US Air Force deploys robot security dogs to guard base
Do they byte?
In Brief Tyndall Air Force Base in Florida is now guarded by robotic canines that will patrol the area before popping back to their kennels for a recharge.
Over the past year the 325th Security Forces Squadron have been trialing the security robots via a so-called "3D Virtual Ops Center," where the hardware hounds patrol the grounds and feed back data to central command.
"These robot dogs will be used as a force multiplier for enhanced situational awareness by patrolling areas that aren’t desirable for human beings and vehicles," said Major Jordan Criss, 325th Security Forces Squadron commander.
"We will be able to drive them in a virtual reality headset within our Base Defense Operations Center. We will be able to see exactly what the robot dog is detecting through its mobile camera and sensor platform if desired, we will also be able to issue verbal commands to a person or people through a radio attached to the dogs."
No offensive capability has been built into these puppies, however, they're strictly monitoring only.
Managed.com not managing
It has been a bad week for web host Managed.com after what it called a "coordinated ransomware campaign" on November 16 that led to the closure of the service.
"To ensure the integrity of our customers' data, the limited number of impacted sites were immediately taken offline," the biz told customers, according to an email seen by The Reg.
"Upon further investigation and out of an abundance of caution, we took down our entire system to ensure further customer sites were not compromised. Our Technology and Information Security teams are working diligently to eliminate the threat and restore our customers to full capacity."
The ransomware operators, reportedly using REvil, are asking for $500,000 for the decryption keys. They might well get it too - a study this week from security shop Crowdstrike found 27 per cent of companies paid ransom demands, with payouts averaging $1.1m.
Critical Cisco flaws cripple security management
It has been a bad week for Cisco, with a host of critical flaws uncovered in some key systems.
Most embarrassing is a 9.1 CVSS-scoring cock-up in Cisco Security Manager, allowing a remote, unauthenticated attacker to get in via dodgy validation of directory traversal character sequences.
More serious, however, are issues with Cisco's Integrated Management Controller and IoT Field Network Director (both earning a whopping 9.8 score) and a slightly less serious command injection vulnerability in the networking king's DNA Spaces Connector. None of the flaws have workarounds, so it's patch or be damned.
To cap it all Webex has also had to release a trio of patches at a time when videoconferencing demand is peaking. Code errors would allow an attacker to get around its authentication systems, spy on a call's audio, and scan pre-call meeting rooms for useful data.
Missile guidance software flies to China
Cisco isn't alone in this however. US military contractor Raytheon has seen its second serious info-leak of the year when a former employee was imprisoned for passing top intel to China.
Former electrical engineer Wei Sun, 49, was sentenced to over three years in prison after pleading guilty to one felony count of violating the Arms Export Control Act (AECA).
After a decade at the firm, the engineer went to China around Christmas last year and took his work laptop with him. Details on missile guidance systems were then transferred to the Chinese government.
"Sun was a highly skilled engineer entrusted with sensitive missile technology that he knew he could not legally transfer to hostile hands," said Assistant Attorney General John Demers.
"Nevertheless, he delivered that controlled technology to China. Today's sentence should stand as a warning to others who might be tempted similarly to put the nation's security at risk." ®