By BeauHD from Slashdot's sound-the-alarms department
msm1267 quotes a report from Threatpost: A little more than two weeks after the latest ShadowBrokers leak of NSA hacking tools, experts are certain that the DoublePulsar post-exploitation Windows kernel attack will have similar staying power to the Conficker bug, and that pen-testers will be finding servers exposed to the flaws patched in MS17-010 for years to come. MS17-010 was released in March and it closes a number of holes in Windows SMB Server exploited by the NSA. Exploits such as EternalBlue, EternalChampion, EternalSynergy and EternalRomance that are part of the Fuzzbunch exploit platform all drop DoublePulsar onto compromised hosts. DoublePulsar is a sophisticated memory-based kernel payload that hooks onto x86 and 64-bit systems and allows an attacker to execute any raw shellcode payload they wish. "This is a full ring0 payload that gives you full control over the system and you can do what you want to it," said Sean Dillon, senior security analyst at RiskSense. Dillon was the first to reverse-engineer a DoublePulsar payload, and published his analysis last Friday. "This is going to be on networks for years to come. The last major vulnerability of this class was MS08-067, and it's still found in a lot of places," Dillon said. "I find it everywhere. This is the most critical Windows patch since that vulnerability." Dan Tentler, founder and CEO of Phobos Group, said internet-net wide scans he's running have found about 3.1 percent of vulnerable machines are already infected (between 62,000 and 65,000 so far), and that percentage is likely to go up as scans continue. "This is easily describable as a bloodbath," Tentler said.Read Replies (0)
By BeauHD from Slashdot's new-and-improved department
An anonymous reader quotes a report from Ars Technica: Verizon is now selling what it calls "FiOS Gigabit Connection" for $69.99 a month in a change that boosts top broadband speeds and makes lower prices available to many Internet subscribers. Actual bandwidth will be a bit lower than a gigabit per second, with "downloads as fast as 940Mbps and uploads as fast as 880Mbps," Verizon's announcement today said. The gigabit service is available in most of Verizon's FiOS territory, specifically to "over 8 million homes in parts of the New York, New Jersey, Philadelphia, Richmond, Va., Hampton Roads, Va., Boston, Providence and Washington, D.C. areas," Verizon said. Just three months ago, Verizon boosted its top speeds from 500Mbps to 750Mbps. The standalone 750Mbps Internet service cost $150 a month, more than twice the price of the new gigabit tier. Existing customers who bought that 750Mbps plan "will automatically receive FiOS Gigabit Connection and will see their bills lowered," Verizon said. It's not clear whether they will get their price lowered all the way to $70. It's important to note that the $70 price is only available to new customers, and it's a promotional rate that will "increase after promo period." Additionally, Verizon will charge you a $10 per month router charge unless you pay $150 for the Verizon router, plus other taxes and fees.Read Replies (0)
By msmash from Slashdot's microsoft-vs-salesforce department
Microsoft is rolling out upgrades to its sales software that integrates data from LinkedIn, an initiative that Microsoft CEO Satya Nadella told Reuters was central to the company's long-term strategy for building specialized business software. From the report: The improvements to Dynamics 365, as Microsoft's sales software is called, are a challenge to market leader Salesforce.com and represent the first major product initiative to spring from Microsoft's $26 billion acquisition of LinkedIn, the business-focused social network. The new features will comb through a salesperson's email, calendar and LinkedIn relationships to help gauge how warm their relationship is with a potential customer. The system will recommend ways to save an at-risk deal, like calling in a co-worker who is connected to the potential customer on LinkedIn. [...] The artificial intelligence, or AI, capabilities of the software would be central, Nadella said. "I want to be able to democratize AI so that any customer using these products is able to, in fact, take their own data and load it into AI for themselves," he said. On Monday, LinkedIn said it has surpassed 500 million members globally, one of the first big milestones for the business social network since its acquisition.Read Replies (0)
By msmash from Slashdot's making-things-easier department
Amazon said on Monday it is launching a platform for companies with subscription services -- from newspapers, magazines to TV streaming. The "Subscribe with Amazon" marketplace allows consumers to buy subscriptions to products like SlingTV streaming, Headspace meditation, Dropbox Plus, as well as workout videos, online classes, meal plans and even matchmakers. The marketplace also features more traditional subscriptions, similar to those that have become popular on Amazon's Kindle tablets, including the Chicago Tribune, LA Times, Wall Street Journal and New Yorker.Read Replies (0)
By EditorDavid from Slashdot's great-and-powerful-Steve department
An anonymous reader quotes the BBC:
A group of aurora enthusiasts have found a new type of light in the night sky and named it Steve. Eric Donovan from the University of Calgary in Canada spotted the feature in photos shared on a Facebook group. He did not recognise it as a catalogued phenomenon and although the group were calling it a proton arc, he knew proton auroras were not visible. Testing showed it appeared to be a hot stream of fast-flowing gas in the higher reaches of the atmosphere.
The European Space Agency sent electric field instruments to measure it 300km (190 miles) above the surface of the Earth and found the temperature of the air was 3,000C (5,400F) hotter inside the gas stream than outside it. Inside, the 25km-wide ribbon of gas was flowing at 6 km/s (13,000mph), 600 times faster than the air on either side.
One official at the European Space Agency made sure to thank the "army of citizen scientists" who helped with the discovery, saying "It turns out that Steve is actually remarkably common, but we hadn't noticed it before." The name apparently came from a scene in the movie "Over the Hedge."Read Replies (0)
By EditorDavid from Slashdot's declarations-of-independence department
An anonymous reader writes:
What is your take on functional programming and related technologies (i.e. lambdas and streams)? Is it our salvation? Is it merely another useful design pattern? Or is it a technological dead-end?
Python creator Guido van Rossum has said most programmers aren't used to functional languages, and when he answered Slashdot reader questions in 2013 said the only functional language he knew much about was Haskell, and "any language less popular than Haskell surely has very little practical value." He even added "I also don't think that the current crop of functional languages is ready for mainstream."
Leave your own opinions in the comments. Do you like functional programming?Read Replies (0)