The Category5.TV Newsroom

Here are the stories we're following for the week of Wednesday October 21, 2020

Hackers are using a severe Windows bug to compromise un-patched servers

Hackers are using a severe Windows bug to compromise un-patched servers

One of the most critical Windows vulnerabilities disclosed this year is under active attack by hackers who are trying to backdoor servers that store credentials for every user and administrative account on a network.

Researchers gave the vulnerability the name "Zerologon" because attacks work by sending a string of zeros in a series of messages that use the Netlogon protocol, which Windows servers rely on for a variety of tasks, including allowing end users to log in to a network.

Zerologon, as the vulnerability has been dubbed, gained widespread attention last month when the firm that discovered it said it could give attackers instant access to active directories, which admins use to create, delete, and manage network accounts. Active directories and the domain controllers they run on are among the most coveted prizes in hacking, because once hijacked, they allow attackers to execute code in unison on all connected machines. Microsoft patched the security flaw in August.

On Friday, Kevin Beaumont, working in his capacity as an independent researcher, said in a blog post that he had detected attacks on the honeypot he uses to keep abreast of attacks hackers are using in the wild. When his lure server was unpatched, the attackers were able to use a powershell script to successfully change an admin password and backdoor the server.

Beaumont said that the attack appeared to be entirely scripted, with all commands being completed within seconds. With that, the attackers installed a backdoor allowing remote administrative access to devices inside his mock network. The attackers also enabled Remote Desktop. As a result, they would continue to have remote access even if the admin later patches the server.

People with no authentication can use the exploit to gain domain administrative credentials, as long as the attackers have the ability to establish TCP connections with a vulnerable domain controller. In some cases, attackers may use a separate vulnerability to gain a foothold inside a network and then exploit Zerologon to take over the domain controller.

Source: arstechnica.com

Sent to us by: Robbie Ferguson

Three JavaScript packages have been removed from the npm portal for containing malicious code.

Three JavaScript packages have been removed from the npm portal for containing malicious code.

According to advisories from the npm security team, the three JavaScript libraries opened shells on the computers of developers who imported the packages into their projects.

The shells allow threat actors to connect remotely to the infected computer and execute malicious operations.

The npm security team said that the shells don't depend on a particular operating system and could be used to compromise Windows, Linux, FreeBSD, OpenBSD, and other systems.

All three packages were uploaded to the npm portal in 2018, and each had hundreds of downloads since then. The packages names are plutov-slack-client, nodetest199 and nodetest1010.

The npm security team said, "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer."

They warn, "The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it."

Npm's security staff regularly scans its collection of JavaScript libraries, considered the largest package repository for any programming language.

Source: www.zdnet.com

Sent to us by: Robbie Ferguson

Nokia has been tasked with building a new 4G cellular network... on the moon.

While I can't even get good cell coverage at my cottage, Nokia is working with NASA to bring 4G to the moon.

NASA's Artemis mission aims to establish a long-term human presence on the moon as a stepping stone toward mars colonization, and to get things started, NASA is extending $370 million to 14 companies to provide the technology for the program. From robotics to power generation, and even cryogenics. But it makes sense that these teams will need to be able to communicate with the mother planet.

The new network will be designed specifically for lunar conditions, able to withstand the extreme temperature shifts and radiation. The tech will also utilize small cell tech, which, as the name suggests, is significantly smaller than the tall cell towers we're used to seeing here on earth. They also use a lot less power.

The plan is for a lunar lander to carry the 4G communication system to the lunar surface in 2022. Nokia's Bell Labs has been granted $14.1 million for their part.

Source: www.cnn.com

Sent to us by: Robbie Ferguson

A new 80 Watt wireless charging tech from Xiaomi is blowing our minds.

Xiaomi has announced a new charging tech that can fully charge a depleted smartphone in less than 20 minutes... but it does it without any wires.

Fast charging has become a key feature of many smartphones in recent years, and for convenience sake, wireless charging can be really great. But of course, wireless charging typically charges a phone with between 10-15 Watts of power. Some phones, like the OnePlus 8 Pro have wireless charging up to 40 Watts, but Xiaomi's new charging tech promises a whopping 80 Watts of wireless juice.

What does that mean in practical terms? Well, according to the announcement unveiling the 80 Watt Mi Wireless Charging Technology, a smartphone with 0% charge of a 4,000mAh battery will charge 10% in just one minute, 50% in eight minutes, and be fully charged after 19 minutes.

Source: www.androidpolice.com

Sent to us by: Robbie Ferguson

The Raspberry Pi Compute Module 4 has been released. We'll let you know the specs and how this changes things for industrial IoT.

The Raspberry Pi Foundation has launched a Compute Module with the specs of a Raspberry Pi 4

The Raspberry Pi Foundation launched a new product Monday: the Compute Module 4.

It's hard to believe it's been so long, but the Raspberry Pi 4 was released in June 2019. The Compute Module 4 brings the Pi 4 to the industrial IoT space, featuring the same processor, packed in a compute module just begging to be integrated into powerful IoT appliances.

If you're unfamiliar with Compute Modules, you can think of them as single board computers without all the ports and GPIO pins. They allow the computer components -- the "brains" -- of a Raspberry Pi to be integrated into robotics, smart devices, maker tech, clusters or anything you can come up with that requires a tiny, low powered Linux computer at its heart.

Since the Compute Module 4 shares its specs with the Raspberry Pi 4, developers can do all their prototyping on the Pi 4 SBC, but then order a bunch of Compute Module 4's to integrate into their commercial product.

Just like the Raspberry Pi 4, the Compute Module 4 features a 64-bit ARM-based processor with VideoCore VI graphics. This is going to represent a huge upgrade for previous Compute Module customers, and with 4K video output at up to 60 frames per second, plus the ability to decode H265 video, the Compute Module 4 could be a game changer for multimedia-driven devices such as smart TV's or set-top boxes.

The Compute Module 4 is available with your choice of 1, 2, 4 or 8 GB RAM, and 8, 16 or 32GB on-board eMMC flash storage. WiFi and Bluetooth are also optional. The price ranges from just $25 to $90 USD.

Source: techcrunch.com

Sent to us by: Robbie Ferguson