John McAfee, the eccentric AV tycoon dead at 75 by apparent suicide

John McAfee on his yacht off the coast of Cuba in 2019.

Enlarge / John McAfee on his yacht off the coast of Cuba in 2019. (credit: Adalberto ROQUE / AFP / Getty)

John McAfee—the antivirus tycoon whose eccentric, larger-than-life, and often illegal antics on yachts and in tropical rain forests came to define him in later years—took his own life in a Spanish prison cell while awaiting extradition to the US. He was 75.

The death was first reported by El Pais and later by Reuters, both of which cited law enforcement sources in Barcelona. Multiple news agencies also reported the death.

According to El Pais, prison personnel found McAfee hanging in his cell and provided emergency medical services but were unable to save his life.

Read 3 remaining paragraphs | Comments

#antivirus, #biz-it, #john-mcafee, #policy, #tech

0

Altice is reducing cable-Internet upload speeds by up to 86% next month

Two coaxial cables used for cable-Internet connections.

Enlarge (credit: Getty Images | buzbuzzer)

Altice is slashing its cable-Internet upload speeds by up to 86 percent starting on July 12. Altice Optimum Online plans that currently have advertised upload speeds of 35Mbps will be reduced to uploads of either 5Mbps, 10Mbps, or 20Mbps, depending on the plan. Altice did not announce any immediate price changes on the plans that are getting upload-speed cuts.

The only good news for users is that the change will not affect existing customers as long as they stay on their current service plans, an Altice spokesperson told Ars. But new customers will have to accept the lower upload speeds, and existing customers would have to take the lower upload speeds whenever they upgrade, downgrade, or change service, Altice said.

Altice claimed that its cable network isn’t having any trouble offering its current advertised speeds. “Our network continues to perform very well despite the significant data usage increases during the pandemic and the speed tiers we offer,” the company said. The upload-speed change is apparently being implemented not to solve any network problem but to match the slower upload speeds offered by other cable ISPs. Altice told Ars that it is changing its cable upload speeds to bring them “in line with other ISPs and aligned with the industry.”

Read 12 remaining paragraphs | Comments

#altice, #biz-it, #cable-internet, #upload-speeds

0

Ahoy, there’s malice in your repos—PyPI is the latest to be abused

Ahoy, there’s malice in your repos—PyPI is the latest to be abused

Enlarge (credit: Getty Images)

Counterfeit packages downloaded roughly 5,000 times from the official Python repository contained secret code that installed cryptomining software on infected machines, a security researcher has found.

The malicious packages, which were available on the PyPI repository, in many cases used names that mimicked those of legitimate and often widely used packages already available there, Ax Sharma, a researcher at security firm Sonatype reported. So-called typosquatting attacks succeed when targets accidentally mistype a name such as typing “mplatlib” or “maratlib” instead of the legitimate and popular package matplotlib.

Sharma said he found six packages that installed cryptomining software that would use the resources of infected computers to mine cryptocurrency and deposit it in the attacker’s wallet. All six were published by someone using the PyPI username nedog123, in some cases as early as April. The packages and download numbers are:

Read 4 remaining paragraphs | Comments

#biz-it, #counterfeit, #malware, #npm, #open-source, #pypi, #rubygems, #tech

0

A week after arrests, Cl0p ransomware group dumps new tranche of stolen data

A week after arrests, Cl0p ransomware group dumps new tranche of stolen data

Enlarge (credit: Getty Images)

A week after Ukrainian police arrested criminals affiliated with the notorious Cl0p ransomware gang, Cl0p has published a fresh batch of what’s purported to be confidential data stolen in a hack of a previously unknown victim. Ars won’t be identifying the possibly victimized company until there is confirmation that the data and the hack are genuine.

If genuine, the dump shows that Cl0p remains intact and able to carry out its nefarious actions despite the arrests. That suggests that the suspects don’t include the core leaders but rather affiliates or others who play a lesser role in the operations.

