How e-cigarettes can be used to hack computers even if a vape pen seems like it’s simply charging, it could actually be compromising your computer, security researchers warn.
Security researchers have demonstrated How e-cigarettes can be used to hack computers
With only minor modifications, the vape pen can be used by attackers to compromise the computers they are connected to, even if it seems just like they are charging.
This warning How e-cigarettes can be used to hack computers was given by researchers
Giving a presentation at BSides London, Ross Bevington showed how an e-cigarette could be used to attack a computer by fooling the computer to believe it was a keyboard or by tampering with its network traffic.
While Mr Bevington’s particular form of attack required the victim’s machine to be unlocked, that was not the case for all attacks.
“PoisonTap is a very similar style of attack that will even work on locked machines,” Mr Bevington told Sky News.
Another hacker and researcher known as Fouroctets published a proof-of-concept video which showed arbitrary commands being entered into his unlocked laptop just after plugging in a vape pen to charge.
Speaking to Sky News, Fouroctets said he had modified the vape pen by simply adding a hardware chip which allowed the device to communicate with the laptop as if it were a keyboard or mouse.
A pre-written script that was saved on the vape made Windows open up the Notepad application and typed “Do you even vape bro!!!!”
The script could have been modified to do something much more malicious, however.
Fouroctets showed Sky News how, using less than 20 lines of code, the computer could be made to download an arbitrary and potentially dangerous file and run it.
While e-cigarettes could be used to deliver malicious payloads to machines, there is usually very little space available on them to host this code.
“This puts limitations on how elaborate a real attack could be made,” said Mr Bevington.
“The WannaCry malware for instance was 4-5MB, hundreds of times larger than the space on an e-cigarette.
That being said, using something like an e-cigarette to download something larger from the Internet would be possible.”
The best way to protect against these kind of attacks is to ensure that your machine has updated its security patches, said Mr Bevington, and to “have a good password and lock your machine when you leave it”.
“If you run a business you should invest in some kind of monitoring solution that can alerted your security team when something like this attack occurs,” he said.
“In all cases, be wary if someone wants to plug something into your machine.”
Police faced a horrific and confusing scene, with stab victims in the street and reports suicide attackers were on the loose.
One of the first police officers on the scene of the London Bridge attack has described the “pandemonium” as people ran for their lives while others lay bleeding on the ground.
Inspector Jim Cole said he and his team were about to clock off at Peckham police station when the call came in.
He said he immediately clicked that it could be a terror attack.
“We ran down to the yard and started getting the team back in the vans,” he said.
“It was like something out of a movie with police officers running everywhere. Everybody was jumping into cars, getting cars going.”
The 41-year-old and his officers rushed to Borough High Street and made their way on foot to the market where the attackers were looking for people to kill.
“We had some updates on the radio about at least three men attacking people with knives, but it wasn’t really a clear situation and we were not really sure what to expect,” he said.
The ringleader of the London Bridge terror attack was so open about his extremist views that he appeared in a fly-on-the-wall documentary entitled The Jihadis Next Door, it emerged on Monday.
London Bridge attackers Rachid Redouane, Khuram Butt and Youssef Zaghba
Khuram Butt, 27, a British national who was born in Pakistan, was filmed praying in front of an Isil flag in London’s Regent’s Park as part of a controversial Channel 4 programme that was broadcast in January last year.
By the time the documentary went out, the father of two had already been under investigation by the police and MI5 for six months.
The second terrorist was named as Rachid Redouane, 30, who police said had claimed to be both Moroccan and Libyan. He was also known to use the name Rachid Elkhdar, and was understood to be in possession of an Irish identity card when he was shot dead by police. Redouane, who was married to a British woman and had a daughter with her, is thought to have lived in Dublin previously. It was not clear when or how he arrived in the UK.
London Bridge attackers Rachid Redouane, Khuram Butt and Youssef Zaghba
Redouane, a chef, was seen visiting his wife, Charisse, only three hours before he and his two accomplices carried out the attack, neighours said.
