Technology

This large computer company is months into a new contract to replace IT equipment at a major government agency, says a pilot fish on the team.

But then a problem shows up. "With hundreds of desktops deployed and many hundreds more on order to be shipped, the manager at the configuration center reports system crashes frequently observed during testing after setup," fish says.

In fact, crashes are happening so often that fish is ordered to implement a complete retrofit plan for the desktops that are already in the field -- even though those deployed units haven't had a single failure.

Thus begins a series of daily phone conferences with a huge number of managers and technical staff, with rumors of VPs listening on mute.

Encrypted collaboration app Wickr has added a feather to its cap with a partnership with Psiphon, provider of smart VPN tools. Wickr will use Psiphontech to guarantee your packets get where they need to go regardless of whether you&re at home, at a cafe with bad wi-fi, or at a cafe with bad wi-fi in China.

The idea is that the user shouldn&t have to be auditing their own connection to be sure their apps will work properly. That can be a matter of safety, such as a poorly secured access point; connectivity, such as one where certain ports or apps are inoperable; or censorship, like requesting data from a service banned in the country you&re visiting.

Wickr already encrypts all your traffic, so there are no worries on that account, but if the connection you&re using were to block video calls or certain traffic patterns, therenot much the company can do about that.

Psiphon, however, is in the business of circumventing deliberate or accidental blockages with a suite of tools that analyze the network and attempt to find a way to patch you through. Whether thatanonymizing your traffic, bouncing it off non-blocked servers, doing automatic port forwarding, or some other method, the idea is the packets get through one way or another.

Therea cost in latency and throughput, of course, but while that may matter for online gaming or video streaming, itfar less important for something like uploading an image, chatting with colleagues, and the other functions that Wickr provides. At all events you can turn the feature on or off at will.

There will be a monetary cost too, of course, in the form of premiums added to paid plans. Enterprise customers will be the first to receive the Psiphon-powered traffic handling, today in fact, and the feature will then trickle its way down to other paid users and free users over the next few weeks.

Hackers that targeted a Democratic senator up for reelection this year may have left behind clues in their attack that further suggest Russian involvement.

The office of Claire McCaskill, a Missouri senator, was targeted in an apparent targeted phishing attack from a fake Microsoft domain that the software giant later seized pursuant to a court order. The Daily Beast reported that a then-McCaskill staffer was the target of the attack, which was attributed to hackers linked to Russian intelligence— largely because the effort was similar to the phishing attack on Hillary Clintoncampaign chair John Podesta, whose account was successfully breached and emails were shared with WikiLeaks.

Now, new research suggests that the phishing page used in the McCaskill attack contains language-specific code references that lends further credence that Russian hackers were involved.

When the hackers built the phishing page used to trick the McCaskill staffer, they scraped the code from a legitimate Microsoft login page that staff would use to log into their network. That code included a browser-generated link of the original web page that was scraped, the research said. That link appended a language marker at the end which varies depending on which country the user is located in the world — such as &gb& for the UK, or &fr& for France.

Because the language tag was &ru&, which researchers say shows that the code was likely scraped from a user in Russia.

Yonathan Klijsnma, threat researcher at RiskIQ, said that in many cases hackers won&t build a phishing page from scratch but will simply copy and save the page ittrying to imitate. In doing so, any saved language tags embedded in the code &can be a crucial clue in connecting operators with their malicious campaigns.&

Klijsnma said these tags are often overlooked by the hackers. That which resulted in a sloppy phishing page that was saved by RiskIQvast internet crawling operation.

Although McCaskill, a vocal Russia critic, confirmed the &unsuccessful& attempted hack in a press release in July that she attributed to Russia, a spokesperson for McCaskill declined to comment further when reached Wednesday prior to publication.

In an additional twist, Klijsnma also found that the same Russian hackers also targeted reporter Serhiy Drachuk, whose work has long criticized of the Russian regime. Code from the page that was used in the McCaskill phishing attempt contained leftover references to the journalistwork email address, which was previously accessed by the hackers.

We reached out to Serhiy Drachuk for comment, but did not hear back by the time of writing.

Itthe latest in a long string of cyberattacks and phishing efforts to target US political institutions before and during the 2016 presidential election and later. Just this week, Democratic National Committee officials said they thwarted an attempt to access their voter database. It comes hot on the heels of Microsoftannouncement that it prevented a Russian-backed advanced persistent threat group known as Fancy Bear (or APT28) to steal data from political organizations.