The data purports to be employee records, including verification of employment for loan applications and documents pertaining to workers whose wages have been garnished. I was unable to confirm that the information is genuine and that it was, in fact, taken during a hack on the company, although web searches showed that names listed in the documents matched names of people who work for the company.

Read 8 remaining paragraphs | Comments

#biz-it, #cl0p, #law-enforcement, #ransomware, #security, #tech

0

Monero emerges as crypto of choice for cybercriminals

Monero emerges as crypto of choice for cybercriminals

Enlarge (credit: 53 Studios | Getty Images)

For cybercriminals looking to launder illicit gains, bitcoin has long been the payment method of choice. But another cryptocurrency is coming to the fore, promising to help make dirty money disappear without a trace.

While bitcoin leaves a visible trail of transactions on its underlying blockchain, the niche “privacy coin” monero was designed to obscure the sender and receiver, as well as the amount exchanged.

As a result, it has become an increasingly sought-after tool for criminals such as ransomware gangs, posing new problems for law enforcement.

Read 22 remaining paragraphs | Comments

#bitcoin, #biz-it, #cryptocurrency, #monero, #organized-crim, #policy, #ransomware

0

Connecting to malicious Wi-Fi networks can mess with your iPhone

Close-up photo of Wi-Fi settings on a smartphone.

Enlarge (credit: Apple)

There’s a bug in iOS that disables Wi-Fi connectivity when devices join a network that uses a booby-trapped name, a researcher disclosed over the weekend.

By connecting to a Wi-Fi network that uses the SSID “%p%s%s%s%s%n” (quotation marks not included), iPhones and iPads lose the ability to join that network or any other networks going forward, reverse engineer Carl Schou reported on Twitter.

It didn’t take long for trolls to capitalize on the finding:

Read 14 remaining paragraphs | Comments

#apple, #biz-it, #bugs, #ios, #operating-systems, #tech, #wi-fi, #wifi

0

Ukraine arrests ransomware gang in global cybercriminal crackdown

A chainlink fence separates us from fossil fuel tanks.

Enlarge / A Colonial Pipeline facility in Woodbridge, New Jersey. Hackers last month disrupted the pipeline supplying petroleum to much of the East Coast. (credit: Michael M. Santiago, Getty Images)

Ukrainian police have arrested members of a notorious ransomware gang that recently targeted American universities, as pressure mounts on global law enforcement to crack down on cybercriminals.

The Ukraine National Police said in a statement on Wednesday that it had worked with Interpol and the US and South Korean authorities to charge six members of the Ukraine-based Cl0p hacker group, which it claimed had inflicted a half-billion dollars in damages on victims based in the US and South Korea.

The move marks the first time that a national law enforcement agency has carried out mass arrests of a ransomware gang, adding to pressure on other countries to follow suit. Russia, a hub for ransomware gangs, has been blamed for harbouring cybercriminals by failing to prosecute or extradite them.

Read 9 remaining paragraphs | Comments

#biz-it, #cl0p, #cybercrime, #policy, #ransomware, #ukraine

0

Newly discovered Vigilante malware outs software pirates and blocks them

A warning sign on a grid-style metal fence.

Enlarge (credit: Getty Images)

A researcher has uncovered one of the more unusual finds in the annals of malware: booby-trapped files that rat out downloaders and try to prevent unauthorized downloading in the future. The files are available on sites frequented by software pirates.

Vigilante, as SophosLabs Principal Researcher Andrew Brandt is calling the malware, gets installed when victims download and execute what they think is pirated software or games. Behind the scenes, the malware reports the file name that was executed to an attacker-controlled server, along with the IP address of the victims’ computers. As a finishing touch, Vigilante tries to modify the victims’ computers so they can no longer access thepiratebay.com and as many as 1,000 other pirate sites.

Not your typical malware

“It’s really unusual to see something like this because there’s normally just one motive behind most malware: stealing stuff,” Brandt wrote on Twitter. “Whether that’s passwords, or keystrokes, or cookies, or intellectual property, or access, or even CPU cycles to mine cryptocurrency, theft is the motive. But not in this case. These samples really only did a few things, none of which fit the typical motive for malware criminals.”

