Articles about Utility

Kalinin Nuclear power plant

Opower, my power: Oracle spends $532m to get some utilities cloud, er, power

Oracle has announced it will acquire Opower in a $532m deal to close by the end of 2016. Virginia-based Opower, which stores and analyses more than 600 billion meter reads from 60 million utility end-customers, is a public company. Its shares were up 29 per cent in pre-market trading on Monday after Oracle declared it would …

Michigan electricity utility downed by ransomware attack

A water and electricity authority in the US State of Michigan has needed a week to recover from a ransomware attack that fortunately only hit its enterprise systems. Lansing's BWL – Board of Water & Light – first noticed the successful phishing attack on its corporate systems on April 25, and has had to keep systems including …
GHOST vulnerability

Hipster hackers cook up 'artisan' Squiblydoo attack

Hackers have figured out how to bypass application whitelisting software by utilising tools that are built into Windows by default. Squiblydoo allows a user with normal privileges to download and execute a script hosted on a remote server. All of this is done with signed Microsoft binaries that are installed with the operating …
John Leyden, 29 Apr 2016

Adware from French runs away and hides on 12M machines

Cisco's Warren Mercer and Matthew Molyett are warning that software downloaded from sites run by French firm Tuto4PC likely included trojan backdoors. The Borg's security arm, Talos, thinks some 12 million machines have been infected. The malware-bloated software quietly downloads trash dubbed Wizz, which can steal personal …
Darren Pauli, 28 Apr 2016

The Internet of Things edges toward a practical reality

There are countless problems with making the so-called "internet of things" (IoT) a pragmatic reality: hardware, software and standards to name the big three. But this week at the Samsung Developer Conference in San Francisco, at least two of them have started to find solutions. During one of its exec's main keynotes, Samsung …
Kieren McCarthy, 27 Apr 2016
Penguin wedding cake, image via Shutterstock

A perfect marriage: YOU and Ubuntu 16.04

Before I dive into what's new in Ubuntu 16.04, it's worth pausing to reflect on what's missing: Scopes online search, now off by default. That means no more potentially socially awkward search results when all you really wanted was to open Brasero (speaking of which, Brasero is gone too). Scopes, introduced four years ago, …

Carders cash out hundreds of millions before USA adopts EMV

A hacker group has stolen some 10 million credit cards, putting itself in a position to score US$400 million (£279 million, A$516 million) by infecting 2000 payment terminals with the Trinity point of sales malware. Security firm FireEye and subsidiaries iSIGHT Partners and Mandiant examined the "Fin6" group last year after it …
Darren Pauli, 22 Apr 2016

Ex-NSA security expert develops generic Mac ransomware blocker

An Apple security expert has developed a free-of-charge standalone ransomware defense tool for OS X. Patrick Wardle, a former NSA staffer who now heads up research at crowdsourced security intelligence firm Synack, has built RansomWhere?, a generic ransomware detector. The utility works by suspending untrusted processes that …
John Leyden, 20 Apr 2016
Cloudy sky

Redmond turns to Linux AGAIN for Azure data science primer

Microsoft has taken a data science bundle it crafted last November and put it onto an Azure-hosted Linux VM. The combo, announced at Microsoft's Cortana blog, takes CentOS 7.2, runs it up as an Azure virtual machine image, and packages it with a slew of data science tools. Microsoft had already run up a Windows Server 2012- …
Aries

Facebook open-sources city-wide WiGig internet comms, phone masts

Facebook's quest to connect the remaining four billion people on the planet without internet access up to Facebook the web is a huge task. On Thursday, Facebook showed off its open-source telecommunications tech that it hopes will get unconnected folks connected, and give those of us already on the internet a smoother ride. …
Iain Thomson, 14 Apr 2016

