Saturday, July 31, 2021

FAST-FORWARD > We're Running Out of Time...The Urgency of Now For Climate Emergency Action

WORDS > Nothing is more dangerous than the mirage of action shrouding the truth of inaction, because it breeds either false confidence that we will be OK or cynicism and despair about meaningless political promises.

Our biggest enemy is no longer climate denial but climate delay

Ed Miliband

the Guardian

OPENING: "Future generations will look back on the climate events of 2021 and say:

“That was the year they ran out of excuses.”

Heatwaves and flooding here in the UK, temperatures topping 50C in Pakistan, hundreds killed by a heatwave in British Columbia, deadly floods in Germany and China. All within a single month. Add to that the recent dire warning from the Met Office that the age of extreme weather has just begun.

The wake-up call that this offers is not just the obvious one: that climate breakdown is already here. It also illustrates that we, in this generation, are in a unique position in the history of this crisis. Climate breakdown can no longer be plausibly denied as a threat etched only in the future. And all too soon, avoiding it may be a luxury lost to the past. The window to avoid catastrophe is closing with every passing day. We’re in the decisive decade in this fight, and we must treat the climate crisis as an issue that stands alone in the combination of its urgency and the shadow it casts over future generations. . .The actions we take defy the normal rhythm of political cycles.

. . .The accompanying truth is that our biggest enemy is no longer climate denial but climate delay. The most dangerous opponents of change are no longer the shrinking minority who deny the need for action, but the supposed supporters of change who refuse to act at the pace the science demands.

As Bill McKibben, environmentalist and climate scholar, says on climate:

“Winning slowly is the same as losing.”

Nothing is more dangerous than the mirage of action shrouding the truth of inaction, because it breeds either false confidence that we will be OK or cynicism and despair about meaningless political promises.

The case for investing now is not just clear as a question of intergenerational equity, it’s also the only conclusion to draw from a hard-headed fiscal analysis of the costs and benefits.

We should act now not just because we must avoid future generations living in a disaster movie but because rewriting the script can produce a better world. Rapid decarbonisation is the imperative, but we can do so in a way that fixes the inequalities that exist in our current economic system. This is the promise of the Green New Deal – that this transformative programme of investment can also generate good jobs, help existing industries transition and create new ones, ensure warmer homes, cleaner air, and a lasting shift in wealth and power across our country. This is the vision we must fight for. . .

Just over 50 years ago, Martin Luther King said of the fight for racial and economic justice: “We are now faced with the fact that tomorrow is today. We are confronted with the fierce urgency of now. In the unfolding conundrum of life and history, there is such a thing as being too late.” As the generation that stands astride the causes and consequences of this climate emergency, we must take heed of those words.

Ed Miliband is the Labour MP for Doncaster North and shadow business, energy and industry secretary

Friday, July 30, 2021

ESPORTS GAMBLING BETTING ARRIVING IN ARIZONA > Esports Entertainment Group (NASDAQ: GMBL) Projecting $100 Million in Revenue

EVERYTHING BLEEPING COMPUTER

About BleepingComputer.com

https://www.bleepingcomputer.com
Bleeping Computer^® is an information security and technology news publication created in 2004 by Lawrence Abrams. Millions of visitors come to BleepingComputer.com every month to learn about the latest security threats, technology news, ways to stay protected online, and how to use their computers more efficiently.

For our work in analyzing ransomware, issuing news alerts about the latest security threats, and offering free ransomware decryptors, BleepingComputer is the first news and support site to be added as a partner of the No More Ransom Project. This project was started in 2016 as an alliance between Europol's European Cybercrime Centre, the National High Tech Crime Unit of the Netherlands police, and McAfee to battle ransomware.

In addition to news, we provide a wide array of free technical support services, downloads, and self-education tools that allow users to resolve issues on their computer. Whether you are a novice user here to learn basic concepts about computers or an advanced user infected with ransomware, BleepingComputer can offer solutions to your problem for free.

