A regional cybersecurity firm is helping restore information, the college’s spokesman William Foley said in a press release.
The owner of a Jeannette-based weapons marketing internet site contends he and his company were improperly removed from two social media platforms and suggested his conservative, pro-gun politics were the cause, according to a lawsuit filed this week in Westmoreland County.
Armslist LLC and owner Jonathan Gibbon of Jeannette said in January 2020 both Facebook and Instagram closed off access to and removed his private and business accounts without explanation.
According to the lawsuit, Armslist and Gibbon contend there was no basis for those actions and no policies of Facebook or Instagram were violated.
“Armslist doesn’t sell or market guns. It’s a site that is similar to Craigslist, and it drives traffic to its site by making posts on social media. To do that, they make posts supporting the Second Amendment,” said Jay Carson, Armslist’s Cleveland-based attorney.
Gibbon, a lawyer from Jeannette, has owned Armslist since its inception in 2007. He, along with one of his employees, filed the lawsuit that demands Facebook and Instagram restore their accounts. No monetary damages are being sought in the lawsuit.
Neither Facebook nor Instagram responded to requests for comment.
They’ve logged off the app for the day as part of a strike organized on social media against the food delivery service, demanding tip transparency and higher pay.
It all started, presumably, on Reddit
While the strike is nationwide and not affiliated with any particular organization, it appears to have originated on Reddit, where a post from July 15 circulated, titled, “DOORDASH BOYCOTT ON JULY 31ST ALL DAY !!”
The post urged Dashers — the company name for drivers — to stop using the app for the day and to instead use UberEats. At the bottom the post lists demands, including a minimum “base pay,” the amount a driver earns on each order before a tip, of $4.50.
According to information provided to NPR by DoorDash, Dasher base pay is calculated based on the estimated time, distance and desirability of an order, Right now, Dashers can expect to earn a base pay between $2 to $10+, according to DoorDash’s website. Drivers say the lower end of that range had previously been $3.
Washington (CNN)The United States and its foreign allies on Monday accused China of widespread malfeasance in cyberspace, including through a massive hack of Microsoft’s email system and other ransomware attacks, a dramatic escalation in the increasingly urgent attempt by the Biden administration to stave off further breaches.In a coordinated announcement, the White House and governments in Europe and Asia identified China’s Ministry of State Security, the sprawling and secretive civilian intelligence agency, with using “criminal contract hackers” to conduct a range of destabilizing activities around the world for personal profit, including the Microsoft hack, according to a senior US administration official.The administration official also said China was behind a specific ransomware attack against a US target that involved a “large ransom request” — and added that Chinese ransom demands have been in the “millions of dollars.”The public disclosure of the Chinese efforts amounts to a new front in an ongoing offensive by the Biden administration to bat away cyberthreats that have exposed serious vulnerabilities in major American sectors, including energy and food production. The extent of Chinese involvement in hiring criminal networks to invade and extort money around the world came as a surprise to the White House, officials said.“What we found really surprising and new here was the use of criminal contract hackers to conduct this unsanctioned cyber operation and really the criminal activity for financial gain. That was really eye-opening and surprising for us,” a senior administration official said on Sunday ahead of the announcement.
The ransomware hacker gang REvil’s websites are offline, about a week and a half after the group’s cyberattack on IT software vendor Kaseya allowed the criminals to breach hundreds of companies around the world.
As of Tuesday morning, the group’s public website, the dark-web portal that facilitated its ransom negotiations with victims and the site that victims used to pay those ransoms were offline.
In addition to REvil’s websites, “all of their infrastructure” used to control their hacking operations is also dark, said Allan Liska, an intelligence analyst who tracks ransomware for the cybersecurity firm Recorded Future.
REvil’s public spokesperson, who goes by the pseudonym “Unknown,” “hasn’t been active on message boards since last Thursday,” Liska said.
As the show continues to dominate the Top 10 charts, we must ask: Is Manifest the most popular series on Netflix…ever?
Something unprecedented is happening over on Netflix right now. Manifest is in the midst of a historic run on the Top 10 charts, as the program just completed its 23rd consecutive day in the #1 position—a feat only two other shows have accomplished: Ginny & Georgia and Tiger King.