He and his wife are reported to have split up over their differing views on religion, after they clashed over the best way to raise their child.
Police said while they believed they knew who the third terrorist was they were still working with international partners to formally identify him.
The disclosure that he is not British will raise questions about how recently he moved to the UK and under what circumstances he had entered the country.
At least a dozen Molotov cocktails were found in the van used by the attackers, according to reports last night. Officers are said to be treating the bottles filled with clear liquid as petrol bombs.
All 12 people arrested in east London on Sunday in relation to the London bridge attack have now been released without charge.
A vigil was held at London Bridge last night for the victims of the attack.
Seven people were killed in Saturday’s onslaught and 48 injured. Of those, 36 are still in hospital; 18 remain in a critical condition in the London bridge attack.
If the incident on Saturday night is confirmed as terrorism, it would mean the UK has faced three attacks in the space of less than three months following the Westminster and Manchester atrocities in March and May.
As the emergency unfolded, Scotland Yard issued a message urging members of the public in the affected areas to “run, hide and tell”.
The guidance was prepared by counter-terrorism police to set out the steps people should follow in the event of an attack in London.
After the bombing in Manchester, the official terror threat level was raised to the highest – critical – amid fears further attacks could be imminent.
It was the first time the assessment had reached the most serious rating for nearly a decade and a huge security response was activated, with military personnel drafted in to support police.
Last weekend the threat level was lowered to the second highest category of severe, meaning an attack was judged “highly likely”.
It was revealed following the Manchester blast that security services had foiled 18 plots in Britain since 2013, including five since the Westminster attack.
The threat being confronted by the UK’s counter-terrorism agencies is seen as unprecedented, with 500 active investigations involving 3,000 subjects of interest at any one time.
The “terrorist incidents” at London Bridge and Borough Market follow less than a fortnight after the terror bombing at the Ariana Grande concert in Manchester which killed 22 people – the worst terror attack in Britain for a decade.
Here is a timeline of recent Attack in London:
:: May 22 2017: Twenty-two people – including children – are killed and around 59 injured during a suspected terrorist bombing at a pop concert in Manchester.
Lone suicide bomber Salman Abedi detonated an improvised explosive device as crowds of music fans, many of them youngsters, left Manchester Arena following a performance by US artist Ariana Grande.
The Attack in London:: March 22 2017: Five people are killed when an Islamist extremist launched a car and knife attack in central London.
Khalid Masood drove a hire car over Westminster Bridge, near the Houses of Parliament, mounted the pavement and hit pedestrians before crashing into railings outside the Palace of Westminster.
He stabbed Pc Keith Palmer, 48, to death and also killed US tourist Kurt Cochran, Romanian tourist Andreea Cristea, 31, and Britons Aysha Frade, 44, and 75-year-old Leslie Rhodes. Masood was shot dead by police.
:: June 16 2016: Labour MP Jo Cox is murdered outside her constituency office in Batley, West Yorkshire.
The mother of two, 41, was shot and stabbed multiple times by right-wing extremist Thomas Mair. He was later handed a whole-life prison sentence for her murder.
:: December 5 2015: A lone attacker attempts to behead a passenger during an Islamic State-inspired rampage in the ticket hall of Leytonstone Underground station in east London.
Somali-born Muhiddin Mire targeted strangers at random during the attack before slashing fellow passenger Lyle Zimmerman, 56, with a knife.
The schizophrenic was sent to Broadmoor Hospital after being given a life sentence with a minimum term of eight years for attempted murder.
Attack in London: May 22 2013: Fusilier Lee Rigby is murdered by Islamic extremists Michael Adebolajo and Michael Adebowale.
The 25-year-old serviceman was walking near his barracks in Woolwich, south-east London, when the pair rammed him with a car before attempting to hack off his head with knives.
The killers were jailed for life at the Old Bailey in February 2014.
