SoylentNews is people
SoylentNews
Another security story from The Register to start the week off:
Attackers have added a recent dangerous Adobe vulnerability to the Magnitude exploit kit, according to respected independent malware researcher "Kafeine". The remote code execution vulnerability (CVE-2015-3113) revealed last week allows attackers to hijack un-patched machines targeting Internet Explorer on Windows 7 and XP.
Web villains [sic] designated APT 3 by FireEye sleuths are already exploiting the flaw through phishing attacks. Now the researcher known as Kafeine says the vulnerability has been added to the Magnitude exploit kit in what is a significant elevation of risk for Flash users.
Kafeine says Magnitude attackers are using the exploit to drop the Cryptowall ransomware.
"CVE-2015-3113 has been spotted as a zero day by FireEye, exploited in limited targeted attacks. It's now making its path to exploit kits," he says.
Magnitude, said to generate as of August up to $US100,000 a month for its author, maintains about a third of the exploit kit market according to Trustwave. The researchers say the Magnitude author, thought to be a single Russian, could make up to $3 million a year.
Original Submission
(Score: 2) by ikanreed on Monday June 29 2015, @02:40PM
It's easy to infer they're suggesting that its market will expand by the end of the year.
(Score: 2) by RobotMonster on Monday June 29 2015, @02:53PM
So why not say that they've measured an increase in the market, instead of providing a bunch of totally unsubstantiated and vacuous "up to" numbers?
An "at least" number would at least be saying *something*.
I can honestly say that my income this year will be up to 3 trillion dollars.
I can absolutely guarantee that I won't earn one dollar more than that.
Cool eh?
(Score: 2) by ikanreed on Monday June 29 2015, @02:59PM
Yes, but they're also suggesting a real possibility of reaching that threshold in ideal conditions. It's completely fair to hate the grandiosity of always using liberal estimates in the media, but it's not meaningless misinformation as you're implying.
(Score: 2) by RobotMonster on Monday June 29 2015, @04:02PM
I certainly see your point; I've still had a gut-full of this up-to nonsense...
(Score: 2) by ikanreed on Monday June 29 2015, @05:18PM
I acknowledge and agree with that reaction. Sensationalism bites.
(Score: 1) by anubi on Tuesday June 30 2015, @01:15AM
The first phrase I scan for when handed a business contract is the phrase "up-to".
Its my first "red flag" that tells me the business is likely shoddy and is basing their model on screwing the customer.
They want to leave good hopes, but no commitment. They will still expect payment in full, even though they only offer "up to" service.
They have all the credit reporting agencies on their side should they decide to provide far less than the "up-to", and all I have on my side is to leave my side of the argument on internet "bad business bureau" sites.
I would like to get cable internet, however its "up-to" 3Mbps. With ratings like this [yelp.com]. A business license seems to confer to someone the legal authority to demand payment for things hinted at and not delivered.
We have a group in Washington ( every one of 'em ) that would sign in DMCA, yet we are powerless to withhold payment for companies playing hanky-panky. I keep hoping if we all get together and vote the incumbents out, maybe the new guys would have had some nasty experiences with these dealers in trickery and make those contracts no longer legally binding.
Yes, I know most every business does this. Its one of the reasons I really hate to sign any contract with a business. Those contracts are one-sided and binding.
Caveat Emptor!
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]