

Researchers from the University of Illinois have looked at how users and Website designers respond to the feature-list, and their study suggests there’s a whole lot of kruft that nobody – site owners or end users – are using.Or, as El Reg would put it: your browsers and Web servers are bloating with features nobody wants, and contribute nothing but extra lines of code.As they write at Arxiv: “We find, for example, that 50 per cent of the JavaScript provided features in the web browser are never used by the top ten thousand most popular websites,” the paper states.It’ll surprise nobody that at least some of the non-execution of features is down to site ad-blockers and the like, but the end result is: “83 per cent of available features are executed on less than 1 per cent of the most popular 10,000 websites.”A couple of features that the researchers found provide good examples.ALS, “ambient light events”, would let browsers respond to the light level the laptop, phone or desktop is exposed to if anybody used it. Since 14 Websites out of the 10,000 in the study used it, and since it’s blocked by 100 per cent of blocking browser extensions, why not kill it off?The Encoding standard would let JavaScript code read and convert between different text encodings if anyone used it, but it’s even more unloved than ALS. Nobody bothers blocking Encoding, because only one out of the 10,000 Webmasters was doing anything with it.

Iframes fall into a different category: half of the sites use iframes (because who doesn’t love a popup?), but “is prevented from being executed over 77 per cent of the time”.All of this adds to the Web’s security woes as well, as the table below (an extract of a much larger table from the study) shows. The study notes, “unpopular and heavily blocked features have imposed substantial security costs to the browser”.The new class of “tech support lockers” rely on tricking users into installing either a fake PC optimiser or bogus Adobe Flash update. Once loaded the malware mimicks ransomware and locks users out of their computers. Unlike Locky, CryptoWall and their ilk it doesn’t actually encrypt files on compromised Windows PCs, however.Jérôme Segura, a senior security researcher at Malwarebytes, said “tech support lockers represent a class of malware more advanced than browser locks and fake anti-virus alerts of the pre-ransomware past.This is not a fake browser pop up that can easily be terminated by killing the application or restarting the PC,” Segura writes in a blog post. “No, this is essentially a piece of malware that starts automatically, and typical Alt+F4 or Windows key tricks will not get rid of it.

One strain of tech support locker employs a subtle piece of social engineering trickery by waiting until a users restarts their computer before confronting users with a fake Windows update screen. Users are told their computers can’t be restarted normally supposedly because of an “expired license key”. Thereafter a screen locks a user out of their computer in an attempt to trick marks into phoning a support number, staffed by scammers.Victims are told that their problems can be resolved, for a fat fee of $250, Malwarebytes discovered.
The particular strain of malware – spotted and documented by independent White Hat security researcher “TheWack0lian” – marks a evolution in tech support scams, Malwarebytes’ Segura warns.“In comparison to fake (but mostly harmless) browser alerts, these Windows lockers are a real pain to get rid of and until you do so, your computer is completely unusable…. This increased sophistication means that people can not simply rely on common sense or avoid the typical cold calls from ‘Microsoft’. Now they need to also have their machines protected from these attacks because scammers have already started manufacturing malware tailored for what is essentially plain and simple extortion over the phone,” he writes.

Miscreants have already begun to flog these types of lockers on Facebook, a sign that scams of this type have reached script kiddie level and are therefore likely to become commonplace in future. Previous scams along the same lines, although less sophisticated, include a BSOD ruse that surfaced last September.“There is an entire ecosystem to distribute these tech support lockers, which includes bundling them into affiliate (Pay Per Install) applications,” Segura concludes.More commentary on the scan can found in a post from security blogger David Bisson here.A keyboard combination to disable the tech support locker malware by holding Ctrl+Shift while pressing the S key, was discovered by TheWack0lian. The same white hat discovered hardcoded values for the ‘product key’: “h7c9-7c67-jb” or “g6r-qrp6-h2” or “yt-mq-6w” which may offer a means to recover from infection without paying scammers, at least in the case of this one particular strain of malware.Have you ever bothered to look at who your browser trusts? The padlock of a HTTPS connection doesn’t mean anything if you can’t trust the other end of the connection and its upstream signatories. Do you trust CNNIC (China Internet Network Information Centre). What about Turkistan trust or many other “who are they” type certificate authorities?

Napsat komentář