And as the show inches closer and closer to claiming the best streak ever, we must ask: is Manifest the most popular series on Netflix…ever?
The world’s biggest streaming service has produced several shows over the past few years that were mega-hits—but it’s difficult to determine exactly which one was the most popular. The streaming service claims that Bridgerton had a record 82 million views in its first 28 days. But Bridgerton was only able to overtake The Witcher’s previous record of 76 million views because Netflix’s subscriber base had grown so exponentially during the coronavirus pandemic.
Then we have to consider the Top 10 charts. Last year, I formed a points-based system that allowed me to rank every show’s popularity based on their Top 10 placements each day (here are the 2021 rankings, in case you’re curious). And while this system doesn’t give us hard numbers, it does let us know which shows have been the most consistently popular on Netflix.
An affiliate of the notorious REvil gang, best known forafter a Memorial Day attack, infected thousands of victims in at least 17 countries on Friday, largely through firms that remotely manage IT infrastructure for multiple customers, cybersecurity researchers said.
REvil was demanding ransoms of up to $5 million, the researchers said. But late Sunday it offered in a posting on its dark web site a universal decryptor software key that would unscramble all affected machines in exchange for $70 million in cryptocurrency.
Earlier, the FBI said in a statement that while it was investigating the attack its scale “may make it so that we are unable to respond to each victim individually.” Deputy National Security Advisor Anne Neuberger later issued a statement saying President Joe Biden had “directed the full resources of the government to investigate this incident” and urged all who believed they were compromised to alert the FBI.
Mr. Biden suggested Saturday the U.S. would respond if it was determined that the Kremlin is at all involved. Less than a month ago, he pressed Russian President Vladimir Putin to stop giving safe haven to REvil and other ransomware gangs whose unrelenting extortionary attacks the U.S. deems a national security threat.
On Monday, Putin spokesman Dmitry Peskov was asked if Russia was aware of the attack or had looked into it. He said no, but suggested it could be discussed by the U.S. and Russia in consultations on cybersecurity issues for which no timeline has been specified.
Microsoft has ended support for Windows 7, so it’s time to make the move to Windows 10.
Support for Windows 7 ended more than a year ago, and Microsoft wants holdouts toto keep devices running securely and smoothly — particularly before the operating system gets a big redesign later this year, and possibly morphs into .
If you have an older PC or laptop still running Windows 7, you can buy the Windows 10 Home operating system on Microsoft’s website for $139 (£120, AU$225). But you don’t necessarily have to shell out the cash: A free upgrade offer from Microsoft that technically ended in 2016 still works for many people. With the potential new version of Windows right around the corner, now may be a good time to make sure you’re on the latest version to make any future updates easier.
When Windows 10 was first released in July 2015, Microsoft offered an unprecedented free upgrade offer for Windows 7, 8 and 8.1 users, good through July 2016. But in 2017, Ed Bott of CNET sister site ZDNet reported that the free upgrade tool was still functional. I tried it out in November 2019, and was able to upgrade a 2014 Dell OptiPlex 9020 desktop from Windows 7 Pro to Windows 10 Pro. As June 2021, readers are still emailing me and commenting below, saying that it’s worked for them as well.
- A build of the expected Windows 11 that leaked last week provides a hint of what Microsoft might announce at a Windows event Thursday.
- Analysts will be listening for signs of any business model updates.
- Refreshing the 35-year-old operating system can result in additional revenue growth for the world’s second-most valuable public company, behind only Apple. Over time, the new Windows will likely be widely adopted as millions of consumers and office workers make the upgrade from Windows 10, the top PC operating system.
Source: Windows 11: What to expect
MADRID (AP) — John McAfee, the creator of McAfee antivirus software, was found dead in his jail cell near Barcelona in an apparent suicide Wednesday, hours after a Spanish court approved his extradition to the United States to face tax charges punishable by decades in prison, authorities said.
The eccentric cryptocurrency promoter and tax opponent whose history of legal troubles spanned from Tennessee to Central America to the Caribbean was discovered at the Brians 2 penitentiary in northeastern Spain. Security personnel tried to revive him, but the jail’s medical team finally certified his death, a statement from the regional Catalan government said.