Ultimately, our goal is to turn your #$@!* computer that never does what you want into one that you praise as a well-tamed tool.

Mission Statement

Our mission: To provide accurate and relevant information about the latest cybsecurity threats and technology advances so you can protect and take control of your network, devices, and data.

Ways to contribute

As part of our mission to help you take control of your data and devices, we always welcome news tips and research that you think our readers would find interesting.

To share a news tip with BleepingComputer, you can our News Tip form to share the information confidentially.

Editorial Team

Lawrence Abrams, Owner, Editor-in-Chief

Email | Twitter | LinkedIn | Articles

Lawrence Abrams is the Editor-in-Chief and owner of BleepingComputer.com. Lawrence’s area of expertise includes security, malware research, ransomware, and computer forensics. Lawrence Abrams is also a co-author of the Winternals Defragmentation, Recovery, and Administration Field Guide and technical editor for Rootkits for Dummies.

Ionut Ilascu, Cybersecurity Editor

Email | Twitter | Articles

Ionut Ilascu is a technology writer with a focus on all things cybersecurity. The topics he writes about include malware, vulnerabilities, exploits and security defenses, as well as research and innovation in information security. His work has been published by Bitdefender, Netgear, The Security Ledger and Softpedia.

Sergiu Gatlan, Cybersecurity Editor

Email | Twitter | Articles

Sergiu Gatlan is a reporter who covered cybersecurity, technology, Apple, Google, and a few other topics at Softpedia for more than a decade. Email or Twitter DMs for tips.

Mayank Parmar, Staff Writer, Computing

Email | Twitter | Articles

Mayank Parmar is journalist covering technology news, but with a strong focus on Microsoft and Windows related stories. He is always poking under the hood of Windows looking for the latest secrets to reveal.

Ax Sharma, Staff Writer

Email | Twitter | LinkedIn | Articles

Ax Sharma is a Security Researcher, Engineer, and Tech Columnist. His works and expert analyses have frequently been featured by leading media outlets like Fortune, The Register, TechRepublic, CIO, etc. Ax's expertise lies in vulnerability research, reverse engineering, software development, and web app security. He's an active member of the OWASP Foundation and the British Association of Journalists (BAJ).

New destructive Meteor wiper malware used in Iranian railway attack

Lawrence Abrams

BleepingComputer

New destructive Meteor wiper malware used in Iranian railway attack

A new file wiping malware called Meteor was discovered used in the recent attacks against Iran's railway system.

Earlier this month, Iran's transport ministry and national train system suffered a cyberattack, causing the agency's websites to shut down and disrupting train service. The threat actors also displayed messages on the railway's message boards stating that trains were delayed or canceled due to a cyberattack.

Some of these messages told passengers to call a phone number for more information, which is for the office of Supreme Leader Ali Khamenei.

**Hackers posting messages to the railway's message boards**
*Source: Twitter*

In addition to trolling the railway, the threat actors locked Windows devices on the network with a lock screen that prevented access to the device.

New Meteor wiper used in Iran attacks

In a new report by SentinelOne, security researcher Juan Andres Guerrero-Saade revealed that the cyberattack on Iran utilized a previously unseen file wiper called Meteor.

A wiper is malware that intentionally deletes files on a computer and causes it to become unbootable.

Unlike ransomware attacks, destructive wiper attacks are not used to generate revenue for the attackers. Instead, their goal is to cause chaos for an organization or to distract admins while another attack is taking place.

While Iranian cybersecurity firm Aman Pardaz previously analyzed the wiper, SentinelOne could find additional missing components to provide a clearer picture of the attack.

"Despite a lack of specific indicators of compromise, we were able to recover most of the attack components described in the post along with additional components they had missed," explains Guerrero-Saade in SentinelOne's research.

"Behind this outlandish tale of stopped trains and glib trolls, we found the fingerprints of an unfamiliar attacker."

The attack itself is dubbed 'MeteorExpress,' and utilizes a toolkit of batch files and executables to wipe a system, lock the device's Master Boot Record (MBR), and install a screen locker.

