Monthly Archives: August 2019

In context: Five years ago ransomware was a minor player in the world of cybercrime, but today it’s one of the most costly problems plaguing IT systems. Texas has become the latest state to fall prey to a coordinated attack, with 20 local government entities affected.

Another day, another ransomware attack. This year has seen some high-profile hits, with Florida paying out hundreds of thousands of dollars, and Baltimore, Maryland, also losing millions following their own troubles.

This week the state of Texas has joined the list of targets. According to Texas’s Department of Information Resources (DIR), more than 20 local government entities have been impacted by a ‘coordinated ransomware attack.’ DIR states that “the Texas Military Department, and the Texas A&M University System’s Cyberresponse and Security Operations Center teams are deploying resources to the most critically impacted jurisdictions.”

No disclosure has beeen made regarding how much of a payment is being requested, though given recent attacks on other states the amount is likely to be eye-watering. Also absent is any information on which ‘local government entities’ have been affected.

While at this point any theory about how the ransomware was delivered is simple speculation, it seems likely to be a phishing attack. Millions of people still fall prey to dodgy links and shifty emails, making life easy for criminals who send massive numbers of emails but often only need one person to make a mistake.

It also seems like the public sector and local government agencies are disproportionately affected by such attacks. One possible explanation is that tight budgets and costly upgrade procedures prevent many organizations from updating older software, thus becoming unsecured by nature. But if ransomware attacks continue to become commonplace – and evidence suggests they will – states will have to start paying proper attention to cybersecurity. Upgrades cost money, but ransomware attacks cost money, time and reputation.

It remains to be seen how Texas will respond to this crisis. Texan officials may be hoping for federal agencies like the NSA to help restore order – seeing as the NSA’s own EternalBlue code is allegedly the basis for many modern versions of ransomware.

By: Techspot

In brief: Researchers have found a flaw in Bluetooth’s authentication protocols which can be exploited in a clever, man-in-the-middle attack between two paired devices. The issue affects almost all Bluetooth devices, but fortunately for everyone, there are no signs that it’s been used in the wild so far.

A newly discovered vulnerability in the Bluetooth protocol shows how a malicious actor can reduce the encryption strength for the keys used in the pairing of Bluetooth devices and gain complete control over them as a result. The flaw has been acknowledged by the official body that’s in charge of the Bluetooth standard, and is serious enough that it required a change to the official specification.

The way it works is quite creative: instead of trying to brute-force a pairing with your device, an attacker could instead try to interfere with the normal pairing procedure, when both devices have to agree on the connection using an exchange of public keys that verify their identities. These keys change every time, but if the attacker can guess them fast enough, they can force a shorter encryption key for the next pairing, as low as a single octet — which is the size of one character.

The flaw was discovered by researchers from the Singapore University of Technology and Design, Oxford, and CISPA Helmholtz Center for Information Security, who dubbed it KNOB, short for “Key Negotiation of Bluetooth.” The tests were conducted on more than 17 different Bluetooth chips that are common in consumer products, and all of them were vulnerable to the KNOB attack.

The findings were presented at the USENIX Security Symposium, and while Bluetooth Low Energy isn’t affected by KNOB, traditional Bluetooth chips from major manufacturers like Intel, Broadcom, Qualcomm, Chicony and even Apple are vulnerable to the attack. The reason it was deemed as a serious flaw is that victims of a KNOB attack are none the wiser about it. It’s also worth noting that it even works on previously paired devices, provided that both are vulnerable.

On the upside, the whole attack is a race against time, and the hacker would have to be in range of the two devices at the exact moment the pairing takes place. Then, they’d have to “intercept, manipulate, and retransmit key length negotiation messages between the two devices while also blocking transmissions from both,” which is as challenging as it sounds. And the attack needs to be repeated this way every time encryption gets enabled.

Bluetooth SIG notes there is no evidence that anyone has exploited the vulnerability in the wild, and while all current Bluetooth BR/EDR devices are susceptible to it, there is an easy fix that Microsoft and Apple are already rolling out. The Bluetooth Core Specification has also been changed to require manufacturers to hardcode a minimum encryption key length of seven octets (characters) in future devices.

Earlier this year there was a similar revelation of a security flaw in the Bluetooth protocol that allows devices to be tracked using an easier exploit. And yet both vulnerabilities may be less of a reason to worry than the 10 percent tariffs that will reflect in the price of many devices imported in the US starting next month.

By: Techspot

In brief: Micron said users can expect an approximately 40 percent reduction in power consumption compared to previous generations of 8Gb DDR4-based products, making them an attractive option for artificial intelligence, 5G, autonomous vehicles, mobile devices, network infrastructure, graphics and gaming applications.

Micron this week started mass production of 16Gb DDR4 products on the 1Z nanometer manufacturing process.

In announcing the advancement, Micron said its 1Z nm 16Gb DDR4 product delivers “substantially higher bit density” as well as performance enhancements and a lower cost compared to its previous generation 1Y nm node.

1X, 1Y and 1Z are standard nomenclature in the memory industry, designating first-, second- and third-generation 10 nm-class processes, respectively. As Guru3D highlights, “1X could mean 19 to 17 nm, 1Y may stand for 16 to 14 nm and 1Z for 13 to 10 nm.”

Scott DeBoer, executive vice president of technology development for Micron Technology, said “development and mass production of the industry’s smallest feature size DRAM node are a testament to Micron’s world-class engineering and manufacturing capabilities, especially at a time when DRAM scaling is becoming extremely complex.”

