• Sp chevron_right

    Cloudflare plans to eat Proofpoint's lunch? / spam_resource · Monday, 11 October - 12:00 · 1 minute

Here's one I almost missed, from a couple of weeks ago: According to Wired, Cloudflare is moving into the email security space . The goal? To better protect against email-delivered threats (think phishing). They see a gap there; one I've noticed myself.

From the article Cloudflare Is Taking a Shot at Email Security by Lily Hay Newman: "Prince says that Cloudflare employees have been “astonished by how many targeted threats were getting through Google Workspace,” the company's email provider. That's not for lack of progress by Google or the other big providers on anti-spam and anti-malware efforts, he adds. But with so many types of email threats to deal with at once, strategically crafted phishing messages still slip through. So Cloudflare decided to build additional defense tools that both the company itself as well as its customers could use."

I'm using a bit of cheeky hyperbole up there in my choice of title, but this does tee up Cloudflare to end up competing more directly with companies like ProofPoint, and it highlights how even a well-tuned solution like ProofPoint email protection or even Google's best efforts might have some edge cases where they don't catch everything, leaving an opportunity for competition to come in and try to do something better. I think that's a good thing. And I personally would like to see more draconian filtering of bad actors doing the really bad stuff. And if it makes Cloudflare some money along the way, good for them.

Značky: #proofpoint, #news, #google, #cloudflare, #Network, #wired

  • chevron_right

    New York lawmaker wants to ban police use of armed robots / ArsTechnica · Sunday, 21 March, 2021 - 11:15

A black robot that is in the abstract shape of a dog.

Enlarge (credit: Michael Cohen | Getty Images )

New York City councilmember Ben Kallos says he "watched in horror" last month when city police responded to a hostage situation in the Bronx using Boston Dynamics ' Digidog, a remotely operated robotic dog equipped with surveillance cameras. Pictures of the Digidog went viral on Twitter , in part due to their uncanny resemblance with world-ending machines in the Netflix sci-fi series Black Mirror .

Now Kallos is proposing what may be the nation's first law banning police from owning or operating robots armed with weapons.

"I don't think anyone was anticipating that they'd actually be used by the NYPD right now," Kallos says. "I have no problem with using a robot to defuse a bomb, but it has to be the right use of a tool and the right type of circumstance."

Read 24 remaining paragraphs | Comments

  • chevron_right

    ISIS allegedly ran a COVID-19 PPE scam site / ArsTechnica · Sunday, 16 August, 2020 - 11:30 · 1 minute

Uh, you didn

Enlarge / Uh, you didn't buy your mask at, right? (credit: Kilito Chan / Getty Images)

The COVID-19 pandemic, and millions of people desperate for scarce protective equipment like masks and Tyvek suits, has presented a bonanza for scammers . Now, according to the US Department of Justice, it seems that even ISIS has gotten in on the game.

In a series of civil and criminal complaints and forfeiture notices released this week, the Justice Department has revealed that it seized hundreds of bitcoin and ethereum accounts, millions of dollars, and four websites from known Islamic extremist groups that were using those accounts and funds to support terrorist operations. Prosecutors say the forfeited crypto assets from the groups, which include ISIS, the al-Qassam Brigades, and al Qaeda, represent "the government’s largest-ever seizure of cryptocurrency in the terrorism context." The cryptocurrency haul alone totals more than $1 million according to Chainalysis, a blockchain-focused firm whose tools were used in the investigation.

Among the jihadist fundraising efforts the DOJ has nixed, however, one stands out as particularly brazen. Court documents [ PDF ] detail how an ISIS agent allegedly ran a scam website for COVID-19 personal protective equipment, or PPE, known as

Read 8 remaining paragraphs | Comments

  • chevron_right

    New Mac ransomware is even more sinister than it appears / ArsTechnica · Sunday, 5 July, 2020 - 15:30 · 1 minute

Scrabble letters sitting atop laptop computer spell Ransomware.

Enlarge (credit: Getty Images )

The threat of ransomware may seem ubiquitous, but there haven't been too many strains tailored specifically to infect Apple's Mac computers since the first full-fledged Mac ransomware surfaced only four years ago. So when Dinesh Devadoss, a malware researcher at the firm K7 Lab, published findings on Tuesday about a new example of Mac ransomware, that fact alone was significant. It turns out, though, that the malware, which researchers are now calling ThiefQuest, gets more interesting from there. (Researchers originally dubbed it EvilQuest until they discovered the Steam game series of the same name.)

In addition to ransomware, ThiefQuest has a whole other set of spyware capabilities that allow it to exfiltrate files from an infected computer, search the system for passwords and cryptocurrency wallet data, and run a robust keylogger to grab passwords, credit card numbers, or other financial information as a user types it in. The spyware component also lurks persistently as a backdoor on infected devices, meaning it sticks around even after a computer reboots, and could be used as a launchpad for additional, or "second stage," attacks. Given that ransomware is so rare on Macs to begin with, this one-two punch is especially noteworthy.


"Looking at the code, if you split the ransomware logic from all the other backdoor logic the two pieces completely make sense as individual malware. But compiling them together you're kind of like what?" says Patrick Wardle, principal security researcher at the Mac management firm Jamf. "My current gut feeling about all of this is that someone basically was designing a piece of Mac malware that would give them the ability to completely remotely control an infected system. And then they also added some ransomware capability as a way to make extra money."

Read 11 remaining paragraphs | Comments

  • chevron_right

    5G was going to unite the world—instead it’s tearing us apart / ArsTechnica · Saturday, 4 July, 2020 - 15:00

An illustration of 5G signals over the Chicago skyline.

Enlarge (credit: Getty Images | Photographer is my life )

The world came together to build 5G . Now the next-generation wireless technology is pulling the world apart.

