Connect with us

A hacker known as TrueFighter has been actively selling compromised Remote Desktop Protocol accounts on the Dark Web, says Nuspire.

Image: iStockphoto/stevanovicigor

With so many people still working from home, organizations and employees are more dependent than ever on remote access to internal PCs and networks. That means more users who need to tap into Remote Desktop Protocol (RDP) accounts, making those accounts more ubiquitous and more vulnerable.

Spotted by security firm Nuspire, one campaign that has resurfaced lately grabs RDP credentials or access and then sells them on underground forums. In a blog post published Monday, Nuspire describes how this campaign operates.

SEE: How to work from home: IT pro’s guidebook to telecommuting and remote work (TechRepublic Premium) 

An attacker dubbed TrueFighter has a history of hacking into networks, stealing RDP credentials, and then selling them for profit on the Dark Web. This attacker can target any type of organization but primarily focuses on those in the healthcare industry. First seen in October 2014, the campaign has recently triggered a spike in activity, according to Nuspire.

TrueFighter may be a single entity or an entire group, but Nuspire’s research suggests that it’s a single actor. Active on several underground forums and communities, TrueFighter specializes in the sale of compromised RDP accounts through which buyers gain remote administrative access to the networks of affected organizations.

Though the healthcare sector is a popular target, TruFighter has sold RDP credentials from other types of organizations, including a US hospital, a large EU hospital, a US water district, a US law firm, a US construction organization, a large US pawnshop, a Japanese medical university, a Brazilian medical organization, and a large company in the UK.

Exposed and vulnerable RDP access can easily be discovered through sites such as Shodan.io, a search engine for Internet of Things (IoT) devices. Using Shodan.io, Nuspire found more than 4.3 million exposed RDP connections, 30% of which were in the US. Hackers can then use an exploit framework such as FuzzBunch and a backdoor exploit like DoublePulsar to compromise those uncovered RDP connections.

TrueFighter mostly sells regular access to stolen RDP credentials. But in some cases it has offered the ability to escalate these accounts to domain admin access, for an additional fee, of course. In other cases, TrueFighter may simply break into a network and then sell the actual connection to other criminals. That tactic helps ensure that the attacker doesn’t spend too much time on the network where it could be detected, thereby losing access.

To help your organization protect itself against RDP credential attacks, Nuspire offers the following tips:

  1. Restrict access to RDP connections to trusted sources.
  2. Audit connectivity logs for unknown connections.
  3. Implement two-factor authentication for RDP logins.
  4. Audit administrative accounts regularly to ensure that unexpected accounts haven’t had their permissions escalated into admin accounts.

Also see

Source link

0
Continue Reading

Technology

Micromax in 1b to Go on Sale in India for First Time Today via Flipkart, Company Site: Price, Specifications

micromac in 1b 1606310683201

Micromax In 1b is all set to go on sale in India today. The phone comes with an octa-core MediaTek Helio G35 SoC and features a 6.52-inch full-HD+ display. It also comes with a dual rear camera setup that houses a 13-megapixel primary sensor. The Micromax In 1b also has an 8-megapixel selfie camera sensor inside the waterdrop-style notch. The company has integrated a 5,000mAh battery inside the In 1b that supports reverse charging and 10W fast charging.

Micromax In 1b price in India, sale

The Micromax In 1b will go on sale at 12pm (noon) on Flipkart and Micromax.com. The phone is priced at Rs. 6,999 for the 2GB RAM + 32GB storage option and at Rs. 7,999 for the 4GB RAM + 64GB storage model. Micromax In 1b will be available in Green, Blue, and Purple colour options.

Flipkart offers include 5 percent cashback on Flipkart Axis Bank credit card, 5 percent off with Axis Bank Buzz credit card, and no-cost EMI starting from Rs. 778 per month.

Micromax In 1b specifications

Coming to specifications, the Micromax In 1b runs on Android 10 and features a 6.52-inch HD+ display. It is powered by an octa-core MediaTek Helio G35 SoC, paired with up to 4GB of RAM options. On the storage front, the Micromax In 1b carries up to 64GB of onboard storage options that are expandable via microSD card.

