An anonymous reader quotes a report from CNET: Encryption should have limits. That's the message FBI Director Christopher Wray had for cybersecurity experts Tuesday. The technology that scrambles up information so only intended recipients can read it is useful, he said, but it shouldn't provide a playground for criminals where law enforcement can't reach them. "It can't be a sustainable end state for there to be an entirely unfettered space that's utterly beyond law enforcement for criminals to hide," Wray said during a live interview at the RSA Conference, a major cybersecurity gathering in San Francisco. His comments are part of a back-and-forth between government agencies and security experts over the role of encryption technology in public safety. Agencies like the FBI have repeatedly voiced concerns like Wray's, saying encryption technology locks them out of communications between criminals. Cybersecurity experts say the technology is crucial for keeping data and critical computer systems safe from hackers. Letting law enforcement access encrypted information just creates a backdoor hackers will ultimately exploit for evil deeds, they say.

Wray, a former assistant attorney general in the U.S. Department of Justice who counts among his biggest cases prosecutions against Enron officials, acknowledged Tuesday that encryption is "a provocative subject." As the leader of the nation's top law enforcement agency, though, he's focused on making sure the government can carry out criminal investigations. Hackers in other countries should expect more investigations and indictments, Wray said. "We're going to follow the facts wherever they lead, to whomever they lead, no matter who doesn't like it," he said. To applause, he added, "I don't really care what some foreign government has to say about it."

A seemingly complex set of characters like "ji32k7au4a83" is a very common password among users, it turns out. From a report: This interesting bit of trivia comes from self-described hardware/software engineer Robert Ou, who recently asked his Twitter followers if they could explain why this seemingly random string of numbers has been seen by Have I Been Pwned (HIBP) over a hundred times.

Have I Been Pwned is an aggregator that was started by security expert Troy Hunt to help people find out if their email or personal data has shown up in any prominent data breaches. One service it offers is a password search that allows you to check if your password has shown up in any data breaches that are on the radar of the security community. In this case, "ji32k7au4a83" has been seen by HIBP in 141 breaches. Several of Ou's followers quickly figured out the solution to his riddle. The password is coming from the Zhuyin Fuhao system for transliterating Mandarin. The reason it's showing up fairly often in a data breach repository is because "ji32k7au4a83" translates to English as "my password."

Exploit vendor Zerodium said today it would pay up to $500,000 for zero-days in popular cloud products and services such as Microsoft's Hyper-V and (Dell) VMware's vSphere. From a report: Both Hyper-V and vSphere are what experts call virtualization software, also called hypervisors -- software that lets a single "host" server create and run one or more virtual "guest" operating systems. Virtualization software is often found in cloud-powered data centers. Hyper-V is the technology at the core of Microsoft's Azure cloud computing platform, while VMware's vSphere is used by Amazon Web Services and SAP.

With cloud services growing in adoption, especially for hosting websites and crucial IT infrastructure, the importance of both technologies has been slowly increasing in recent years. This paradigm shift hasn't gone unnoticed in the exploit market, where Zerodium -- a Washington, DC-based exploit vendor -- is by far the leading company. In a tweet earlier today, Zerodium announced plans to pay up to $500,000 for fully-working zero-days in Hyper-V and vSphere that would allow an attacker to escape from the virtualized guest operating system to the host server's OS.

An anonymous reader shares a report: Online, you'll find people who use hashtags like "#digitalhoarder" and hang out in the 120,000-subscriber Reddit forum called /r/datahoarder, where they trade tips on building home data servers, share collections of rare files from video game manuals to ambient audio records, and discuss the best cloud services for backing up files. The often stereotyped hoarders letting heaps of physical items of questionable utility dominate their homes and lives often suffer social stigma and anxiety as a result. By contrast, many self-proclaimed digital hoarders say they enjoy their collections, can keep them contained in a relatively small amount of physical space, and often take pleasure in sharing them with other hobbyists or anyone who wants access to the same public data.

[...] Many people active in the data hoarding community take pride in tracking down esoteric files of the kind that often quietly disappear from the internet -- manuals for older technologies that get taken down when manufacturers redesign their websites, obscure punk show flyers whose only physical copies have long since been pulled from telephone poles and thrown in the trash, or episodes of old TV shows too obscure for streaming services to bid on -- and making them available to those who want them.

Spoiler is the newest speculative attack affecting Intel's micro-architecture. From a report: Like the Spectre and Meltdown attacks revealed in January 2018, Spoiler also abuses speculative execution in Intel chips to leak secrets. However, it targets a different area of the processor called the Memory Order Buffer, which is used to manage memory operations and is tightly coupled with the cache. Researchers from Worcester Polytechnic Institute, Massachusetts, and the University of Lubeck in north Germany detail the attack in a new paper, 'Spoiler: Speculative load hazards boost Rowhammer and cache attacks'. The paper [PDF] was released this month and spotted by The Register. The researchers explain that Spoiler is not a Spectre attack, so it is not affected by Intel's mitigations for it, which otherwise can prevent other Spectre-like attacks such as SplitSpectre.

An anonymous reader writes: A security researcher has uncovered a ring of malicious GitHub accounts promoting over 300 backdoored Windows, Mac, and Linux applications and software libraries. The malicious apps contained code to gain boot persistence on infected systems and later download other malicious code -- which appeared to be a "sneaker bot," a piece of malware that would add infected systems to a botnet that would later participate in online auctions for limited edition sneakers.

All the GitHub accounts that were hosting these files -- backdoored versions of legitimate apps -- have now been taken down. One account, in particular, registered in the name of Andrew Dunkins, hosted 305 backdoored ELF binaries. Another 73 apps were hosted across 88 other accounts.

An anonymous reader quotes a report from Patently Apple: Firefox browser-maker Mozilla is considering whether to block cybersecurity company DarkMatter from serving as one of its internet security gatekeepers after a Reuters report linked the United Arab Emirates-based firm to a cyber espionage program. Reuters reported in January that DarkMatter provided staff for a secret hacking operation, codenamed Project Raven, on behalf of an Emirati intelligence agency. The unit was largely comprised of former U.S. intelligence officials who conducted offensive cyber operations for the UAE government. Former Raven operatives told Reuters that many DarkMatter executives were unaware of the secretive program, which operated from a converted Abu Dhabi mansion away from DarkMatter's headquarters.

Those operations included hacking into the internet accounts of human rights activists, journalists and officials from rival governments, Reuters found. DarkMatter has denied conducting the operations and says it focuses on protecting computer networks. While Mozilla had been considering whether to grant DarkMatter the authority to certify websites as safe, two Mozilla executives said in an interview last week that Reuters' report raised concerns about whether DarkMatter would abuse that authority. Mozilla said the company has not yet come to a decision on whether to deny the authority to DarkMatter, but expects to decide within weeks. Further reading available via Reuters