Technology

Discover why following up with past prospects could be an easy win for your MSP.

Source: Easy MSP Wins in One Email - Technibble.com

Google has introduced Jpegli, a JPEG library for image encoding. The new library is intended to be faster, more visually pleasing, and more efficient than traditional JPEGs. Proponents of the technology said it has the potential to make the Internet faster and more beautiful.

Announced April 3 and accessible from GitHub, Jpegli maintains high backward compatibility while offering enhanced capabilities and a 35% compression ratio at high-quality compression settings, Google said. Jpegli works by using new techniques to reduce noise and improve image quality. New or improved features include adaptive quantization heuristics from the JPEG XL reference implementation, improved quantization matrix selection, calculation of intermediate results, and the possibility to use more advanced colorspace.

To read this article in full, please click here

GitHub Actions, an automated CI/CD platform for GitHub, has been enhanced for enterprise customers, with capabilities including stronger security and GPU-enhanced runners for machine learning.

GitHub announced updates to its hosted runner fleet for Actions on April 2.  To strengthen security, GitHub Actions now offers Azure private networking for GitHub-hosted runners. The feature combines compute-in-the-cloud with secure access and control over network security, eliminating the overhead of maintaining infrastructure. Hosted runners for every major operating system are intended to make it easy to build and test a project, which can be run directly on a virtual machine or a container.

To read this article in full, please click here

OpenTofu’s founders had a mission. Upset by HashiCorp licensing changes in August 2023 to its popular Terraform infrastructure-as-code tool, OpenTofu set out to be the “open source successor to the MPLv2-licensed Terraform,” further promising that it “will be community-driven, impartial, layered and modular, and backward-compatible.”

Hugely promising, but extraordinarily difficult to pull off. So difficult in fact, that OpenTofu may have illegally taken HashiCorp’s code to keep pace.

To read this article in full, please click here

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “The Manipulaters,” a sprawling web hosting network of phishing and spam delivery platforms. In January 2024, The Manipulaters pleaded with this author to unpublish previous stories about their work, claiming the group had turned over a new leaf and gone legitimate. But new research suggests that while they have improved the quality of their products and services, these nitwits still fail spectacularly at hiding their illegal activities.

In May 2015, KrebsOnSecurity published a brief writeup about the brazen Manipulaters team, noting that they openly operated hundreds of web sites selling tools designed to trick people into giving up usernames and passwords, or deploying malicious software on their PCs.

Manipulaters advertisement for “Office 365 Private Page with Antibot” phishing kit sold on the domain heartsender,com. “Antibot” refers to functionality that attempts to evade automated detection techniques, keeping a phish deployed as long as possible. Image: DomainTools.

The core brand of The Manipulaters has long been a shared cybercriminal identity named “Saim Raza,” who for the past decade has peddled a popular spamming and phishing service variously called “Fudtools,” “Fudpage,” “Fudsender,” “FudCo,” etc. The term “FUD” in those names stands for “Fully Un-Detectable,” and it refers to cybercrime resources that will evade detection by security tools like antivirus software or anti-spam appliances.

A September 2021 story here checked in on The Manipulaters, and found that Saim Raza and company were prospering under their FudCo brands, which they secretly managed from a front company called We Code Solutions.

That piece worked backwards from all of the known Saim Raza email addresses to identify Facebook profiles for multiple We Code Solutions employees, many of whom could be seen celebrating company anniversaries gathered around a giant cake with the words “FudCo” painted in icing.

Since that story ran, KrebsOnSecurity has heard from this Saim Raza identity on two occasions. The first was in the weeks following the Sept. 2021 piece, when one of Saim Raza’s known email addresses — bluebtcus@gmail.com — pleaded to have the story taken down.

“Hello, we already leave that fud etc before year,” the Saim Raza identity wrote. “Why you post us? Why you destroy our lifes? We never harm anyone. Please remove it.”

Not wishing to be manipulated by a phishing gang, KrebsOnSecurity ignored those entreaties. But on Jan. 14, 2024, KrebsOnSecurity heard from the same bluebtcus@gmail.com address, apropos of nothing.

“Please remove this article,” Sam Raza wrote, linking to the 2021 profile. “Please already my police register case on me. I already leave everything.”

Asked to elaborate on the police investigation, Saim Raza said he was freshly released from jail.

“I was there many days,” the reply explained. “Now back after bail. Now I want to start my new work.”

Exactly what that “new work” might entail, Saim Raza wouldn’t say. But a new report from researchers at DomainTools.com finds that several computers associated with The Manipulaters have been massively hacked by malicious data- and password-snarfing malware for quite some time.

DomainTools says the malware infections on Manipulaters PCs exposed “vast swaths of account-related data along with an outline of the group’s membership, operations, and position in the broader underground economy.”

“Curiously, the large subset of identified Manipulaters customers appear to be compromised by the same stealer malware,” DomainTools wrote. “All observed customer malware infections began after the initial compromise of Manipulaters PCs, which raises a number of questions regarding the origin of those infections.”