HTC 10: Flagship goes full Google – but the hardware's top notch

Hands On HTC has unwrapped its make-or-break flagship for 2016, the Ten, and we’ve had a look. The successor to the hit M8 and flop M9 features much-improved cameras front and back, sports a close-to-stock implementation of Android, and packs one major surprise... it’s the first non-Apple phone to license Apple’s AirPlay. TVs and …
Andrew Orlowski, 12 Apr 2016
Ubuntu on Windows, complete with Vi editor

Windows 10 with Ubuntu now in public preview

Microsoft's latest "Insider" Windows 10 preview Build 14316, includes the Windows Subsystem for Linux along with a flurry of other new features. The addition of a Linux command-line to Windows was announced at Microsoft's Build conference last week. The feature is aimed at developers, allowing them to use Linux utilities …
Tim Anderson, 07 Apr 2016
Water Treatment Centre pipe sluices off water. Photo by Joe Jungmann, released into the public domain

Water treatment plant hacked, chemical mix changed for tap supplies

Hackers infiltrated a water utility’s control system and changed the levels of chemicals being used to treat tap water, we're told. The cyber-attack is documented in this month’s IT security breach report (available here, registration required) from Verizon Security Solutions. The utility in question is referred to using a …
John Leyden, 24 Mar 2016
Photo by Michael Vadon

Apple stuns world with Donald Trump iPhone

Shy and modest Apple today unveiled a pair of small iPhones and iPads for people with itty-bitty hands. The Cupertino slinger of iStuffs summoned hacks to a brief hour-long conference in California to unveil the four-inch iPhone SE handset as well as a 9.7-inch iPad Pro slab. Both are powered by the now-available iOS 9.3 …
Shaun Nichols, 21 Mar 2016
Attack film poster

Attack! Run. WTF? A decade of enterprise class fear and uncertainty with AWS

Ten years ago, Oracle was mid-snack, taking a break between swallowing PeopleSoft for $10bn and Sun Microsystems for $8.5bn. Microsoft had settled a long-running feud with Sun over something petty involving Java for $20m and had begun designing its vision of how the internet should be programmed with its new BFF, IBM. …
Gavin Clarke, 17 Mar 2016
Chattanooga

Plucky cable billionaires defeat menace of small-town broadband

The city of Chattanooga in Tennessee has been told it cannot expand its broadband service to other counties. The state's legislature has effectively canned a bill that would have allowed Chattanooga's municipal broadband service into neighboring Hamilton and Bradley counties. According to the Chattanooga Times Free Press, the …
Shaun Nichols, 16 Mar 2016

Microsoft Surface Book: Shiny slab with a Rottweiler grip on itself

Review I've always wondered what people who pay more than £2,000 for a Windows laptop are thinking when they boot the machine. It's a bit like paying a fortune to gain admission to a secret and exclusive members club, only to discover once you're in, that it's run by the bloke who does the pub quiz on a Tuesday night at your local …
Andrew Orlowski, 16 Mar 2016
Wall of Spam. Pic: freezelight

State should run power firm spam database, says... competition watchdog

The UK’s competition regulator wants to see a new database of utility customers set up so they can be bombarded with “targeted marketing”. The Competition and Markets Authority wants the personal data of energy customers who fail to switch from the default tariff for three years – what the CMA calls “Disengaged Domestic …
Andrew Orlowski, 10 Mar 2016

BlackEnergy malware activity spiked in runup to Ukraine power grid takedown

Fresh research has shed new light on the devious and unprecedented cyber-attack against Ukraine's power grid in December 2015. A former intelligence analyst has warned that launching similar attacks is within the capabilities of criminals, or perhaps even hacktivist groups, since most of the key components are readily …
John Leyden, 04 Mar 2016
Dollar in pocket, photo via Shutterstock

Dwolla dwamned for destroywing defwences: $100k fine for insecurity

Updated US payment processor Dwolla has been slapped with a US$100,000 fine for wrongly claiming it was super secure. In fact, its staff were left with so little training that in an IT penetration test in 2012, nearly half of them opened a phishing email, 62 per cent of those opened the link it contained, and 25 per cent of employees …
DAve_Richards

