News & Updates

Enlarge / Storm troopin’ across the universe…

Nearly four months after shutting down micro transactions over widespread fan outrage, EA has announced a new “Progression Update” for Star Wars Battlefront II that will bring real-money purchases back to the game on March 21—but only for cosmetic items.

The game’s randomized loot crates will now be earned through daily logins, completion of in-game Milestones, and timed challenges, rather than real-money purchases, the publisher announced this morning in a blog post. Those randomized crates will also no longer include character-boosting Star Cards, which will instead be earned through experience points applied to classes, hero characters, and ships. The Star Card system will now progress linearly as well, at a rate of one Star Card unlock or upgrade per experience level.

Cosmetic “appearances,” on the other hand, can be purchased with credits earned in-game or with crystals bought with real money. “If you’ve ever dreamed of being a part of the Resistance as a Rodian, your chance is right around the corner,” the blog post reads. That change comes after EA CFO Blake Jorgensen said in November that concerns over brand integrity initially prevented the game from including potential cosmetics like a pink Darth Vader costume.

Read 4 remaining paragraphs | Comments


For reasons known only to my subconscious, I woke up this morning thinking about a car you’ve almost certainly never heard of: the Connaught Type-D. It was an intriguing little thing—light years ahead of its time and wildly ambitious for a tiny British startup that had taken its name from a maker of racing cars that went bust in 1957. But even though the Connaught never made it to production, it still deserves to be remembered.

Cast your mind back to 2004. Michael Schumacher was still on top of his game, racing for Ferrari. Jeremy Clarkson was still on Top Gear and still funny. Tesla barely existed, the autonomous car was a far-off dream, and I was still just reading about cars as a scientist rather than writing about them for my favorite online publication. Flicking through the November issue of Car, a short article about a reborn Connaught caught my eye—and my imagination.

Read 7 remaining paragraphs | Comments


Enlarge / Water carrying a dye and added CO₂ is bubbled over the Great Barrier Reef. (credit: Aaron Takeo Ninokawa )

Coral reefs are not just pretty and cool—beyond tourism dollars and once-in-a-lifetime diving experiences, they provide real utility to human society. They provide homes to about a quarter of the world’s fish, which many people rely on as a food source. They can act as a barrier to rising sea levels, and they can protect coastlines from eroding.

But thanks to all the carbon we’ve pumped into the air, coral reefs are disappearing. Fast. Part of that is heat stress, but CO2 can also influence coral’s ability to form reefs in the first place. A new experiment gives us our first look at how much this affects a complete reef ecosystem.

When oceans take up atmospheric carbon dioxide, they acidify. This in turn depresses the concentration of carbonate ions in the water. When there is a dearth of carbonate ions in seawater, coral reefs, made of carbonates, dissolve to restore the balance. So it stands to reason that increasing carbon dioxide in the water would spell trouble for the corals.

Read 7 remaining paragraphs | Comments


Enlarge / Ian Read, chairman and chief executive officer of Pfizer Inc. (credit: Getty | Bloomberg)

As drug giant Pfizer Inc. hiked the price of dozens of drugs in 2017, it also jacked up the compensation of CEO Ian Read by 61 percent, putting his total compensation at $27.9 million, according to financial filings reported by Bloomberg.

Pfizer’s board reportedly approved the compensation boost because they saw it as a “compelling incentive” to keep Read from retiring. He turns 65 in May. As part of the deal, Read has to stay on through at least next March and is barred from working with a competitor for a minimum of two years after that.

According to Bloomberg, Read’s compensation included in part a salary of $1.96 million, a $2.6 million bonus, $13.1 million in equity awards linked to financial goals and stock price, as well as an $8 million special equity award that will vest if the company’s average stock return goes above 25 percent for 30 consecutive trading days before the end of 2022.

Read 7 remaining paragraphs | Comments


Enlarge / The future of computing is… a big metal tank? If it turns out there’s just a guy with a laptop in there doing Google searches, I’m going to be very disappointed. (credit: John Timmer)

YORKTOWN HEIGHTS, NY—I’m in a room with one possible future for computing. The computer itself is completely unimposing, looking like a metal tank suspended from the ceiling. What makes an impression is the noise, a regular metallic ping that dominates the room. It’s the sound of a cooling system designed to take hardware to the edge of absolute zero. And the hardware being cooled isn’t a standard chip; it’s IBM’s take on quantum computing.

