Microsoft has launched a new Windows Bounty Program, designed to expand its existing security bug bounty programs. While the software giant has previously paid out $100,000 for Windows 8.1 bugs, this new program will see the software giant pay out far more for serious Hyper-V flaws in Windows 10 or Windows Server operating systems.
Microsoft will now pay up to $250,000 for severe Hyper-V vulnerabilities, and security bugs in Microsoft Edge or Windows 10 preview builds will fetch up to $15,000. “Security is always changing and we prioritize different types of vulnerabilities at different points in time,” explains a Microsoft spokesperson in a blog post. “Microsoft strongly believes in the value of the bug bounties, and we trust that it serves to enhance our security capabilities.”
The new Windows Bounty Program launched last week, and will continue indefinitely at Microsoft’s discretion. Any critical or important flaws that affect Windows and a variety of individual features will receive a bounty. Facebook, Google, Apple, Uber, and a variety of other tech companies all offer bug bounties, and they’re designed to tempt researchers into disclosing vulnerabilities early to prevent widespread cyber-attacks.
There’s lots of money to be made here! Last year, a 10-year-old — who is not even old enough to sign up on Facebook — impressed Mark Zuckerberg by hacking Instagram, the photo-sharing application owned by Facebook. The Helsinki-based boy genius, called Jani, received $10,000 from Facebook for identifying a security bug.
Since the Facebook Bug Bounty Program launched in 2011, Facebook has awarded over $4.3 million to more than 800 researchers. The program determines the payout based on a bug’s risk, rather than how complex it may be. In 2015 alone, 210 researchers received $936,000 with an average payout of $1,780.
Earlier this month authorities seized the Dark Web marketplace AlphaBay, an online black market that peddled everything from heroin to stolen identity and credit card data. But it wasn’t until today, when the U.S. Justice Department held a press conference to detail the AlphaBay takedown that the other shoe dropped: For the past month, Police in The Netherlands have been operating Hansa Market, a competing Dark Web bazaar that enjoyed a massive influx of new customers immediately after the AlphaBay takedown.
The normal home page for the dark Web market Hansa has been replaced by this message from U.S. law enforcement authorities.
U.S. Attorney General Jeff Sessions called the AlphaBay closure “the largest takedown in world history,” targeting some 40,000 vendors who marketed a quarter-million listings for illegal drugs to more than 200,000 customers.
“By far, most of this activity was in illegal drugs, pouring fuel on the fire of a national drug epidemic,” Sessions said. “As of earlier this year, 122 vendors advertised Fentanyl. 238 advertised heroin. We know of several Americans who were killed by drugs on AlphaBay.”
Andrew McCabe, acting director of the FBI, said AlphaBay was roughly 10 times the size of the Silk Road, a similar dark market that was shuttered in a global law enforcement sting in October 2013.
As impressive as those stats may be, the real coup in this law enforcement operation became evident when Rob Wainwright, director of the European law enforcement organization Europol, detailed how the closure of AlphaBay caused a virtual stampede of former AlphaBay buyers and sellers taking their business to Hansa Market, which had been quietly and completely taken over by Dutch police one month earlier — on June 20.
“What this meant…was that we could identify and disrupt the regular criminal activity that was happening on Hansa Market but also sweep up all of those new users that were displaced from AlphaBay and looking for a new trading plot form for their criminal activities,” Wainwright told the
media at today’s press conference, which seemed more interested in asking Attorney General Sessions about a recent verbal thrashing from President Trump.
“In fact, they flocked to Hansa in droves,” Wainwright continued. “We recorded an eight times increase in the number of human users on Hansa immediately following the takedown of AlphaBay. Since the undercover operation to take over Hansa market by the Dutch Police, usernames and passwords of thousands of buyers and sellers of illicit commodities have been identified and are the subject of follow-up investigations by Europol and our partner agencies.”
On July 5, the same day that AlphaBay went offline, authorities in Thailand arrested Alexandre Cazes — a 25-year-old Canadian citizen living in Thailand — on suspicion of being the creator and administrator of AlphaBay. He was charged with racketeering, conspiracy to distribute narcotics, conspiracy to commit identity theft and money laundering, among other alleged crimes.
