Iranian hackers have been “password spraying” the US grid

State-sponsored group “Magnallium” has been probing US utilities for the past year.

Electricity pylons at sunset

Enlarge / Electricity pylons at sunset (credit: James O'Neill | Getty Images)

In the wake of the US assassination of Iranian general Qasem Soleimani and the retaliatory missile strike that followed, Iran-watchers have warned that the country could deploy cyberattacks as well, perhaps even targeting US critical infrastructure like the electric grid. A new report lends some fresh details to the nature of that threat: By all appearances, Iranian hackers don't currently have the capability to start causing blackouts in the US. But they’ve been working to gain access to American electric utilities, long before tensions between the two countries came to a head.

On Thursday morning, industrial control system security firm Dragos detailed newly revealed hacking activity that it has tracked and attributed to a group of state-sponsored hackers it calls Magnallium. The same group is also known as APT33, Refined Kitten, or Elfin, and has previously been linked to Iran. Dragos says it has observed Magnallium carrying out a broad campaign of so-called password-spraying attacks, which guess a set of common passwords for hundreds or even thousands of different accounts, targeting US electric utilities as well as oil and gas firms.

A related group that Dragos calls Parisite has worked in apparent cooperation with Magnallium, the security firm says, attempting to gain access to US electric utilities and oil and gas firms by exploiting vulnerabilities in virtual private networking software. The two groups' combined intrusion campaign ran through all of 2019 and continues today.

Read 9 remaining paragraphs | Comments

Iranian hackers have been “password spraying” the US grid

State-sponsored group “Magnallium” has been probing US utilities for the past year.

Electricity pylons at sunset

Enlarge / Electricity pylons at sunset (credit: James O'Neill | Getty Images)

In the wake of the US assassination of Iranian general Qasem Soleimani and the retaliatory missile strike that followed, Iran-watchers have warned that the country could deploy cyberattacks as well, perhaps even targeting US critical infrastructure like the electric grid. A new report lends some fresh details to the nature of that threat: By all appearances, Iranian hackers don't currently have the capability to start causing blackouts in the US. But they’ve been working to gain access to American electric utilities, long before tensions between the two countries came to a head.

On Thursday morning, industrial control system security firm Dragos detailed newly revealed hacking activity that it has tracked and attributed to a group of state-sponsored hackers it calls Magnallium. The same group is also known as APT33, Refined Kitten, or Elfin, and has previously been linked to Iran. Dragos says it has observed Magnallium carrying out a broad campaign of so-called password-spraying attacks, which guess a set of common passwords for hundreds or even thousands of different accounts, targeting US electric utilities as well as oil and gas firms.

A related group that Dragos calls Parisite has worked in apparent cooperation with Magnallium, the security firm says, attempting to gain access to US electric utilities and oil and gas firms by exploiting vulnerabilities in virtual private networking software. The two groups' combined intrusion campaign ran through all of 2019 and continues today.

Read 9 remaining paragraphs | Comments

Dish Network Proposes Blockchain Based Anti-Piracy System

Dish Network is fighting online streaming piracy on many fronts. Aside from lawsuits and other legal campaigns, the company also looks at the broader picture. In a new patent application, Dish envisions a blockchain-based anti-piracy management system that promises to be open and accessible to all.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

American satellite and broadcast provider Dish Network has fought several legal battles against alleged pirate streaming tools in recent years.

The company filed a lawsuit against the people behind TVAddons, for example. More recently the company went after multiple pirate streaming sites and IPTV reseller Boom Media.

In addition to using well-established legal options, the company is also thinking ahead. That became clear this week when we spotted a new patent application from Dish, which envisions a blockchain-based anti-piracy system.

According to the company, piracy has become increasingly problematic. It’s not just limited to dedicated pirate sites but also plagues legitimate platforms such as YouTube and Facebook, it notes.

“The distribution of infringed material on content sharing platforms such as Facebook and YouTube has grown rapidly,” Dish writes in its patent application.

