AT&T stops using undeletable phone tracking IDs

Verizon says its tracking is still ongoing, with no immediate plans to stop.

AT&T says it has stopped its controversial practice of adding a hidden, undeletable tracking number to its mobile customers' Internet activity.

"It has been phased off our network," said Emily J. Edmonds, an AT&T spokeswoman.

The move comes after AT&T and Verizon received a slew of critical news coverage for inserting tracking numbers into their subscribers' Internet activity, even after users opted out. Last month, ProPublica reported that Twitter's mobile advertising unit was enabling its clients to use the Verizon identifier. The tracking numbers can be used by sites to build a dossier about a person's behavior on mobile devices, including which apps they use, what sites they visit and for how long.

Read 8 remaining paragraphs | Comments

New cryptoware title borrows page from drug dealers

Ransomware that encrypts entire hard drive allows one free decrypt.

In the 14 months following the advent of Cryptolocker, there has been a rash of malware copycats that also use strong cryptography to encrypt contents of hard drives until victims pay a hefty ransom, almost always in bitcoins. Usually, they're little more than old wine in a new bottle, but the latest follow-on has tried a new tack: it allows victims to recover exactly one of the encrypted files for free.

Dubbed Coinvault, it was documented Friday by a researcher from antivirus provider Webroot. It allows victims to pick any encrypted file on their hard drive and get it back immediately, free of charge. To decrypt the remaining files, a victim must pay a ransom of 0.5 bitcoins, or about $200 at current exchange rates.

"What’s unique about this variant that I wanted to share with you all is that this is the first Encrypting Ransomware that I've seen which actually gives you a free decrypt," Webroot's Tyler Moffitt wrote in a blog post. "It will let you pick any single file that you need after encryption and will decrypt it for you."

Read 2 remaining paragraphs | Comments

NOAA weather data interruption due to alleged Chinese cyber attack

NOAA shut down access to systems but failed to report intrusion for a month.

An interruption in satellite imagery from NOAA’s Geostationary Satellite Server was caused by efforts to end an alleged Chinese infiltration of NOAA's satellite operations systems—not, as the agency initially reported, "unscheduled maintenance."
NOAA

An interruption of satellite imagery feeds to the National Weather Service in October was caused by a National Oceanographic and Atmospheric Administration (NOAA) shutdown of network connections intended to combat an intrusion into NOAA’s computer systems, the Washington Post reported this week. But the breach, which started in September and lasted until late October, was not reported to Commerce Department officials and other federal cybersecurity authorities.

The NOAA satellite imagery system is used by civilian and military meteorologists worldwide to build weather models; it is also used in planning commercial aircraft and merchant shipping traffic. While NOAA did not identify the attacker publicly, agency officials reportedly told Rep. Frank R. Wolf (R-VA) about the attack and that it was traced back to China. The attacks happened during the same timeframe of an alleged Chinese infiltration of the White House’s unclassified network and a data breach at the US Post Office that exposed 800,000 employee records—also now attributed to Chinese attackers.

Ironically, the attacks came just before President Barack Obama’s visit to Beijing where he discussed (among other things) measures to combat climate change.

Read 2 remaining paragraphs | Comments

Kali Linux – The Most Advanced Penetration Testing Linux Distribution

So Linux Live CDs based around hacking or penetration testing used to be a super big deal, they died down a bit in the last few years. The king of the hill back in 2011 used to be BackTrack and the last time we mentioned it was when BackTrack 5 came out. This article is […]

The post Kali Linux – The Most Advanced Penetration Testing Linux…

Read the full post at darknet.org.uk

So Linux Live CDs based around hacking or penetration testing used to be a super big deal, they died down a bit in the last few years. The king of the hill back in 2011 used to be BackTrack and the last time we mentioned it was when BackTrack 5 came out. This article is [...] The post Kali Linux – The Most Advanced Penetration Testing Linux...

Read the full post at darknet.org.uk