SoylentNews

Arthur T Knackerbracket has found the following story:

Common behaviors shared across all families of ransomware are helping security vendors better spot and isolate attacks.

This according to a report from British security shop Sophos, whose breakdown (PDF) of 11 different malware infections, including WannaCry, Ryuk, and GandCrab, found that because ransomware attacks all have the same purpose, to encrypt user files until a payment is made, they have to generally perform many of the same tasks.

"There are behavioral traits that ransomware routinely exhibits that security software can use to decide whether the program is malicious," explained Sophos director of engineering Mark Loman.

"Some traits – such as the successive encryption of documents – are hard for attackers to change, but others may be more malleable. Mixing it up, behaviorally speaking, can help ransomware to confuse some anti-ransomware protection."

Some of that behavior, says Loman, includes things like signing code with stolen or purchased certificates, to allow the ransomware to slip past some security checks. In other cases, ransomware installers will use elevation of privilege exploits (which often get overlooked for patching due to their low risk scores) or optimize code for multi-threaded CPUs in order to encrypt as many files as possible before getting spotted.

Original Submission

Arthur T Knackerbracket has found the following story:

The unarguable benefits of digital photography has rendered the analog SLR obsolete for most purposes. This means that a wide selection of cameras and lenses are available on the second hand market for pennies on the dollar, making them ripe targets for hacking. [drtonis] decided to experiment with a quick and easy digital conversion to an old Canon A-1, and it’s got us excited about the possibilities.

It’s a simple hack, but a fun one. The SLR is opened up, and the spring plate for holding the film is removed. A Raspberry Pi camera then has its original lens removed, and is placed inside the film compartment. It’s held in with electrical tape, upon a 3mm shim to space it correctly to work with the original optics.

Original Submission

Arthur T Knackerbracket has found the following story:

Apple is removing all vaping apps from its online store.

It said it had taken the decision because of growing official concerns about the impact vaping can have on health.

In the US, 42 deaths and more than 2,100 cases of lung injury have been linked to a respiratory illness tied to vaping.

Apple's decision means a total of 181 apps will not be available on iPhones, reports tech news site Axios.

In a statement given to Axios, Apple said it agreed with official warnings about the negative health impacts of vaping and the potential problem presented by the appeal of e-cigarettes to the young.

It said it took "great care" to ensure that the app store was a place people could trust to get programs for their iPhone.

Original Submission

upstart writes:

Submitted via IRC for Runaway1956__

Rare genetic condition gives man Eye of Sauron look

Doctors in Texas came face to face with a dark, spine-tingling eye that looked rimmed by flames—or, as they calmly described it in a recent report^[$] in the New England Journal of Medicine: an eye with "circumferential spoke-like iris transillumination defects."

[...] He didn't have any specific complaints, according to the doctors. He reported a family history of glaucoma, which is a group of vision-jeopardizing conditions that lead to damage to the nerve that transmits light signals to the brain (the optic nerve).

A previous doctor had determined that the man had elevated pressure in his eyes, which is a leading culprit of glaucoma. The man had several prescribed medications to try to lower his intraocular pressure, which he was taking. When the Texas doctors checked his eye pressure, it was only slightly above the normal range.

But shining a light into both of his eyes, the doctors saw a fiery ring around his irises—the colorful muscular structure that controls the diameter of the pupil, thus controlling the amount of light that gets to the retina. The eerie glow indicated that pigment in his irises had sloughed off, allowing light to pass through.But shining a light into both of his eyes, the doctors saw a fiery ring around his irises—the colorful muscular structure that controls the diameter of the pupil, thus controlling the amount of light that gets to the retina. The eerie glow indicated that pigment in his irises had sloughed off, allowing light to pass through.

NEJM, 2019.  DOI: 10.1056/NEJMicm1903842.

