Drone Simtoo Dragonfly Pro - 4K Camera, Foldaway Arms, Follow Me, Point Of Interest, Panoramic Shot, Auto Hover, Takeoff / Land♦ HK Warehouse Blackview BV8000 Pro Android Phone - IP68, 2-IMEI, Android 7, Octa-Core, 6GB RAM, 1080p, 16MP Cam (Gray)♦ Xiaomi Mi Robot Vacuum Cleaner - Laser Distance Sensor, NIDEC Brushless Motor, 1800 Pa, 5200mAh, App Control, Auto-Adjust Brush♦ Huawei Mate 9 Android Smartphone - Android 7.0, Leica Dual-Camera, Octa-Core CPU, 4GB RAM, 5.9-Inch Display, OTG (Black)♦ ► ♦ MSys Corporate Training Offers Customized Training Programs To Upskill Employees And Reduces Skill Gap.♦♦ Certified Scrum Product Owner (CSPO®)♦♦ Certified Scrum Master (CSM®)♦♦ Certified Associate in Project Management (CAPM®)♦♦ ITIL Foundation♦♦ Lean Six Sigma Green Belt (LSSGB)♦♦ Lean Six Sigma Black Belt (LSSBB)♦♦ PMI Agile Certified Practitioner(ACP) Certification Program♦♦ Project Management Professional (PMP)►
- November 20, 2017:Queensbury Oncologist and Office Manager Plead Guilty in Connection with Administering Unapproved Drugs
- Correcting the Record on vDOS Prosecutions
- November 7, 2017: Federal Jury Convicts Lake Charles Veterinarian, Pharmacy in Race Horse Doping Conspiracy
- Fund Targets Victims Scammed Via Western Union
- Debugging Tool Left on OnePlus Phones, Enables Root Access
- Intel Patches CPU Bugs Impacting Millions of PCs, Servers
- Multiple Vulnerabilities in LibXL Library Open Door to RCE Attacks
- Oracle Issues Emergency Patches for ‘JoltandBleed’ Vulnerabilities
- White House Releases VEP Disclosure Rules
- Cisco Warns of Critical Flaw in Voice OS-based Products
- Microsoft Patches 17-Year-Old Office Bug
- Microsoft Patches 20 Critical Vulnerabilities
Category Archives: Solutions
Data centers have had a problem with fire suppression systems. While trying to remove the threat of fire damage, they have actually introduced dangers of their own.
These systems operate by flooding the data center with inert gas, preventing fire from taking hold. However, to do this, they have to fill the space quickly, and this rapid expansion can create a shockwave, with vibrations that can damage the hard drives in the facility’s storage systems.
Image from: greenhousedata.com
A year ago, this happened in Glasgow, where a fire suppression system took out the local government’s email systems. And in September ING Bank in Romania was taken offline by a similar system. At the bank, there wasn’t even a fire. The system wrecked hard drives during a planned test of the fire suppressions system – one which had been unwisely scheduled for a busy lunchtime period.
These are just the incidents we know about. Ed Ansett of i3 has told us that this same problem has occurred on many occasions, but the data centers affected have chosen not to share the information.
It’s also likely these faults will happen more frequently as time passes because hard drives are evolving. To make higher capacity drives, vendors are allowing read/write heads to fly closer to the platters. This means they can resolve smaller magnetic domains, and more bits can fit on a disk. These drives have a smaller tolerance to shaking.
This is a shame because information leads to understanding, which is the key to solving the problem. To solve the problem, we need a scientific examination of how these incidents occur. And it turns out this is exactly what has been happening.
At DCD’s Zettastructure event in London last week, I heard about two very promising lines of inquiry that could make this problem simply disappear.
Fire suppression vendor Tyco believes that with drives becoming more fragile, more gentle nozzles are needed. The company has created a nozzle which will not shake drives, and will eventually be available as an upgrade to existing systems. Product manager Miguel Coll told me that the new nozzle is just as effective in suppressing fires, but does not produce a damaging shockwave.
That sounds like a problem solved – but there’s another approach. Future Facilities is well known for its computational fluid dynamics (CFD) software, which models the flow of air in data centers and is usually used to ensure that hot air is removed efficiently and eddies don’t waste energy.
