Instagram “likes” worth more than stolen credit cards

Posted on by

In the latest twist, a computer virus widely used to steal credit card data, known as Zeus, has been modified to create bogus Instagram “likes” that can be used to generate buzz for a company or individual, according to cyber experts at RSA, the security division of EMC.

These fake “likes” are sold in batches of 1,000 on hacker forums, where cybercriminals also flog credit card numbers and other information stolen from PCs. According to RSA, 1,000 Instagram “followers” can be bought for $15 and 1,000 Instagram “likes” go for $30, whereas 1,000 credit card numbers cost as little as $6.

via Instagram “likes” worth more than stolen credit cards | News | PC Pro.

The Increasing Failure Of Malware Sandboxing

Posted on by

The sandboxing appliances popularly deployed today are performing well against your average”0-day” malware threat, but capabilities decline dramatically the more targeted an adversary becomes. As such, organizations are much better at stopping the generic non-targeted “Internet threats”, but becoming more vulnerable to marginally tuned malware. For example, any piece of malware that requires the user to perform an action at a specific time (before it acts maliciously) is sufficient to evade detection in most cases.

via The Increasing Failure Of Malware Sandboxing — Dark Reading.

How Do You Hijack a Popular Streaming Movie Site? With Ease, Apparently

Posted on by

“You don’t have to have access to any emails, passwords, or any other credentials. You simply grab the information from the WHOIS, write a letter with an attached photo-shopped ID with the same name, send it from a random email address, and the domain will be handed to you fairly quickly.”

via How Do You Hijack a Popular Streaming Movie Site? With Ease, Apparently | TorrentFreak.

What Does It Really Matter If Companies Are Tracking Us Online?

Posted on by

Sometimes, that will mean exploiting people who are not of a particular class, say upcharging men for flowers if a computer recognizes that that he’s looking for flowers the day after his anniversary. But other times there could be troubling equity concerns. For example, Calo points to the work of NYU professor Oren Bar-Gill who has shown how companies can use complexity in credit-card contracts, mortgages, and cell-phone contracts to “hinder or distort competition and impose outsized burden on the least sophisticated consumers.” Calo says such price-discrimination tactics, applied en masse online, could “lead to regressive distribution effects,” also known as preying on the vulnerable.

via What Does It Really Matter If Companies Are Tracking Us Online? – Rebecca J. Rosen – The Atlantic.

From the paper, Digital Market Manipulation

A new theory of digital market manipulation reveals the limits of consumer protection law and exposes concrete economic and privacy harms that regulators will be hard-pressed to ignore. This Article thus both meaningfully advances the behavioral law and economics literature and harnesses that literature to explore and address an impending sea change in the way firms use data to persuade.

Linux-based autopilots target commercial UAVs

Posted on by

The computers offer pre-installed flight control and mission software built upon the Linux-based AirwareOS platform. The software is provided under a royalty-free license that enables modification, extension third party software, and inclusion in proprietary products, says the company. The Linux-based software is written in C++, and provides a single hardware-independent Unified Autopilot Interface (UAI) API to the INS/GPS solution, system status, sensor data, actuators, datalink radio, and payloads.

via Linux-based autopilots target commercial UAVs ·  LinuxGizmos.com.

“Bloodsucking leech” puts 100,000 servers at risk of potent attacks

Posted on by

The threat stems from baseboard management controllers that are embedded onto the motherboards of most servers. Widely known as BMCs, the microcontrollers allow administrators to monitor the physical status of large fleets of servers, including their temperatures, disk and memory performance, and fan speeds. But serious design flaws in the underlying intelligent platform management interface, or IPMI, make BMCs highly susceptible to hacks that can cascade throughout a network, according to a paper presented at this week’s Usenix Workshop on Offensive Technologies.

via “Bloodsucking leech” puts 100,000 servers at risk of potent attacks | Ars Technica.

Grading Essays at College Level

Posted on by

EdX, the nonprofit enterprise founded by Harvard and the Massachusetts Institute of Technology to offer courses on the Internet, has just introduced such a system and will make its automated software available free on the Web to any institution that wants to use it. The software uses artificial intelligence to grade student essays and short written answers, freeing professors for other tasks.

via New Test for Computers – Grading Essays at College Level – NYTimes.com.

Two start-ups, Coursera and Udacity, recently founded by Stanford faculty members to create “massive open online courses,” or MOOCs, are also committed to automated assessment systems because of the value of instant feedback.

OpenStack is not for the enterprise

Posted on by

OpenStack backers scoff at the notion that the open source platform is not meant for enteprises. “We’ve seen significant traction from service providers globally, but we’ve also seen significant demand for OpenStack on-premise, hosted private and hybrid cloud by both medium and large enterprises,” wrote Lauren Sell, who manages public relations for OpenStack. Bloomberg, Fidelity, Best Buy, Cisco WebEx and Comcast have all shared their experiences using OpenStack, she notes.

via VMware CEO: OpenStack is not for the enterprise – Network World.