The Category5.TV Newsroom

Here are the stories we're following for the week of Wednesday November 30, 2016

Hackers can hear you even if you don't have a microphone.

Experimental malware has highlighted the possibility that hackers might be able to turn headphones into microphones in order to snoop on computer users.

Research by computer scientists at Ben-Gurion University, Israel, has revealed that both headphones and loudspeakers present a potential bugging risk. The researchers put together proof-of-concept malware in order to validate the risk.

"Malware can use a computer as an eavesdropping device, even when a microphone is not present, muted, taped or turned off," the researchers warn. In a paper, SPEAKE(a)R: Turn Speakers to Microphones for Fun and Profit, the researchers survey the scope of the risk and access potential countermeasures. Possible hardware-based defences include using only active one-way speakers or deploying either white noise emitters or an audio jammer.

Source: www.theregister.co.uk

Sent to us by: Roy W. Nash

San Francisco's public transit system has been exploited by an automated ransomware.

Hard-drive-scrambling ransomware menaced more than 2,000 systems at San Francisco's public transit agency on Friday and demanded 100 bitcoins to unlock data. That's the equivalent of about $73,000 USD.

Ticket machines were shut down and passengers were allowed to ride for free on Saturday – a busy post-Thanksgiving shopping day for the city – while IT workers scrambled to clean up the mess.

A variant of the HDDCryptor malware infected 2,112 computers within the San Francisco Municipal Transportation Agency.

These systems appear to include office admin desktops, CAD workstations, email and print servers, employee laptops, payroll systems, SQL databases, lost and found property terminals, and station kiosk PCs. The worm-like malware automatically attacked the agency's network, and was able to reach the organization's domain controller and compromise network-attached Windows systems. There are roughly 8,500 PCs, Macs and other boxes on the agency's network.

After the vulnerable computers were infected and their storage scrambled, they were rebooted by the malware and, rather than start their operating system, they instead displayed the message: "You Hacked, ALL Data Encrypted, Contact For Key."

The ransomware's masterminds claimed in a statement on Sunday via email, "Our software [is] working completely automatically and we don't [launch] targeted attacks ... SFMTA's network was very open and 2,000 server/PCs [were] infected by software."

Source: www.theregister.co.uk

Sent to us by: Roy W. Nash

More than 130,000 records of US Navy employees have been leaked.

The United States Navy has revealed that the names and social security numbers on 134,386 current and former employees has leaked, thanks to the compromise of a laptop used by a Hewlett Packard Enterprise Services staffer.

The IT contractor and the Naval Criminal Investigative Service probed the data loss finding that "unknown individuals" accessed the records.

No information was released on the detail of the incident, so we're uncertain if the laptop was stolen, infected with malware or otherwise compromised.

Source: www.theregister.co.uk

Sent to us by: Roy W. Nash

SD cards aren't just for cameras anymore, so it's time for a new standard.

It's time for faster sustained IOPS on SD cards.

SD cards have historically been associated with digital cameras, media players, game consoles, and other relatively simple and appliance-like devices. In these roles, the cards primarily needed to offer fast sequential read and write speeds, since they were typically just being asked to save and access one file at a time. But SD cards are becoming increasingly important as primary storage devices, use cases that demand better random read and write performance to account for multiple apps making small reads and writes to the cards in rapid succession.

In recognition of these more complex use cases, the SD Association has introduced version 5.1 of the SD Specification which adds a new "App Performance" class that guarantees buyers a minimum number of input/output operations per second (IOPS) just as the current speed classes guarantee minimum sequential writing speeds. The new "A1" speed class promises that cards support sustained write speeds of at least 10MBps, at least 1,500 read IOPS, and at least 500 write IOPS. Additional speed classes "will be introduced to meet market needs."

Source: arstechnica.com

Sent to us by: Robbie Ferguson

Google's artificial intelligence gives robots the ability to dream.

Google’s DeepMind AI has pioneered a new technology which allows robots to dream in order to improve their rate of learning.

This follows after the company’s recent announcement of its new lip-reading software using artificial intelligence.

The latest development differs from the previous research, in which the company trained its AI to master a ‘Watch, Listen, Attend and Spell (WLAN) network structure whilst transcribing several hours of BBC footage.

In precise explanation of its latest research, DeepMind explained that the aim of the study “is to recognise phrases and sentences being spoken by a talking face, with or without the audio."

Following its announcement earlier this month, DeepMind researchers partnered with Blizzard Entertainment in order to transform one of its games into a learning environment for AI. Its popular video game, StarCraft 2, will be used to teach and test machine agents.

In particular, researchers identified that StarCraft was an “interesting testing environment for current AI research because it provides a useful bridge to the messiness of the real-world.”

The ‘dreams’ discovered by researchers, are to allow the AI to highlight different sections of the games that may be particularly challenging and repeat them until mastered.

This technique was found to develop a total of 10 times speed increase in the rate of learning.

Source: www.cbronline.com

Sent to us by: Robbie Ferguson

• Tags