Future Facilities checked the physics and found its software could also model the flow of much faster air, including the shockwave produced when a fire suppression system floods the room with gas.
The company modeled the operation of the systems and found that the nozzles are usually placed too close to IT systems. The rules by which they are placed were set by authorities outside the data center industry and predate today’s IT systems.
Future Facilities product manager David King reckons the research means that the whole problem can be avoided by simply placing the nozzles according to CFD models of how they work.
The data center industry’s weapon in the war on risk and waste is science. I’ll publish more about this on DatacenterDynamics, while the agenda of the Zettastructure event is online and the presentations will be available.
Peter Judge is editor of DatacenterDynamics
Previously seen on Green Data Center News
root9B Holdings, a company that many in the security industry consider little more than a big-name startup aimed at cashing in on the stock market’s insatiable appetite for cybersecurity firms, surprised no one this week when it announced it was … Continue reading
It’s Nov. 14 — the second Tuesday of the month (a.k.a. “Patch Tuesday) — and Adobe and Microsoft have issued gobs of security updates for their software. Microsoft’s 11 patch bundles fix more than four-dozen security holes in various Windows versions … Continue reading
November 3, 2017: Vero Beach Orthopedic Surgeon Charged in Drug Conspiracy Resulting in Death
Google this week finally addressed the KRACK vulnerability in Android, three weeks after the WPA2 protocol flaw was publicly disclosed.
A KrebsOnSecurity series on how easy big-three credit bureau Equifax makes it to get detailed salary history data on tens of millions of Americans apparently inspired a deeper dive on the subject by Fast Company, which examined how this Equifax … Continue reading
Network security practitioners often look to solve technical problems with technical solutions: “The engineers got us into this mess; they can get us out of it.”
The U.S. Equal Employment Opportunity Commission (EEOC) made significant progress in managing the pending inventory of charges in fiscal year 2017. EEOC offices deployed new strategies to more efficiently prioritize charges with merit and more quickly resolve investigations once the agency had sufficient information. Together with improvements in the agency’s digital systems, these strategies produced an increase in charge resolutions and a significant decrease in charge inventory.
A New Mexico man is facing federal hacking charges for allegedly using the now defunct attack-for-hire service vDOS to launch damaging digital assaults aimed at knocking his former employer’s Web site offline. Prosecutors were able to bring the case in part because vDOS got massively hacked last year, and its customer database of payments and targets leaked to this author and to the FBI.
Prosecutors in Minnesota have charged John Kelsey Gammell, 46, with using vDOS and other online attack services to hurl a year’s worth of attack traffic at the Web sites associated with Washburn Computer Group, a Minnesota-based company where Gammell used to work.
vDOS existed for nearly four years, and was known as one of the most powerful and effective pay-to-play tools for launching distributed denial-of-service (DDoS) attacks. The vDOS owners used a variety of methods to power their service, including at least one massive botnet consisting of tens of thousands of hacking Internet of Things (IoT) devices, such compromised Internet routers and security cameras. vDOS also was used in numerous DDoS attacks against this site.
Investigators allege that although Gammell used various methods to hide his identity, email addresses traced back to him were found in the hacked user and target databases from vDOS.
More importantly, prosecutors say, someone began taunting Washburn via Yahoo and Gmail messages while the attacks were underway, asking how everything was going at the company and whether the IT department needed any help.
“Also attached to this second email was an image of a mouse laughing,” the Justice Department indictment (PDF) alleges. “Grand jury subpoenas for subscriber information were subsequently served on Google…and Yahoo. Analysis of the results showed information connecting both accounts to an individual named John Gammell. Both email addresses were created using the cell phone number 612-205-8609.”
The complaint notes that the government subpoenaed AT&T for subscriber information and traced that back to Gammell as well, but phone number also is currently listed as the recovery number for a Facebook account tied to John K. Gammell.
That Facebook account features numerous references to the hacker collective known as Anonymous. This is notable because according to the government Gammell used two different accounts at vDOS: One named “AnonCunnilingus” and another called “anonrooster.” The email addresses this user supplied when signing up at vDOS (firstname.lastname@example.org and email@example.com) include other addresses quite clearly tied to multiple accounts for John K. Gammell.
