Other school districts may be targeted by the hacking group Vice Society, law enforcement and cybersecurity experts warn.
The Butler Eagle reported that the ransomware group Vice Society is believed to be responsible for the hacking.
The FBI, Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center last month a joint cybersecurity advisory after observing Vice Society threat actors disproportionately targeting the education sector with ransomware attacks.
Streaming media platform Plex sent out an email to its customers earlier today notifying them of a security breach that may have compromised account information, including usernames, email addresses, and passwords. While Plex’s message says “all account passwords that could have been accessed were hashed and secured in accordance with best practices,” it is still advising all users to change their passwords immediately.
Plex is one of the largest media server apps available, used by around 20 million people to stream video, audio, and photos they upload themselves in addition to an increasing variety of content the service provides to paid subscribers.
The email states, “Yesterday, we discovered suspicious activity on one of our databases. We immediately began an investigation and it does appear that a third-party was able to access a limited subset of data that includes emails, usernames, and encrypted passwords.” There is no indication any other personal account information has been compromised, and there’s no mention of access to private media libraries (which may or may not include pirated content, private nudes, and other sensitive content) having been accessed in the breach.
(NewsNation) — Apple, Google and Microsoft announced plans on Thursday to eliminate passwords and replace them with other secure sign-in methods.
The announcement came just before World Password Day, which is recognized annually on the first Thursday of May. It highlights the use of safe password habits, but some major tech companies say password-only authentication is of the biggest security problems on the web.
“Fundamentally, what we’re doing is letting you use your everyday device — the same thing that you do multiple times a day — to unlock your device now to log in, in a way that is just leaps and bounds more secure than anything that you’re doing today,” said Megan Shamas, a spokesperson for FIDO, the authentication company leading the charge.
Together, Apple, Google and Microsoft plan to follow a standard created by the FIDO Alliance and the World Wide Web Consortium. That means that websites and apps could offer an “end-to-end passwordless option,” according to a news release. Users would sign in with the same method they use multiple times each day to unlock their devices, such as a simple verification of their fingerprint or face, or a device PIN.
A regional cybersecurity firm is helping restore information, the college’s spokesman William Foley said in a press release.
Washington (CNN)The United States and its foreign allies on Monday accused China of widespread malfeasance in cyberspace, including through a massive hack of Microsoft’s email system and other ransomware attacks, a dramatic escalation in the increasingly urgent attempt by the Biden administration to stave off further breaches.In a coordinated announcement, the White House and governments in Europe and Asia identified China’s Ministry of State Security, the sprawling and secretive civilian intelligence agency, with using “criminal contract hackers” to conduct a range of destabilizing activities around the world for personal profit, including the Microsoft hack, according to a senior US administration official.The administration official also said China was behind a specific ransomware attack against a US target that involved a “large ransom request” — and added that Chinese ransom demands have been in the “millions of dollars.”The public disclosure of the Chinese efforts amounts to a new front in an ongoing offensive by the Biden administration to bat away cyberthreats that have exposed serious vulnerabilities in major American sectors, including energy and food production. The extent of Chinese involvement in hiring criminal networks to invade and extort money around the world came as a surprise to the White House, officials said.“What we found really surprising and new here was the use of criminal contract hackers to conduct this unsanctioned cyber operation and really the criminal activity for financial gain. That was really eye-opening and surprising for us,” a senior administration official said on Sunday ahead of the announcement.
Microsoft has started detailing some of the design approaches it has used for Windows 11 and its attention to detail for daily micro-interactions. That includes things like a checkbox that has an animated tick to subtly let you know when you interact with it, or a settings cog that spins when you hover over it. Plenty of buttons in Windows 11 pop with faint signs of life or bounce as you move around the OS.
The ransomware hacker gang REvil’s websites are offline, about a week and a half after the group’s cyberattack on IT software vendor Kaseya allowed the criminals to breach hundreds of companies around the world.
As of Tuesday morning, the group’s public website, the dark-web portal that facilitated its ransom negotiations with victims and the site that victims used to pay those ransoms were offline.