“A judicial delegation has arrived to investigate the causes of death,” it said, adding that “everything points to death by suicide.”
The statement didn’t identify McAfee by name but said the dead man was a 75-year-old U.S. citizen awaiting extradition to his country. A Catalan government official familiar with the case who was not authorized to be named in media reports confirmed to The Associated Press that it was McAfee.
Spain’s National Court on Monday ruled in favor of extraditing McAfee, 75, who had argued in a hearing earlier this month that the charges against him by prosecutors in Tennessee were politically motivated and that he would spend the rest of his life in prison if returned to the U.S.
The court’s ruling was made public on Wednesday and was open for appeal, with any final extradition order also needing to get approval from the Spanish Cabinet.
McAfee was arrested last October at Barcelona’s international airport and had been in jail since then awaiting the outcome of extradition proceedings. The arrest followed charges the same month in Tennessee for evading taxes after failing to report income from promoting cryptocurrencies while he did consulting work, made speaking engagements and sold the rights to his life story for a documentary. The criminal charges carried a prison sentence of up to 30 years.
Southwest Airlines grounded flights across the country Tuesday for the second time in less than 24 hours, amid reports of nationwide computer issues.
Air travelers took to Twitter by the thousands with reports of what airline staff reportedly told them was a computer system outage — hours after “intermittent performance issues” with a third-party weather app forced a similar group stop Monday night.
“We are aware of system issues and are working quickly to resolve. We will share more info soon,” Southwest posted on its official Twitter account at 2 p.m. Tuesday.
Airline operations resumed shortly before 4 p.m., Southwest said in a statement.
The carrier attributed Tuesday’s meltdown to “intermittent performance issues with… network connectivity,” and said it had “proactively canceled” about 500 flights because of the disruption.
“We’re working with those Customers to get them to their destinations as quickly as possible,” said spokesman Chris Mainz.
McDonald’s has become the latest company to be hit by a data breach after unauthorized activity on its network exposed the personal data of some customers in South Korea and Taiwan.
The fast-food giant said Friday that it quickly identified and contained the incident and that a thorough investigation was done.
“While we were able to close off access quickly after identification, our investigation has determined that a small number of files were accessed, some of which contained personal data,” the burger chain said.
Washington (CNN)US investigators have recovered millions in cryptocurrency they say was paid in ransom to hackers whose attack prompted the shutdown of the key East Coast pipeline last month, the Justice Department announced Monday.The announcement confirms CNN’s earlier reporting about the FBI-led operation, which was carried out with cooperation from Colonial Pipeline, the company that fell victim to the ransomware attack in question.Specifically, the Justice Department said it seized approximately $2.3 million in Bitcoins paid to individuals in a criminal hacking group known as DarkSide. The FBI said it has been investigating DarkSide, which is said to share its malware tools with other criminal hackers, for over a year.The ransom recovery, which is the first seizure undertaken by the recently created DOJ digital extortion taskforce, is a rare outcome for a company that has fallen victim to a debilitating cyberattack in the booming criminal business of ransomware.Colonial Pipeline Co. CEO Joseph Blount told The Wall Street Journal in an interview published last month that the company complied with the $4.4 million ransom demand because officials didn’t know the extent of the intrusion by hackers and how long it would take to restore operations.
Security analysts from the University of Minnesota warned the U.S. Agriculture Department in late May about a growing danger — a cyber crime known as ransomware that could wreak more havoc on Americans’ food sources than Covid-19 did.
A week and a half later, the prediction became reality as a ransomware attack forced the shutdown of meat plants that process more than a fifth of the nation’s beef supply in the latest demonstration of hackers’ ability to interrupt a critical piece of the U.S. economy.
The hack of the global meatpacking giant JBS last weekend is also the starkest example yet of the food system’s vulnerability to digital threats, especially as internet technology and automation gain an increasing role across farmlands and slaughterhouses. But federal oversight of the industry’s cybersecurity practices remains light, despite years of warnings that an attack could bring consequences ranging from higher grocery prices to contaminated food.
Hearing your wireless devices are vulnerable to something called “FragAttacks” doesn’t exactly inspire joy. However, the word is scarier than the risk; there’s no evidence that anyone is actively exploiting wireless devices via these vulnerabilities, even given the millions that could be susceptible to FragAttacks—short for “fragmentation and aggregation attacks.”
