Posts

Keep down internet upstarts, cultivate hard tech – TechCrunch

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


Hello and welcome back to TechCrunch’s China roundup, a digest of recent events shaping the Chinese tech landscape and what they mean to people in the rest of the world.

The tech industry in China has had quite a turbulent week. The government is upending its $100 billion private education sector, wiping billions from the market cap of the industry’s most lucrative players. Meanwhile, the assault on Chinese internet giants continued. Tech stocks tumbled after Tencent suspended user registration, sparking fears over who will be the next target of Beijing’s wrath.

Incisive observers point out that the new wave of stringent regulations against China’s internet and education firms has long been on Beijing’s agenda and there’s nothing surprising. Indeed, the central government has been unabashed about its desires to boost manufacturing and contain the unchecked powers of its service industry, which can include everything from internet platforms, film studios to after-school centers.

A few weeks ago I had an informative conversation with a Chinese venture capitalist who has been investing in industrial robots for over a decade, so I’m including it in this issue as it provides useful context for what’s going on in the consumer tech industry this week.

Automate the factories

China is putting robots into factories at an aggressive pace. Huang He, a partner at Northern Light Venture Capital, sees three forces spurring the demand for industrial robots — particularly ones that are made in China.

Over the years, Beijing has advocated for “localization” in a broad range of technology sectors, from enterprise software to production line automation. One may start to see Chinese robots that can rival those of Schneider and Panasonic a few years down the road. CRP, an NLVC-backed industrial robot maker, is already selling across Southeast Asia, Russia and East Europe.

On top of tech localization, it’s also well acknowledged that China is facing a severe demographic crisis. The labor shortage in its manufacturing sector is further compounded by the reluctance of young people to do menial factory work. Factory robots could offer a hand.

“Youngsters these days would…

Source…

EXPLAINER: Why ransomware is so dangerous and hard to stop

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


Recent high-profile “ransomware” attacks on the world’s largest meat-packing company and the biggest U.S. fuel pipeline have underscored how gangs of extortionist hackers can disrupt the economy and put lives and livelihoods at risk.

More recent known targets include a Massachusetts ferry operator, the Irish health system and the Washington, D.C., police department. But the broadly disruptive hacks on Colonial Pipeline in the U.S. in May and Brazilian meat processor JBS SA this week have drawn close attention from the White House and other world leaders, along with heightened scrutiny of the foreign safe havens where cybercriminal mafias operate.

WHAT IS RANSOMWARE? HOW DOES IT WORK?

Ransomware scrambles the target organization’s data with encryption. The criminals leave instructions on infected computers for negotiating ransom payments. Once paid, they provide decryption keys for unlocking those files.

Ransomware crooks have also expanded into data-theft blackmail. Before triggering encryption, they quietly copy sensitive files and threaten to post them publicly unless they get their ransom payments. That can present problems even for companies that diligently back up their networks as a hedge against ransomware, since refusing to pay can incur costs far greater than the ransoms they might have negotiated.

HOW DO RANSOMWARE GANGS OPERATE?

Source…

‘They hit you hard’: How DarkSide became powerhouse of ransomware attacks



Just weeks before the ransomware gang known as DarkSide attacked the owner of a major American pipeline, disrupting gasoline and jet fuel deliveries up and down the East Coast of the United States, the group was turning the screws on a small, family-owned publisher based in the American Midwest.


Working with a hacker who went by the name of Woris, DarkSide launched a series of attacks meant to shut down the websites of the publisher, which works mainly with clients in primary school education, if it refused to meet a $1.75 million ransom demand. It even threatened to contact the company’s clients to falsely warn them that it had obtained information the gang said could be used by pedophiles to make fake identification cards that would allow them to enter schools.


Woris thought this last ploy was a particularly nice touch.


“I laughed to the depth of my soul about the leaked IDs possibly being used by pedophiles to enter the school,” he said in Russian in a secret chat with DarkSide obtained by The New York Times. “I didn’t think it would scare them that much.”


DarkSide’s attack on the pipeline owner, Georgia-based Colonial Pipeline, did not just thrust the gang onto the international stage. It also cast a spotlight on a rapidly expanding criminal industry based primarily in Russia that has morphed from a specialty demanding highly sophisticated hacking skills into a conveyor-belt-like process. Now, even small-time criminal syndicates and hackers with mediocre computer capabilities can pose a potential national security threat.


Where once criminals had to play psychological games to trick people into handing over bank passwords and have the technical know-how to siphon money out of secure personal accounts, now virtually anyone can obtain ransomware off the shelf and load it into a compromised computer system using tricks picked up from YouTube tutorials or with the help of groups like DarkSide.


“Any doofus can be a cybercriminal now,” said Sergei A. Pavlovich, a former hacker who served 10 years in prison in his native Belarus for cybercrimes. “The intellectual barrier to entry has gotten…

Source…

Network Pivots, Patch Bypasses: Exploits Hit Hard …

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


An analysis of 50 vulnerabilities finds a spectrum of risk, from widespread vulnerabilities exploited by a variety of attackers to serious issues that will likely be exploited in 2021.

In 2020, security teams had to endure a great deal of chaos — not just from the events caused by the pandemic, but by a significant series of changes in the vulnerability landscape, according to Rapid7.

In its “2020 Vulnerability Intelligence Report,” released today, the security firm documented 50 vulnerabilities representing shifts that defenders had to contend with. Fourteen vulnerabilities were exploited by nation-state actors and cybercriminals in indiscriminate campaigns that impacted a wide variety of organizations, 16 vulnerabilities were used in targeted attacks by sophisticated actors, and 20 flaws have not yet been seen in the wild but are expected to be used by attackers in their campaigns.

The company delves into the threats to offer defenders a better understanding of what constituted dangerous vulnerabilities in 2020, says Caitlin Condon, manager of software engineering at Rapid7.

“There was a pervasive feeling in the information-security community, especially among defenders, that the sky was falling nearly all the time,” she says. “It is often very difficult for the people in charge of security to look at all the research materials and all the artifacts — at all the information about a vulnerability — and determine why a vulnerability may matter or not matter for their risk model.”

In the report, Rapid7 breaks down the threats into flaws exploited indiscriminately in widespread attacks (28%), security issues — often, zero-day vulnerabilities — used in targeted attacks (32%), and vulnerabilities the company considers to be impending threats (40%).

Among the most serious threats were attacks on network and security appliances that allowed the attacker to pivot from outside the network to the internal network. So-called network pivots were discovered in Citrix NetScaler, SonicWall SonicOS, Palo Alto Networks PAN-OS, and the Sophos XG Firewall.

“For many network defenders, June 29 through July 29, 2020 was a particularly nightmarish stretch of an already challenging year: No…

Source…