Original Submission

upstart writes:

Submitted via IRC for Runaway1956__

FCC sued by dozens of cities after voting to kill local fees and rules

The Federal Communications Commission faces a legal battle against dozens of cities from across the United States, which sued the FCC to stop an order that preempts local fees and regulation of cable-broadband networks.

The cities filed lawsuits in response to the FCC's August 1 vote that limits the fees municipalities can charge cable companies and prohibits cities and towns from regulating broadband services offered over cable networks.

"At least 46 cities are asking federal appeals courts to undo an FCC order they argue will force them to raise taxes or cut spending on local media services, including channels that schools, governments, and the general public can use for programming," Bloomberg Law wrote Tuesday.

martyb writes:

Smokers and Hypertensive Individuals have Higher Risk of Sudden Death from Brain Bleed:

Contrary to the previous data, a Finnish study clarifies that smoking and high blood pressure do not protect from death in patients suffering from subarachnoid haemorrhage, the most lethal stroke subtype. In fact, subarachnoid haemorrhage kills smokers and hypertensive individuals already before they reach hospitals, and therefore studies that cannot include these outside hospitals deaths in analyses may reach erroneous conclusions.

Subarachnoid haemorrhage is a severe stroke subtype that is caused by a rupture of a brain aneurysm, an enlargement in the brain vessel wall. Up to one in four subarachnoid haemorrhage patients die quickly after the bleed at home, on the road to a hospital, or in an emergency room. These patients never reach hospital wards and are often incorrectly diagnosed. In many countries, these sudden deaths are classified as sudden cardiac deaths since routine autopsies are rarely conducted outside Nordic countries.

If only patients who survive the initial bleed and reach hospital wards are included in studies on risk factors of subarachnoid haemorrhage, such studies are very likely biased, because they are unable to study risk factors relating to the most devastating outcome, namely sudden death.

Two recent hospital-based studies, that excluded patients who died before reaching hospital wards, reported that smokers and hypertensive individuals have better chances to survive from subarachnoid haemorrhage than non-smokers and those with normal blood pressures.

These findings puzzled researchers and clinicians because they contradicted earlier reports. For decades, the researchers and clinicians have known that smoking and high blood pressure are the two most important risk factors for subarachnoid haemorrhage, but now the studies suggest that the same factors would paradoxically protect from subarachnoid haemorrhage-related death.

A study, published in the distinguished Neurology journal, shows that when researches[sic] are able to include those people who die before reaching hospital wards, the paradoxical protective effect of smoking and high blood pressure is reversed. Specifically, the study showed that smokers and hypertensive individuals die more frequently before they reach hospital wards than non-smokers and those with normal blood pressure. When these heavy smokers and hypertensive people are left out from statistical analyses, the results are misleading.

Journal Reference:
Joni V. Lindbohm, Jaakko Kaprio, Miikka Korja. Survival bias explains improved survival in smokers and hypertensive individuals after aSAH^$. Neurology, 2019; 10.1212/WNL.0000000000008537 DOI: 10.1212/WNL.0000000000008537

Original Submission

Arthur T Knackerbracket has found the following story:

You've probably seen a lichen, even if you didn't realize it. If you've ever meandered through the forest and wondered what the crusty stuff on trees or rocks was, they're lichens, a combination of algae and fungi living together almost as if they were one organism. And since they can grow on bare rocks, scientists thought that lichens were some of the first organisms to make their way onto land from the water, changing the planet's atmosphere and paving the way for modern plants. A new study in Geobiology upends this history by delving deep into the DNA of the algae and fungi that form lichens and showing the lichens likely evolved millions of years after plants.

[...] The early lichen fossil record isn't very clear; it can be hard to tell lichen fossils apart from other fossils, and all the fossils that scientists know for sure are lichens are younger than the oldest complex plant fossils. So, the researchers used the fossils that were available to extrapolate the ages of family trees of lichen-forming fungi and algae. They compared these family trees with ages of fossil plants. The verdict: lichens probably evolved long after complex plants.

