Jeffrey J. Bloom

Jeffrey J. Bloom

**FlashBack** Jaff spreads in a similar way to the infamous file-encrypting malware Locky & uses the same payment site template. An infectious PDF contains a malicious DOCM macro script. Locky--like Jaff--also used the Necurs botnet & a booby-trapped PDF. "This is where the comparison ends, since the code base is different as well as the ransom itself," said Malwarebytes. "Jaff asks for an astounding 2 BTC, which is about $3,700 at the time of writing." Proofpoint reckons Jaff may be the work of the same cybercriminals behind Locky, Dridex & Bart (other nasty malware) but this remains unconfirmed. Forcepoint Security Labs reports that malicious emails carrying Jaff are being cranked out at a rate of 5 million an hour on Thursday, or 13 million in total at the time of this post.
https://tech.slashdot.org/story/17/05/12/1351243/new-ransomware-jaff-spotted-malware-groups-pushing-5m-emails-per-hour-to-circulate-it

Jeffrey J. Bloom

Oh, and by the way, if the hackers do put the Disney movie online, don’t for a minute think that they won’t use it as a Trojan Horse to infect the computers of everyone who downloads it, preparing for another wave of ransomware. Be warned!

Jeffrey J. Bloom

Of course, that’s what they would say if they were part of a cover-up/conspiracy. But if that’s true then the family of Seth Rich must also be part of the conspiracy because they said none of this is true. It’s also worth noting that the investigator quoted in that initial Fox 5 story later told Newsweek he had never seen Rich’s laptop and had “nothing firsthand” about what was on it. All of that to say, there is good reason to believe Seth Rich was not the source of the DNC’s hacked emails.

Jeffrey J. Bloom

Google unveiled AutoML, empowering neural networks to build better neural networks. So, self taught AI? Doesn't sound like SkyNet...

"..we take a set of candidate neural nets," & "use a neural net to iterate through them until we arrive at the best neural net," this takes a huge amount of work out of building AI systems of the future, because they can be partly self-built.

AutoML is still in its early stages, but AI, machine learning, & deep learning are all finding their way into the apps we use every day.

In demos on stage at I/O, Google showed off how its machine learning technology could brighten up a dark picture or remove obstructions in images, all based on the training its gotten from millions of other sample snaps.

With the help of AutoML, our AI platforms should get more intelligent more quickly, though it might be a while before you see the benefits in your Android camera app.
http://www.sciencealert.com/google-is-improving-its-artificial-intelligence-with-artificial-intelligence

Jeffrey J. Bloom

Athena can target & infect any Windows system, XP to 10! Allegedly developed​ with help from a non-government contractor called Siege Technologies, the CIA could hack Windows 10 months after its launch. What? But Microsoft boasted about how hard it would be to hack?!? Crazy!

Jeffrey J. Bloom

Kaspersky reports ~98% of affected computers were running Win7, 1-in-a-1000 XP & just over 1% 2008 R2 Server. Since newer versions of Windows aren't vulnerable to WannaCry, it makes sense that most of the infections hit Win7 computers, which run on ~4x more computers than Win10 worldwide.

The figures suggest that unpatched XP devices played a relatively small role in the spread of the ransomware.
https://m.slashdot.org/story/326437

Jeffrey J. Bloom

The latest wave of WannaCry "is stupid and completely unscalable... they can't even keep up with the volume of decryption requests they've already received... Yeah, it's most likely scriptkiddies doing it for lulz.."

Hutchins has observed intentional DDOS attacks aimed at his domain with the apparent goal of knocking it offline. Wired reports that the traffic appears to be coming from Mirai botnet, using comprised IoT devices.
http://mashable.com/2017/05/19/wannacry-hackers-ransomware-lulz/

Jeffrey J. Bloom

EternalRocks uses SIX NSA tools to infect a computer! Four SMB exploits: ETERNALBLUE, ETERNALCHAMPION, ETERNALROMANCE & ETERNALSYNERGY; Two SMB recon tools: SMBTOUCH & ARCHITOUCH; and DOUBLEPULSAR, which propagates to new vulnerable machines.

Infected computers are wide open for further compromise by ANYONE via the C&C server or DOUBLEPULSAR, which runs in a default unprotected state.
https://www.bleepingcomputer.com/news/security/new-smb-worm-uses-seven-nsa-hacking-tools-wannacry-used-just-two/

Jeffrey J. Bloom

Syrichas has found a way to simulate quantum annealing using parallelization on standard server farms. His thesis--solving the traveling salesman problem--is the simplest formulations of an non-deterministic polynomial-time (NP Hard) problem not solvable on convention computers, until now. Quantum annealing compares all route lengths simultaneously (using superposition of values for variables) thus immediately coming up with a close-to-optimal solution. Repeated runs, using closest-to-optimal values from previous runs, find increasingly optimal routes.
http://www.eetimes.com/document.asp?doc_id=1331768

Jeffrey J. Bloom

"A lot of companies focus on machine learning" & fail to plan out an overall strategy. You have to figure out: Who does the work, what are the goals & what data do you have?
“There’s no one-size-fits-all on how to do this,” Bates said. “Not only do you get to choose the languages, algorithms & tools you use, but it’s open-ended on how to implement it.
http://bizwest.com/2017/05/19/want-build-machine-learning-startup-heres-must-first/

Jeffrey J. Bloom

Google’s new generation of TPUs are designed to handle both training & deploying on single chip! It's also faster, both on its own & when scaled out with others in what’s called a "TPU pod."
Already mostly realized, Google’s vision is that each phase of the pipeline can be executed in the cloud, as close as possible to the data, for the best possible speed. With TPUs, Google’s also seeks to provide many of the phases with custom hardware acceleration that can be scaled out on demand.
http://www.infoworld.com/article/3197405/artificial-intelligence/tpus-googles-machine-learning-pipeline-explained.html

Jeffrey J. Bloom

The NSA continues to be in “low-grade panic” mode since August. It appears they can’t protect & keep tools away from hackers. The loss & damage “poses a very serious threat to the future of the agency,”

For half a century, NSA pried into other people’s secrets.. Now they’re suddenly sitting ducks who have their secrets stolen & used around the world."
http://www.pymnts.com/news/security-and-risk/2017/more-pain-to-come-to-nsa-and-its-hacking-tools/

Jeffrey J. Bloom

As IoT devices proliferate, hackers are increasingly targeting home Networks & connected devices like TVs, stereos, coffee machines, toys, etc.. It's "a total nightmare when it comes to security," Avast's CTO.