As for imaging, the Micromax In 1b offers a dual rear camera setup that houses a 13-megapixel primary camera sensor and a 2-megapixel depth sensor, along with an LED flash. The Micromax phone also comes with an 8-megapixel selfie camera sensor at the front.

Micromax In 1b comes with a 5,000mAh battery that supports reverse charging and 10W fast charging (compatible charger is bundled in the box). Connectivity options include 4G VoLTE, Wi-Fi, Bluetooth, GPS/ A-GPS, USB Type-C, and a 3.5mm headphone jack. The phone also features a fingerprint sensor at the back.

Affiliate links may be automatically generated – see our ethics statement for details.

Source link

0
Continue Reading

Technology

AI automation promises to have a big, and not always positive, impact

robots working 5

Commentary: Just as telephone operators struggled with the automation of switching, AI promises to change global economies for the better, even as it wreaks havoc on individuals’ jobs.

Image: iStockphoto/PhonlamaiPhoto

The robots may not be taking over, but they just might erase your job. Yes, it’s almost certainly true that the “creative destruction” of technology will result in more jobs than it destroys, but a new academic paper about US telephone operators displaced by automated switching suggests that while the overall economy will be better off with artificial intelligence (AI)-driven automation, those immediately impacted may never recover. 

Better in the long run

As detailed recently by Daphne Leprince-Ringuet on sister site ZDNet, the World Economic Forum (WEF) expects to see AI and other new technologies shred 85 million jobs over the next five years–that’s the bad news. The good news is that these same technologies are expected to help create 97 million new jobs. COVID-19 has served as an accelerant to corporate plans to embrace things like AI/ML-driven automation, effectively hitting “fast forward” on this labor upheaval. All of this is for the better, at least at the macro level.

SEE: The new normal: What work will look like post-pandemic (TechRepublic Premium)

In practical terms, this means that the majority of the work associated with information and data processing and retrieval (65%) will shift to machines, according to the WEF. People currently working as data entry clerks, accountants and auditors, and factory workers will be most affected even if, as I’ve written, organizations figure out ways to leverage things like AI to enhance worker productivity rather than replace it.

So what happens to these workers? It’s a polite fiction that they’ll simply be re-skilled and adapt to this new AI-automated future. As we’ve seen in past situations where technology automated away jobs, the immediate impact on those workers can be painful. 

Just look at what happened in the telecommunications industry. 

Learning from Ma Bell

As detailed in the aforementioned academic paper “Automation and the Fate of Young Workers: Evidence from Telephone Operation in the Early 20th Century,” written by professors James Feigenbaum and Daniel P. Gross, “Telephone operation, one of the most common jobs for young American women in the early 1900s, provided hundreds of thousands of female workers a pathway into the labor force.” It was a great force for good, but between 1920 and 1940 AT&T (then the dominant telecommunications provider in the US) automated telephone switching in more than half of its network, eliminating hundreds of thousands of jobs. 

So what happened to those women who had been employed as telephone operators?

[T]he automation of telephone operation led to a large, swift, and permanent decline in the number of young, white, American-born women working as operators, of around two-thirds in levels—roughly 2% of total employment for the group (in any job). As it was for many women a transitory job (often, a first job), far more were exposed. For an automation shock, we consider this large, especially for a vulnerable subset of the labor supply. 

Our question is: what happened after these jobs disappeared? Did the elimination of a major entry-level job cut off future generations from entering the workforce? After accounting for concurrent trends taking place in cities of similar size around the country independent of cutovers, we do not find that the shock reduced later cohorts’ employment. We also see no substitution into marriage or childbearing. The negative shock to labor demand was instead counteracted by growth in other occupations, especially secretarial work and restaurant work, which absorbed the women who might have otherwise been telephone operators.

Future generations of would-be telephone operators, in other words, did just fine. The economy took care of creating net new jobs. But for those telephone operators who lost their jobs to automated switching? “While some became operators at private switchboards, others left the workforce, and those who remained employed were more likely to have switched to lower-paying occupations.”

Automation, in short, was good for the overall economy but bad for those whose jobs were automated away. 