Read 8 remaining paragraphs | Comments

#biz-it, #malware, #software-pirate, #tech

0

Starlink dishes go into “thermal shutdown” once they hit 122° Fahrenheit

A satellite dish sitting in a forest next to a portable power supply.

Enlarge / Starlink satellite dish and equipment in the Idaho panhandle’s Coeur d’Alene National Forest. (credit: Wandering-coder)

A Starlink beta user in Arizona said he lost Internet service for over seven hours yesterday when the satellite dish overheated, demonstrating one of the drawbacks of SpaceX’s broadband service. When the user’s Internet service was disrupted, the Starlink app provided an error message saying, “Offline: Thermal shutdown.” The dish “overheated” and “Starlink will reconnect after cooling down,” the error message said.

The user, named Martin, posted a screenshot of the error message on Reddit. He contacted Starlink support, which told him, “Dishy will go into thermal shutdown at 122F and will restart when it reaches 104F.” Martin decided to give the dish a little water so it could cool down. He pointed a sprinkler at Dishy, and once it cooled enough to turn back on, “I immediately heard YouTube resume playback,” he wrote yesterday.

But the Internet restoration was short-lived, Martin told Ars in a chat today.

Read 21 remaining paragraphs | Comments

#biz-it, #spacex, #starlink

0

CD Project Red does an about-face, says ransomware crooks are leaking data

A stylized ransom note asks for bitcoin in exchange for stolen data.

Enlarge (credit: Aurich Lawson)

CD Projekt Red, the maker of The Witcher series, Cyberpunk 2077, and other popular games, said on Friday that proprietary data taken in a ransomware attack disclosed four months ago is likely circulating online.

“Today, we have learned new information regarding the breach and now have reason to believe that internal data illegally obtained during the attack is currently being circulated on the Internet,” company officials said in a statement. “We are not yet able to confirm the exact contents of the data in question, though we believe it may include current/former employee and contractor details in addition to data related to our games.”

An about-face

The update represents an about-face of sorts, as it warns that the information of current and former employees and contractors is now believed to be among the compromised data. When The Poland-based game maker disclosed the attack in February, it said it didn’t believe the stolen data included personal information for employees or customers.

Read 6 remaining paragraphs | Comments

#biz-it, #cd-projekt-red, #personal-information, #ransomware, #tech

0

EA source code stolen by hacker claiming to sell it online

EA source code stolen by hacker claiming to sell it online

Enlarge (credit: Getty Images)

Game-maker Electronic Arts and the Presque Isle Police Department in Maine are responding to an event they had both been dreading: the theft of gigabytes of private data by hackers who breached their Internet-connected networks.

In EA’s case, the theft included 780GB of source code and tools for FIFA 21, according to a post published earlier this week on an underground crime forum. The person who published the post, with the username Leakbook, was offering to sell the data.

“You have full capability of exploiting on all EA services,” the person wrote.

Read 6 remaining paragraphs | Comments

#biz-it, #data-breaches, #electronic-arts, #ransomware, #tech

0

Mystery malware steals 26M passwords from 3M PCs. Are you affected?

The silhouettes of heads emerge from a screen full of ones and zeros.

Enlarge (credit: Getty Images)

Researchers have discovered yet another massive trove of sensitive data, a dizzying 1.2TB database containing login credentials, browser cookies, autofill data, and payment information extracted by malware that has yet to be identified.

In all, researchers from NordLocker said on Wednesday, the database contained 26 million login credentials, 1.1 million unique email addresses, more than 2 billion browser cookies, and 6.6 million files. In some cases, victims stored passwords in text files created with the Notepad application.

The stash also included over 1 million images and more than 650,000 Word and .pdf files. Additionally, the malware made a screenshot after it infected the computer and took a picture using the device’s webcam. Stolen data also came from apps for messaging, email, gaming, and file-sharing. The data was extracted between 2018 and 2020 from more than 3 million PCs.

Read 8 remaining paragraphs | Comments

#biz-it, #data-stealer, #malware, #privacy, #tech

0

Hackers can mess with HTTPS connections by sending data to your email server

A highly stylized image of a padlock.