[...] Unearthing the age of lichens makes it clear that the pattern of modern lichens showing up on rocks before plants doesn't mean that lichens evolved before plants. "It provides a snapshot into what was going on deep in time on Earth, and when some of these groups started appearing," says Nelsen. And since lichens growing on soil can make the ground wetter, hold the soil in place, and influence the kind of nutrients present in soil, learning when lichens arrived on the scene use us a clearer picture of the world in which complex plants evolved.

No support for the emergence of lichens prior to the evolution of vascular plants^$, Geobiology (DOI: 10.1111/gbi.12369)

Original Submission

upstart writes:

Submitted via IRC for soylent_fuschia

Vendor wants Congress to mandate something that only they can provide. Interesting business model.

Brave Urges Congress to Require Ad Blocking Browsers for Govt Employees

In a letter to the U.S. Congress, Brave urged Homeland Security Committee members to make it mandatory for all federal employees to use a browser that blocks advertising by default.

Brave states that without a browser that blocks ads by default, federal employees would be vulnerable to malvertising, which could allow foreign and domestic threat actors to gain access to government devices or a foothold in sensitive networks.

"I represent Brave, a rapidly growing Internet browser based in San Francisco. Brave’s CEO, Brendan Eich, is the inventor of JavaScript, and co-founded Mozilla/Firefox. Brave is headquartered in San Francisco. I write to urge action to protect federal agency and employee computers and devices from cyberattacks by foreign state actors and criminals through “malvertising”."

Brave's letter also includes letters from U.S. Senator Ron Wyden, who since 2017 has been urging the federal government to take a stronger stance regarding the blocking of malicious advertisements.

One year ago, on November 16, 2017, I wrote to then-White House Cybersecurity Coordinator, Rob Joyce, regarding the threat posed by foreign government hackers using online advertisements to deliver malware to the computers of federal workers. In that letter, I urged the administration to direct DHS to require federal agencies to block delivery of all internet ads containing executable computer code to employees computers. In its response on April 20, 2018, DHS stated that it was continuing to investigate these risks and working with representatives from the online advertising industry to address this threat.

In June 2018, the National Security Agency (NSA) issued public guidance related to the threat posed by malicious advertisements. In the attached document, which NSA published on its website, the agency observed that advertising has been a known malware distribution vector for over a decade and as such, the agency recommends that organizations address this risk by blocking potentially malicious, internet-based advertisements.

As Brave sent this letter on the same day they officially released Brave Browser 1.0, this can be seen as a clever marketing ploy by the browser developers.

Original Submission

upstart writes:

Submitted via IRC for soylent_fuschia

TPM-FAIL Security Flaws Impact Modern Devices With Intel CPUs

Researchers discovered two new vulnerabilities known as TPM-FAIL in Intel firmware-based TPM (fTPM) and STMicroelectronics' TPM chips that could be used by hackers to steal their targets' cryptographic keys.

TPM (short for Trusted Platform Module) is a chip used as a root of trust for a device's OS that can store highly sensitive data such as security keys, protecting them from malicious tools such as implanted rootkits or malware dropped by a threat actor.

TPMs can also be firmware-based solutions (fTPM) that run on separate 32-bit microcontrollers inside a CPU, as is the case of Intel processors starting with the Haswell generation (2013).

The two vulnerabilities allow hackers to circumvent this security shield and steal the data stored within a TPM. Once they have their hands on your signing keys, the attackers can forge digital signatures that can be used to tamper with the operating systems or to bypass authentication on the compromised machine.

upstart writes for soylent_fuschia

Google Fixes White Screen Problem in Chrome, Admins Furious

For approximately 5 months, Google has been experimenting with a feature called WebContent Occlusion that hides the content of not-visible tabs so that they use less resources and cause less battery drain.