In addition to REvil’s websites, “all of their infrastructure” used to control their hacking operations is also dark, said Allan Liska, an intelligence analyst who tracks ransomware for the cybersecurity firm Recorded Future.
REvil’s public spokesperson, who goes by the pseudonym “Unknown,” “hasn’t been active on message boards since last Thursday,” Liska said.
Originally built to speed up calculations, a machine-learning system is now making shocking progress at the frontiers of experimental quantum physics
An affiliate of the notorious REvil gang, best known forafter a Memorial Day attack, infected thousands of victims in at least 17 countries on Friday, largely through firms that remotely manage IT infrastructure for multiple customers, cybersecurity researchers said.
REvil was demanding ransoms of up to $5 million, the researchers said. But late Sunday it offered in a posting on its dark web site a universal decryptor software key that would unscramble all affected machines in exchange for $70 million in cryptocurrency.
Earlier, the FBI said in a statement that while it was investigating the attack its scale “may make it so that we are unable to respond to each victim individually.” Deputy National Security Advisor Anne Neuberger later issued a statement saying President Joe Biden had “directed the full resources of the government to investigate this incident” and urged all who believed they were compromised to alert the FBI.
Mr. Biden suggested Saturday the U.S. would respond if it was determined that the Kremlin is at all involved. Less than a month ago, he pressed Russian President Vladimir Putin to stop giving safe haven to REvil and other ransomware gangs whose unrelenting extortionary attacks the U.S. deems a national security threat.
On Monday, Putin spokesman Dmitry Peskov was asked if Russia was aware of the attack or had looked into it. He said no, but suggested it could be discussed by the U.S. and Russia in consultations on cybersecurity issues for which no timeline has been specified.
Microsoft has ended support for Windows 7, so it’s time to make the move to Windows 10.
Support for Windows 7 ended more than a year ago, and Microsoft wants holdouts toto keep devices running securely and smoothly — particularly before the operating system gets a big redesign later this year, and possibly morphs into .
If you have an older PC or laptop still running Windows 7, you can buy the Windows 10 Home operating system on Microsoft’s website for $139 (£120, AU$225). But you don’t necessarily have to shell out the cash: A free upgrade offer from Microsoft that technically ended in 2016 still works for many people. With the potential new version of Windows right around the corner, now may be a good time to make sure you’re on the latest version to make any future updates easier.
When Windows 10 was first released in July 2015, Microsoft offered an unprecedented free upgrade offer for Windows 7, 8 and 8.1 users, good through July 2016. But in 2017, Ed Bott of CNET sister site ZDNet reported that the free upgrade tool was still functional. I tried it out in November 2019, and was able to upgrade a 2014 Dell OptiPlex 9020 desktop from Windows 7 Pro to Windows 10 Pro. As June 2021, readers are still emailing me and commenting below, saying that it’s worked for them as well.
- A build of the expected Windows 11 that leaked last week provides a hint of what Microsoft might announce at a Windows event Thursday.
- Analysts will be listening for signs of any business model updates.
- Refreshing the 35-year-old operating system can result in additional revenue growth for the world’s second-most valuable public company, behind only Apple. Over time, the new Windows will likely be widely adopted as millions of consumers and office workers make the upgrade from Windows 10, the top PC operating system.
Source: Windows 11: What to expect
MADRID (AP) — John McAfee, the creator of McAfee antivirus software, was found dead in his jail cell near Barcelona in an apparent suicide Wednesday, hours after a Spanish court approved his extradition to the United States to face tax charges punishable by decades in prison, authorities said.
The eccentric cryptocurrency promoter and tax opponent whose history of legal troubles spanned from Tennessee to Central America to the Caribbean was discovered at the Brians 2 penitentiary in northeastern Spain. Security personnel tried to revive him, but the jail’s medical team finally certified his death, a statement from the regional Catalan government said.
“A judicial delegation has arrived to investigate the causes of death,” it said, adding that “everything points to death by suicide.”
The statement didn’t identify McAfee by name but said the dead man was a 75-year-old U.S. citizen awaiting extradition to his country. A Catalan government official familiar with the case who was not authorized to be named in media reports confirmed to The Associated Press that it was McAfee.