WANdisco boss: 'We're seeing a humongous movement to the cloud'

+Comment WANdisco has active-active replication technology that's been used for disaster recovery and other business continuity-type uses. That's all well and good but not epoch-making or associated with major disruptions ... until now. If what WANdisco CEO and cofounder Dave Richards says is true, the entire on-premises IT …
Chris Mellor, 03 Mar 2016

You know how we're all supposed to automate now? Dark web devs were listening

RSA 2016 Security researchers have thrown the spotlight on a popular cybercrime tool that’s used by crooks to automate the process of taking over accounts on major websites before making fraudulent purchases. Sentry MBA, which is readily available for purchase on the so-called dark web, offer a way to break into accounts via a point- …
John Leyden, 02 Mar 2016

Competition? No way! AT&T says it will sue to keep Google Fiber out of Louisville, Kentucky

Updated AT&T is suing to block the city of Louisville from moving forward with its plan to bring in the Google Fiber service. The telecoms giant filed a complaint [PDF] in federal court on Thursday seeking to prevent the Kentucky's largest city, and Jefferson County, from allowing Google's contractors to access utility poles in order …
Shaun Nichols, 26 Feb 2016
A broken cable box

Verizon only cares about fiber, lets copper nets lapse into ruin – gripes

Verizon is taking heat in two US states over reports its cable lines have become dangerously neglected. Officials in Pennsylvania and New Jersey are investigating complaints that the copper lines serving Verizon's DSL and phone services are posing a safety hazard as the wiring, poles and boxes under Verizon's care have not …
Shaun Nichols, 25 Feb 2016
Tor

Tor users are actively discriminated against by website operators

Computer scientists have documented how a large and growing number of websites discriminate against people who browse them using Tor. Tor is an anonymity service that is maintained with assistance from the US State Department and designed in part to allows victims of censorship in countries like China and Iran to surf the web …
John Leyden, 25 Feb 2016

BlackEnergy trojan also hit Ukrainian mining firm and railway operator

Security researchers have linked attacks against Ukrainian power utilities in Dec 2015, which used the BlackEnergy trojan, to similar attacks against a mining company and a large railway operator in Ukraine. The new research, by Kyle Wilhoit of Trend Micro, casts fresh light on what’s arguably the most significant malware- …
John Leyden, 15 Feb 2016
Louisville Kentucky

Louisville says yes to Google Fiber. Funny story: AT&T, TWC didn't want that to happen

The city of Louisville, Kentucky, has approved a plan to bring Google Fiber service to residents and businesses. The Louisville Courier-Journal reports the US city's Metro Council voted unanimously in favor of an ordinance granting Google and other high-speed carriers access to city-owned utility poles. The move provides …
Shaun Nichols, 12 Feb 2016

AdBlock Plus, websites draft peace deal so ads can bypass blockade

The developer of AdBlock Plus is in talks with website owners to seal a deal that would allow more adverts to bypass the ad-blocker and appear in people's browsers. Eyeo, makers of the open-source utility, is drafting a pact with a group of publishers to settle the ongoing battle between ad-blockers and websites that rely on …
Shaun Nichols, 08 Feb 2016
European commission photo via Shutterstock

Europe wants end to anonymous Bitcoin transactions

The European Commission (EC) wants to end anonymous trading in virtual currencies in order to help track terror groups's funding. The EC yesterday published an Action Plan to strengthen the fight against the financing of terrorism (PDF) that says criminals are quick to seek out new ways of moving money that offer lower risk of …
Simon Sharwood, 03 Feb 2016

Microsoft vs US.gov, Internet of Stuff, etc: What's up with 2015's legal cloudy issues?

