DARPA has created a self-guided bullet

image
An depiction of the EXACTO .50 caliber bullet (Source: DARPA)

The U.S. government says it has developed the first ever self-guided bullets that can lock onto a target more than a mile away and maneuver midflight in order to hit its mark.

The .50 caliber target tracking bullets, dubbed Extreme Accuracy Tasked Ordnance (EXACTO), are designed for military snipers, who must deal with changes in wind, light and ambient heat as they fire on a target.

The EXACTO technology is being developed by Teledyne Scientific and Imaging with funding from the Defense Advanced Research Projects Agency (DARPA), which researches new military technologies and is known as a key developer of the Internet.

The EXACTO round and optical sighting technology is expected to greatly extend day and nighttime range over current state-of-the-art sniper systems, DARPA said in a statement on its website. The system combines the maneuverable bullet with a real-time laser-guidance system to track and deliver the projectile to the target.

The EXACTO rounds, which are accurate up to 1.2 miles, are guided to laser-marked targets and should help snipers work farther away from intended marks, and therefore avoid detection after firing, DARPA stated.

While DARPA claims EXACTO is the first self-guided bullet, Sandia National Laboratories (SNL) announced in 2012 that it had successfully fired a prototype self-guided bullet.

SNL’s dart-like, self-guided bullet is four inches long and also uses an optical sensor in its nose to detect a laser guidance system that must remain on target for the bullet to track.

For more information and a video demonstration follow the source link below.

Source: Computerworld

Advertisements

Crooks Seek Revival of ‘Gameover Zeus’ Botnet

image

Cybercrooks today began taking steps to resurrect the Gameover ZeuS botnet, a complex crime machine that has been blamed for the theft more than $100 million from banks, businesses and consumers worldwide. The revival attempt comes roughly five weeks after the FBI joined several nations, researchers and security firms in a global and thus far successful effort to eradicate it.

The researchers who helped dismantle Gameover Zeus said they were surprised that the botmasters didn’t fight back. Indeed, for the past month the crooks responsible seem to have kept a low profile.

But that changed earlier this morning when researchers at Malcovery [full disclosure: Malcovery is an advertiser on this blog] began noticing spam being blasted out with phishing lures that included zip files booby-trapped with malware.

Looking closer, the company found that the malware shares roughly 90 percent of its code base with Gameover Zeus. Part of what made the original GameOver ZeuS so difficult to shut down was its reliance in part on an advanced peer-to-peer (P2P) mechanism to control and update the bot-infected systems.

But according to Gary Warner, Malcovery’s co-founder and chief technologist, this new Gameover variant is stripped of the P2P code, and relies instead on an approach known as fast-flux hosting. Fast-flux is a kind of round-robin technique that lets botnets hide phishing and malware delivery sites behind an ever-changing network of compromised systems acting as proxies, in a bid to make the botnet more resilient to takedowns.

Like the original Gameover, however, this variant also includes a “domain name generation algorithm” or DGA, which is a failsafe mechanism that can be invoked if the botnet’s normal communications system fails. The DGA creates a constantly-changing list of domain names each week (gibberish domains that are essentially long jumbles of letters).

In the event that systems infected with the malware can’t reach the fast-flux servers for new updates, the code instructs the botted systems to seek out active domains from the list specified in the DGA. All the botmasters need to do in this case to regain control over his crime machine is register just one of those domains and place the update instructions there.

Warner said the original Gameover botnet that was clobbered last month is still locked down, and that it appears whoever released this variant is essentially attempting to rebuild the botnet from scratch. “This discovery indicates that the criminals responsible for Gameover’s distribution do not intend to give up on this botnet even after suffering one of the most expansive botnet takeovers and takedowns in history,” Warner said.

Gameover is based on code from the ZeuS Trojan, an infamous family of malware that has been used in countless online banking heists. Unlike ZeuS — which was sold as a botnet creation kit to anyone who had a few thousand dollars in virtual currency to spend — Gameover ZeuS has since October 2011 been controlled and maintained by a core group of hackers from Russia and Ukraine. Those individuals are believed to have used the botnet in high-dollar corporate account takeovers that frequently were punctuated by massive distributed-denial-of-service (DDoS) attacks intended to distract victims from immediately noticing the thefts.

According to the Justice Department, Gameover has been implicated in the theft of more than $100 million in account takeovers. According to the U.S. Justice Department, the author of the ZeuS Trojan (and by extension the Gameover Zeus malware) is allegedly a Russian citizen named Evgeniy Mikhailovich Bogachev.

For more details, check out Malcovery’s blog post about this development.

For more information follow the source link below. 

Source: Krebs on Security

Automotive Grade Linux Delivers Open Automotive Software Stack for the Connected Car

image

SAN FRANCISCO and TOKYO (AUTOMOTIVE LINUX SUMMIT), June 30, 2014 – Automotive Grade Linux (AGL), a collaborative open source project developing a common, Linux-based software stack for the connected car, today announced that its first open source software release is available for download, bringing the industry one step closer to achieving a standard Linux-based software platform for the connected car.

AGL is building the industry’s only fully open automotive platform, allowing automakers to leverage a growing software stack based on Linux while retaining the ability to create their own branded user experience. Standardizing on a single platform means the industry can rapidly innovate where it counts to create a safe and reliable connected car experience. Open collaboration within the AGL community means support for multi-architectures and features to bolster the in-vehicle infotainment (IVI) experience.

“Openness and collaboration are key to accelerating the development of a common, standard automotive platform so the industry can more quickly achieve its vision of delivering the connected car,” said Dan Cauchy, general manager of automotive, The Linux Foundation. “This AGL release is a great step forward and the community is already looking to build on its work to address a number of additional capabilities and features in subsequent releases. With AGL at the core, the industry will be able to more rapidly innovate and evolve to meet customer needs.”

AGL builds on top of Tizen IVI and adds key applications developed in HTML5 and JavaScript into a single open source reference platform. 

See slideshow of AGL key features including:

• Home Screen
• Dashboard
• Google Maps
• HVAC
• Media Playback
• News Reader (AppCarousel)
• Audio Controls
• Bluetooth Phone
• Smart Device Link Integration

Each component includes a detailed Design Requirements Document (DRD) with descriptions, use cases, HMI flows, graphical assets, architecture diagrams and more. AGL code, DRDs and more are all available on the AGL wiki to give anyone the background and tools needed to use the software and start contributing to the project.

“Using AGL means the industry benefits from the stability and strength of a common Linux distribution, Tizen IVI, at the core while bringing their own unique applications and functionality to market faster,” said Rudolf Strief, director of embedded solutions, The Linux Foundation. “Collaborating within the AGL community helps the industry avoid fragmentation that can waste time and R&D resources that could be put to better use innovating on safety and reliability for drivers.”

AGL is free to download and anyone can participate in the open source community. Learn more: http://automotive.linuxfoundation.org/

For more information follow the source link below.

Source: Linux Foundation