Enlarge (credit: Getty Images)

When you visit an HTTPS-protected website, your browser doesn’t exchange data with the webserver until it has ensured that the site’s digital certificate is valid. That prevents hackers with the ability to monitor or modify data passing between you and the site from obtaining authentication cookies or executing malicious code on the visiting device.

But what would happen if a man-in-the-middle attacker could confuse the browser into accidentally connecting to an email server or FTP server that uses a certificate that’s compatible with the one used by the website?

The perils of speaking HTTPS to an email server

Because the domain name of the website matches the domain name in the email or FTP server certificate, the browser will, in many cases, establish a Transport Layer Security connection with one of these servers rather than the website the user intended to visit.

Read 14 remaining paragraphs | Comments

#biz-it, #email, #ftp, #https, #tech, #transport-layer-security

0

US seizes $2.3 million Colonial Pipeline paid to ransomware attackers

US seizes $2.3 million Colonial Pipeline paid to ransomware attackers

Enlarge (credit: Getty Images)

The FBI said it has seized $2.3 million paid to the ransomware attackers who paralyzed the network of Colonial Pipeline and touched off gasoline and jet fuel supplies up and down the East Coast last month.

In dollar amounts, the sum represents about half of the $4.4 million that Colonial Pipeline paid to members of the DarkSide ransomware group following the May 7 attack, The Wall Street Journal reported, citing the company’s CEO. The DarkSide decryptor tool was widely known to be slow and ineffective, but Colonial paid the ransom anyway. In the interview with the WSJ, CEO Joseph Blount confirmed that the shortcomings prevented the company from using it and instead had to rebuild its network through other means.

Cutting off the oxygen supply

On Monday, the US Justice Department said it had traced 63.7 of the roughly 75 bitcoins Colonial Pipeline paid to DarkSide, which the Biden administration says is likely located in Russia. The seizure is remarkable because it marks one of the rare times a ransomware victim has recovered funds it paid to its attacker. Justice Department officials are counting on their success to remove a key incentive for ransomware attacks—the millions of dollars attackers stand to make.

Read 11 remaining paragraphs | Comments

#bitcoin, #biz-it, #colonial-pipeline, #darkside, #policy, #ransomware, #tech

0

Hacker lexicon: What is a supply chain attack?

The word

Enlarge (credit: Frank Lindecke / Flickr)

Cybersecurity truisms have long been described in simple terms of trust: Beware email attachments from unfamiliar sources, and don’t hand over credentials to a fraudulent website. But increasingly, sophisticated hackers are undermining that basic sense of trust and raising a paranoia-inducing question: What if the legitimate hardware and software that makes up your network has been compromised at the source?

That insidious and increasingly common form of hacking is known as a “supply chain attack,” a technique in which an adversary slips malicious code or even a malicious component into a trusted piece of software or hardware. By compromising a single supplier, spies or saboteurs can hijack its distribution systems to turn any application they sell, any software update they push out, even the physical equipment they ship to customers, into Trojan horses. With one well-placed intrusion, they can create a springboard to the networks of a supplier’s customers—sometimes numbering hundreds or even thousands of victims.

“Supply chain attacks are scary because they’re really hard to deal with, and because they make it clear you’re trusting a whole ecology,” says Nick Weaver, a security researcher at UC Berkeley’s International Computer Science Institute. “You’re trusting every vendor whose code is on your machine, and you’re trusting every vendor’s vendor.”

Read 10 remaining paragraphs | Comments

#biz-it, #supply-chain-attack

0

This is not a drill: VMware vuln with 9.8 severity rating is under attack

This is not a drill: VMware vuln with 9.8 severity rating is under attack

Enlarge

A VMware vulnerability with a severity rating of 9.8 out of 10 is under active exploitation. At least one reliable exploit has gone public, and there have been successful attempts in the wild to compromise servers that run the vulnerable software.