A Chrome developer stated that this feature caused no problems in their period of testing and on Tuesday morning Google quietly enabled it for users in Chrome 78 Stable release.

[...] While this feature was being tested on Chrome Beta users for some time, it was not properly tested in enterprise terminal server environments.

This became evident in Citrix or Terminal Server environments when a user locked their screen, every other user on that server would have their Chrome tabs suddenly become a white screen.

This happened because web occlusion was enabled in the browser for the locked screen and hid their browser content. At the same time, it also caused the content in tabs for every other user on the same terminal server to become hidden as well.

The only way to fix this was to unlock the screen, but this issue was constantly repeated as other users on the Terminal Server would once again lock their screen as they left their desk.

[...] After hundreds of reports from enterprise users who were affected by this, Chrome developer David Bienvenu stated he rolled back the change and disabled the feature.

For the rollback to take effect, users are required to restart the Chrome browser in order to pull down the new configuration.

Enterprise admins are furious that Google has the ability to quietly enable features in their environment without even a heads up and provide no way for admins to block these changes.

Original Submission

Arthur T Knackerbracket has found the following story:

Phone intercepts show rebels accused of shooting down the plane had 'close ties' with Russia before the 2014 attack.

A series of phone intercepts released by a team investigating the 2014 downing of Malaysia Airlines flight MH17 over Ukraine show ties between Moscow and the pro-Russian rebels accused of shooting down the aircraft were "much closer" than originally believed, investigators said.

The Dutch-lead Joint Investigation Team (JIT) said calls between officials in Moscow and pro-Russian rebel leaders in eastern Ukraine, who are facing trial over the incident, intensified before the crash in July of 2014, raising questions over Russia's involvement in providing the missile used to down the plane.

"There was almost daily telephone contact between the leadership of the DPR and their contacts in the Russian Federation," JIT said in a statement on Thursday, using the acronym of the Donetsk People's Republic rebels. The calls mostly took place over secure phones provided by Russian security forces, it said.

All 298 people on board died when MH17 was shot out of the sky over the territory held by pro-Russian separatists in eastern Ukraine as it flew from Amsterdam to Kuala Lumpur.

Original Submission

upstart writes in with a submission, via IRC, for Runaway1956.

Prehistoric ape from Germany was a pioneer of two-legged walking

Fossils unearthed in southern Germany of a remarkable ape that lived about 11.6 million years ago may dramatically alter the understanding of the evolutionary origins of a fundamental human trait - walking upright on two legs.

Scientists on Wednesday said the ape, called Danuvius guggenmosi, combined attributes of humans - straight lower limbs adapted for bipedalism - with those of apes - long arms able to stretch out to grasp tree branches. That indicates Danuvius was able to walk upright on two legs and also use all four limbs while clambering through trees.

It is the oldest-known example of upright walking in apes.

The discovery suggests that bipedalism originated in a common ancestor of humans and the great apes - a group that includes chimpanzees, bonobos, gorillas and orangutans - that inhabited Europe rather than an ancestor from Africa, the continent where our species Homo sapiens first appeared roughly 300,000 years ago, the researchers said.

Arthur T Knackerbracket has found the following story:

New Jersey is the latest state to say Uber's drivers should be classified as employees rather than independent contractors. The state's labor department said that because of this misclassification, the ride-hailing company owes it roughly $650 million in unemployment taxes and disability insurance, according to Bloomberg Law.

The labor department reportedly has been trying to get unpaid employment taxes from Uber going back as far as 2015, according to documents obtained by Bloomberg Law. It said the company owed the state $523 million in overdue taxes along with another $119 million in interest and penalties for the last four years. Uber disputes these findings.

"We are challenging this preliminary but incorrect determination," an Uber spokesman said in an email. "Because drivers are independent contractors in New Jersey and elsewhere."

Driver classification is an issue that government regulators have been taking a closer look at over the past year. California passed a law in September that could require Uber and other on-demand companies to reclassify their drivers as employees instead of independent contractors. The law is set to go into effect Jan. 1. New York, Oregon and Washington state have considered similar legislation.