Law enforcement authorities in the US and abroad also seized millions of dollars worth of Bitcoin and other assets allegedly belonging to Cazes, including four Lamborghini’s and three properties.
However, law enforcement officials never got a chance to extradite Cazes to the United States to face trial. Cazes, who allegedly went by the nicknames “Alpha02” and “Admin,” reportedly committed suicide while still in custody in Thailand.
Online discussions dedicated to the demise of AlphaBay, Hansa and other Dark Web markets — such as this megathread over at Reddit — observe that law enforcement officials may have won this battle with their clever moves, but that another drug bazaar will simply step in to fill the vacuum.
Ronnie Tokazowski, a senior analyst at New York City-based threat intelligence firm Flashpoint, said the actions by the Dutch and American authorities could make it more difficult for established vendors from AlphaBay and Hansa to build a presence using the same identities at alternative Dark Web marketplaces.
Vendors on Dark Web markets tend to re-use the same nickname across multiple marketplaces, partly so that other cybercriminals won’t try to assume and abuse their good names on other forums, but also because a reputation for quality customer service means everything on these marketplaces and is worth a pretty penny.
Tokazowski said even if top vendors from AlphaBay/Hansa already have a solid reputation among buyers on other marketplaces, some of those vendors may choose to walk away from their former identities and start anew.
“One of the things [the Dutch Police and FBI] mentioned was they were going after other markets using some of the several thousand password credentials they had from AlphaBay and Hansa, as a way to get access to vendor accounts,” on other marketplaces, he said. “These actions are really going to have a lot of people asking who they can trust.”
“There are dozens of these Dark Web markets, people will start to scatter to them, and it will be interesting to see who steps up to become the next AlphaBay,” Tokazowski continued. “But if people were re-using usernames and passwords across dark markets, it’s going to be a bad day for them. And from a vendor perspective, [the takedowns] make it harder for sellers to transfer reputation to another market.”
For more on how the Dutch Police’s National High Tech Crimes Unit (NHTCU) quietly assumed control over the Hansa Market, check out this story.
Thanks to REDDIT and KrebsOnSecurity for this valuable information
If you haven’t deleted your decade-plus old Myspace account yet, now may be the time to do it. As it turns out, it’s been embarrassingly easy for someone to break into and steal any account on the site. Security researcher Leigh-Anne Galloway posted details of the flaw on her blog after months of trying to get Myspace to fix it — and hearing nothing back from the company.
The flaw came from Myspace’s account recovery page, which was meant to let people regain access to an account they’ve lost the password to. The page asked for the account holder’s name, username, original email address, and birthday. But it turned out, you really only needed to know someone’s birthday in order to gain access to their account.
The account holder’s name and username are both publicly listed on their profile page. And Myspace’s account recovery form didn’t actually check to see if you entered the correct email address. The Verge tested the flaw on a newly created dummy account and was able to confirm this. That meant the only detail you actually had to know is the account holder’s birthday, and in a lot of cases, that isn’t exactly hard to find with a little bit of research.
As soon as you provided that info, Myspace logged you into the account, prompting you to set a new password and giving you the ability to change the account’s associated email address and birthdate, letting you steal that account for good.
Of course, at this point, it’s not like all that many people (anyone?) are still using Myspace. Many years after being crushed by Facebook, Myspace moved away from being a social network and pivoted into being a news aggregator and a series of profile pages for musicians. You’re supposed to be able to play music from those pages – some people have success with this and many others complain it doesn’t work. I tested it myself and found it works fine in Internet Explorer 11.
Time Inc. purchased Myspace last year, mostly just so it could get some associated ad technology.
Even though people aren’t using Myspace much anymore, its poor security practices still matter, since it’s not alone in being so lax about account protections. Myspace is an example of the kind of sloppy security many sites suffer from, poor implementation of controls, lack of user input validation, and zero accountability. If there is a possibility that you still have an account on Myspace, I recommend you delete your account immediately.
Many years ago (April 1992 release), Microsoft had a product called Windows for Workgroups. That name made it clear that Windows was different in your office than it was at home. Back then, of course, Microsoft had two versions of Windows. The DOS-based home system, Windows 3.1, which was in use up through Windows XP and the DOS-free Windows NT version. Windows 2000 (February 2000) was the last edition of the OS that was solely aimed at business, even then home users were seeing some advantages to using the more stable “business” version of Windows.