Attack in London: June 30 2007: Two men inspired by Islamist extremism ram a 4×4 laden with petrol and propane tanks into the main terminal of Glasgow Airport. One of the attackers died in the incident and five people were injured.
Attack in London: July 7 2005: Four suicide bombers kill 52 and injure hundreds of others in blasts on the London Underground network and a bus.
Twenty-six died in the bombing at Russell Square on the Piccadilly line, six in the bombing at Edgware Road on the Circle line, seven in the bombing at Aldgate on the Circle line, and 13 in the bombing on a bus at Tavistock Square.
Security experts say there are “clear code connections” between the global ransomware attack and a North Korea-linked group.
There is “strong” evidence to suggest a North Korea-linked group was behind last week’s global cyberattack, security experts say.
Simon Choi, director of South Korean anti-virus firm Hauri, said the code used in the attack shared many similarities with previous hacks attributed to North Korea-linked Lazarus Group.
The same collective is believed to have been behind the 2014 hack of Sony Pictures and is also suspected of previous attacks on the global financial system.
Mr Choi said: “I saw signs last year that the North was preparing ransomware attacks or even already beginning to do so, targeting some South Korean companies.”
He added that since 2013, hackers aligned to Pyongyang have been using malicious software to extort Bitcoin – the online currency demanded in last week’s WannaCry cyberattack.
Israeli-based security firm Intezer Labs said there were “clear code connections” between Lazarus and WannaCry, adding that the evidence “strongly suggests that these hacking tools were written or modified by the same author”.
Symantec and Kaspersky are investigating whether hackers from Lazarus Group were responsible for infecting an estimated 300,000 machines in 150 countries.
Their enquiries came as the White House said that paying ransom money to unlock files encrypted by the global cyberattack does not work.
Homeland security adviser Tom Bossett told reporters he is not aware of a case where transferring $300 (£232) in Bitcoin – the amount demanded from victims of last week’s attack – has “led to any data recovery”.
President Trump’s administration estimates that less than $70,000 (£54,285) has been paid to the criminals behind the ransomware so far.
During a White House briefing, Mr Bossert said no federal systems in the US had been affected by the malicious software.
He added that his British counterparts said they now had a “feeling of control” after the attack struck 47 NHS organisations.
Russia has denied it had anything to do with what Europol called the “largest ransomware attack observed in history”, and President Vladimir Putin described it as payback for the US intelligence services.
Mr Putin said: “A genie let out of a bottle of this kind, especially created by secret services, can then cause damage to its authors and creators.”
Meanwhile, the 22-year old computer expert who discovered the WannaCry’s hidden kill switch says he does not think of himself as a hero and was just as regard the global cyberattack”doing my bit to stop botnets”.
British-born Marcus Hutchins, who is currently working in Los Angeles, stumbled on the solution by accident while analysing a sample of the malicious code, and then spent three days fighting the ransomware worm.
Mr Hutchins’ manager at online security firm Kryptos Logic said he “not only saved the United States but also prevented further damage to the rest of the world”.
Global Hacking Attack Infects 57,000 Computers, NHS braced for possible repeat of cyberattack chaos on Monday
Global Hacking Attack Infects 57,000 Computers, almost 50 NHS trusts were hit by Friday’s cyberattack – and there are fears of fresh disruption today when people return to work.
Hackers exploit stolen US spy agency tools to launch massive cyber-attack on nearly 100 countries with Russia hit hard.
A global cyber-attack using hacking tools believed to have been created by the US National Security Agency (NSA) has infected tens of thousands of computers in nearly 100 countries.
Cyber-extortionists on Friday tricked victims into opening malicious malware attachments to spam emails that appeared to contain invoices, job offers, security warnings, and other legitimate files.
The ransomware then encrypted data on the computers, demanding payments of $300-$600 to restore access. Security researchers said they observed some victims paying via the digital currency bitcoin, though they did not know what percent had given in to the digital extortionists.
Researchers with security software maker Avast said they had observed 57,000 infections in 99 countries with Russia, Ukraine, and Taiwan the top targets.