The name “FragAttack” actually refers to a group of vulnerabilities related to frames, or packets of data, that can be exploited to either steal someone’s information as it passes between networked devices, or to take over a device entirely—whether that’s a simple IoT smart switch or that old laptop you use to browse the web at home. Attackers can either inject unwanted, unencrypted frames into a network, or they can take advantage of how frames are aggregated together (or how aggregates are split apart) to inject and execute data that wasn’t there in the first place.
The best way to keep your network as safe as possible against FragAttack vulnerabilities is to keep your devices updated—and you’ll note this is the same advice we give everyone about every security vulnerability ever. Make sure your routers, smart devices, laptops, phones, or whatever else are all running the most up-to-date firmware and software updates you can find. If you’re lucky, your devices’ manufacturer will have a means for updating them automatically. Otherwise, you’ll need to make sure you’re checking on a regular interval (say, quarterly) for critical updates that can patch up vulnerabilities like these.
Read Source: How to Protect Your Home Network From ‘FragAttacks’
About 4,800 Pittsburgh students are expected to return on April 6. They are a group that includes PreK and kindergarten students and others who have been determined to not be making progress in eLearning, who have disabilities, are English language learners or in other vulnerable groups.
On April 26 another cohort of about 5,200 students — those who were making “some” progress — will be brought back to the classrooms.
On May 3 the remainder of students, a group of about 10,000, will return.
The majority of students will attend via a hybrid model, with some in class on Mondays and Tuesdays and others attending Thursdays and Fridays. Schools will be cleaned on Wednesdays, when all students learn online.
Facebook has resolved a major outage affecting Instagram, WhatsApp, Facebook Messenger, and other Facebook services on Friday, according to a statement shared with The Telegraph’s Margi Murphy.
“Earlier today, a technical issue caused people to have trouble accessing some Facebook services,” Facebook said. “We resolved this issue for everyone, and we apologize for any inconvenience.” However, Murphy notes that she isn’t seeing the blue checkmarks that indicate someone has read your message, which could indicate there may be some small issues hanging around.
At some point “mid-afternoon,” the Allegheny County health department and the 2-1-1 service became aware that a hacker was intercepting callers and diverting them away from the help line without their knowledge, officials said.
WASHINGTON — Nearly a month after reports emerged of a massive hack of U.S. government agencies and corporations, the Trump administration announced Tuesday that it had formed a task force to deal with the repercussions of what it officially acknowledged — for the first time — was likely a damaging Russian espionage operation.
“This is a serious compromise that will require a sustained and dedicated effort to remediate,” said a joint statement from the FBI, the National Security Agency, the Office of the Director of National Intelligence and the Cybersecurity and Infrastructure Security Agency.
The statement said that “fewer than 10” federal agencies had been compromised by “an intelligence gathering effort” that is “likely Russian in origin.”
The statement did not name the agencies that have been hacked, but NBC News has reported that among them are Treasury, Commerce, State and Energy.
The acknowledgement that the hack appeared to have been carried out by Russia — sources have told NBC News it was likely the SVR, Russia’s equivalent of the CIA — came despite President Donald Trump having cast doubt on that finding, saying last month it could have been China.
You probably have nothing to worry about: The “Protecting Lawful Streaming Act,” which was introduced earlier this month by Senator Thom Tillis, a Republican from North Carolina, doesn’t target casual internet users. The law specifies that it doesn’t apply to people who use illegal streaming services or “individuals who access pirated streams or unwittingly stream unauthorized copies of copyrighted works.”
The attack was so widespread and potentially catastrophic, the DHS’s cyber wing issued an emergency directive that stated the only way to mitigate damage was to airgap devices and uninstall affected Orion software. Meanwhile, SolarWinds filed an update with the SEC detailing the extent of the damage. It was limited, but only if you consider 18-33,000 potential infections “limited.” It’s only a small percentage because Solarwinds’s customer base is so large. The company boasts 300,000 customers, among them several government agencies and all five branches of the military. (It’s not boasting much these days. It has memory-holed its “Customer” page during this trying time.)