Now things have moved on and there’s one core operating system across not just home and work PCs, but that same core runs Microsoft’s mobile platform and the Xbox One. Windows 10 is more readily adopted by users of all types and we’re just starting to see the benefits of all these platforms running on the same operating system kernel. We’re also starting to see problems.
Business users upgrading to Windows 10 isn’t without its concerns. There’s the ongoing issue of Microsoft’s telemetry which automatically sends information about you and your PC to Microsoft. If this privacy issue does worry you, you can turn it off, but it’s not entirely business friendly. Then there’s the issue of advertisements popping up in Windows 10 and the fact that Microsoft thinks it’s cool to stuff new installs with Candy Crush. These are not business compatible applications and I recall that back in the day, business owners were up in arms over all Windows PC’s coming pre-installed with Solitaire, MineSweeper and Tetris and FreeCell to name just a few.
The recent leak suggests that Microsoft will bring in something called “Windows 10 Pro for Workstations” although it might actually be called “Windows Pro for Advanced PCs” which will help Microsoft move away from the stigma of Windows 10.
The new OS will have a couple of different features:
•Workstation mode enhanced performance – using the multi-core server CPUs to deliver better performance when working on demanding tasks.
•Resilient file system storage – ReFS is Microsoft’s improved file system that was introduced with Windows Server 2012. Support for this was introduced in Windows 8.1 and you can use it now, in Windows 10 if you like. There’s a setup process which involves building a mirror set and formatting them with the new file system. This may be useful for anyone who has to work with a lot of data.
•Faster file sharing – uses SMBDirect to move files quickly and with minimal overhead. Obviously useful in businesses where data is moving about quickly, and a sticky problem with the current version of Windows.
•Expanded hardware support – have 4 CPUs and 6TB of memory in one system. Windows 10 Pro currently only handles 2 CPU’s
Will it help? Probably. Windows 10 is great and offers a lot to home users. On the other hand, I can see why businesses might not be so keen. Some of that is perhaps based on things that aren’t really a big problem, and some will be legitimate concerns (like employees wasting work time on Candy Crush) that Windows for Workstations might address.
Microsoft still needs to win over businesses to Windows 10 or it’s sitting on a ticking support time bomb, and we’ve recently seen how well older versions of Windows work out in business environments – more ransomware attacks anyone. With Windows 7 a short 2 years away from its final curtain call – Microsoft is working hard to get all of its ducks in a row beforehand.
Thanks to the Verge for information on this leak:
Many of us scoff at the thought of internet connected Refrigerators and other “IoT” kitchen appliances but it looks like we’ll be seeing them sooner that we think
Consider the following: Refrigerators that shop for you. Samsung wants your fridge to be more than just mere cold storage. Samsung’s Family Hub (at a paltry $4,788 at BestBuy so watch for advertised sales) aims to make it easier to order groceries. The Family Hub can order from a grocery store through the Groceries by Mastercard app. https://news.samsung.com/global/samsung-electronics-unveils-family-hub-2-0-and-smart-built-in-appliances-at-ces-2017
But you don’t need to buy an Internet connected fridge to get some of the benefits of a smart appliance. The Smarter FridgeCam (currently available for pre-order at $99.99) is a wireless camera that allows you to see the contents of your fridge and track expiration dates from a smart phone app. https://smarter.am/fridgecam/
Or, how about a “Magic” button for ordering groceries? Amazon wants to make replenishing family staple items as simple as pressing a button. Amazon’s DASH button might be the answer. You can reorder specific items that are available via Amazon’s Prime service with one button press. This service is exclusively available to PRIME members at this time. The option intrigued me so I logged into my Amazon Prime account and was very surprised to see just how many Buttons I had.
Most every food type item I’ve ever ordered as well as many other items I’ve ordered and re-ordered had a button assigned to them. All I had to do was enable 1-click ordering and simply click the desired button. Can’t get much easier than that…
Finally – many people are put off by all this technology so, if you like the old fashioned way of doing things, check out this Amazon.com item. It’s a 2 pack (100 sheets per pack) of pre-printed paper shopping lists that magnetically sticks to your fridge… cheap and effective – now where did I leave my pen? J
Amazon’s intended purchase of Whole Foods for $13.7 BILLION seems to push them towards their goal of opening a “massive chain” of 2,000 grocery stores. Jeff Bezos is plotting his takeover of our brick and mortar retail industry.