The memory maker also announced that it is now volume shipping 16Gb low-power double data rate 4X (LPDDR4X) DRAM in UFS-based multichip packages (uMCP4) for mobile device makers seeking smaller packages with lower power requirements for improved battery life.

Samsung back in March announced its 1Z-nm 8Gb DDR4 would be entering mass production within the second half of the year to accommodate high-end PCs and enterprise servers scheduled for launch in 2020.

By: Techspot

A hot potato: A firmware update issued earlier this month is causing problems for owners of Microsoft’s Surface Pro 6 and Surface Book 2. Reports indicate that the laptops are suffering from extreme throttling kicking in as a Windows safety feature to prevent the device from overheating.

To put things into perspective, the Microsoft Surface Pro 6 with its lowest spec i5-8250U runs at a base frequency of 1.6Ghz while an i5-8350U at 1.7Ghz powers the lowest spec Surface Book 2 15″, so it can be quite frustrating if your device suddenly drops to a quarter of its processing speed.

That’s what recent user reports have indicated where their “ultra-portables are throttling the processor down to 400 MHz, a state that—in some instances—persists across reboots,” says TechRepublic.

The issue apparently, has to do with processor throttling that’s erroneously kicking in by setting an Intel CPU flag called BD PROCHOT (bi-directional process hot). The flag can be set by any peripheral and is a safety feature designed to protect the system from overheating. Although the CPU could be operating within its thermal limits, this flag can be set if one or more components linked to the CPU are at the limit of crossing theirs.

The publication also notes that while BD PROCHOT is not unique to Surface devices, the recent emergence of user reports around these systems is indicative of a correlation at minimum. “We are aware of some customers reporting a scenario with their Surface Books where CPU speeds are slowed,” said a Microsoft spokesperson, and that the company is “quickly working to address via firmware update.”

It still remains unclear what exactly is triggering this throttle-lock. Some users report that the issue is resolved after disconnecting the Surface Dock or AC adapter while others blame a third-party antivirus software behind the slowdown. Whatever maybe the cause, affected owners of these devices should soon expect a firmware fix from Microsoft.

By: Techspot

Forward-looking: Nvidia remans unchallenged in the ‘enthusiast’ video card category, with its all-powerful RTX 2080 Ti sitting at the top of the pile. But could the company be preparing a new entry in the RTX GeForce line? Perhaps a Super version of its flagship? Some newly discovered information suggests this might be the case.

As reported by Tom’s Hardware, AIDA64, the popular system information, diagnostics, and benchmarking tool, added data in its changelog relating to an unannounced Nvidia GeForce RTX T10-8 graphics card.

There are few details on the mysterious card, but we know it is based on Nvidia’s TU102 die, which is currently only found in the company’s most powerful and expensive offerings: The RTX 2080 Ti, Titan RTX, Quadro RTX 8000, and Quadro RTX 6000.

One possibility is that this could be a ‘Black’ version of the Titan RTX. Nvidia did release a GTX Titan Black back in 2014, and this RTX incarnation may boost the clock speed or increase the memory of the Titan RTX.

What’s just as likely is that the card is an RTX 2080 Ti Super, which will sit in the gap between the RTX 2080 Ti and the Titan RTX in terms of both price and performance. Hopefully, this card will offer more of a performance boost over its standard version than the RTX 2080 Super, which is only slightly faster than the RTX 2080.

Earlier this month, AMD boss Lisa Su confirmed that high-end Navi cards are “on track.” When they do arrive, they could be a serious rival for the RTX 2080 Ti, which would explain why Nvidia might be preparing an even more powerful product.

By: Techspot

Why it matters: The FCC is proposing the designation of a three-digit dialing code (988) as a dedicated suicide prevention and mental health hotline. When dialed, callers will be connected with crisis counselors.

In a report mandated by the National Suicide Hotline Improvement Act (NSHIA) of 2018, the Federal Communications Commission (FCC) informed Congress it would be assigning the dialing code 988 as a suicide prevention number. The change would make it much easier for Americans to access these counseling services during critical times in their life.

“Designating a 3-digit code dedicated solely for the purpose of a national suicide prevention and mental health hotline would likely make it easier for Americans in crisis to access potentially life-saving resources,” reads the report, which was issued on Thursday.

Currently, the NSHIA is serviced by the National Suicide Prevention Lifeline, which has a ten-digit toll-free number. The new dialing code would not adversely affect the service provider, but would instead give people an additional easy-to-remember way to contact it.

“This report recommends using a three-digit number to make it easier to access the critical suicide prevention and mental health services these call centers provide.”

The change does not require congressional approval. The FCC has the authority to designate dialing codes like this one as it sees fit. FCC Chairman Ajit Pai has already declared that he will move forward with the plan.

“There is a suicide epidemic in this country, and it is disproportionately affecting at-risk populations, including our Veterans and LGBTQ youth,” Pai said in a statement. “Crisis call centers have been shown to save lives. This report recommends using a three-digit number to make it easier to access the critical suicide prevention and mental health services these call centers provide. I intend to move forward on this recommendation.”

It is not a bad idea. Those in crisis may not have the will to look up a suicide hotline number, but everyone can remember 988. The new code would surely see some use. As the FCC points out in its report, in 2018 alone, more than 2.2 million people placed calls to the current ten-digit hotline number.

Having a simple three-digit code that someone can easily remember and quickly dial could save their life. Until the number is implemented, those in crisis should continue dialing 1-800-273-8255 (TALK).

By: Techspot