Last year, I highlighted five legal issues for cloud firms and consumers to watch out for in 2015. Here’s a quick recap of how those topics developed during the year. 1. Microsoft and the US government go back to court Microsoft is taking a stand against the ability of US law to reach into its Dublin data centres and, against …
Frank Jennings, 02 Feb 2016
The MSI includes an extender for the power connector

Little warning: Deleting the wrong files may brick your Linux PC

Here's a friendly warning from El Reg: don't wipe the wrong directory from your Linux system, or you may end up bricking the computer. This has happened to people, we're told. The directory in question is /sys/firmware/efi/efivars which is a special filesystem that presents the configuration settings for the computer's …
Chris Williams, 02 Feb 2016

'Critical' Israel power grid attack was just boring ransomware

The SANS Institute has moved to quell reports that Israel's energy grid has been hit by malware, revealing instead that the attacks were ransomware infecting the nation's utility regulatory authority. Reports emerged after energy minister Dr Yuval Steinitz said a "severe" attack had hit the authority in what he reportedly …
Team Register, 28 Jan 2016
karven_648

Ukraine energy utilities attacked again with open source Trojan backdoor

Battered Ukrainian electricity utilities are being targeted with backdoors in attacks possibly linked to those fingered for recent blackouts. The phishing attacks are attempting to get backdoors installed on utility company computers using techniques similar to those seen in the BlackEnergy attacks. BlackEnergy ripped through …
Darren Pauli, 21 Jan 2016
 Good GCSEs should cost parents a Jesus-phone

HP takes utility computing to the kids... well the teachers

HP Inc has launched a PC-as-a-service plan to schools and unis that it promised will cost less than most students spend on their behind-the-bike-shed ciggies. This was among a raft of devices, software, services and programmes the PC and printing house bared today at the BETT technology education trade show in London. Neil …
Paul Kunert, 20 Jan 2016
Sony Xperia Go rugged Android smartphone

Inside Intel's CPU-level multi-factor auth (and why we've got deja vu)

Analysis Intel has baked multi-factor authentication defenses into its sixth-generation Core processors. On Tuesday, the California chip giant sprung this news on the world, revealing what it seemed to be saying was a really big secret: all this time, the sixth-gen Core family, launched in September, has had brand-spanking new multi- …
Chris Williams, 20 Jan 2016
recruitment_hired

HPE finds new Azure czar lurking in channel biz

Hewlett Packard Enterprise is rejigging the management team to power up Microsoft Azure sales after shuttering its own public cloud service at the start of this month, El Chan can reveal. The firm has cuddled up to Microsoft and its cloudy service, rather than competing with public cloud players on price, as seems to be the …
Paul Kunert, 19 Jan 2016
Diagram of the Great Cannon

What if China went all GitHub on your website? Grab this coding tool

A security developer has released a coding tool that aims to help websites test their defences against a China-style GitHub attack. China upgraded its infamous website blocking system, dubbed The Great Firewall, last year so that it was capable of blasting foreign businesses and orgs off the internet. The weaponised …
John Leyden, 15 Jan 2016

Malware 'clearly' behind Ukraine power outage, SANS utility expert says

It is 'clear' the power outages experienced in the Ukraine last December were caused by a series of network-centric attacks against multiple utilities, says SANS industrial control system expert Michael J. Assante. The former chief security officer of the North American Electric Reliability Corporation, who previously oversaw …
Darren Pauli, 15 Jan 2016
Mobile banking, image via Shutterstock

SlemBunk slamdunk: Mobile banking Trojans found worldwide

Cybercrooks have put together a dynasty of Android Trojan apps in a bid to imitate the legitimate apps of 33 financial management institutions across the globe. The SlemBunk apps (which commonly masquerade as popular applications, such as social media, utility, etc) have spread across three major continents: North America, …
John Leyden, 14 Jan 2016

Plain cruelty: Boffins flay Linux ransomware for the third time

Probably the world's most tragically determined blackhat developers have had their revitalised Linux.Encoder ransomware pwned again by meddling BitDefender whitehats. The third iteration of the Linux.Encoder ransomware was unleashed on the world, infecting a paltry 600 servers before a crack team of security analysts returned …
Darren Pauli, 07 Jan 2016
shutterstock_306575414_woman_programmer