In December 2016, Amazon unveiled a grocery store without lines or checkout counters. Amazon Go, a 1800-square-foot retail space located in the company’s hometown of Seattle, lets shoppers just grab the items they want and leave; the order gets charged to their Amazon account afterwards.
Amazon Go works by using computer vision and sensors to detect what items you’re taking out of the store. You start by scanning an app as you enter the Amazon Go shop. You do your normal shopping, and the sensors throughout the store identify the items in your cart and charge them to your account when you walk out the door. It’ll feel like shoplifting, except you’re actually being watched by more cameras than you can imagine.
The shop will stock most items you’d find in a local convenience store: snacks, drinks, premade food like salads and sandwiches, and grocery essentials like bread and milk. It’ll also sell Blue Apron-like meal kits that let you cook your own dinners for two.
On the consumer level, the benefits are obvious — no waiting in line or fussing around with self-checking machines. But for Amazon, the company could potentially track you and your phone as you browse the store to track items you buy. By looking at your movements in the store as you shop, Amazon could analyze items you may have noticed or were potentially interested in buying (i.e., picking something up off a shelf and putting it back down.) Combine this with your Amazon.com browsing activities and the company could gear up to serve even more recommended products wherever you’re online.
This is all part of Amazon’s grand plan to become the logistics backbone of retail, both online and offline. More brick-and-mortar locations make it easier for the company to conduct grocery delivery through its Amazon Fresh brand. And as more customers begin turning to Amazon for groceries and everyday supplies, the lower Amazon can bring its prices as it scales upward and purchases inventory in larger amounts. The deeper these layers intertwine, the more likely a consumer is to subscribe to Amazon Prime, which will surely begin incorporating offline benefits to complement its free shipping and video freebies.
At the end of the day, Amazon wants to sell consumers any and every product it can, while having the network to move that product into a person’s home that very same day. With planned physical locations that cater to every style of shopping, the company is well on its way to realizing that vision.
Wall Street Journal report: https://www.wsj.com/articles/amazon-grocery-store-concept-to-open-in-seattle-in-early-2017-1480959119
It seems that lately we’re always talking about different ways to protect ourselves and computers from hackers, and phishing schemes. Wouldn’t it be nice if there was a way to automatically protect every device in your home?
Fortunately, there is just such a product – one that will automatically protect your laptops, desktops, smartphones, tablets, DVR’s game consoles, TV’s, literally anything that connects to the internet.
Let’s talk about OpenDNS.
OpenDNS is a company and service which extends the Domain Name System (DNS) by adding features such as phishing protection and optional content filtering in addition to DNS lookup, if its DNS servers are used.
The company hosts a cloud computing security product suite designed to protect customers from malware, botnets, phishing, and targeted online attacks. The OpenDNS Global Network processes an estimated 100 billion DNS queries daily from 85 million users through 25 data centers worldwide.
Today we’ll concentrate on Family Shield from OpenDNS. FamilyShield is different from the majority of parental controls software choices parents are faced with. For starters, Family Shield is free to use. And when set up on your wireless router, FamilyShield does more than block adult content on computers; it blocks it on Wi-Fi devices like the iPod Touch or the Nintendo DS and on video game consoles like Xbox and Wii. In addition to blocking adult content, FamilyShield also blocks proxies and anonymizers, which are how enterprising/tech-savvy kids often get around parental blocks. Because FamilyShield leverages the OpenDNS content filtering system, the list of sites being blocked is constantly updated, 24/7. These updates happen automatically, in the cloud, without requiring any changes on the user’s end. Last but not least, because it runs on the global OpenDNS network, it will make your household Internet faster and overall more reliable. With the OpenDNS perfect 100 percent uptime record, you won’t have to tolerate annoying, intermittent Internet outages anymore. This, of course, is in stark contrast to parental controls software that is often known for slowing down your Internet experience. On August 27, 2015, Cisco acquired OpenDNS for $635 million in an all-cash transaction, plus retention-based incentives for OpenDNS. Cisco said that it intended to continue development of OpenDNS with its other cloud-based security products, and that it would continue its existing services. OpenDNS’ business services were renamed as Cisco Umbrella; while the home products retained the OpenDNS name.
