Jeffrey J. Bloom

Jeffrey J. Bloom

Janus Cybercrime Solutions released the master decryption key of all past Petya versions. This key can decrypt all ransomware families part of the Petya family except NotPetya, which isn't the work of Janus, but is believed to be the work of a nation-state actor that targeted Ukraine.
https://www.bleepingcomputer.com/news/security/author-of-original-petya-ransomware-publishes-master-decryption-key/

Jeffrey J. Bloom

A new AI-generated music video pulls internet video footage of celebrities, politicians & artists to match the lyrics to the hit song, "Dig Down." The result feels even more political than the original video, which explores the consequences of technology within a media-fueled cyberpunk dystopia.
http://ai.muse.mu/

Jeffrey J. Bloom

BothanSpy (Windows) & Gyrfalcon (Linux) projects can be used to intercept and exfiltrate SSH (Secure Shell) credentials.

BothanSpy targets the SSH client Xshell in Windows stealing user credentials for all active SSH sessions.

Gyrfalcon targets the OpenSSH client in Linux stealing user credentials of active SSH sessions & collect FULL or partial OpenSSH session traffic. It's installed & configured using a CIA-developed root kit (JQC/KitV) on the target machine.
https://betanews.com/2017/07/07/wikileaks-bothanspy-gyrfalcon/

Jeffrey J. Bloom

The malware was designed to use stolen credentials once the hackers were already inside the plant’s computer systems. The tool tries to connect to non-public computers, & may have been intended to identify systems related to Wolf Creek’s generation plant, a part of the facility typically more modern than the nuclear reactor control room.
http://www.independent.co.uk/news/world-0/hacking-us-power-plans-wolf-creek-sabotage-energy-fbi-power-plant-electricity-grid-a7828261.html

Jeffrey J. Bloom

"Russia views the information sphere as a key domain for modern military conflict," the report says. "Information operations are seen as a critical capability to achieve decisive results in the initial period of conflict with a focus on control of the information spectrum in all dimensions of the modern battle space." During a future conflict, Russian forces plan to engage in operations designed to create an "information blockade" & achieve "information dominance." The goal is to seize the initiative & deny enemies the use of information space.
http://freebeacon.com/national-security/dia-reveals-new-details-russian-information-warfare/

Jeffrey J. Bloom

"The algorithm considers twelve total 'predictors' or 'explanatory variables' that determine how likely a candidate signal is to correspond to the reflected light signal from an orbiting planet.

Millholland reckons using machine learning algorithms like these will become more common in astrophysics. "Big data techniques are becoming more relevant to astronomers as their datasets grow larger & larger. In addition, the advances that are being made in machine learning algorithms & applications in tech industries are spreading to other fields."
https://www.theregister.co.uk/2017/07/07/machine_learning_algos_and_hot_jupiters/

Jeffrey J. Bloom

"If South Australia's willing to take a big risk, then so are we," Musk said. Billionaire entrepreneur Mike Cannon-Brookes threw down the gauntlet to Musk in March, asking if Tesla was serious when it claimed it could quickly end blackouts in South Australia. "Tesla will get the system installed & working 100 days from contract signature or it's free. That serious enough for you?" Musk wrote on Twitter at the time.
http://money.cnn.com/2017/07/07/technology/tesla-elon-musk-australia-world-biggest-lithium-ion-battery/index.html

Jeffrey J. Bloom

The squirrel-hunting project used “a variety of techniques” to cram a deep neural network (essentially “a class of predictors” inspired human brains) onto an extremely small chip.
https://www.digitaltrends.com/computing/artificial-intelligence-raspberry-pi-microsoft/

Jeffrey J. Bloom

"[Eternal Blues] helps finding the blind spots in your network, these endpoints that are still vulnerable to EternalBlue," continues Erez. "Just hit the SCAN button and you will immediately start to get which of your computers are vulnerable and which aren’t. That’s it."
http://mashable.com/2017/06/30/ransomware-wannacry-notpetya-tool-vulnerable/

Jeffrey J. Bloom

Petwrap (aka Petya, NotPetya or Goldeneye) is based on an older Petya variant--originating from the GoldenEye malware in 2016--, includes SMB exploit EternalBlue & appears to target Ukrainian infrastructure.

Petya includes features enabling malware to remain viable, including attacking the MBR (Master Boot Record).