**MeteorExpress attack chain**
*Source: SentinelOne*

To start the attack, threat actors extracted a RAR archive protected with the 'hackemall' password. The attackers then added these files to a network share accessible to the rest of the computers on the Iranian railway's network.

The threat actor then configured Windows group policies to launch a setup.bat batch file that would then copy various executables and batch files to the local device and execute them.

As part of this process, the batch files would go through the following steps:

Check if Kaspersky antivirus was installed and terminate the attack if found.
Disconnect the device from the network.
Add Windows Defender exclusions to prevent the malware from being detected.
Extract various malware executables and batch files to the system.
Clear Windows event logs.
Delete a scheduled task called ‘AnalyzeAll’ under the Windows Power Efficiency Diagnostics directory.
Use Sysinternals 'Sync' tool to flush the filesystem cache to the disk.
Launche the Meteor wiper (env.exe or msapp.exe), MBR locker (nti.exe), and screen locker (mssetup.exe) on the computer.

When completed, the device will be unbootable, its file deleted, and a screen locker installed that displays the following wallpaper background before the computer is rebooted for the first time.

**MeteorExpress screen locker**
*Source: SentinelOne*

While SentinelOne was unable to find the 'nti.exe' MBR locker, the researchers from Aman Pardaz claim that it shares overlap with the notorious NotPetya wiper.

"One interesting claim in the Padvish blog is that the manner in which nti.exe corrupts the MBR is by overwriting the same sectors as the infamous NotPetya," explained Guerrero-Saade.

"While one’s first instinct might be to assume that the NotPetya operators were involved or that this is an attempt at a false flag operation, it’s important to remember that NotPetya’s MBR corrupting scheme was mostly cribbed from the original Petya used for criminal operations."

Initially thought to be a ransomware attack, NotPetya was a wiper that wreaked havoc across the globe in 2017 by spreading to exposed networks via NSA's ETERNALBLUE exploit and encrypting devices.

In 2020, the USA indicted six Russian GRU intelligence operatives believed to be part of the elite Russian hacking group known as "Sandworm" for the NotPetya attack.

At this time, the motive for the Meteor wiper attacks on Iran's railway is not clear, and the attacks have not been attributed to any particular group or country.

"We cannot yet make out the shape of this adversary across the fog. Perhaps it’s an unscrupulous mercenary group. Or the latent effects of external training coming to bear on a region’s nascent operators," concludes SentinelOne's report.

"At this time, any form of attribution is pure speculation and threatens to oversimplify a raging conflict between multiple countries with vested interests, means, and motive."

========================================================================

DOJ: SolarWinds hackers breached emails from 27 US Attorneys’ offices

The US Department of Justice says that the Microsoft Office 365 email accounts of employees at 27 US Attorneys' offices were breached by the Russian Foreign Intelligence Service (SVR) during the SolarWinds global hacking spree.

Sergiu Gatlan
July 30, 2021
08:12 PM

Microsoft

Microsoft shares mitigation for recent Windows Server printing issues

Microsoft has released temporary mitigation info for a known issue that might cause print and scan failures on multiple Windows Server versions after installing July 2021 security updates on domain controllers.

Sergiu Gatlan
July 30, 2021
08:00 AM

Security

PyPI packages caught stealing credit card numbers, Discord tokens

The Python Package Index (PyPI) registry has removed several Python packages this week aimed at stealing users' credit card numbers, Discord tokens, and granting arbitrary code execution capabilities to attackers. These malicious packages were downloaded over 30,000 times according to the researchers who caught them.

Ax Sharma
July 30, 2021
08:18 AM

Google, Security

Google to block logins on old Android devices starting September

Google is emailing Android users to let them know that, starting late September, they will no longer be able to log in to their Google accounts on devices running Android 2.3.7 (Gingerbread) and lower.

Sergiu Gatlan
July 30, 2021
08:59 AM

Security

Linux eBPF bug gets root privileges on Ubuntu - Exploit released

A security researcher released exploit code for a high-severity vulnerability in Linux kernel eBPF (Extended Berkeley Packet Filter) that can give an attacker increased privileges on Ubuntu machines.