“For example, viewers can easily find links to live sporting events, hosted on someone’s Facebook account, find the newest episodes of their favorite series on YouTube or Dailymotion or even join groups like `mobile movies` on Telegram..,” the company adds.

Dish writes that “millennials” and the “next generation” are increasingly turning their backs on the traditional bundle service system, opting for less-costly alternatives instead. These cheaper alternatives include the consumption of unlicensed content on legitimate services.

While most large companies have their own anti-piracy solutions, these often have shortcomings, such as requiring rightsholders to actively search for pirated content. While a few large outfits use hash recognition to automatically detect content, those systems are often proprietary and not freely available.

The new patent application envisions a technology that is supposed to be superior. While it can’t really be used to stop pirate sites, it proposes a blockchain-based anti-piracy system that legitimate services can use to check whether the content is published with permission, or not.

“The inventors have conceived and reduced to practice a software and/or hardware facility that can be used by content owners to assert ownership of content so that copyright friendly websites and services can take action against copyright piracy effectively, efficiently and is scalable,” Dish writes.

“The facility makes available to all content owners watermarking/fingerprinting technology so an identifier can be embedded in the content. The facility utilizes blockchain technology to add information related to each unique identifier in a database and allows an authorized user (e.g., the owner) to update the information through a blockchain transaction.”

There are several practical implementations possible, but it’s clear that Dish is in favor of a widely available system that sites and services can use to determine whether content is authorized. The watermark or fingerprint-based system should interact with a blockchain to verify ownership details.

Without a practical implementation, it’s hard to determine whether this approach will succeed or not. However, blockchain-based copyright management itself is not a new idea, as others have proposed this as well. The same is true for watermarking and fingerprinting.

It’s interesting to see that Dish is actively pursuing an alternative anti-piracy approach. Time will tell if it comes to fruition, and if so, how effective it will be. One thing’s almost guaranteed though, there will be plenty of attempts by pirates to get around it.

A copy of the patent application titled “Content anti-piracy management system and method” is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Dish Network Proposes Blockchain Based Anti-Piracy System

Dish Network is fighting online streaming piracy on many fronts. Aside from lawsuits and other legal campaigns, the company also looks at the broader picture. In a new patent application, Dish envisions a blockchain-based anti-piracy management system that promises to be open and accessible to all.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

American satellite and broadcast provider Dish Network has fought several legal battles against alleged pirate streaming tools in recent years.

The company filed a lawsuit against the people behind TVAddons, for example. More recently the company went after multiple pirate streaming sites and IPTV reseller Boom Media.

In addition to using well-established legal options, the company is also thinking ahead. That became clear this week when we spotted a new patent application from Dish, which envisions a blockchain-based anti-piracy system.

According to the company, piracy has become increasingly problematic. It’s not just limited to dedicated pirate sites but also plagues legitimate platforms such as YouTube and Facebook, it notes.

“The distribution of infringed material on content sharing platforms such as Facebook and YouTube has grown rapidly,” Dish writes in its patent application.

“For example, viewers can easily find links to live sporting events, hosted on someone’s Facebook account, find the newest episodes of their favorite series on YouTube or Dailymotion or even join groups like `mobile movies` on Telegram..,” the company adds.

Dish writes that “millennials” and the “next generation” are increasingly turning their backs on the traditional bundle service system, opting for less-costly alternatives instead. These cheaper alternatives include the consumption of unlicensed content on legitimate services.

While most large companies have their own anti-piracy solutions, these often have shortcomings, such as requiring rightsholders to actively search for pirated content. While a few large outfits use hash recognition to automatically detect content, those systems are often proprietary and not freely available.

The new patent application envisions a technology that is supposed to be superior. While it can’t really be used to stop pirate sites, it proposes a blockchain-based anti-piracy system that legitimate services can use to check whether the content is published with permission, or not.

“The inventors have conceived and reduced to practice a software and/or hardware facility that can be used by content owners to assert ownership of content so that copyright friendly websites and services can take action against copyright piracy effectively, efficiently and is scalable,” Dish writes.