EternalBlue enables proliferation via unpatched systems and/or degraded anti-virus/malware protection.
https://www.thesun.co.uk/tech/3900464/petya-goldeneye-ransomware-attack-nsa-cyber/

Jeffrey J. Bloom

Petya works by overwriting the MBR (master boot record) so the OS can't boot. 

Fabian Wosar’s Peta Sector Extractor can decrypt files locked by the ransomware & unlocks systems immediately. 
http://www.express.co.uk/news/world/822038/Petya-ransomware-cyber-attack-unlock-virus-free

Jeffrey J. Bloom

A new attack functioning like WannaCry has caused massive outages in Ukraine--already the biggest in their history--& appears to be spreading to other countries around the world.

The attack is hitting major infrastructure in the countries where it has spread to. That has included companies ranging as widely as Danish shipping company Maersk & British advertising company WPP.
http://www.independent.co.uk/life-style/gadgets-and-tech/news/hack-cyber-attack-ukraine-russia-wannacry-petya-security-internet-broken-computer-not-working-a7810626.html

Jeffrey J. Bloom

A new variant of WannaCry has caused outages on Ukraine government websites & those of several companies. The hack began in the country but has since spread across the world, hitting companies as widely as Danish shipping company Maersk & British advertising company WPP, the biggest in the world.

Jeffrey J. Bloom

Hundreds of studies have found user behaviour on Social Media (SM) reflects real world events & "can be used to forecast & make predictions about the future."

“SM data provides a vast record of humanity’s everyday thoughts, feelings & actions at a resolution previously unimaginable."
https://www.thesun.co.uk/tech/3893003/social-media-can-forecast-the-future-by-predicting-riots-revolutions-and-whether-its-going-to-rain-researchers-claim/

Jeffrey J. Bloom

There's plenty of jobs for those who develop, program, manage & market AI. As an exercise in irony, recruiters now use AI to find employees with the correct qualifications & skillz to work alongside or improve AI.
http://trendintech.com/2017/06/25/companies-use-ai-to-find-human-employees-to-work-with-artificial-intelligence/

Jeffrey J. Bloom

D-Wave pioneer, Geordie Rose, cofounds Kindred, hoping to commercialize human-like AI by pairing reinforcement learning with robots. He also shares his unique perspectives on: why physical bodies are necessary for general intelligence; the intersection of AI & quantum computing; the difficulties inherent in commercial quantum computing & more!
https://architecht.io/kindred-ceo-on-the-quest-for-true-ai-and-the-challenge-of-commercial-quantum-computing-cad983a162f4

Jeffrey J. Bloom

A group called Team System Dz claims responsibility for the hack & linked to its Facebook page. The same pro-Islamic State message also appeared Sunday on the website of Brookhaven, a town on New York’s Long Island, about 50 miles from Manhattan, according to the New York Post.
http://www.dispatch.com/news/20170625/10-state-websites-hacked-replaced-with-pro-islamic-state-anti-trump-messages

Jeffrey J. Bloom

Linux, BSD, Solaris and other open source systems are vulnerable to a local privilege escalation vulnerability known as Stack Clash that allows an attacker to execute code at root. Major Linux and open source distributors made patches available Monday, and systems running Linux, OpenBSD, NetBSD, FreeBSD or Solaris on i386 or amd64 hardware should be updated soon.
https://threatpost.com/stack-clash-vulnerability-in-linux-bsd-systems-enables-root-access/126355/

Jeffrey J. Bloom

OneWeb is launching 720 low-Earth orbit satellites into non-geostationary satellite orbit (NGSO) to provide global, high-speed broadband.

"Humans have long sought inspiration from the stars, from the ancient Egyptians orienting the pyramids toward certain stars to the Greeks using constellations to write their mythology. In modern times, we've done the same, with over 1,000 active satellites currently in orbit.."
https://slashdot.org/story/327919

Jeffrey J. Bloom

How Brutal Kangaroo toolkit works: "Drifting deadline" is primary malware creation tool; "Shattered Assurance" automates malware generation & propagation via USB drives; "Shadow" enables control & coordinate of attack; & "Broken Promise" extracts data from the infected systems.
https://www.hackread.com/wikileaks-latest-dump-exposes-cia-hacking-tool-for-air-gapped-pcs/

Jeffrey J. Bloom

To conclude, as technology advancement is happening, an IOT with connected devices and sensors will revolutionize the day to day functioning with automation possible. Right from automatic ordering of vegetables which are lacking in the refrigerator or controlling the temperature in the room by accessing it remotely or drive through places /automatic driven car which will guide one through less traffic areas, the IOT can play a big role in each part of our life. The extent of usage of IOT is a late realization for the human being and the day to day activities can be controlled/scheduled by few devices as time goes by.