LogMeIn adds emergency break-in feature to LastPass

LogMeIn is launching its first revamp of the LastPass password management app, three months after its controversial purchase of the popular utility back in October. LastPass 4.0 features a modernised user interface as well as features designed to promote secure, simple password management for individuals, teams and companies …
John Leyden, 05 Jan 2016
London Overground and a Southeastern train near Bermondsey. Pic: Matt Buck

Irked train hackers talk derailment flaws, drop SCADA password list

32c3 A trio of Russian hackers say core flaws in rail networks are opening trains to hijacking and derailment and have published dozens of hardcoded industrial control system credentials to kick vendors into action. description Sergey Gordeychik (right), Gleb Gritsai, and Aleksandr Timorin (rear). Industrial control specialist …
Darren Pauli, 04 Jan 2016
Switch

Crumbs! Stricken Kiev blames Russian hackers for Xmas eve outages

The Ukrainian government is blaming power outages in the Western Ukraine on “hacker attacks by Russia[n] special services”. Malware has been found in the networks of some utilities, according to the Security Service of Ukraine (SBU). Moreover, these malware intrusions coincided with a “non-stop telephone flood at utility …
John Leyden, 29 Dec 2015
More flaws found in Java

Oracle ordered to admit on its website that it lost the plot on Java security

Oracle bungled the security updates of its Java SE software so badly it must publish a groveling letter prominently on its website for the next two years. After gobbling up Java along with Sun in 2010, Oracle's software updates for Java SE would only affect the latest version installed. If you had multiple versions of Java SE …
Chris Williams, 22 Dec 2015

It was Shodan easy! MacKeeper user database left wide open

A database of 13 million MacKeeper users has been easily accessed online, potentially exposing personal details but not payment information. Email addresses, phone numbers, IP addresses and weakly hashed passwords for the controversial Apple Mac cleanup utility were exposed because MongoDB databases hosting the information …
John Leyden, 16 Dec 2015
Samsung Galaxy S6

Samsung appeals to Supreme Court to bring patent law into 21st century

Samsung has appealed to the Supreme Court to hear its patent case against Apple. The appeal [PDF] was expected when Samsung lost the case in 2012, and an appeal this May, and was told to pay the iPhone maker just under $1bn in compensation. The case revolved around the fact that Samsung's smartphones were strikingly similar …
Kieren McCarthy, 15 Dec 2015
shutterstock_222258445-roadblock

Predictable: How AV flaw hit Microsoft's Windows defences

Could it be that time spent by Microsoft on software security counts for naught? Possibly - based on the findings of an investigation by enSilo that found some of the best-known AV names are susceptible to new vulnerabilities. The results are alarming, suggesting an entire of ecosystem unwittingly opening a back door into …
John Leyden, 11 Dec 2015

Kaspersky, McAfee, and AVG all vulnerable to major flaw

Some of the biggest names in the security software business have been compromised by a serious flaw that could allow a hacker to use the commercial security code to infiltrate computers. In March, researchers at security firm enSilo found a serious flaw in popular free antivirus engine AVG Internet Security 2015. They found …
Iain Thomson, 10 Dec 2015

Windows' Nemesis: Pre-boot malware pwns payment processors

Cybercrooks targeting payment card data have developed a sophisticated malware that executes before the operating system boots. Security researchers at FireEye / Mandiant came across the rarely seen so-called bootkit technique during a recent investigation at an organisation in the financial transaction processing industry. …
John Leyden, 07 Dec 2015

Lenov-lol, a load of Tosh, and what the Dell? More bad holes found in PC makers' bloatware

In brief Lenovo laptops and PCs can be hijacked by visiting a malicious website – and Dell and Toshiba machines suffer vulnerabilities, too, we're told. If you're running the Lenovo Solution Center bundled with Lenovo gear, and you browse by an evil webpage, scripts on that page can run code with full system privileges on your computer …
Chris Williams, 05 Dec 2015