For additional information as well as instructions for setting this up in your home go to: https://www.opendns.com/home-internet-security/
Are you concerned about Ransomware and the very real possibility of forever losing your important files and photos? Do you have a safe, secure and always up to date offsite backup for all your desktops and laptops? That level of data backup has been historically out of reach to users at a price that’s affordable – until now!
Say HELLO to PennyBackup. The name in fact reflects their pricing model and their backend service is built on time tested, enterprise level solutions. Even better, PennyBackup safeguards your data with 50GB of FREE backup storage which includes enterprise level security and encryption.
Secure, Reliable, Remote Data Backup at a fractional of the cost. No other backup service focuses their attention on every facet of data backup: security, reliability and fast data restoration…
Unlimited laptops & PCs. They don’t charge per device– so all your desktops, workstations and laptops can be protected.
Security and reliability always come first. We use best-in-class, enterprise-level software and hardware, with AES-256 Encryption. We are also HIPAA and HiTech Certified.
Super fast backups and restores. Unlike other providers, we provide RTO & RPO analytics on how quickly you can recover your data.
How is PennyBackup different than the competition?
- PennyBackup is HIPAA and HiTech Act and FIPS Certified + SOC Audited. The highest levels of third-party oversight.
- They have superior customer service. They’ll help guide your installation and setup — talk to a real, live person at no extra charge.
- PennyBackup gives you weekly analytical reports on your backup status to predict your recovery time from loss of data. Data recovery is fast, regardless of your data connection.
- Your data is protected by Asigra – a leading data and backup recovery solution that has been on the front lines in the battle against data theft for over a quarter of a century.
- PennyBackup starts where it left off. Internet connection lost? Computer powered down before the backup was completed? No worries. PennyBackup will start right where it left off at saving you valuable downtime and frustration.
Compare PennyBackup with the other guys!
Get your FREE account here: https://www.pennybackup.com/malware-protection/?utm_source=facebook&utm_campaign=Small+Business
Need MORE offsite storage? With PennyBackup you start with 50GB of free storage, plus premium, LIVE support to help with installation and setup! Need more space? Additional storage costs just $0.05/mo per 1GB. At that cost, another 50GB of storage would cost you a whopping $2.50 per month. It would be very difficult to beat these costs – I recommend you give it a try and test it out.
U.S. consumers who buy a drone for fun will no longer have to register it with the FAA.
A Washington, D.C. court ruled Friday that the FAA drone registration rule violates the FAA Modernization and Reform Act, which Congress passed in 2012. Hobbyist John Taylor argued successfully that he should not have to register because the act states that the FAA “may not promulgate any rule or regulation regarding a model aircraft.”
Since December 2015, hobbyists with drones weighing between 0.55 pounds and 55 pounds have had to register their drones with the FAA. More than 550,000 operators have registered since then. The process can be completed online, and there is a $5 application fee.
The FAA said in a statement that it launched registration to ensure drones are operated safely and don’t pose security or privacy threats. The FAA also said it is considering its options and response.
The FAA now has two potential paths forward. The FAA can appeal to all of the judges on the U.S. Court of Appeals for the DC Circuit, which is called an en banc review. (The decision was made by a three-judge panel.)
The other path is appealing to Congress. The FAA is currently going through its regular reauthorization process this year. Congress could insert provisions that support or authorize registration for recreational drones.
The court’s decision was cheered by the Academy of Model Aeronautics, which has long objected to its members having to register their small aircrafts.
“Federal registration shouldn’t apply at such a low threshold that it includes toys,” Academy of Model Aeronautics president Rich Hanson said in a statement. “It also shouldn’t burden those who have operated harmoniously within our communities for decades, and who already comply with AMA’s registration system.”
Others in the industry think drone registration is a good policy because it promotes accountability and provides an opportunity for the FAA to educate pilots on the guidelines for safe operation. The ruling is not yet enforceable as the court gave the FAA 7 days to consider its legal options. At this point in time all we can do is wait for the final word.
The court’s decision does not impact registration for commercial drones.
