Tag Archive for: Filter

Google wins court order to force ISPs to filter botnet traffic – Naked Security

/in


A US court has recently unsealed a restraining order against a gang of alleged cybercrooks operating outside the country, based on a formal legal complaint from internet giant Google.

Google, it seems, decided to use its size, influence and network data to say, “No more!”, based on evidence it had collected about a cybergang known loosely as the CryptBot crew, whom Google claimed were:

  • Ripping off Google product names, icons and trademarks to shill their rogue software distribution services.
  • Running “pay-per-install” services for alleged software bundles that deliberately injected malware onto victims’ computers.
  • Operating a botnet (a robot or zombie network) to steal, collect and collate personal data from hundred of thousands of victims in the US.

You can read a PDF of the court document online.
Thanks to our chums at online pub The Register for posting this.

Plunder at will

Data that these CryptBot criminals are alleged to have plundered includes browser passwords, illicitly-snapped screenshots, cryptocurrency account data, and other PII (personally identifiable information).

As the court order puts it:

The Defendants are responsible for distributing a botnet that has infected approximately 672,220 CryptBot victim devices in the US in the last year. At any moment, the botnet’s extraordinary computing power could be harnessed for other criminal schemes.

Defendants could, for example, enable large ransomware or distributed denial-of-service attacks on legitimate businesses and other targets. Defendants could themselves perpetrate such a harmful attack, or they could sell access to the botnet to a third party for that purpose.

Because the defendants are apparently operating out of Pakistan, and unsurprisingly didn’t show up in court to argue their case, the court decided its outcome without hearing their side of the story.

Nevertheless, the court concluded that Google had shown “a likelihood of success” in respect of charges including violating the Computer Fraud and Abuse Act, trademark rules, and racketeering laws (which deal, loosely speaking, with so-called organised crime – committing crimes as if you were running a business):

[The court favors]…

Source…

Avast-Mobile Security App (Antivirus for Mobile)

/in



Utah’s ‘Porn Filter’ Law Passes the State Legislature

/in


If you work in cybersecurity, chances are you’re pretty tired by now. On the heels of Russia’s devastating Solarwinds hack that came to light in December, Chinese hackers have mounted what appears to be a full-on assault against Microsoft Exchange Servers, hitting at least 30,000 servers in the United States alone. China’s spies will whittle down the target list from there for further compromise, but this mess is still going to take a very long time to clean up.

Speaking of messes, apps in both the App Store and Google Play Store still leak too much data too much  of the time, according to a new study from mobile security firm Zimperium. Thanks to misconfigured cloud settings, tens of thousands of apps on both platforms inadvertently expose user information like financial data and medical test results. A different category of mistake was found over at far-right platform Gab, which got hacked very very thoroughly, apparently due to a coding error introduced by the platform’s CTO.

Cybersecurity entrepreneur turned man on the run John McAfee was indicted Friday for his alleged involvement in two cryptocurrency scams. Twitch released its first transparency report this week after a decade of, well, not doing that. Microsoft has started testing its decentralized IDs in the real world, if you wanted to put your college diploma on the blockchain. We took a look at how Myanmar’s citizens are dealing with a prolonged internet shutdown during that country’s military coup. And we published our sixth installment of 2034, a fictional account of a near-future war with China that feels all too real.

And there’s more! Each week we round up all the news we didn’t cover in depth. Click on the headlines to read the full stories. And stay safe out there.

Conservative lawmakers in Utah have passed a handful of anti-pornography laws in the last few years, including the declaration of a public health crisis in 2016. Now they’ve kicked things up a few notches. Measure HB72 won approval in the state senate this week, and in the house last month, meaning it’s headed for the governor’s desk for a signature. The law would mandate that every new smartphone and tablet sold in the state would come with a…

Source…

Stupid Use Of Profanity Filter Makes A Mess Of Virtual Paleontologist Conference

/in

We’ve known for some time that the sorts of automated filters that get applied to various internet-y things are flawed in the extreme. But of all the filters that annoy me the most, profanity filters are the worst. And, no, it’s not just because I use curse words like commas. Rather, it’s the combination of just how badly this is used, such as how Google thought for years that “bisexual” was a naughty word, along side how nefarious actors can block all sorts of non-profane language just by calling it profane. Add to all of this that a total lack of nuance for identifying so-called “naughty words” regularly causes perfectly non-profane content to be blocked or censored and this all begins to look like an exercise worth giving up.

For a great example of that last bit, we need only to look at a recent remote conference conducted by paleontologists that went awry due to a profanity filter.

Participants in a virtual paleontology session found themselves caught between a rock and a hard place last week, when a profanity filter prevented them from using certain words – such as bone, pubic, stream and, er, beaver – during an online conference.

“Words like ‘bone’, ‘pubic’, and ‘stream’ are frankly ridiculous to ban in a field where we regularly find pubic bones in streams,” said Brigid Christison, a master’s student in biology attending the event, in an interview with Vice.

Why, yes, that is really stupid. If your profanity filter is filtering out words you need to use for your field, then your profanity filter sucks and should be done away with. And, really, are members of the Society of Vertebrate Paleontology really so sensitive that any profanity filter need be in place at all. These people are adults and can be trusted, not journalists for The New Yorker.

Now, much of the blame for this comes from the organizers of the event for some reason including a filter setup for typical business meetings.

“Apparently it came with a pre-packaged naughty-word filter. After getting a good belly laugh out of the way on the first day and some creative wording (my personal favorite was Heck Creek for Hell Creek), some of us reached out to the business office, and they’ve been un-banning words as we stumble across them,” an SVP member explained to Reddit users.

I’m not entirely sure why any of this is funny, to be honest. It’s just annoying. Especially, as the article notes, when there are some curious choices made in the stock filter as to what words to filter out as profane or not. “Wang” is filtered for instance, despite it being a common last name, but “Johnson,” which has the same slang meaning, is totally allowed.

Again, all of this is simply annoying and unnecessary. Trust adults to be adults and either not use profane words, or else be able to handle it if someone else occasionally does. These filters aren’t working.

Techdirt.