“The facility makes available to all content owners watermarking/fingerprinting technology so an identifier can be embedded in the content. The facility utilizes blockchain technology to add information related to each unique identifier in a database and allows an authorized user (e.g., the owner) to update the information through a blockchain transaction.”

There are several practical implementations possible, but it’s clear that Dish is in favor of a widely available system that sites and services can use to determine whether content is authorized. The watermark or fingerprint-based system should interact with a blockchain to verify ownership details.

Without a practical implementation, it’s hard to determine whether this approach will succeed or not. However, blockchain-based copyright management itself is not a new idea, as others have proposed this as well. The same is true for watermarking and fingerprinting.

It’s interesting to see that Dish is actively pursuing an alternative anti-piracy approach. Time will tell if it comes to fruition, and if so, how effective it will be. One thing’s almost guaranteed though, there will be plenty of attempts by pirates to get around it.

A copy of the patent application titled “Content anti-piracy management system and method” is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Mobiltelefone: LGs Smartphone-Geschäft soll in einem Jahr profitabel sein

Im vierten Quartal bleibt der Umsatz von LG Electronics weit hinter den Erwartungen zurück. Trotzdem verspricht der neue CEO Kwon Bong-seok, dass die Smartphonesparte des Konzerns bis 2021 endlich wieder profitabel sein soll. (LG, Smartphone)

Im vierten Quartal bleibt der Umsatz von LG Electronics weit hinter den Erwartungen zurück. Trotzdem verspricht der neue CEO Kwon Bong-seok, dass die Smartphonesparte des Konzerns bis 2021 endlich wieder profitabel sein soll. (LG, Smartphone)

Wacom One: Wacom bietet günstiges Stift-Display für Einsteiger

Nutzer, die nicht genug Geld für ein teures Stift-Display haben, können sich das Wacom One anschauen. Für relativ wenig Geld bietet es die Stift-Technik des Herstellers und ein Panel, auf das direkt geschaut werden kann. Einige Einschränkungen sind abe…

Nutzer, die nicht genug Geld für ein teures Stift-Display haben, können sich das Wacom One anschauen. Für relativ wenig Geld bietet es die Stift-Technik des Herstellers und ein Panel, auf das direkt geschaut werden kann. Einige Einschränkungen sind aber zu erwarten. (Wacom, Eingabegerät)

‘Copyright Troll’ Malibu Media Gets Sued By its Former Law Firm

A law firm hired by notorious ‘copyright troll’ outfit Malibu Media is suing the company over breach of contract and unpaid bills. According to a lawsuit filed this week by The Lomnitzer Law Firm, Malibu ‘circumvented’ an agreement between the companies by hiring other attorneys to conduct litigation. The law firm is also demanding that Malibu pay more than $280K to settle its debts with the company.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Over the past several years, adult entertainment company Malibu Media has been one of the most active copyright litigants in the United States. Targeting large numbers of alleged file-sharers, the company has received potentially huge sums in cash settlements.

But while the company usually makes the headlines for its file-sharing cases, a dispute with a former business partner is now shining a light behind the scenes. This week, Florida-based The Lomnitzer Law Firm sued California-based Malibu Media over their business dealings.

According to the lawsuit, in May 2017 Lomnitzer and Malibu entered into an agreement for the former to provide legal services to the latter.

While the precise details are to be submitted under seal, the outline is that Lomnitzer would coordinate Malibu’s litigation against pirates across the United States, receive settlements and pay them into a trust account, pay court filing fees, pay process server fees and investigators, and pay expenses related to the deposition of Malibu.

The law firm claims that it issued invoices to Malibu on a regular basis, using money in the trust account to pay some while dispensing settlement funds back to Malibu. However, the lawsuit claims that a date currently unknown, Malibu “began a program of circumventing the agreement.”