Unfortunately, the directive from CISA was delivered a bit too late. CISA itself was compromised by the hack, something acknowledged by the DHS less than 24 hours after its dire directive was issued.
The fallout from this hacking — which may have begun as early as March of this year — will continue for a long, long time. But this latest news — delivered by Zack Whittaker — adds another layer of irony to the ongoing debacle. Orion is Solarwinds’ one-stop shop for IT software. It promises to secure customers’ IT infrastructure by bundling in the company’s network security products.
No doubt the company claims to take security seriously. But while users are being subjected to password requirements that demand them to utilize most of the alphabet and multiple shift key presses, internal security isn’t nearly as restrictive. Here’s the “OMFG are you goddamn kidding me” news via Reuters, which first broke the news of the malicious hacking.
Security researcher Vinoth Kumar told Reuters that, last year, he alerted the company that anyone could access SolarWinds’ update server by using the password “solarwinds123”.
All five branches of the military. The NSA. The IRS. The USPS. DHS. The Treasury Department. Nearly every Fortune 500 company. All ten of the top ten telcos. The list goes on and on. And with this access, attackers could move laterally, using compromised credentials to eavesdrop on mutuals of targeted entities. And all of this “secured” by a password so simple an idiot could have created it.
(CNN)An alarming new alert issued by the Department of Homeland Security’s cyber arm Thursday revealed that Russian hackers suspected of a massive, ongoing intrusion campaign into government agencies, private companies and critical infrastructure entities used a variety of unidentified tactics and not just a single compromised software program.Specifically, the Cybersecurity and Infrastructure Security Agency said it has determined that the SolarWinds Orion software vulnerability disclosed earlier this week is not the only way hackers compromised a variety of online networks — warning that in some cases, victims appeared to have been breached despite never using the problematic software.The news will likely only compound already escalating concerns about the scale and scope of the data breach, which CISA said Thursday “poses a grave risk” to networks across both the public and private sector.
When it comes to font choice, go with a “sans serif” font like Open Sans or Roboto. These are more readable and preferred by users. To keep users on your site longer, consider introducing a chat box feature to allow visitors to ask questions and learn more about services or products.
Finally, make sure your website graphics are clear. This is so important; you should partner with a professional a few times a year to ensure production quality.
PITTSBURGH (KDKA) — As the COVID-19 pandemic continues to wreak havoc on the restaurant industry, a student at Pitt is looking to help them out. He created an app called Bar Spy to help get people to patronize a business.
Computer information science major Gabriel Thrower is trying to give restaurants a fighting chance during another round of COVID-19 restrictions.
“If you were to start a restaurant within the past five years, this whole coronavirus thing would probably put you under,” Thrower said.
He’s seen his father’s restaurant get hit hard in the last 9 months.
“It’s just crazy the amount of business that isn’t happening now,” the Pitt senior said.
He had been thinking about it when he lived in the city.
“I thought to myself it would be great if there was a platform where all these people could advertise on it and let people know what they’re doing,” he said.
Then once the pandemic began, the Pitt Senior knew it was time.
After six months of work, the app was published this week.
(CNN)The US Commerce Department confirmed Sunday it has been the victim of a data breach.“We can confirm there has been a breach in one of our bureaus,” the Commerce Department said in a statement to CNN. “We have asked CISA and the FBI to investigate, and we cannot comment further at this time.”The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency also confirmed the data security incident, telling CNN in a statement, “We have been working closely with our agency partners regarding recently discovered activity on government networks.”“CISA is providing technical assistance to affected entities as they work to identify and mitigate any potential compromises,” the statement continued.Reuters was first to report on the data breach.The Washington Post reported Sunday that Russian government hackers targeted Commerce as well as the Treasury Department and other government agencies, according to people familiar with the matter, who requested anonymity because of the sensitivity of the matter.
The Diocese of Greensburg will televise Christmas Masses this season in addition to holding in-person services, to engage parishioners at home amid concern over a strong resurgence in coronavirus cases throughout the region.
“The Diocese and its parishes have consistently had thousands of faithful viewers watch our streaming Masses from their computers, tablets and smart televisions for many months now,” said Monsignor Larry Kulick.
The diocese streams Masses on its website, Facebook page and YouTube channel, and Christmas Vigil and Christmas Day Masses will premiere on those outlets as well, but it will also be broadcast on the Pittsburgh Cable News Channel.