Ionut Ilascu
July 30, 2021
12:26 PM

Technology, Security

Amazon gets $888 million GDPR fine for behavioral advertising

Amazon has quietly been hit with a record-breaking €746 million fine for alleged GDPR violations regarding how it performs targeted behavioral advertising.

Lawrence Abrams
July 30, 2021
12:34 PM

Microsoft, Linux

Windows 10 now lets you install WSL with a single command

Microsoft says the Windows Subsystem for Linux (WSL) can now be installed on Windows 10, version 2004 or later using a single terminal command.

Sergiu Gatlan
July 30, 2021
03:08 PM

Security

CISA launches vulnerability disclosure platform for federal agencies

The Cybersecurity and Infrastructure Security Agency (CISA) today launched a new vulnerability disclosure policy (VDP) platform for US federal civilian agencies.

Sergiu Gatlan
July 30, 2021
04:08 PM

Security

Node.js fixes severe HTTP bug that could let attackers crash apps

Node.js has released updates for a high severity vulnerability that could be exploited by attackers to crash the process and cause unexpected behaviors. The use-after-free vulnerability, tracked as CVE-2021-22930 is to do with how HTTP2 streams are handled in the language.

Ax Sharma
July 30, 2021
05:44 PM

Security

The Week in Ransomware - July 30th 2021 - €1 billion saved

Ransomware continues to be active this week, with new threat actors releasing new features, No More Ransom turning five, and a veteran group rebrands.

Lawrence Abrams
July 30, 2021
07:43 PM

Security

DOJ: SolarWinds hackers breached emails from 27 US Attorneys’ offices

Sergiu Gatlan
July 30, 2021
08:12 PM

Gopuff Shakes Up the Delivery Services Industry

STONE COLD ALEC AGENDA: AZ Governor Doug Ducey Sent This ...Tim Phillips is president of Americans for Prosperity. Grover Norquist is president of Americans for Tax Reform.

Newsweek Opinion: Arizona Tax Reform Is a National Model

Tim Phillips & Grover Norquist
Newsweek
July 30, 2021

"As America recovers from shutdowns imposed in response to COVID-19, many states are experiencing surges in tax revenues unthinkable a year ago. Even so, the federal government has provided trillions in unnecessary spending and "stimulus" funds—even with a number of states experiencing surpluses before they received any federal dollars.

While some legislators see these windfalls as an opportunity to waste money on unnecessary programs, Arizona lawmakers have wisely chosen to reduce the state tax burden.

The coronavirus pandemic and the lockdowns that accompanied it were traumatic and costly for the American people. Millions continue to struggle to make up for lost income, rebuild their small businesses or make sure their kids are prepared to succeed in school again. At a minimum, they ought to be able to keep as much of their hard-earned money as possible. That's the best way to help them accomplish all these goals, and to build the American dream.

Fortunately, the state of Arizona agrees.

The budget recently signed by Governor Doug Ducey includes meaningful, comprehensive tax reforms that address many of the shortcomings in the state's current tax code. Instead of the five different brackets in the existing system, all Arizona workers will soon pay a personal income tax rate of 2.5 percent, except for the highest earners, who will pay 4.5 percent.

This reform was made possible in part by the fact that Arizona was projected to build up a budget surplus of nearly $4 billion over the next three years.

By lowering the income tax rate and making the tax code flatter, the tax burden on all Arizonans is reduced, and families will see real, long-term relief that's desperately needed.

This tax reduction will also boost Arizona's competitiveness, making the state more desirable for both individuals and pass-through businesses, as a majority of small businesses pay taxes under the individual tax code. This will help grow the economy and create jobs going forward—a positive contrast with the past year, which saw so many lost jobs and reduced hours. This reform package sets up the state to recover stronger than ever.