The most disruptive attacks were reported in Britain, where hospitals and clinics were forced to turn away patients after losing access to computers.
“We are experiencing a major IT disruption and there are delays at all of our hospitals,” said the Barts Health group, which manages major London hospitals. Routine appointments had been cancelled and ambulances were being diverted to neighbouring hospitals.
International shipper FedEx Corp said some of its Windows computers were also infected.
James Scott, from the Washington DC-based Institute of Critical Infrastructure Technology, said ransomware emerged “as an epidemic” in 2016. He said the healthcare sector was particularly vulnerable because of poor digital security knowledge.
“The staff have no cyber-hygiene training, they click on phishing links all the time. The sad thing is they weren’t backing up their data properly either, so that’s a big problem. They should be doing that all the time,” Scott told Al Jazeera.
“Everyone’s vulnerable right now because you’re only as strong as your weakest link within your organisation from a cyber-perspective.”
Hackers appear to have begun the campaign by targeting organisations in Europe, said Vikram Thakur, research manager with security software maker Symantec.
By the time they turned their attention to the United States, spam filters had identified the new threat and flagged the ransomware-laden emails as malicious, Thakur said.
Private security firms identified the ransomware as a new variant of “WannaCry”, which has the ability to automatically spread across large networks by exploiting a known bug in Microsoft’s Windows operating system.
“Once it gets in and starts moving across the infrastructure, there is no way to stop it,” said Adam Meyers, a researcher with cyber-security firm CrowdStrike.
The hackers, who have not come forward to claim responsibility or otherwise been identified, likely made it a “worm”, or self-spreading malware, by exploiting a piece of NSA code known as “Eternal Blue”, which was released last month by a group known as the Shadow Brokers, researchers with several private cyber-security firms said.
“This is one of the largest global ransomware attacks the cyber-community has ever seen,” said Rich Barger, director of threat research with Splunk, one of the firms that linked WannaCry to the NSA.
The Shadow Brokers released Eternal Blue as part of a trove of hacking tools that they said belonged to the US spy agency.
On Friday, Russia’s interior and emergencies ministries, as well as the country’s biggest bank, Sberbank, said they were targeted. The interior ministry said on its website about 1,000 computers had been infected but it had localised the virus.
Although cyber-extortion cases have been rising for several years, they have to date affected small-to-mid-sized organisations, disrupting services provided by hospitals, police departments, public transportation systems and utilities in the United States and Europe.
The news is also likely to embolden cyber-extortionists when selecting targets, Chris Camacho, chief strategy officer with cyber intelligence firm Flashpoint, said.
“Now that the cyber criminals know they can hit the big guys, they will start to target big corporations. And some of them may not be well prepared for such attacks,” Camacho said.
HIV Life Expectancy ‘Near Normal’ Thanks To New Drugs. Young people on the latest HIV drugs now have near-normal life expectancy because of improvements in treatments, a study in The Lancet suggests.
Twenty-year-olds who started antiretroviral therapy in 2010 are projected to live 10 years longer than those first using it in 1996, it found.
Doctors say that starting treatment early is crucial to achieve a long and healthy life.
Charities say there are still too many people unaware they have the virus.
This is particularly true in the developing world, where the majority of HIV deaths occur because access to drugs is limited.
More effective prevention
The study authors, from the University of Bristol, said the extraordinary success of HIV treatments was a result of newer drugs having fewer side effects and being better at preventing the virus from replicating in the body.
It is also more difficult for the virus to build up a resistance to the most recent drugs.
Improved screening and prevention programmes and better treatment of health problems caused by HIV are thought to have helped, too.
But many people with HIV still do not live as long as expected, especially those infected through injecting drugs.
Antiretroviral therapy involves a combination of three or more drugs which block the normal progress of HIV (human immunodeficiency virus).
They have been called “one of the greatest public health success stories of the past 40 years”.
Drugs ‘do work’
Jimmy Isaacs, 28, discovered he had been infected with HIV by a former partner nearly three years ago.