In 2016, IBM made a lot of noise when it invited the public to try out an early iteration of its quantum computer, hosting only five qubits—far too few qubits to do any serious calculations but more than enough for people to gain some real-world experience with programming on the new technology. Amidst some rapid progress, IBM installed more tanks in its quantum computing room and added new processors as they were ready. As the company scaled up the number of qubits to 20, it optimistically announced that 50-qubit hardware was on its way.

During our recent visit to IBM’s Thomas Watson Research Center, the company’s researchers were far more circumspect, being clear they weren’t making promises and that 50-qubit hardware is just a stepping stone toward quantum computing’s future. But they did make the case that IBM was well-positioned to be part of that future, in part because of the ecosystem the company is building up around these early efforts.

Read 23 remaining paragraphs | Comments


Enlarge / Washington State Capitol building in Olympia, Washington. (credit: Getty Images | Richard Cummins)

Washington, the first US state to pass a net neutrality law after the repeal of federal rules, might have to get ready for a court battle.

Washington’s legislature and governor defied the Federal Communications Commission’s claim that states cannot implement their own net neutrality rules, and they are likely to face a lawsuit from Internet service providers or their lobby groups. But the legislation’s primary sponsor, State Rep. Drew Hansen (D-Bainbridge Island), is confident that the state will win in court.

Hansen is also a trial lawyer and has litigated preemption questions, he told Ars in an interview this week.

Read 22 remaining paragraphs | Comments


Enlarge / GM hopes to start manufacturing this car, with no steering wheel, gas, or brake pedals, next year. (credit: General Motors)

In January, General Motors unveiled the Cruise AV, a car designed to have no steering wheel and no gas or brake pedals. It seems like science fiction, but GM is totally serious about the project. On Wednesday GM announced that it was investing $100 million in manufacturing facilities for the new car, with a goal of introducing a commercial taxi service using the vehicles by the end of next year.

But how quickly these cars actually show up on our roads will depend on Congress. Current safety rules require every car to have a steering wheel and pedals—making a car like the Cruise AV illegal without a special exemption. The rules can be changed by regulators, but the rulemaking process typically takes years to complete. So car and technology companies have been lobbying Congress for an expedited process to allow tens of thousands of vehicles like the Cruise AV on the roads ahead of a full re-write of the safety regulations.

The House of Representatives easily passed a version of this legislation, called the SELF DRIVE Act, last September. But the Senate’s companion legislation, known as the AV START Act, has been making slow progress. With midterm elections looming, insiders say the next few months are crucial. If the Senate doesn’t pass the AV START Act soon, large-scale manufacturing of vehicles like the Cruise AV could be pushed well into the next decade.

Read 32 remaining paragraphs | Comments


According to Check Point report, the authors of the prolific GandCrab ransomware are continuously improving their malware by adopting the AGILE development process.

Early February experts at cyber security firm LMNTRIX have discovered a new ransomware-as-a-service dubbed GandCrab. advertised in Russian hacking community on the dark web.

GandCrab raas

The GandCrab was advertised in Russian hacking communities, researchers noticed that authors leverage the RIG and GrandSoft exploit kits to distribute the malware.

Partners are prohibited from targeting countries in the Commonwealth of Independent States (Azerbaijan, Armenia, Belarus, Kazakhstan, Kyrgyzstan, Moldova, Russia, Tajikistan, Turkmenistan, Uzbekistan and Ukraine). Security experts believes that the hackers behind the ransomware are likely Russia-based.

It has been estimated that the GandCrab ransomware has managed to infect approximately 50,000 computers, most of them in Europe, in less than a month asking from each victim for ransoms of $400 to $700,000 in DASH cryptocurrency.

Earlier March, a joint operation conducted by Romanian Police and Europol allowed to identify and seize the command-and-control servers tied to the GandCrab ransomware campaigns.

