Yahoo Spreading Malware?
January 15, 2014 by admin
Filed under Around The Net
Comments Off on Yahoo Spreading Malware?
Some advertisements on Yahoo Inc’s European websites last week spread malicious software, Yahoo said on Sunday, potentially infecting the computers of thousands of users.
Last Friday, Fox-IT, a Delft, Netherlands-based computer security firm, wrote in a blog that attackers had inserted malicious ads served by ads.yahoo.com.
In a recently released statement, a Yahoo spokesman, said: “On Friday, January 3 on our European sites, we served some advertisements that did not meet our editorial guidelines, specifically they spread malware.” Yahoo said it promptly removed the bad ads, and that users of Mac computers and mobile devices were not affected.
Malware is software used to disrupt a computer’s operations, gather sensitive information, or gain access to private computer systems.
Fox-IT estimated that on Friday, the malware was being delivered to approximately 300,000 users per hour, leading to about 27,000 infections per hour. The countries with the most affected users were Romania, Britain, and France.
“It is unclear which specific group is behind this attack, but the attackers are clearly financially motivated and seem to offer services to other actors,” Fox-IT wrote in the January 3 blog post.
Is The US & UK Lacking In Broadband?
December 11, 2013 by admin
Filed under Around The Net
Comments Off on Is The US & UK Lacking In Broadband?
The US and UK are stragglers when it comes to consumer broadband download speeds and appear far down in table rankings.
This puts the countries, swaggering authoritarian surveillance monsters that they are, rather low down on the satisfaction scale.
The ranking produced by Ookla is based on results from Speedtest servers, and is called the Net Index.
“Based on millions of recent test results from Speedtest.net, this index compares and ranks consumer download speeds around the globe,” is the explanation.
“The value is the rolling mean throughput in Mbps over the past 30 days where the mean distance between the client and the server is less than 300 miles.”
Hong Kong takes pole position and it is credited as having download speeds in the area of 71.03 Mbps. There is a big drop of around 20 Mbps down to Singapore in second place with 52.85 Mbps and third is Romania, where speeds are 50.82 Mbps.
You have to look a long way down the list before arriving at the UK, which is in 25th place. Here, or there depending on where you live, consumers get a rather meagre sounding 23.55 Mbps.
The United States weighs in at 31st place and has download speeds of 20.77 Mbps. This puts it below the UK, Germany, Estonia, Hungary, Greece and 25 others.
Closer to home the European Commission has published its report on Broadband Coverage in Europe (2012) and reveals progress on broadband coverage targets. It found that while broadband has improved, it could be faster.
PayPal Extend Bug Bounty
PayPal is expanding its bug bounty program to individuals aged 14 and older, a move intended to reward younger researchers who are technically ineligible to hold full-fledged PayPal accounts.
PayPal’s program, which is a year old this month, only applied to those 18 years and older. Under the old rule, participants in the program were required to hold valid accounts, which excluded minors, said Gus Anagnos, PayPal’s director of information security.
In May, 17-year-old Robert Kugler, a student in Germany, said he’d been denied a reward for finding a vulnerability. PayPal said the bug had already been found by two other researchers, which would have made Kugler ineligible for bounty.
In an apparent miscommunication, Kugler said he was initially told he was too young rather than the bug had already been discovered. Nonetheless, PayPal said it would look to bring younger people into its program, which pays upwards of $10,000 for remote code execution bugs on its websites.
Those who are under 18 years old can receive a bug bounty payment through a PayPal student account, an arrangement where a minor can receive payments via their parent’s account, Anagnos said.
Anagnos said other terms and conditions have been modified to make its program more transparent, such as clarifying which PayPal subsidiaries and partner sites qualify for the program.
PayPal pays much less for vulnerabilities on partner websites, which have a URL form of “www.paypal-__.com.” A remote execution bug found on that kind of site garners only $1,500 rather than up to $10,000 on the company’s main sites.
Like other bug bounty programs run by companies such as Microsoft and Google, PayPal will publicly recognize researchers on its website with a “Wall of Fame” for the top 10 researchers in a quarter. Another “honorable mention” page lists anyone who submitted a valid bug for the quarter.
Eusebiu Blindu, a testing consultant from Romania, was one of the researchers listed on the Wall of Fame for the first quarter of this year.
“I think Paypal is the best bug bounty program, and I am glad I participated in it from the first days of its launching,” he wrote on his blog.