A number of questions, indeed. The core Manipulaters product these days is a spam delivery service called HeartSender, whose homepage openly advertises phishing kits targeting users of various Internet companies, including Microsoft 365, Yahoo, AOL, Intuit, iCloud and ID.me, to name a few.

A screenshot of the homepage of HeartSender 4 displays an IP address tied to fudtoolshop@gmail.com. Image: DomainTools.

HeartSender customers can interact with the subscription service via the website, but the product appears to be far more effective and user-friendly if one downloads HeartSender as a Windows executable program. Whether that HeartSender program was somehow compromised and used to infect the service’s customers is unknown.

However, DomainTools also found the hosted version of HeartSender service leaks an extraordinary amount of user information that probably is not intended to be publicly accessible. Apparently, the HeartSender web interface has several webpages that are accessible to unauthenticated users, exposing customer credentials along with support requests to HeartSender developers.

“Ironically, the Manipulaters may create more short-term risk to their own customers than law enforcement,” DomainTools wrote. “The data table “User Feedbacks” (sic) exposes what appear to be customer authentication tokens, user identifiers, and even a customer support request that exposes root-level SMTP credentials–all visible by an unauthenticated user on a Manipulaters-controlled domain. Given the risk for abuse, this domain will not be published.”

This is hardly the first time The Manipulaters have shot themselves in the foot. In 2019, The Manipulaters failed to renew their core domain name — manipulaters[.]com — the same one tied to so many of the company’s past and current business operations. That domain was quickly scooped up by Scylla Intel, a cyber intelligence firm that focuses on connecting cybercriminals to their real-life identities.

Currently, The Manipulaters seem focused on building out and supporting HeartSender, which specializes in spam and email-to-SMS spamming services.

“The Manipulaters’ newfound interest in email-to-SMS spam could be in response to the massive increase in smishing activity impersonating the USPS,” DomainTools wrote. “Proofs posted on HeartSender’s Telegram channel contain numerous references to postal service impersonation, including proving delivery of USPS-themed phishing lures and the sale of a USPS phishing kit.”

Reached via email, the Saim Raza identity declined to respond to questions about the DomainTools findings.

“First [of] all we never work on virus or compromised computer etc,” Raza replied. “If you want to write like that fake go ahead. Second I leave country already. If someone bind anything with exe file and spread on internet its not my fault.”

Asked why they left Pakistan, Saim Raza said the authorities there just wanted to shake them down.

“After your article our police put FIR on my [identity],” Saim Raza explained. “FIR” in this case stands for “First Information Report,” which is the initial complaint in the criminal justice system of Pakistan.

“They only get money from me nothing else,” Saim Raza continued. “Now some officers ask for money again again. Brother, there is no good law in Pakistan just they need money.”

Saim Raza has a history of being slippery with the truth, so who knows whether The Manipulaters and/or its leaders have in fact fled Pakistan (it may be more of an extended vacation abroad). With any luck, these guys will soon venture into a more Western-friendly, “good law” nation and receive a warm welcome by the local authorities.

Over the past decade, Rust has emerged as a language of choice for people who want to write fast, machine-native software that also has strong guarantees for memory safety.

Other languages, like C, may run fast and close to the metal, but they lack the language features to ensure program memory is allocated and disposed of properly. As noted recently by the White House Office of the National Cyber Director, these shortcomings enable software insecurities and exploits with costly real-world consequences. Languages like Rust, which put memory safety first, are getting more attention.

To read this article in full, please click here

Bun and HTMX are two of the most interesting things happening in software right now. Bun is an incredibly fast, all-in-one server-side JavaScript platform, and HTMX is an HTML extension used to create simple, powerful interfaces. In this article, we'll use these two great tools together to develop a full-stack application that uses MongoDB for data storage and Elysia as its HTTP server.

To read this article in full, please click here

Apache Spark is a data processing framework that can quickly perform processing tasks on very large data sets, and can also distribute data processing tasks across multiple computers, either on its own or in tandem with other distributed computing tools. These two qualities are key to the worlds of big data and machine learning, which require the marshalling of massive computing power to crunch through large data stores. Spark also takes some of the programming burdens of these tasks off the shoulders of developers with an easy-to-use API that abstracts away much of the grunt work of distributed computing and big data processing.

To read this article in full, please click here

• A near-Universal (Local) Linux Elevation of Privilege vulnerability
• TechCrunch informed AT&T of a 5 year old data breach
• Signal to get very useful cloud backups
• Telegram to allow restricted incoming
• HP exits Russia ahead of schedule
• Advertisers are heavier users of Ad Blockers than average Americans!
• The Google Incognito Mode Lawsuit
• Canonical fights malicious Ubuntu store apps
• Spinrite update
• A Cautionary Tale

Show Notes - https://www.grc.com/sn/SN-968-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• 1bigthink.com
• kolide.com/securitynow
• Melissa.com/twit
• vanta.com/SECURITYNOW

Bun 1.1, the latest version of the Bun toolkit and drop-in Node.js replacement for building, testing, and running JavaScript and TypeScript, now supports Windows 10. The latest version is also more compatible with Node.js.