WannaCrypt Ransomware, also known by the names WannaCry, WanaCrypt0r or Wcrypt is a ransomware which targets Windows operating systems. Discovered on 12th May 2017, WannaCrypt was used in a large Cyber-attack and has since infected more than 230,000 Windows PCs in 190 countries now.
WannaCrypt initial hits include UK’s National Health Service, the Spanish telecommunications firm Telefónica, and the logistics firm FedEx. Such was the scale of the ransomware campaign that it caused chaos across hospitals in the United Kingdom. Many of them had to be shut down triggering operations closure on short notice, while the staff were forced to use pen and paper for their work with systems being locked by Ransomware.
How does WannaCrypt ransomware get into your computer
As evident from its worldwide attacks, WannaCrypt first gains access to the computer system via an email attachment and thereafter can spread rapidly through LAN. The ransomware can encrypt your systems hard disk and attempts to exploit the SMB vulnerability to spread to random computers on the Internet via TCP port and between computers on the same network.
Who created WannaCrypt
There are no confirmed reports on who has created WannaCrypt although WanaCrypt0r 2.0 looks to be the 2nd attempt made by its authors. Its predecessor, Ransomware WeCry, was discovered back in February this year and demanded 0.1 Bitcoin for unlocking.
Currently, the attackers are reportedly using Microsoft Windows exploit Eternal Blue which was allegedly created by the NSA. These tools have been reportedly stolen and leaked by a group called Shadow Brokers.
How does WannaCrypt spread
This Ransomware spreads by using a vulnerability in implementations of Server Message Block (SMB) in Windows systems. This exploit is named as EternalBlue which was reportedly stolen and misused by a group called Shadow Brokers.
Interestingly, EternalBlue is a hacking weapon developed by NSA to gain access and command the computers running Microsoft Windows. It was specifically designed for the America’s military intelligence unit to get an access to the computers used by the terrorists.
WannaCrypt creates an entry vector in machines still unpatched even after the fix had become available. WannaCrypt targets all Windows versions that were not patched for MS-17-010, which Microsoft released in March 2017 for Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, Windows 10 and Windows Server 2016.
The common infection pattern includes:
- Arrival through social engineering emails designed to trick users to run the malware and activate the worm-spreading functionality with the SMB exploit. Reports say that the malware is being delivered in an infected Microsoft Word file that is sent in an email, disguised as a job offer, an invoice, or another relevant document.
- Infection through SMB exploit when an unpatched computer can be addressed in other infected machinesThe worm functionality in WannaCrypt allows it to infect unpatched Windows machines in the local network. At the same time, it also executes massive scanning on Internet IP addresses to find and infect other vulnerable PCs. This activity results in large SMB traffic data coming from the infected host, and can be easily tracked by SecOps personnel.How to protect against Wannacrypt
- Once WannaCrypt successfully infects a vulnerable machine, it uses it to hop to infect other PCs. The cycle further continues, as the scanning routing discovers unpatched computers.
- WannaCrypt has rapid spreading capability
- Microsoft recommends upgrading to Windows 10 as it equipped with latest features and proactive mitigations.
- Install the security update MS17-010 released by Microsoft. The company has also released security patches for unsupported Windows versions like Windows XP, Windows Server 2003, etc.
- Windows users are advised to be extremely wary of Phishing email and be very careful while opening the email attachments or clicking on web-links.
- Make backups and keep them securely
- Windows Defender Antivirus detects this threat as Ransom:Win32/WannaCrypt so enable and update and run Windows Defender Antivirus to detect this ransomware.
- Disable SMBv1 with the steps documented at KB2696547.
- Consider adding a rule on your router or firewall to block incoming SMB traffic on port 445
- Enterprise users may use Device Guard to lock down devices and provide kernel-level virtualization-based security, allowing only trusted applications to run.
To know more on this topic read the Technet blog.
The initial WannaCrypt attack may have been stopped, but we should expect a newer variant to strike more furiously moving forward, so stay safe and secure.
Our Immediate Recommendations are to AVOID clicking on any attachments sent to you via Email. EVEN IF THEY APPEAR TO BE LEGITIMATE!
Although the first wave of this Ransomware was stopped we are already seeing new variations if it hitting computers around the world. Finally – If you see the message as shown in this email blast, it’s already too late for you – IMMEDIATEL SHUT DOWN YOUR COMPUTER and call support.