Below is a snippet from a customer service ticket that the AnonCunnilingus account filed in Aug. 2015
“Dear Colleagues, this is Mr. Cunnilingus. You underestimate your capabilities. Contrary to your statement of “Notice!” It appears from our review that you are trying to stress test a DDoS protected host, vDOS stresser is not capable of taking DDoS protected hosts down which means you will not be able to drop this hosting using vDOS stresser…As they do not have my consent to use my internet, after their site being down for two days, they changed their IP and used rackspace DDoS mitigation and must now be removed from cyberspace. Verified by downbyeveryone. We will do much business. Thank you for your outstanding product We Are Anonymous USA.”
Gammell has pleaded not guilty to the charges. He has not responded to requests for comment. The indictment states that Gammell allegedly attacked at least a half-dozen other companies over a year-long period between mid-2015 and July 2016, including several banks and two other companies at which he either previously worked or with whom he’d interviewed for a job.
In late July 2016, an anonymous security researcher reached out to KrebsOnSecurity to share a copy of the vDOS databases. The databases showed that vDOS made more than $600,000 in just two of the four years it was in operation, helping to launch more than 150,000 DDoS attacks.
Since then, two alleged co-owners of vDOS — two 19-year-old Israeli men — have been arrested and charged with operating an attack-for-hire service. Aside from Gammell’s case, I am not aware of any other public cases involving the prosecution of people who allegedly used vDOS to conduct attacks.
But that will hopefully change soon, as there are countless clues about the identities of other high-volume vDOS users and their targets. Identifying the perpetrators in those cases should not be difficult because at some point vDOS stopped allowing users to log in to the service using a VPN, meaning many users likely logged into vDOS using an Internet address that can be traced back to them either via a home Internet or wireless account.
According to a review of the vDOS database, both accounts allegedly tied to Gammell were banned by vDOS administrators — either because he shared his vDOS username and password with another person, or because he logged on to the accounts with a VPN. Here’s a copy of a notice vDOS sent to AnonCunnilingus on July 28, 2015:
“Dear AnonCunnilingus , We have recently reviewed your account activity, and determined that you are in violation of vDos’s Terms of Service, It appears from our review that you have shared your account (or accessed vDos stresser from several locations and platforms) which is against our Terms of Services. Please refer to the following logs and terms:n- AnonCunnilingus logged in using the following IPs: 220.127.116.11 (US), 18.104.22.168 (XX) date: 06-08-2015 18:05nn- 8) You are not allowed to access vDos stresser using a VPN/VPS/Proxy/RDP/Server Tunnelling and such.n- 3) You may not share your account, if you will, your account will be closed without a warning or a refund!”
What’s most likely limiting prosecutors from pursuing more vDOS users is a lack of DDoS victims coming forward. In an advisory issued last month, the FBI urged DDoS victims to report the attacks.
The FBI requests DDoS victims contact their local FBI field office and/or file a complaint with the Internet Crime Complaint Center (IC3), regardless of dollar loss or timing of incident. Field office contacts can be identified at www.fbi.gov/contact-us/field. IC3 complaints should be filed at www.ic3.govwith the following details (if applicable):
- Traffic protocol used by the DDoS (DNS, NTP, SYN flood, etc)
- Attempt to preserve netflow and/or packet capture of the attack
- Any extortion/threats pertaining to the DDoS attack
- Save any such correspondence in its original, unforwarded format
- Victim information
- Overall losses associated with the DDoS attack
- If a ransom associated with the attack was paid, provide transaction details, the subject’s email address, and/or crypto currency wallet address
- Victim impact statement (e.g., impacted services/operations)
- IP addresses used in the DDoS attack
The second volume of essays and observations From the Easy Chair of William Curtis, editor of Harper’s Weekly and one of the founders of the American Republican party, and served Ulysses S. Grant; although he split from the party in the 1880s over the choice of presidential candidate. He was an original member of the New York Board of Education. – Summary by Lynne Thompson