An anonymous reader writes: Researchers have detected a new worm that is spreading via SMB, but unlike the worm component of the WannaCry ransomware, this one is using seven NSA tools instead of two. Named EternalRocks, the worm seems to be in a phase where it is infecting victims and building its botnet, but not delivering any malware payload.

EternalRocks is far more complex than WannaCry's SMB worm. For starters, it uses a delayed installation process that waits 24 hours before completing the install, as a way to evade sandbox environments. Further, the worm also uses the exact same filenames as WannaCry in an attempt to fool researchers of its true origin, a reason why the worm has evaded researchers almost all week, despite the attention WannaCry payloads have received.

Last but not least, the worm does not have a killswitch domain, which means the worm can't be stopped unless its author desires so. Because of the way it was designed, it is trivial for the worm's owner to deliver any type of malware to any of the infected computers. Unfortunately, because of the way he used the DOUBLEPULSAR implant, one of the seven NSA hacking tools, other attackers can hijack its botnet and deliver their own malware as well. IOCs are available in a GitHub repo.
Ars Technica quotes security researchers who say "there are at least three different groups that have been leveraging the NSA exploit to infect enterprise networks since late April... These attacks demonstrate that many endpoints may still be compromised despite having installed the latest security patch."

Long-time Slashdot reader AmiMoJo writes: The European Parliament has passed draft rules mandating 'content portability', i.e. the ability to take your purchased content and services across borders within the EU. Freedom of movement rules, which allow EU citizens to live and work anywhere in the EU, require that the individual is able to take their life with them -- family, property, and services. Under the new rules, someone who pays for Netflix or BBC iPlayer and then moves to another EU country will retain access to those services and the same content they had previously. Separately, rules to prevent geofencing of content within the EU entirely are also moving forward.

An anonymous reader writes: Time magazine ran a cover story about "a dangerous new route for antidemocratic forces" -- social media. "Using these technologies, it is possible to undermine democratic government, and it's becoming easier every day," says Rand Waltzman of the Rand Corp., who ran a major Pentagon research program to understand the propaganda threats posed by social media technology." The article cites current and former FBI and CIA officials who now believe Russia's phishing emails against politicians were "just the most visible battle in an ongoing information war against global democracy." They cite, for example, a March report by U.S. counterintelligence which found "Russians had sent expertly tailored messages carrying malware to more than 10,000 Twitter users in the Defense Department." Each message contained links tailored to the interests of the recipient, but "When clicked, the links took users to a Russian-controlled server that downloaded a program allowing Moscow's hackers to take control of the victim's phone or computer -- and Twitter account...

"In 2016, Russia had used thousands of covert human agents and robot computer programs to spread disinformation referencing the stolen campaign emails of Hillary Clinton, amplifying their effect. Now counterintelligence officials wondered: What chaos could Moscow unleash with thousands of Twitter handles that spoke in real time with the authority of the armed forces of the United States?" The article also notes how algorithms now can identify hot-button issues and people susceptible to suggestion, so "Propagandists can then manually craft messages to influence them, deploying covert provocateurs, either humans or automated computer programs known as bots, in hopes of altering their behavior. That is what Moscow is doing, more than a dozen senior intelligence officials and others investigating Russia's influence operations tell Time."
The article describes a Russian soldier in the Ukraine pretending to be a 42-year-old American housewife. Meanwhile, this week Time's cover shows America's White House halfway-covered with Kremlin-esque spires -- drawing a complaint from the humorists at Mad magazine, who say Time copied the cover of Mad's December issue.

After Thursday's net neutrality vote, two security guards pinned a reporter against a wall until FCC Commissioner Michael O'Rielly had left the room, the Los Angeles Times reports. The Writers Guild of America calls the FCC's 2-to-1 vote to initiate a repeal of net neutrality rules a "war on the open internet," according to The Guardian. But the newspaper now predicts that online activists will continue their massive campaign "as the month's long process of reviewing the rules begins." The Hill points out that Mozilla is already hiring a high-profile tech lobbyist to press for both cybersecurity and an open internet, and in a blog post earlier this week the Mozilla Foundation's executive director sees a larger movement emerging from the engagement of millions of internet users. Today's support for net neutrality isn't the start of the Internet health movement. People have been standing up for an open web since its inception -- by advocating for browser choice, for open source practices, for mass surveillance reform. But net neutrality is an opportunity to propel this movement into the mainstream... If we make Internet health a mainstream issue, we can cement the web as a public resource. If we don't, mass surveillance, exclusion and insecurity can creep into every aspect of society. Hospitals held hostage by rogue hackers can become the status quo.
Meanwhile, The Guardian reports that it's not till the end of the FCC's review process that "a final FCC vote will decide the future of internet regulation," adding that however they vote, "court challenges are inevitable."

Would you let Delta airlines scan your face if it meant you could skip the line to check-in your baggage? An anonymous reader quotes CNN: Delta is testing a face-scanning kiosk for baggage check... It uses facial recognition technology to match your identity to your passport photo. You tag your own bags, pay the fee and drop your luggage on a conveyor belt... Delta will test four of the machines at Minneapolis-St. Paul International Airport this summer. The airline spent $600,000 on the four kiosks.
A senior staff attorney at the EFF warns this could be a slippery slope -- at what point this morphs into airline surveillance? But a Delta spokerspeson insists the images won't be stored, that they're complying with privacy laws, and that the kiosks could double the number of passengers whisking through their check-in procedures.