Month: January 2019

(credit: Alejandro Mejía Greene (flickr user: ·júbilo·haku·))

Remember the December 13 email blast that threatened to blow up buildings and schools unless recipients paid a $20,000 ransom? It triggered mass evacuations, closures, and lockdowns in the US, Canada, and elsewhere around the world.

An investigation shows the spam run worked by abusing a weakness at GoDaddy that allowed the scammers to hijack at least 78 domains belonging to Expedia, Mozilla, Yelp and other legitimate people or organizations. The same exploit allowed the scammers to hijack thousands of other domains belonging to a long list of other well-known organizations for use in other malicious email campaigns. Some of those other campaigns likely included ones that threatened to publish embarrassing sex videos unless targets paid ransoms.

Distributing the malicious emails across such a broad swath of reputable domains belonging to well-recognized organizations was a major coup. The technique, known as snowshoe spamming, drastically increased the chances the emails would be delivered because it weakened the reputation metrics spam filters rely on. Rather than appearing as fringe content sent by one or a handful of sketchy domains, the snowshoe technique gave the emails an air of legitimacy and normalcy. The technique gets it name because, like snowshoes, it distributes the heavy load evenly across a wide area.

(credit: Alejandro Mejía Greene (flickr user: ·júbilo·haku·))

Remember the December 13 email blast that threatened to blow up buildings and schools unless recipients paid a $20,000 ransom? It triggered mass evacuations, closures, and lockdowns in the US, Canada, and elsewhere around the world.

An investigation shows the spam run worked by abusing a weakness at GoDaddy that allowed the scammers to hijack at least 78 domains belonging to Expedia, Mozilla, Yelp and other legitimate people or organizations. The same exploit allowed the scammers to hijack thousands of other domains belonging to a long list of other well-known organizations for use in other malicious email campaigns. Some of those other campaigns likely included ones that threatened to publish embarrassing sex videos unless targets paid ransoms.

Distributing the malicious emails across such a broad swath of reputable domains belonging to well-recognized organizations was a major coup. The technique, known as snowshoe spamming, drastically increased the chances the emails would be delivered because it weakened the reputation metrics spam filters rely on. Rather than appearing as fringe content sent by one or a handful of sketchy domains, the snowshoe technique gave the emails an air of legitimacy and normalcy. The technique gets it name because, like snowshoes, it distributes the heavy load evenly across a wide area.

Enlarge / Ethanol Plant, Milton, Wisconsin. (credit: Education Images/UIG via Getty Images)

Late last week, the US Court of Appeals for the 9th Circuit published an opinion (PDF) stating that California's regulation of fuel sales based on a lifecycle analysis of carbon emissions did not violate federal commerce rules.

Since 2011, California has had a Low Carbon Fuel Standard (LCFS) program, which requires fuel sellers to reduce their fuel's carbon intensity by certain deadlines. If oil, ethanol, or other fuel sellers can't meet those deadlines, they can buy credits from companies that have complied with the standard.

California measures "fuel intensity" over the lifecycle of the fuel, so oil extracted from tar sands (which might require a lot of processing) would be penalized more than lighter oil that requires minimal processing. Ethanol made with coal would struggle to meet its carbon intensity goals more than ethanol made from gas.

Enlarge

Google previously announced that its most popular messaging app, Google Hangouts, would be shutting down. In a post today on the GSuite Updates blog, Google detailed what the Hangouts shutdown will look like, and the company shared some of its plan to transition Hangouts users to "Hangouts Chat," a separate enterprise Slack clone.

First, we need to get some vocabulary down to navigate Google's extremely confusing branding. There are two totally separate products we're talking about here: "Hangouts" and "Hangouts Chat." These two products have nothing in common besides their similar names.

Hangouts—which Google has recently retconned to "Hangouts Classic"—is Google's most-popular messaging app of all time. The full-featured, consumer-grade, instant-messaging app has over a billion installs on Android, and it has enjoyed prominent placement in the desktop version of Gmail. Since it was an in-place upgrade of Google Talk, it has a user base dating back 13 years.

Back in the 1990s, HBO notably produced the cult-classic horror anthology series Tales from the Crypt. For its new horror anthology, Folklore, the scary monsters are drawn from the mythologies of various Asian cultures. Instead of a vampire, you get a pontianak, and in place of a trickster genie who grants wishes, there is a blood-drinking toyol from Malaysia.

Created by Singaporean director Eric Khoo, the series features six standalone episodes, each with a different director and cast, set in a different country: Indonesia, Japan, Singapore, Thailand, Malaysia, and Korea. (Khoo directed the Singapore-set episode, "Nobody.") The episodes have been making the rounds at film festivals, including the 2018 Fantastic Fest in Austin, Texas, and the 2018 Toronto Film Festival. And now they're coming to the small screen.

In "A Mother's Love," a single mother moves into a mansion with her young son and finds several unkempt children in the attic. When she helps return them to their families, she incurs the wrath of Wewe Gombel, a child-snatching vengeful spirit—although, to be fair, in the original folktale she only takes children who have been abused. (The story is reminiscent of how the Icelandic ogre Gryla was portrayed as a protector of children recently in The Chilling Adventures of Sabrina solstice special.)

Enlarge / Meet the COLLUSION Unisex puffer jacket in red. (credit: ASOS)

On Tuesday, the Electronic Frontier Foundation issued yet another formal response to an overzealous legal demand, this time over the use of the domain name "collusion.so."

This story begins with President Donald Trump's most public attorney, Rudy Giuliani, who despite being the president's cybersecurity adviser, doesn't seem to understand how Twitter or URLs work.

In December 2018, Giuliani amazingly blamed Twitter itself for turning a phrase he wrote in a tweet ("G-20.in") into a valid URL. An enterprising Twitter user noticed, bought the domain, and turned it into an anti-Trump site.