Original Submission

Arthur T Knackerbracket has found the following story:

By electrically stimulating nerves, neuromodulation therapies can reduce epileptic seizures, soothe chronic pain, and treat depression and a host of other health conditions without the use of conventional drugs like opioids.

Now, University of Wisconsin-Madison biomedical engineers and their collaborators have made a significant advance that could dramatically reduce the cost of neuromodulation therapy, increase its reliability and make it much less invasive.

With a type of electrode that can be injected as a liquid and then cure in the body, the researchers have laid the groundwork for a new kind of neural interface system.

The researchers unveiled their creation, which they've dubbed the "injectrode," in a paper published online this week in the journal Advanced Healthcare Materials.

Today's neuromodulation treatments rely on surgically implanted devices that can cost up to six figures, require complex procedures to install, and often fail -- given that they're rigid devices attempting to mesh with soft biological tissue.

The researchers' system leverages an entirely new way of thinking.

"You can inject the liquid around the nerve, and it cures in the body to create a wired contact," says Kip Ludwig, a UW-Madison professor of biomedical engineering and neurological surgery. "Typical implants are really stiff, and so as the body moves, they wear and tear and break down. Our liquid cures, and the result is much closer to the normal elasticity of tissue. You can actually stretch it and increase its size 150 percent to 200 percent without losing its conductivity."

Journal Reference: James K. Trevathan, Ian W. Baumgart, Evan N. Nicolai, Brian A. Gosink, Anders J. Asp, Megan L. Settell, Shyam R. Polaconda, Kevin D. Malerick, Sarah K. Brodnick, Weifeng Zeng, Bruce E. Knudsen, Andrea L. McConico, Zachary Sanger, Jannifer H. Lee, Johnathon M. Aho, Aaron J. Suminski, Erika K. Ross, Jose L. Lujan, Douglas J. Weber, Justin C. Williams, Manfred Franke, Kip A. Ludwig, Andrew J. Shoffstall. An Injectable Neural Stimulation Electrode Made from an In‐Body Curing Polymer/Metal Composite. Advanced Healthcare Materials, 2019; 1900892 DOI: 10.1002/adhm.201900892

Original Submission

aristarchus writes:

Reporting at LiveScience.

As humankind's ancestors were learning to walk upright, a star was launched out of the supermassive black hole at the center of our galaxy at a staggering 3.7 million mph (6 million km/h).

Five million years after this dramatic ejection, a group of researchers, led by Sergey Koposov of Carnegie Mellon University's McWilliams Center for Cosmology, has spotted the star, known as S5-HVS1, in the Crane-shaped constellation Grus. The star was spotted traveling relatively close to Earth (29,000 light-years away) at unprecedented, searing speeds — about 10 times faster than most stars in our galaxy.

"The velocity of the discovered star is so high that it will inevitably leave the galaxy and never return," Douglas Boubert, a researcher at the University of Oxford and a co-author on the study, said in a statement.

[...] The star was discovered with observations from the Anglo-Australian Telescope (AAT), a 12.8-foot (3.9-meter) telescope, and the European Space Agency's Gaia satellite. The discovery was made as part of the Southern Stellar Stream Spectroscopic Survey (S5), a collaboration of astronomers from Chile, the U.S., the U.K. and Australia.

Now that the star has been spotted, researchers could track the star back to Sagittarius A*, the black hole at the center of the Milky Way. It also serves as an incredible example of the Hills Mechanism, proposed by astronomer Jack Hills 30 years ago, in which stars are ejected from the centers of galaxies at high speeds after an interaction between a binary-star system and the black hole at the center of the galaxy.

[...] This discovery was published in a study on Nov. 4^[$] in the journal the Monthly Notices of the Royal Astronomical Society.

Original Submission