SEE: COVID-19 workplace policy (TechRepublic Premium)

Beyond the Luddites

So what do we do? It doesn’t seem practical to destroy the looms as the Luddites once did, attempting to hold back the machines that threatened their jobs. But it’s also not useful to engage in wishful thinking about “upskilling” or “re-skilling.” These are positive endeavors, but it feels like we (by which I mean industry and government, working together) can’t afford to wave away the negative impact technology can have on jobs today. 

Those telephone operators either left the workforce or found lower-paying jobs. Is there something government can do to underwrite some of the costs of helping the modern-day equivalent of the telephone operators to find new jobs? I don’t know. If you have ideas, please comment below or ping me on Twitter (@mjasay). 

Disclosure: I work for AWS, but the views expressed herein are mine.

Also see

Source link

0
Continue Reading

Technology

Blast from the Past | Technology Org

fig1

Gemini North observations enable breakthrough in centuries-old effort to unravel astronomical mystery.

An international team of astronomers using Gemini North’s GNIRS instrument have discovered that CK Vulpeculae, first seen as a bright new star in 1670, is approximately five times farther away than previously thought. This makes the 1670 explosion of CK Vulpeculae much more energetic than previously estimated and puts it into a mysterious class of objects that are too bright to be members of the well-understood type of explosions known as novae, but too faint to be supernovae.

350 years ago, the French monk Anthelme Voituret saw a bright new star flare into life in the constellation of Vulpecula. Over the following months, the star became almost as bright as Polaris (the North Star) and was monitored by some of the leading astronomers of the day before it faded from view after a year [1]. The new star eventually gained the name CK Vulpeculae and was long considered to be the first documented example of a nova — a fleeting astronomical event arising from an explosion in a close binary star system in which one member is a white dwarf, the remnant of a Sun-like star. However, a string of recent results have thrown the longstanding classification of CK Vulpeculae as a nova into doubt.

Blast from the Past Technology Org

CK Vulpeculae seen with Gemini North. The enigmatic CK Vulpeculae nebula. The team of astronomers measured the speeds and changes in positions of the two small reddish arcs about 1/4 of the way up from the bottom and 1/4 of the way down from the top to help determine that the nebula is expanding five times faster than previously thought. Credit: International Gemini Observatory/NOIRLab/NSF/AURA. Image processing: Travis Rector (University of Alaska Anchorage), Jen Miller (Gemini Observatory/NSF’s NOIRLab), Mahdi Zamani & Davide de Martin

In 2015, a team of astronomers suggested that CK Vulpeculae’s appearance in 1670 was the result of two normal stars undergoing a cataclysmic collision. Just over three years later, the same astronomers further proposed that one of the stars was in fact a bloated red giant star, following their discovery of a radioactive isotope of aluminum in the immediate surroundings of the site of the 1670 explosion. Complicating the picture even further, a separate group of astronomers proposed a different interpretation. In their paper, also published in 2018, they suggested that the sudden brightening in 1670 was the result of the merger between a brown dwarf — a failed star too small to shine via thermonuclear fusion that powers the Sun — and a white dwarf.

Now, adding to the ongoing mystery surrounding CK Vulpeculae, new observations from the international Gemini Observatory, a Program of NSF’s NOIRLab, reveal that this enigmatic astronomical object is much farther away and has ejected gas at much higher speeds than previously reported.

This team, led by Dipankar Banerjee of Physical Research Laboratory Ahmedabad, India, Tom Geballe of Gemini Observatory, and Nye Evans of Keele University in the United Kingdom, initially planned to use the Gemini Near-Infrared Spectrograph (GNIRS) instrument on Gemini North on Hawai‘i’s Maunakea to confirm the 2018 detection of radioactive aluminum at the heart of CK Vulpeculae [2]. After realizing that detecting this in the infrared would be far more difficult than they originally thought, the astronomers improvised and obtained infrared observations across the full extent of CK Vulpeculae, including the two wisps of nebulosity at its outermost edges.

“The key to our discovery was the GNIRS measurements obtained at the outer edges of the nebula,” elaborated Geballe. “The signature of redshifted and blueshifted iron atoms detected there shows that the nebula is expanding much more rapidly than previous observations had suggested.” [3]

As lead author and astronomer Banerjee explains further, “We did not suspect that this is what we would find. It was exciting when we found some gas traveling at the unexpectedly high speed of about 7 million km/hour. This hinted at a different story about CK Vulpeculae than what had been theorized.”

