ZDNet |
Windows 10 silently uses your bandwidth to send updates to others
ZDNet While WUDO doesn't present any known security risks at present, security expert Graham Cluley was keen to point out that hackers have previously managed to exploit weaknesses in the Windows Update mechanism, using it to spread the Flame malware. Windows 10 uses your bandwidth to help strangers download updates |
A new wave of documents from Edward Snowden’s cache of National Security Agency data published by Der Spiegel demonstrates how the agency has used its network exploitation capabilities both to defend military networks from attack and to co-opt other organizations’ hacks for intelligence collection and other purposes. In one case, the NSA secretly tapped into South Korean network espionage on North Korean networks to gather intelligence.
The documents were published as part of an analysis by Jacob Appelbaum and others working for Der Spiegel of how the NSA has developed an offensive cyberwarfare capability over the past decade. According to a report by the New York Times, the access the NSA gained into North Korea’s networks—which initially leveraged South Korean “implants” on North Korean systems, but eventually consisted of the NSA’s own malware—played a role in attributing the attack on Sony Pictures to North Korean state-sponsored actors.
Included with the documents released by Der Spiegel are details on how the NSA built up its Remote Operations Center to carry out “Tailored Access Operations” on a variety of targets, while also building the capability to do permanent damage to adversaries’ information systems, including internal NSA newsletter interviews and training materials. Also included was a malware sample for a keylogger, apparently developed by the NSA and possibly other members of the “Five Eyes” intelligence community, which was also included in the dump. The code appears to be from the Five Eyes joint program “Warriorpride,” a set of tools shared by the NSA, the United Kingdom’s GCHQ, the Australian Signals Directorate, Canada’s Communications Security Establishment, and New Zealand’s Government Communications Security Bureau.
Read 8 remaining paragraphs | Comments
OpenDNS has developed a partner API that lets security vendors connect their technologies to the OpenDNS cloud for enforcement, effectively extending protection to any device no matter where it connects to the Internet.
OpenDNS CEO David Ulevitch
The first two such partners are Check Point and ZeroFOX, and the company will announce another dozen or so partners over the next few months, says OpenDNS CEO David Ulevitch.
+ Also on Network World: How the cloud is changing the security game +
To read this article in full or to leave a comment, please click here
They don’t call it Black Friday for nothing. And as shoppers increasingly use websites and mobile apps to do their shopping—even as they brave the crowds in brick-and-mortar stores—some retailers are finding it hard to handle demands.
While content delivery networks (CDNs) have made it possible to push static content out closer to Web and mobile shoppers and reduce overall traffic hitting e-commerce sites, the load on the sites is still causing some to buckle and break, albeit briefly.
Even Hewlett-Packard has gotten a bit of a bloody nose as HP Shopping went down around midday Eastern Time. And Best Buy’s website went offline briefly—though by noon those who had left their browsers pointed at the website were switched back to the electronics store. The trials and tribulations of major retailers’ websites are being live-blogged by David Jones of Dynatrace, an application performance management subsidiary of Compuware.
Read 8 remaining paragraphs | Comments