Americans rely on elected officials to recognize and address genuine public priorities, and to do so responsibly and in a way that's consistent with the Constitution. That means keeping taxes as low as possible, so workers can benefit from their labor and don't wind up surrendering their hard-earned money only for it to be wasted.

When tax revenues unexpectedly surge beyond what's needed to respond to real priorities, those funds should be returned to the workers who earned them. Lawmakers can't respond to surpluses by acting like they won the lottery, spending wildly on boondoggles and pet projects. Instead, they should act as careful stewards of tax dollars, ensuring that families pay no more in taxes than is necessary.

This is not the course being taken in Washington D.C., where the White House is forcing through another massive spending bill, this one ostensibly intended to build infrastructure. Washington D.C. sets a bad example.

Arizona, on the other hand, provides a good example: lower the tax rates to let people keep more of what they earn and invest in what they care about most. Limit government spending to grow no faster than the incomes of the citizens who pay the taxes. Create a magnet for job-creating investment and hardworking Americans who simply wish to be left alone to work hard, take care of their families and support their communities.

The Arizona reform is a positive model and one that should be followed by other states and the federal government."

Tim Phillips is president of Americans for Prosperity. Grover Norquist is president of Americans for Tax Reform.

View the full article online

Beyond the Bell 07/30/2021

From The Office of Arizona Governor Doug Ducey: Heading into August...

WHAT A WEEK it was all over the world, but let's take a scant look to scroll it down here to check if he forgot to mention or include anything important to most people

The last week of July was a busy one for Governor Ducey. The highpoint may have been when the Governor joined KORE Power to announce it selected Arizona for its lithium-ion battery manufacturing facility, which will generate about 13,000 jobs.

What's more, Arizona's new tax plan is garnering praise at the national level, the hospitality industry is bouncing back, and education leaders are coming together to protect students and school choice. Read about all this and more below.

Governor Ducey Issues Statement On New CDC Guidance
"Public health officials in Arizona and across the country have made it clear that the best protection against COVID-19 is the vaccine. Today’s announcement by the CDC will unfortunately only diminish confidence in the vaccine and create more challenges for public health officials 一 people who have worked tirelessly to increase vaccination rates."

Kore Power Selects Arizona Site One Million Square Foot "Koreplex" Lithium-ion Battery Manufacturing Facility
KORE Power plans to employ more than 3,000 full-time personnel at the facility, which will generate upwards of an estimated 10,000 direct and indirect jobs. The construction of KOREPlex will employ an estimated 3,400 workers during peak construction.

Governor Ducey Urges Delegation To Protect Charter School Students
Governor Ducey this week urged Arizona’s Congressional Delegation to oppose federal legislation that will jeopardize critical funding the state’s public charter schools receive and put thousands of students at risk.

Governor Ducey Thanks ADHS Director Dr. Christ For Longtime, Dedicated Service To Arizona
Governor Ducey this week announced Arizona Department of Health Services Director Dr. Cara Christ, who has been instrumental in the state’s COVID-19 response, will leave her position on August 27 for another leadership role as chief medical officer for Blue Cross Blue Shield of Arizona.

Newsweek Opinion: Arizona Tax Reform Is A National Model
"By lowering the income tax rate and making the tax code flatter, the tax burden on all Arizonans is reduced, and families will see real, long-term relief that's desperately needed. This tax reduction will also boost Arizona's competitiveness, making the state more desirable for both individuals and pass-through businesses, as a majority of small businesses pay taxes under the individual tax code."

Governor Ducey Statement On The Dobbs V. Jackson Women's Health Organization Amicus Brief
“The Constitution preserves the rights of the states by specifically enumerating the authority granted to the federal government. Unfortunately, almost 50 years ago, the U.S. Supreme Court decided to ignore the Constitution and created policy which has led to the over-politicization of this issue for decades."

Governor Ducey, Hospitality Leaders Discuss Continued Economic Growth
Governor Ducey this week met with leaders of the hospitality industry at the Sanctuary Camelback Mountain Resort to discuss Arizona’s job recovery, growing economy and tourism opportunities.