Spain’s National Court on Monday ruled in favor of extraditing McAfee, 75, who had argued in a hearing earlier this month that the charges against him by prosecutors in Tennessee were politically motivated and that he would spend the rest of his life in prison if returned to the U.S.
The court’s ruling was made public on Wednesday and was open for appeal, with any final extradition order also needing to get approval from the Spanish Cabinet.
McAfee was arrested last October at Barcelona’s international airport and had been in jail since then awaiting the outcome of extradition proceedings. The arrest followed charges the same month in Tennessee for evading taxes after failing to report income from promoting cryptocurrencies while he did consulting work, made speaking engagements and sold the rights to his life story for a documentary. The criminal charges carried a prison sentence of up to 30 years.
Southwest Airlines grounded flights across the country Tuesday for the second time in less than 24 hours, amid reports of nationwide computer issues.
Air travelers took to Twitter by the thousands with reports of what airline staff reportedly told them was a computer system outage — hours after “intermittent performance issues” with a third-party weather app forced a similar group stop Monday night.
“We are aware of system issues and are working quickly to resolve. We will share more info soon,” Southwest posted on its official Twitter account at 2 p.m. Tuesday.
Airline operations resumed shortly before 4 p.m., Southwest said in a statement.
The carrier attributed Tuesday’s meltdown to “intermittent performance issues with… network connectivity,” and said it had “proactively canceled” about 500 flights because of the disruption.
“We’re working with those Customers to get them to their destinations as quickly as possible,” said spokesman Chris Mainz.
Hearing your wireless devices are vulnerable to something called “FragAttacks” doesn’t exactly inspire joy. However, the word is scarier than the risk; there’s no evidence that anyone is actively exploiting wireless devices via these vulnerabilities, even given the millions that could be susceptible to FragAttacks—short for “fragmentation and aggregation attacks.”
The name “FragAttack” actually refers to a group of vulnerabilities related to frames, or packets of data, that can be exploited to either steal someone’s information as it passes between networked devices, or to take over a device entirely—whether that’s a simple IoT smart switch or that old laptop you use to browse the web at home. Attackers can either inject unwanted, unencrypted frames into a network, or they can take advantage of how frames are aggregated together (or how aggregates are split apart) to inject and execute data that wasn’t there in the first place.
The best way to keep your network as safe as possible against FragAttack vulnerabilities is to keep your devices updated—and you’ll note this is the same advice we give everyone about every security vulnerability ever. Make sure your routers, smart devices, laptops, phones, or whatever else are all running the most up-to-date firmware and software updates you can find. If you’re lucky, your devices’ manufacturer will have a means for updating them automatically. Otherwise, you’ll need to make sure you’re checking on a regular interval (say, quarterly) for critical updates that can patch up vulnerabilities like these.
Read Source: How to Protect Your Home Network From ‘FragAttacks’
About 4,800 Pittsburgh students are expected to return on April 6. They are a group that includes PreK and kindergarten students and others who have been determined to not be making progress in eLearning, who have disabilities, are English language learners or in other vulnerable groups.
On April 26 another cohort of about 5,200 students — those who were making “some” progress — will be brought back to the classrooms.
On May 3 the remainder of students, a group of about 10,000, will return.
The majority of students will attend via a hybrid model, with some in class on Mondays and Tuesdays and others attending Thursdays and Fridays. Schools will be cleaned on Wednesdays, when all students learn online.
At some point “mid-afternoon,” the Allegheny County health department and the 2-1-1 service became aware that a hacker was intercepting callers and diverting them away from the help line without their knowledge, officials said.
If you’re not sure what electronics you can recycle at Westmoreland Cleanways and Recycling, the Unity-based nonprofit has a video for you.
As Westmoreland Cleanways Executive Director Ellen Keefe notes in one of four new informational videos posted on the organization’s website, among the most frequent calls received at its center near Pleasant Unity are inquiries about recycling televisions and computers.
Keefe points out that Pennsylvania law prohibits landfill disposal of computers, computer printers and keyboards, televisions and any other electronic device with a screen measuring more than 5 inches. But those items are accepted at the Cleanways center.