Jeffrey J. Bloom

Simply put, CRM's flavor of software robotics encompasses chatbots, tools for back-end automation and even data collection tools that watch employees work. All have the ultimate goal of helping sales and service staff better serve customers, explains Pegasystems CTO Don Schuerman. The robotics push from Pega follows its 2016 acquisition of robotic process automation and workforce analytics software vendor OpenSpan.

Jeffrey J. Bloom

Today’s AI is very limited in retaining, reusing &/or repurposing previously gained knowledge. Presently, new algorithms must be built & fine tuned for each new specific task--which boils down to "very sophisticated data processing," rather than real intelligence.

True general intelligence has been a lifelong dream of Marek Rosa, who formed GoodAI & is funding the citzen-science project with a US $5 million in prizes.
http://spectrum.ieee.org/tech-talk/robotics/artificial-intelligence/in-the-general-ai-challenge-teams-compete-for-5-million

Jeffrey J. Bloom

According to Ma, the next 30 years will be marked by "very painful" changes for humanity as it enters an age defined by data & AI.. However, humans will win in a war with machines, because machines do not possess wisdom, which comes from the heart.

Jeffrey J. Bloom

The "ultralow-power event-based camera" (ULPEC) uses brain-like algorithms to process images & light sensors that mimic the human retina. Pixel sensors come to life only when the camera is ready to record a new image or event--saving power & memory without reducing performance.
https://www.scientificamerican.com/article/quick-thinking-ai-camera-mimics-the-human-brain/

Jeffrey J. Bloom

Rapid improvements in key underlying technologies--voice recognition & natural language processing--are making "smart" assistants more capable. The promise of having our own personal, always-listening AI, able to respond to any wish & command--like Tony Stark’s Jarvis in the movie Iron Man--is a future vision of computing pulled directly from the pages of science fiction.
https://www.forbes.com/sites/eladnatanson/2017/06/22/artificial-intelligence-smart-assistants-the-next-big-thing-in-computing/

Jeffrey J. Bloom

Detecting malware activity in encrypted traffic was thought to be an impossible, but machine learning appears to have led to a working technique called Encrypted Traffic Analytics (ETA) & "involves looking for telltale signs in three features of encrypted data."

By studying data features in "TLS handshake metadata, DNS contextual flows linked to the encrypted flow & the HTTP headers of HTTP-contextual flows" the algorithm could determine how encrypted traffic streams were used differently in malicious vs. benign scenarios.
http://searchsecurity.techtarget.com/news/450421296/Malware-in-encrypted-traffic-uncovered-with-machine-learning

Jeffrey J. Bloom

Brutal Kangaroo contains a number of CIA tools that allow gaining access to offline networks--the primary of which is Drifting Deadline, which allows operatives to generate malware used to infect air-gapped networks--similar to the Stuxnet attack used to target Iran’s nuclear program.
http://www.ibtimes.com/wikileaks-document-dump-cia-brutal-kangaroo-hack-breached-computers-offline-networks-2556107

Jeffrey J. Bloom

Two weeks after IDT was hit (using EternalBlue & DoublePulsar), WannaCry ravaged computers around the world. No doubt it was destructive. But what Mr. Ben-Oni had witnessed was much worse, & with all eyes on WannaCry, few paid attention to the attack on IDT’s systems--& most likely others around the world.

Even more concerning, the--never before reported--assault was not detected by leading cybersecurity companies, top security engineers (at big tech companies), government intelligence analysts or the FBI--which remains consumed with the WannaCry attack.
https://www.nytimes.com/2017/06/22/technology/ransomware-attack-nsa-cyberweapons.html

Jeffrey J. Bloom

Adware or clickfraud bots could load Chrome or Firefox in headless mode (no visible GUI), load pages & click on ads without user's knowledge. Ther've been quite a few headless browsers exploits already, like the miscreants who abused PhantomJS to post forum spam.
https://slashdot.org/story/17/06/22/1919234/