Russia’s Grizzly Steppe gunning for vulnerable routers

By John E Dunn

The Russian Government’s hackers – codenamed “Grizzly Steppe” – stand accused of trying to turn millions of routers against their owners.

After the stream of recent accusations levelled by cyber-authorities in the US, UK and Australia, it was probably inevitable that Russia would be formally accused of targeting network infrastructure at some point.

That happened yesterday, in the bludgeoning coordinated style that now marks out every official statement regarding Russia and cyberwarfare.

Stated US-CERT:

Since 2015, the US Government received information from multiple sources – including private and public-sector cybersecurity research organizations and allies – that cyber actors are exploiting large numbers of enterprise-class and SOHO/residential routers and switches worldwide.

These operations enable espionage and intellectual property that supports the Russian Federation’s national security and economic goals.

In fact, Grizzly Steppe was first mentioned in late 2016 when the FBI published its first report on the group’s alleged activities.

There will perhaps be two public reactions to this remarkable accusation, the first being to wonder what routers are and why they matter so much that Russia would want to target them.

The second may be to wonder why it has taken these countries so long to point out the phenomenon of coordinated router compromise – something that a variety of groups have been engaged in for at least a decade without much fuss being made about it.

In case the alert sounds a bit vague, the UK National Cyber Security Centre (NCSC) followed up the warnings with a document explaining in some detail the hardware weaknesses the Russians are alleged to be exploiting.

Read more at https://nakedsecurity.sophos.com/2018/04/18/russias-grizzly-steppe-gunning-for-vulnerable-routers/

Why ‘remote detonator’ is a bad name for your Wi-Fi network

By Lisa Vaas

Tell us, XFINITY, CableWiFi and HOME-7F0C-2.4, did it ever occur to you that your Wi-Fi names are really, really boring?

No offense, though! Generic is good! It’s so much better than “Quick, everybody out, NOW – before somebody connects to ‘remote detonator’!!!”

As the Michigan news site M Live reports, a patron of a Planet Fitness in Saginaw Township was looking through available Wi-Fi connections on Sunday evening when he noticed one named just that – “remote detonator.”

He brought it to the attention of the manager, who promptly evacuated the 24-hour gym and called police. According to Saginaw Township Police Chief Donald Pussehl, a bomb-sniffing dog made a sweep of the premises, but it didn’t turn up any explosives.

Nothing can be done to make the Wi-Fi naming wit change his or her alarming network name, Pussehl said: it’s speech that’s protected under the First Amendment. Pussehl:

Everything is perfectly legal from a police standpoint. There was no crime or threat. No call saying there was a bomb.

Read more at https://nakedsecurity.sophos.com/2018/04/18/why-remote-detonator-is-a-bad-name-for-your-wi-fi-network/

Silence! Chrome hushes noisy autoplaying videos

By Lisa Vaas

On Tuesday, Google launched Chrome 66 for Windows, Mac, Linux, Android and iOS.

With the new browser comes blissful quiet: Google is muting all autoplay content by default, thus giving people the option to turn off one of today’s most annoying aspects of going online. The update also includes a passwords export feature, security improvements and new developer features.

You can update to the latest Chrome version now via the browser’s built-in updater or download it from google.com/chrome.

Google originally planned for autoplay mute to arrive in Chrome 64, which introduced autoplay settings on a per-site basis, but it didn’t happen for reasons Google didn’t specify.

Now, however, all users are getting the feature, be they on mobile or desktop. In September, Google said the move is meant to address one of the most frequent user concerns – unexpected media playback, “which can use data, consume power, and make unwanted noise while browsing.”

The new autoplay blocking feature adds to Google’s existing ban on video, pop-up and intrusive advertisements, which it began to block on 15 February from within its browser on both desktop and mobile. As we noted at the time, that ad filter wasn’t an adblocker, and Google didn’t describe it as one. Rather, it was meant as a way to keep people from wanting to install an adblocker in the first place, by keeping these kinds of annoying ads out of people’s faces:

• Flashing animated ads (mainly a problem for mobile users)
• Large prestitial ads that cover the whole screen (a particular problem for mobile users)
• Auto-playing video ads with sound that catch users off guard
• Postitial ads that delay readers with countdown timers
• Sticky ads that hang around even when the reader scrolls

Read more at https://nakedsecurity.sophos.com/2018/04/19/silence-chrome-hushes-noisy-autoplaying-videos/