A Christmas Vigil at Greensburg’s Blessed Sacrament Cathedral will be broadcast at 2 p.m., Dec. 24. Kulick will celebrate a 10 a.m. Mass on Christmas Day.
The diocese began reopening for in-person services on June 1. Kulick said 50 of 78 parishes in the diocese now stream Mass services, “however there are still many in our community who cannot access the internet … I hope these televised Masses will provide an opportunity for us to engage individuals and families celebrating the birth of Jesus with them in their own homes.”
In the past 30 days, Westmoreland County has seen its worst surge in coronavirus cases since the start of the pandemic.
The county added 187 cases Sunday and 167 on Monday. Of those, were confirmed through PCR tests.
New data from website maintenance pioneer Glow shows that businesses using WordPress websites are regularly targeted by hackers, with a daily average of 3.5 billion attempts.
On behalf of Glow, Gemma Birbeck reports that the website maintenance platform gathered and collated data from September 1 to 30. It found a total of 52,589 suspicious logins across the small business sites subscribed to the maintenance app.
It equates to an average of 1,421 attempts for each site all through September, meaning that each WordPress website using Glow experiences around 47 hacking attempts every single day.According to the WordCamp website, there are more than 75 million websites using the web hosting platform. Extrapolating the data brings WordPress’ total daily average hacking attempts to a staggering 3.5 billion.
Costly and Consistent Security Threats
A 2019 report from the Federation of Small Business (FSB) states that cyberattacks – including website hacks – on small businesses is estimated to be at £4.5 billion ($5.9 billion), with individual attacks costing around £1,300 ($1,700) each. Additionally, FSB reports that the most common strategy used is phishing – working to obtain sensitive information by pretending to be someone else, usually through emails or phone calls. Phishing alone is responsible for affecting 530,000 small businesses for the past two years prior to the report.
WebARX, a web application security platform, also conducted its independent study. It found that almost two in every three businesses (66 percent) who experienced cyberattacks expressed worries about ever recovering from their losses.
Adopting The Latest in Website Security
Phil Storey, a tech entrepreneur and website developer baked in Leeds, founded Glow – a platform to streamline website maintenance and keep them updated, secure, and efficient.
“Website maintenance has always been a difficult service to sell due to lack of understanding about its importance and perceived costs, and it’s often something people only explore once they become a victim of a website issue,” Storey said in a statement.
He explained that he developed Glow to change the status quo, educating people about the importance of website maintenance and protecting their businesses. “We’re already beginning to see changes in people’s views, however, there’s a long way to go and the time to act is now,” the Glow founder noted.
“Since COVID-19 first hit the UK in March, internet usage has increased, and this is something which hackers have taken advantage of. As small businesses across the world battle with the economic fallout of the COVID-19 pandemic, it’s important now more than ever that they protect themselves from further financial crisis,” Storey added.
Computer systems for Universal Health Services, which has more than 400 locations, primarily in the U.S., began to fail over the weekend, and some hospitals have had to resort to filing patient information with pen and paper, according to multiple people familiar with the situation.
Zoom Video Communications Inc said it plans to hire hundreds of software engineers over the next two years for research and development locations it is putting in Phoenix and Pittsburgh.
“It’s great news for Pittsburgh,” said Pittsburgh Mayor Bill Peduto. “It just continues in showing where our economy is not only heading but is actually there.”
“We’re already a hub for a lot of great technology,” said Mark Thomas, President of the Pittsburgh Regional Alliance. “I think what makes Pittsburghers really proud is seeing growth companies, companies are really having a pop culture moment, choose Pittsburgh. I think that’s what Zoom really represents. This is transformative because it does elevate the types of companies who may not have had a Pittsburgh connection to really pay attention to what’s happening here and truly consider investing here.”Zoom says it has seen a large spike in usage as people use its software to connect while under stay-at-home orders during the coronavirus pandemic.Zoom said last month it has about 300 million daily meeting participants, which is up from 10 million in December.Zoom Chief Financial Officer Kelly Steckelberg said the company is looking for offices near Arizona State University and Carnegie Mellon University to tap engineering talent coming out of the schools.