At a recent tech show in the US, Avast hacked into a router, changed​ the firmware, took control of a TV & made it play an Obama speech repeatedly.

"Even if you turn off the TV, the router turns the TV back on & the user can't see anything other than the Obama speech," hackers could hold the TV for ransom.

"I know most people, especially Americans, care much more about their TV than they do about their data. They'd probably be much more willing to pay ransom for it," he said, chuckling.
http://news.abs-cbn.com/business/05/18/17/smart-appliances-under-threat-from-hackers-antivirus-firm

Jeffrey J. Bloom

Where an AI really helps is in predicting imminent threats. “AI looks for patterns of contextual irregularity in people’s behavior... It’s all about preventing a compromise, but doing so in a dynamic, adaptable manner.”

Marty Kamden, of NordVPN, says the greatest dangers are those we know nothing about. Yet, there is a vast treasure trove of information about previous attacks, techniques & success. An AI could learn and adapt faster than any human.
http://www.foxnews.com/tech/2017/05/18/can-artificial-intelligence-help-thwart-ransomware.html

Jeffrey J. Bloom

Juniper research found that alongside GPS, Light-Detection & Ranging (LiDAR), & road mapping, V2V will be amongst the critical technologies in delivering autonomous driving systems. In order for V2V to be successful, OEMs must include cellular connectivity to provide Over-The-Air (OTA) firmware updates. Recommending OEMs implement 5G technology at the earliest opportunity to benefit from these newly enabled services.
https://www.readitquik.com/news/networking/connected-cars-to-increasingly-opt-for-v2v-capabilities/

Jeffrey J. Bloom

THE US could see all their defences destroyed thanks to state-of-the-art "space weaponry" capable of taking out essential satellites. "The development that other countries are making in space weaponry, to take out our communication equipment, is truly chilling," said Senator Ted Cruz. "I will tell you, some of the classified briefings would take your breath away at the potential threats we face.."
http://www.dailystar.co.uk/news/world-news/615332/United-states-cyber-attack-video-US-war-North-Korea-Russia-footage

Jeffrey J. Bloom

To siphon Windows login credentials via GoogleChrome, Stankovic combined two previous attack techniquee--one from Stuxnet & another by Jonathan Brossard & Hormazd Billimoria at the Black Hat security conference.

"Organisations that allow remote access to services such as Microsoft Exchange (Outlook Anywhere) & use NTLM to authentication, may be vulnerable to SMB relay attacks, allowing the attacker to impersonate the victim, accessing data & systems without having to crack the password."
http://www.express.co.uk/life-style/science-technology/805729/Google-Chrome-Download-Warning-Windows-Login

Jeffrey J. Bloom

Some say it is more accurate to call it a calculator rather than a computer, but the highly-advanced mathematic and astronomical principles behind the Mechanism’s functionality make it worthy of the title.

The Antikythera Mechanism was found in 1902 near the coast of Antikythera, Greece. 82 fragments of the device were recovered, and seven of them feature highly advanced mechanical craftsmanship.
https://www.youtube.com/watch?v=UpLcnAIpVRA

Jeffrey J. Bloom

ActivePython comes bundled TensorFlow & theano. Both packages provide the computational libraries for deep learning via multi-layered neural networks, helping you leverage industry-leading machine learning capabilities from leaders like Google.
Download ActivePython Community Edition to get started.
https://www.activestate.com/activepython-machine-learning

Jeffrey J. Bloom

An AI president offers the possibility of delivering a purer form of government, one focused on the ideals we elect our presidents to represent. Voters could choose between a Democrat or a Republican AI, one that promised to enact the party’s platform. Or, voters could simply vote on a laundry list of issues & an AI that reflects the "popular will" would be built.

Jeffrey J. Bloom

Her lawsuit says the matter is important to study because it's rare for a federal agency, especially one with such serious duties, to employ humor in its public communications.
She is seeking, among other things, any training documents regarding the use of social media.

Jeffrey J. Bloom

Instead of completely disabling an infected computer by encrypting data & seeking a ransom, Adylkuzz uses infected machines to "mine" Monero virtual currency & transfer the money created to the authors of the virus.
https://www.yahoo.com/tech/another-large-scale-cyberattack-underway-experts-194944965.html

Jeffrey J. Bloom

With today’s doodle, Google is celebrating the 115 years that have passed since the discovery of the Antikythera Mechanism. This amazing tool is regarded as the first computer in the world. The company wanted to highlight the importance that a relic can have when gathering knowledge and information.
http://www.apextribune.com/antikythera-mechanism-doodle/218332/

Jeffrey J. Bloom

Cyber security IS a bona fide national security problem. The cliché "It's a wake-up call," has been in use since the early viruses & worms of the 1980s. Here's a select taste of 8 major hacks & attacks declared to be a "wake-up call" by government officials & security experts.
http://wknofm.org/post/long-wannacry-ransomware-decades-cyber-wake-calls