To read this article in full, please click here

2023 has been a breakout year for developers and generative AI. GitHub Copilot graduated from its technical preview stage in June 2022, and OpenAI released ChatGPT in November 2022. Just 18 months later, according to a survey by Sourcegraph, 95% of developers report they use generative AI to assist them in writing code. Generative AI can help developers write more code in a shorter space of time, but we need to consider how much of a good thing that may be.

To read this article in full, please click here

Talk to anybody about generative AI in the cloud, and the conversation goes quickly to GPUs (graphics processing units). But that could be a false objective. GPUs do not matter as much as people think they do, and in a few years, the conversation will likely shift to what is much more critical to the development and deployment of generative AI systems in the cloud.

The current assumption is that GPUs are indispensable for facilitating the complex computations required by generative AI models. While GPUs have been pivotal in advancing AI, overemphasizing them might detract from exploring and leveraging equally effective and potentially more sustainable alternatives. Indeed, GPUs could quickly become commodities like other resources that AI systems need, such as storage and processing space. The focus should be on designing and deploying these systems, not just the hardware they run on. Call me crazy.

To read this article in full, please click here

It’s hard to believe that the agile software development methodology officially turned 20 years old last year. What once was an outlying practice for startups collaborating in colocated spaces with stickies and whiteboards is now a sophisticated, scalable, and widely used set of agile software development processes and tools.

There’s a rich history behind agile software development and why organizations use agile methods such as scrum and kanban to modernize applications, improve customer experience, and implement digital transformations. There’s also a tremendous body of knowledge around these methodologies and their intersections with design thinking, product management, and devops. Fewer people today ask, “What is agile?” More are seeking guidance for how to align their teams on agile best practices.

To read this article in full, please click here

Google has announced plans to eventually merge its Angular and Wiz web frameworks. The company says it is already looking for ways that Angular could benefit from Wiz's superior performance, while Wiz could benefit from Angular's focus on developer experience.

In a blog post posted by the Angular team on March 30, proponents said that Angular and Wiz were “better together.” The merge will happen "gradually and responsibly" over the coming years, according to the post. Google’s strategy is to steadily open-source Wiz features via Angular and follow an open model of development. A public RFC (request for comment) process will ensure community feedback is gathered on relevant proposed features. The primary goal of the merge is to improve the Angular framework.

To read this article in full, please click here

The latest version of the web rendering engine Babylon.js has arrived with performance and rendering enhancements to support 3D capabilities and more.

Version 7.0 of the rendering and game engine was announced on March 28. Directions for getting started with Babylon.js can be found on GitHub.

Procedural geometry in version 7.0, also called Node Geometry, lets users create complex geometry at runtime or build time. This removes the need to download large 3D assets. Instead, local machines or devices can use the CPU to create these assets.

To read this article in full, please click here

Even with all of the advances in IT, whether it’s modular hardware, massive cloud computing resources, or small-form-factor edge devices, IT still has a scale problem. Not physically—it’s easy to add more boxes, more storage, and more “stuff” in that respect. The challenge with scale is getting your operations to work as intended at that level, and it starts with making sure you can build, deploy, and maintain applications effectively and efficiently as you grow. This means that the basic building block of devops, the operating system, needs to scale—quickly, smoothly, and seamlessly.

To read this article in full, please click here

One of the hardest parts of building software is choosing your technology stack. You have to pick a tool or framework to get started, but you can’t know its real capabilities until you’ve worked with it for a while. It’s a Catch-22, and prototyping only helps so much. There is a tendency to stick to the same familiar technologies you’ve used in the past, but this has obvious drawbacks, including missing out on important innovations.

This article is an overview and comparison of the leading front-end JavaScript frameworks at the time of this writing. We’ll start with a look at the field, discuss the reasons you might need a new framework, and then look at each of the 10 frameworks in this list in detail, including a feature-by-feature comparison that you can download for future reference.

To read this article in full, please click here

Continuous integration (CI) and continuous delivery (CD), also known as CI/CD, embodies a culture and set of operating principles and practices that application development teams use to deliver code changes both more frequently and more reliably.

CI/CD is a best practice for devops teams. It is also a best practice in agile methodology. By automating code integration and delivery, CI/CD lets software development teams focus on meeting business requirements while ensuring that software is high in quality and secure.

To read this article in full, please click here

Recently Redis changed its license, and mountains of misinformation have followed, not to mention a fork driven by trillion-dollar cloud company AWS. Among that misinformation is Steven J. Vaughn-Nicols’ earnest but incorrect declaration that the Redis change “means developers can no longer use Redis’ code.”

This is simply not true. For 99.9999999999999% of developers, their rights under the license remain exactly the same as they would under the most permissive of open source licenses. What it does mean is that trillion-dollar cloud companies like AWS can no longer take Redis’s code without contributing back.

To read this article in full, please click here