The latest version of the 5G technical specifications, expected Friday, adds features for connecting autonomous cars , intelligent factories, and Internet-of-things devices to crazy-fast 5G networks. The blueprints reflect a global effort to develop the technology, with contributions from more than a dozen companies from Europe, the US, and Asia.

And yet, 5G is also pulling nations apart—with the United States and China anchoring the tug-of-war. Tensions between Washington and Beijing over trade , human rights , the handling of COVID-19 , and Chinese misinformation are escalating global divisions around the deployment of 5G. A growing number of countries are aligning with either a Western or a Chinese version of the tech.

Read 17 remaining paragraphs | Comments

  • chevron_right

    Schools already struggled with cybersecurity. Then came COVID-19 / ArsTechnica · Friday, 3 July, 2020 - 14:30 · 1 minute

A mother and child daughter look at a laptop together.

Enlarge / "School" is probably going to look something like this for a whole lot of families in the coming weeks. (credit: Rafael Ben-Ari | Getty Images )

This time last year, Jaggar Henry was enjoying the summer like so many other teens. The 17-year-old had a job, was hanging out with friends on the weekends, and was just generally spending a lot of time online. But then, at the end of July, Henry combed his hair, donned a slightly oversized Oxford shirt, and appeared before his school district's board in Polk County, Florida—one of the larger school districts in the United States—to outline a slew of security flaws he had found in its digital systems. His presentation was the culmination of months of work and focused on software used by more than 100,000 students.

Those vulnerabilities have been fixed, but Henry, who now works full time on education technology, says that his experience illustrates the challenges facing school districts across the United States—and a problem that's grown more acute in the wake of COVID-19.

The coronavirus pandemic has had major cybersecurity implications around the world. Tailored phishing attacks and contact-tracing scams prey on fear and uncertainty. Fraudsters are targeting economic relief and unemployment payments. The stakes are higher than ever for ransomware attacks that target health care providers and other critical infrastructure. For businesses, the transition to remote work has created new exposures and magnified existing ones.

Read 15 remaining paragraphs | Comments

  • chevron_right

    How to refuel a nuclear power plant during a pandemic / ArsTechnica · Sunday, 5 April, 2020 - 13:00 · 1 minute

The Palo Verde Nuclear generating plant, the nation

Enlarge / The Palo Verde Nuclear generating plant, the nation's largest nuclear power plant. (credit: Jeff Topping / Getty)

Each spring, nearly 1,000 highly specialized technicians from around the US descend on the Palo Verde Nuclear Generating Station near Phoenix, Arizona, to refuel one of the plant’s three nuclear reactors . As America’s largest power plant—nuclear or otherwise—Palo Verde provides around-the-clock power to 4 million people in the Southwest. Even under normal circumstances, refueling one of its reactors is a laborious, month-long process. But now that the US is in the middle of the coronavirus pandemic, the plant operators have had to adapt their refueling plans.

Palo Verde is expected to begin refueling one of its reactors in early April—a spokesperson for Arizona Public Service, the utility that operates the plant, declined to give an exact start date—but the preparations began months in advance. The uranium fuel started arriving at the plant last autumn, delivered in the cargo bay of an unmarked semi truck. The fuel arrives ready for the reactor as 1,000-pound rectangular bundles of uranium rods that are 12 feet tall and about 6 inches on each side.
The latest shipment of fuel arrived at the plant well before the coronavirus pandemic brought the world to a standstill, says Greg Cameron, the nuclear communications director at Palo Verde. The biggest change with this refueling cycle, he says, is the scope of the operation. “We’ve tried to trim down the amount of work to just what is necessary to ensure that we run for the next 18 months without impacting the reliability of the plant,” Cameron says.


Each of Palo Verde’s three nuclear reactors are ensconced in their own bulbous concrete sarcophagus and operate almost entirely independent of one another. This allows plant operators to periodically take one of the reactors offline for refueling and maintenance without totally disrupting the flow of energy to the grid. Each reactor is partially refueled every year and a half, with about one-third of the fuel in the reactor core being swapped out for a fresh batch.

Read 5 remaining paragraphs | Comments

  • chevron_right

    The party goes on in massive online worlds / ArsTechnica · Saturday, 4 April, 2020 - 13:15 · 1 minute

Final Fantasy XIV online.' src='' >

You don't have to be so socially distant when playing Final Fantasy XIV online.

My friends and I were taking a pit stop after an aimless drive when we heard a stranger loudly invite anyone within earshot to her friends’ party. Our plans had ended at “go for a drive;” before that, we were loitering between some collapsed columns in a crystalline wasteland.

We debated whether to attend from inside our car. The party seemed a little raunchy—its promoter, Nina, a minuscule woman with pink blush marks painted on either side of her button nose, advertised “drinks and good company” but also “ERP,” which stands for “erotic role-play.” That’s not generally our thing. We’re more stand-outside types than the types to cast a flashy glamour spell and chat up the nearest cat girl. But, hey, it’s Final Fantasy XIV online, and where my body sat in New York, the epicenter of America’s Covid-19 outbreak , there certainly weren’t any parties.


On Fridays, Saturdays, and basically any given weeknight, my Brooklyn neighborhood is alive with throbbing house music, over-earnest open mics, DJ sets, roiling apartment bashes, and cars blasting reggaeton. In this new-normal world, events as we know them no longer exist, unless you count texting your 20 closest acquaintances a DRINKS ON ZOOM!!!! invite, give or take a couple of cloying emojis. With all of this newfound time to overthink the mundane, I recognize now that social outings are dedicated units of time for self-expression, coloring-book pages onto which we and our friends draw outlines that we pour ourselves into. Social distancing has separated us from our social contexts; without them, all the color drains out.

Read 13 remaining paragraphs | Comments