1606313035 394 Blast from the Past Technology Org

Finder chart of CK Vulpeculae. This chart of the position of a new star (marked in red) that appeared in the year 1670 was recorded by the famous astronomer Hevelius and was published by the Royal Society in England in their journal Philosophical Transactions. Credit: Royal Society

By measuring both the speed of the nebula’s expansion and how much the outermost wisps had moved during the last ten years, and accounting for the tilt of the nebula on the night sky, which had been estimated earlier by others, the team determined that CK Vulpeculae lies approximately 10,000 light-years distant from the Sun — about five times as far away as previously thought. That implies that the 1670 explosion was far brighter, releasing roughly 25 times more energy than previously estimated [4]. This much larger estimate of the amount of energy released means that whatever event caused the sudden appearance of CK Vulpeculae in 1670 was far more violent than a simple nova.

“In terms of energy released, our finding places CK Vulpeculae roughly midway between a nova and a supernova,” commented Evans. “It is one of a very few such objects in the Milky Way and the cause — or causes — of the outbursts of this intermediate class of objects remain unknown. I think we all know what CK Vulpeculae isn’t, but no one knows what it is.”

The visual appearance of the CK Vulpeculae nebula and the high velocities observed by the team could help astronomers to recognize relics of similar events — in our Milky Way or in external galaxies — that have occurred in the past.

 

Credit: Images and videos: International Gemini Observatory/NOIRLab/NSF/AURA, K. Pu’uohau-Pummill, A. M. Geller/Northwestern University/CTIO/SOAR. Image processing: Travis Rector (University of Alaska Anchorage), Jen Miller (Gemini Observatory/NSF’s NOIRLab), Mahdi Zamani & Davide de Martin. Music: zero-project – The Lower Dungeons (https://www.zero-project.gr/).

“It is difficult at this stage to offer a definitive or compelling explanation for the origin of the 1670 eruption of CK Vulpeculae,” concluded Banerjee. “Even 350 years after Voituret’s discovery, the nature of the explosion remains a mystery. ”

Notes

[1] 17th-century astronomers who observed the bright new star CK Vulpeculae included distinguished Polish mayor, brewer, and astronomer Johannes Hevelius and the French-Italian astronomer Giovanni Domenico Cassini, who discovered four of Saturn’s moons. After it faded from view in 1671 there were numerous unsuccessful attempts through the intervening centuries to recover it, some by noted astronomers including Halley, Pickering and Humason.

[2] A spectrograph is an instrument that splits light from an astronomical object into its component wavelengths, allowing the composition of the gas emitting the light, its speed, and other traits to be measured.

[3] Just as the pitch of an ambulance siren changes depending on whether the vehicle is moving towards or away from you, astronomical objects change color depending on whether they are moving towards or away from an observer. Objects moving away from Earth become redder (known as redshift) and approaching objects become bluer (known as blueshift).

[4] The brightness of an object is inversely proportional to the square of the distance from an observer. In the case of CK Vulpeculae, if the 1670 explosion occurred five times as far away it must have been 52 = 25 times as bright.

More information

This research is presented in the paper Near-Infrared Spectroscopy of CK Vulpeculae: Revealing a Remarkably Powerful Blast from the Past to appear in the Astrophysical Journal Letters.

The team was composed of D. P. K. Banerjee (Astronomy & Astrophysics Division, Physical Research Laboratory Ahmedabad), T. R. Geballe (Gemini Observatory/NSF’s NOIRLab), A. Evans (Lennard Jones Laboratories, Keele University), M. Shahbandeh (Department of Physics, Florida State University),

C. E. Woodward (Minnesota Institute for Astrophysics, University of Minnesota), R. D. Gehrz (Minnesota Institute for Astrophysics, University of Minnesota), S. P. S. Eyres (Faculty of Computing, Engineering, and Science, University of South Wales), S. Starrfield (School of Earth and Space Exploration, Arizona State University), and A. Zijlstra (Jodrell Bank Centre for Astrophysics, University of Manchester).

Source: Gemini




Source link

0
Continue Reading

Trending