The Romanian Police (IGPR) under the supervision of the General Prosecutor’s Office (DIICOT) and in collaboration with the internet security company Bitdefender and Europol released the GandCrab ransomware decryptor.

Even after the success of the operation conducted by law enforcement, crooks behind the GandCrab ransomware are still active.

According to experts at Check Point security firm, the gang has already infected over 50,000 victims mostly in the U.S., U.K. and Scandinavia. It has been estimated that the revenues in two months have reached $600,000.

GandCrab is the most prominent ransomware of 2018. By the numbers this ransomware is huge,” explained Yaniv Balmas, security research at Check Point. 

Balmas compares the ransomware to the Cerber malware, the expert also added that GandCrab authors are adopting an agile malware development approach, and this is the first time for a malware development.

“For those behind GandCrab, staying profitable and staying one-step ahead of white hats means adopting a never-before-seen agile malware development approach, said Check Point.reported Threat Post.

“Check Point made the assessment after reviewing early incarnations of the GandCrab ransomware (1.0) and later versions (2.0).”

Researchers have analyzed both GandCrab ransomware (1.0) and later versions (2.0) and have deduced that vxers are continuously improving the malicious code adopting an Agile approach.

“The authors started by publishing the least well-built malware that could possibly work, and improved it as they went along. Given this, and given that this newest version was released within the week, the bottom line seems to be: It’s the year 2018, even ransomware is agile,” reads an upcoming report to be released by Check Point.

The code for early versions of the GandCrab ransomware was affected by numerous bugs, but the development team has fixed them.

According to the researchers, the authors of the GandCrab ransomware doesn’t conduct any campaign, instead they are focused on the development of their malware.

“They have been diligent about fixing issues as they pop up. They are clearly doing their own code review and fixing bugs reported in real-time, but also fixing unreported bugs in a very efficient manner.” explained Michael Kajiloti, team leader, malware research at Check Point.

The researchers believe that future versions will address several major bugs that currently allowed experts to decrypt the files locked by the ransomware.

GandCrab itself is an under-engineered ransomware that manages to still be effective. For example, until recently, the malware accidentally kept local copies of its RSA private decryption key – the essential ingredient of the extortion – on the victim’s machine. This is the ransomware equivalent of someone locking you out of your own apartment and yet leaving a duplicate of the key for you under the doormat,” continues Check Point.

“If you monitor your internet traffic while you are infected for the private key, this means you can easily decrypt your files,” Balmas said. “The private key is encrypted in transit. But it is encrypted using the same password every time. And the password is embedded in the malware code.”

The developers also focused on improving evasion capabilities, a continuous development process like the one used in Agile allows the GandCrab to easily bypass signature-based AV engines.

“Cosmetics and incremental code changes keep the core of the malware behavior essentially the same. This comes to show the core differentiator of dynamic analysis and heuristic-based detection, which is signature-less,” states Check Point report.

“With agile development and the infection rate and affiliates, GandCrab will keep making money,”

Only monitoring the evolution of the threat, we can prevent infections.

medianet_width=’300′; medianet_height= ‘250’; medianet_crid=’762221962′;


Pierluigi Paganini

(Security Affairs – GandCrab RaaS, cybercrime)

The post GandCrab ransomware evolves thanks to an AGILE development process appeared first on Security Affairs.

Source: Security affairs

AUSTIN, Texas—The five-person team behind a simple WordPress plugin, which took three hours to code, never expected to receive worldwide attention as a result. But NRKbeta, the tech-testing group at Norway’s largest national media organization, tapped into a meaty vein with the unveiling of last February’s Know2Comment, an open source plugin that can attach to any WordPress site’s comment section.

“It was a basic idea,” NRKbeta developer Ståle Grut told a South By Southwest crowd on Tuesday. “Readers had to prove they read a story before they were able to comment on it.”

The story has since been told a few times, but Grut’s recent refresh on the topic is just as compelling for its comment-section impact as it is for NRK’s thought process on how to make Internet media a better place: invite readers to have an active stake in improving it.

Read 14 remaining paragraphs | Comments