“We’re one of the very few places that will take them,” Keefe said. “People don’t think about how to get rid of this stuff until they have to. It’s a constant question and a constant educational necessity.”
“There’s no limit on size or quantity that you bring in,” Keefe says of the television sets accepted at Cleanways.
She noted there’s no charge for recycling a TV as long as it’s intact. If the TV has been disassembled or its casing is broken open, a handling fee will apply because of the potential for release of toxic materials in the sets — the reason why they can’t be placed in landfills.
“I was driving home and saw a TV sitting out on the curb with someone’s garbage,” she said, despite the law banning the sets from landfills.
There are some electronics Cleanways won’t accept, such as stereo speakers and music CDs. A complete list of the various items that can be dropped off at the center for recycling can be found on the nonprofit’s website at westmorelandcleanways.org.
The attack was so widespread and potentially catastrophic, the DHS’s cyber wing issued an emergency directive that stated the only way to mitigate damage was to airgap devices and uninstall affected Orion software. Meanwhile, SolarWinds filed an update with the SEC detailing the extent of the damage. It was limited, but only if you consider 18-33,000 potential infections “limited.” It’s only a small percentage because Solarwinds’s customer base is so large. The company boasts 300,000 customers, among them several government agencies and all five branches of the military. (It’s not boasting much these days. It has memory-holed its “Customer” page during this trying time.)
Unfortunately, the directive from CISA was delivered a bit too late. CISA itself was compromised by the hack, something acknowledged by the DHS less than 24 hours after its dire directive was issued.
The fallout from this hacking — which may have begun as early as March of this year — will continue for a long, long time. But this latest news — delivered by Zack Whittaker — adds another layer of irony to the ongoing debacle. Orion is Solarwinds’ one-stop shop for IT software. It promises to secure customers’ IT infrastructure by bundling in the company’s network security products.
No doubt the company claims to take security seriously. But while users are being subjected to password requirements that demand them to utilize most of the alphabet and multiple shift key presses, internal security isn’t nearly as restrictive. Here’s the “OMFG are you goddamn kidding me” news via Reuters, which first broke the news of the malicious hacking.
Security researcher Vinoth Kumar told Reuters that, last year, he alerted the company that anyone could access SolarWinds’ update server by using the password “solarwinds123”.
All five branches of the military. The NSA. The IRS. The USPS. DHS. The Treasury Department. Nearly every Fortune 500 company. All ten of the top ten telcos. The list goes on and on. And with this access, attackers could move laterally, using compromised credentials to eavesdrop on mutuals of targeted entities. And all of this “secured” by a password so simple an idiot could have created it.
When it comes to font choice, go with a “sans serif” font like Open Sans or Roboto. These are more readable and preferred by users. To keep users on your site longer, consider introducing a chat box feature to allow visitors to ask questions and learn more about services or products.
Finally, make sure your website graphics are clear. This is so important; you should partner with a professional a few times a year to ensure production quality.
Computer systems for Universal Health Services, which has more than 400 locations, primarily in the U.S., began to fail over the weekend, and some hospitals have had to resort to filing patient information with pen and paper, according to multiple people familiar with the situation.
Multiple images have surfaced from a major Spanish retailer that may have revealed the PS5 price. Photos from El Corte Inglés appeared overnight, potentially revealing the cost of both versions of the upcoming console ahead of official word from Sony.
Both images stem from El Corte Inglés, which is one of the biggest retailers in Spain, Pictures of the store’s internal systems that appear to show entries for both the standard and digital versions of the PS5 were shared on messaging service Telegram, listing two prices for the console. According to both of these photos, one version of the PS5 will cost €499.90 ($594/£460), while the other will cost €399.90 ($475/£369). The digital-only version of the console is very likely to be the cheaper version.
The once-respected BlackBerry brand has been licensed yet again by a company hoping to use a familiar name to make a dent in the competitive Android phone market. This time, it’s a new Texas startup named OnwardMobility that’s taking the reins, promising to release a 5G BlackBerry device with Android and a physical QWERTY keyboard in 2021.