He takes three drugs once a day at 18:00 and will continue to do so for the rest of his life.
“My health is absolutely fine. I’m eating healthily and drinking healthily,” he said.
“It doesn’t impact on my job and hasn’t impacted on my social life either.”
Although it took two changes of medication to find the right combination for him, he says he now has no side effects at all.
“I had heard a lot of bad stories about the drugs back in the ’90s – but when I did some research, I realised the drugs had completely changed.”
Not all his employers have been supportive since his diagnosis and he says that is down to ignorance.
His current employer has given him time off to tour the country and speak to students and school pupils about HIV prevention and treatment.
The researchers looked at 88,500 people with HIV from Europe and North America who had been involved in 18 studies.
They based their life-expectancy predictions on death rates during the first three years of follow-up after drug treatment was started.
They found that fewer people who started treatment between 2008 and 2010 died during this period compared with those who began treatment between 1996 and 2007.
The expected age at death of a 20-year-old patient starting antiretroviral therapy (ART) after 2008, with a low viral load and after the first year of treatment, was 78 years – similar to the general population.
What is antiretroviral therapy?
Antiretroviral therapy combines three or more drugs which stop the HIV virus from progressing
First used in 1996, it involves a combination of three or more drugs that stop the HIV virus from replicating
This means damage to the immune system caused by HIV can be prevented and it stops the disease spreading to others
More recent drugs are even more efficient and have fewer side effects
The World Health Organization recommends that antiretroviral therapy is started as soon as possible after diagnosis
Dr Michael Brady, medical director at the Terrence Higgins Trust, said the study showed how much things had changed since the start of the HIV epidemic in the 1980s.
But he said it also meant people aged over 50 now represented one in three of all those living with HIV.
“As it stands, the healthcare, social care and welfare systems simply aren’t ready to support the increasing numbers of people growing older with HIV.
“We need a new model of care to better integrate primary care with HIV specialist services, and we need a major shift in awareness and training around HIV and ageing, so that we’re ready to help older people live well in later life,” he said.
Prof Helen Stokes-Lampard, who chairs the Royal College of GPs, said: “It’s a tremendous medical achievement that an infection that once had such a terrible prognosis is now so manageable, and that patients with HIV are living significantly longer.
“We hope the results of this study go a long way to finally removing any remaining stigma associated with HIV, and ensuring that patients with HIV can live long and healthy lives without experiencing difficulties in gaining employment and – in countries where it is necessary – obtaining medical insurance.”
She said steps were being taken to increase appropriate HIV testing by GPs.
The proportion of people with undiagnosed HIV has fallen steadily over the past 20 years.
But one in eight people with HIV is still thought to remain undiagnosed.
OnePlus 5 Could Beat Samsung Galaxy S8 On Performance, if a new leak is to be believed.
There are plenty of ways to test how powerful a smartphone is, but the most popular method is benchmarking. This involves using software that pushes a handset’s processor to its limits, resulting in a final score that describes how well the phone performed. Geekbench does just that, and is one of the more popular benchmarking apps.
Excitingly, we may have some benchmarking details for the OnePlus 5 – before the phone has even been officially announced. GSMArena has received a screenshot of a Geekbench readout for the OnePlus 5 – a.k.a OnePlus A5000 – which it claims came from a “very credible source”. Naturally we can’t verify this information however, so take it with due caution. This could be very easily faked.
But if it’s real then it’s a serious win for the OnePlus 5. The handset managed an impressive 1963 single-core score and a similarly lofty 6687 multi-core score.
Ilkgun said Masood would spend hours lifting weights, never had any visitors during his three months in the flat, and was obsessed with having internet access in the flat. He said he believed this was so the terrorist could prepare and plan his attack.
When armed police entered the terrorist’s room they found pop music playing on a loop.
Ilkgun revealed Masood’s room, where he spent most of his time, was bare except for furniture and the gym equipment.