According to the complaint, this came in the form of instructing attorneys in other jurisdictions, that were previously instructed by Lomnitzer, to “bypass” the law firm. This involved sending settlement money directly to Malibu rather than Lomnitzer, “while still expecting the Firm to pay court filing fees, process server fees, etc., all incurred for and on behalf of and for the benefit of Malibu.”

Faced with these circumstances, on August 30, 2019, Lomnitzer terminated its representation of Malibu. Since then it claims to have received invoices from third-parties incurred as a result of its representation of Malibu while its own invoices to Malibu itself (totaling more than $262,500) remain unpaid.

The bottom line according to Lomnitzer’s suit is that Malibu owes the law firm $280,05.32 plus additional interest accruing after December 31, 2019. It is demanding a judgment from the court to that end, an order allowing it to use funds in the trust account towards that amount, plus an order “confirming the Firm’s lien against all proceeds of all pending litigation in which Malibu is a Plaintiff.”

To address the allegations that other law firms are paying settlements directly to Malibu rather than Lomnitzer, Malibu’s former legal team are also seeking an order to prevent Malibu from “disbursing any settlement monies from any and all pending litigation nationwide to anyone other than the Firm.”

On top, of course, Lomnitzer is demanding attorney fees and costs plus any other relief the court deems “just and proper”.

The lawsuit filed by Lomnitzer against Malibu can be found here (pdf)

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

The Witcher’s Netflix success: How three timelines somehow became cohesive

A great example of how a TV series’ expansion beyond books, games can succeed.

Promotional image from Netflix fantasy series The Witcher.

Enlarge / Netflix's version of The Witcher exercises wiggle room with three types of source material. For the series' spread of main characters, that's good news. (credit: Netflix)

The Witcher is Netflix's surprise hit of the year, a series that seemed from the outset an unlikely-to-succeed adaptation greenlit in the foolish hope of finding the "next Game of Thrones." Despite middling reviews from critics, the show has become one of Netflix's 10 "most popular" shows of 2019, an honor it achieved with barely 11 days left in the year.

Even more surprising is its path to success. Netflix's The Witcher turned out to be a catchy, bingeable series not because of a blind faithfulness to the original work but by showrunner Lauren Schmidt Hissrich disregarding how the original material was structured. By sticking with the spirit of the stories, instead of following them letter-of-the-law style, The Witcher was far more successful than anyone could have imagined.

100 years, one Continent, three timelines

When Game of Thrones arrived in 2011, one of the ways it reeled in fans was its almost slavish allegiance to the source material. Entire segments of dialogue were lifted directly from the page. Major plot points came in the same order as they did in the books, including Ned Stark's death before the season finale. When the show added scenes out of order, such as Cersei and Jaime's scene over Jon Arryn's body in the pilot, they too were lifted directly from other parts of the novels.

Read 11 remaining paragraphs | Comments

Review: Cowboy Bebop becomes a boardgame

The iconic anime goes cardboard… with mixed results.

Get ready to relive iconic moments from the series... by playing cards with icons on them.

Enlarge / Get ready to relive iconic moments from the series... by playing cards with icons on them. (credit: Charlie Theel)

Welcome to Ars Cardboard, our weekend look at tabletop games! Check out our complete board gaming coverage at cardboard.arstechnica.com.

It’s been years since I watched Cowboy Bebop. I remember borrowing imported VHS tapes and flying through the series (“bingeing,” as the kids today call it). I still remember Faye’s tragic return home, the iconic confrontation at the cathedral, and the many scenes of violence backed by beautiful jazz. The show is electric, burned into my brain.

So Cowboy Bebop: Boardgame Boogie is immediately appealing. This is a 60-minute cooperative game where participants play Spike, Jet, Faye, and Edward, and it has a similar feel to titles like Star Wars: Outer Rim, Firefly, and even Tobago. You will spend most of the game on the repetitive grunt work of chasing bounties and earning Woolong to keep the Bebop’s lights on, creating enough food and cash so you can buy just enough time to deal with each character’s personal issues.

Read 18 remaining paragraphs | Comments