Little else is known about the device, including screen size or internal specs, but OnwardMobility told The Register it would come with a completely new keyboard design that will “reflect the brand values from a keyboard typing experience and input experience.” Which, yeah, sure! I love to reflect brand values. Do it all the time.
Another question mark hanging over the yet-unnamed device is what form factor it’ll take, be that a slider mechanism similar to 2015’s BlackBerry Priv, or a more conventional “candy bar” design. While the latter will undoubtedly prove more durable, and will appeal to die-hard QWERTY enthusiasts, a slider mechanism will allow punters to better make use of any display real-estate.
Zoom Video Communications Inc said it plans to hire hundreds of software engineers over the next two years for research and development locations it is putting in Phoenix and Pittsburgh.
“It’s great news for Pittsburgh,” said Pittsburgh Mayor Bill Peduto. “It just continues in showing where our economy is not only heading but is actually there.”
“We’re already a hub for a lot of great technology,” said Mark Thomas, President of the Pittsburgh Regional Alliance. “I think what makes Pittsburghers really proud is seeing growth companies, companies are really having a pop culture moment, choose Pittsburgh. I think that’s what Zoom really represents. This is transformative because it does elevate the types of companies who may not have had a Pittsburgh connection to really pay attention to what’s happening here and truly consider investing here.”Zoom says it has seen a large spike in usage as people use its software to connect while under stay-at-home orders during the coronavirus pandemic.Zoom said last month it has about 300 million daily meeting participants, which is up from 10 million in December.Zoom Chief Financial Officer Kelly Steckelberg said the company is looking for offices near Arizona State University and Carnegie Mellon University to tap engineering talent coming out of the schools.
PITTSBURGH — Be careful what information you share on social media. That’s the warning from FBI Pittsburgh as a number of trending social media topics can lead to fraud.
While they might seem like fun games, they can reveal answers to common password retrieval security questions, according to the FBI. Fraudsters then use that information to reset account passwords and gain access.
Examples of things the FBI wants you to be careful of are posting high school photos in support of the Class of 2020, posting pictures of your first car, answering questions about your best friend and providing the name of your first pet, as well as identifying your first concert, favorite restaurant or favorite teacher. Tagging your mother is also advised against because it could reveal a maiden name.
hen we first started hearing about Windows 10X (codenamed Santorini at the time,) it was clear that this new, modern version of Windows was going to be quite different from the Windows 10 we know and love. It was positioned internally as a lightweight OS for mobile PCs, including laptops, 2-in-1’s, and indeed foldable PCs. But when Microsoft officially announced Windows 10X in October, it positioned the platform as being exclusive to foldable PCs.
Microsoft did this as to set expectations for Windows 10X. Its entire user experience is new and different, and since Windows 10X is built on Windows Core OS, it’s also missing a lot of legacy features and components that some users may be accustomed to. Limiting Windows 10X to a new ecosystem of devices would’ve allowed Microsoft to set the stage appropriately and have users come into the platform with fresh eyes.
But now, new rumors suggest that Microsoft is shifting back to prioritizing Windows 10X for traditional form factors too. This is great news for early adopters who like the look of Windows 10X but aren’t entirely sold on the idea of foldable PCs. However, this shift also opens up Windows 10X to a whole new level of customer expectation that it previously didn’t need to worry about. If Windows 10X is launching on laptops, it needs to be good enough to replace Windows 10 on day one.
Americans are becoming increasingly sedentary, spending almost a third of their waking hours sitting down, and computer use is partly to blame, a new study found.
Over almost a decade, average daily sitting time increased by roughly an hour, to about eight hours for U.S. teens and almost 6 1/2 hours for adults, according to the researchers. That includes school and work hours, but leisure-time computer use among all ages increased too.
By 2016, at least half of American kids and adults spent an hour or more of leisure time daily using computers. There are many services like this Managed IT Services Chicago who are bringing in courses which can help people understand and develop on the skill. The biggest increase was among the oldest adults: 15% of retirement-aged adults reported using computers that often in 2003-04, soaring to more than half in 2015-16.