“He lived in his own tiny world, just the four walls of his room. The way he lived wasn’t healthy, he never saw daylight and he never went outside,” he said.
“He couldn’t find any reason to hold on to life.”
Masood also reportedly owed hundreds of pounds to the taxman and was being chased by HMRC at the time of his death.
His flatmates told the Mirror that Masood, who was then unemployed, was paying HMRC £100 a month over an unpaid tax bill.
They also claimed the terrorist would deliberately lock them out of the flat by bolting the front door.
The dementia robot which can help you find your keys, reminds you to book holidays and even talks about the weather… but can it REALLY rescue the elderly victims of Britain’s loneliness epidemic?
Mario’ has been designed to help people suffering from dementia
The £15,000 robot is being tested on people with early stages of the disease
The ‘revolutionary’ gadget has been designed to help keep minds active
But there are fears that Mario could result in reduced human contact
He can make small-talk about the weather, help you find your keys and prompt reminiscences of family holidays.
And Mario the robot has just one mission in life: to help people suffering from dementia.
The £15,000 device is now being tested in the homes of a handful of British patients, in the hope that it could eventually revolutionise the way sufferers are cared for.
Mario is designed to help keep his companion’s mind active – and to help stave off the loneliness that is linked to dementia.
But critics have questioned whether a robot can ever be an adequate substitute for genuine human contact.
Mario is being tested with people in the early stages of dementia in Stockport, Greater Manchester.
Andy Bleaden, the council official responsible for the pilot scheme, explained that the robot is being developed to engage with people on a deeper level than simply providing information such as the time, weather and forthcoming events.
He said: ‘We want to bring in a reminiscence tool that uses pictures from family photographs, weddings, holidays.’
Mario is also fitted with a sensor that it can use to find lost personal items such a TV remote control, keys and reading glasses, and it can call for emergency help if needed.
But its main aim is to provide companionship. More than a third of those suffering from dementia admit to feeling lonely, while one study found that elderly people who suffer loneliness have a 64 per cent greater risk of dementia.
Mario can already offer films, TV programmes and music through a touchscreen computer on his chest, but the aim is for him to engage in natural conversation.
How Mario helps patients remember
Mario could help jog a dementia patient’s memory by going through their family photos with them.
Rather than simply displaying a slideshow of images, the robot can be programmed to interact with their human companions, with each photo stored in its database accompanied by background information to prompt discussion.
Stockport Council project manager Andy Bleaden said: ‘Someone will be able to look at photos from Christmas ten years ago.
‘Then Mario would say, “Can you remember where this is? Can you remember who this is?” and be able to listen to the response.
‘Part of the work we’d have to do is populate the photos with data of where and when they were taken and who is in them.
‘People can then use the software to keep their remembrance skills going.’
‘People want to be able to ask what the weather is. That’s a big thing in England,’ Mr Bleaden said. ‘They want to be able to ask the time.’
It is hoped that the technology – also being piloted in Ireland and Italy – will help with the rising demand for dementia care, as the number of sufferers in the UK is predicted to hit one million by 2025.
George McNamara, of the Alzheimer’s Society, said: ‘Mario could be a game-changer for people with dementia. It shows the potential of technology to transform the quality of life, the enjoyment, the health of people with dementia. It could change the way we think of the kind of support that is available.’
But Dr Amanda Sharkey, of Sheffield University’s department of computer science, said the project raised fears over robots replacing human care.
She added: ‘The concerns are whether this is going to result in reduced human contact. Will people spend less time with the person because they think, “Oh, they’re being looked after by the robot”?’
Robosoft, the French makers of Mario, believe the cost of each robot could fall to about £5,000 if it is mass-produced.
And it is not the only robot being developed to help dementia sufferers: in Hong Kong, £5,000 cuddly robotic seals provide stimulation; in America, mechanical therapy cats costing just £80 have proved a success; and in Singapore a super-lifelike machine called Nadine is being developed as a companion.
Robots are also able to monitor patients’ physical and mental condition.