The vulnerability, tracked as CVE-2021-21985, resides in the vCenter Server, a tool for managing virtualization in large data centers. A VMware advisory published last week said vCenter machines using default configurations have a bug that, in many networks, allows for the execution of malicious code when the machines are reachable on a port that is exposed to the Internet.

Code execution, no authentication required

On Wednesday, a researcher published proof-of-concept code that exploits the flaw. A fellow researcher who asked not to be named said the exploit works reliably and that little additional work is needed to use the code for malicious purposes. It can be reproduced using five requests from cURL, a command-line tool that transfers data using HTTP, HTTPS, IMAP, and other common Internet protocols.

Read 10 remaining paragraphs | Comments

#biz-it, #exploits, #tech, #vcentral, #vmware, #zerodays

0

Ransomware will now get priority treatment at the Justice Department

Skull and crossbones in binary code

Enlarge (credit: Getty Images)

The Justice Department has created a task force to centrally track and coordinate all federal cases involving ransomware or related types of cybercrime, such as botnets, money laundering, and bulletproof hosting.

“To ensure we can make necessary connections across national and global cases and investigations … we must enhance and centralize our internal tracking of investigations and prosecutions of ransomware groups and the infrastructure and networks that allow the threats to persist,” Deputy Attorney General Lisa Monaco told US attorneys throughout the country on Thursday. She issued the directive in a memo that was first reported by Reuters. Investigators in field offices around the country would be expected to share information as well.

The new directive applies not just to cases or investigations involving ransomware, but a host of related scourges, including:

Read 3 remaining paragraphs | Comments

#biz-it, #justice-department, #policy, #ransomware, #tech

0

Attack on meat supplier came from REvil, ransomware’s most cut-throat gang

Ransomware

Enlarge / Ransomware (credit: Getty Images)

The cyberattack that halted some operations at the world’s biggest meat processor this week was the work of REvil, a ransomware franchise that’s known for its ever-escalating series of cut-throat tactics designed to extort the highest price.

The FBI made the attribution on Wednesday, a day after word emerged that Brazil-based JBS SA had experienced a ransomware attack that prompted the closure of at least five US-based plants, in addition to facilities in Canada and Australia.

High-pressure ransom

REvil and its affiliates account for about four percent of attacks on the public and private sectors. In most respects, REvil is a fairly average ransomware enterprise. What sets it apart is the cruelty of its tactics, which are designed to exert maximum pressure on victims.

Read 9 remaining paragraphs | Comments

#biz-it, #jbs, #ransomware, #revil, #supply-chain, #tech

0

Shortages loom as ransomware hamstrings the world’s biggest meat producer

Exterior sign for JBS Greeley Beef Plant.

Enlarge (credit: Matthew Stockman / Getty Images)

A ransomware attack has struck the world’s biggest meat producer, causing it to halt some operations in the US, Canada, and Australia while threatening shortages throughout the world, including up to a fifth of the American supply.

Brazil-based JBS SA said on Monday that it was the target of an organized cyberattack that had affected servers supporting North American and Australian IT operations. A White House spokeswoman later said the meat producer had been hit by a ransomware attack “from a criminal organization likely based in Russia” and that the FBI was investigating.

Existential threat

The weekend attack came three weeks after a separate ransomware attack on Colonial Pipeline disrupted the availability of gasoline and jet fuel up and down the US East Coast. Late last year, ransomware attacks on hospitals hamstrung their ability to provide emergency services just as the coronavirus was already straining their capacity.

Read 6 remaining paragraphs | Comments

#biz-it, #jbs, #meat-packing, #ransomware, #tech

0

Amazon devices will soon automatically share your Internet with neighbors

Cartoonish promotional image for Amazon product.

Enlarge (credit: Amazon)

If you use Alexa, Echo, or any other Amazon device, you have only 10 days to opt out of an experiment that leaves your personal privacy and security hanging in the balance.

On June 8, the merchant, Web host, and entertainment behemoth will automatically enroll the devices in Amazon Sidewalk. The new wireless mesh service will share a small slice of your Internet bandwidth with nearby neighbors who don’t have connectivity and help you to their bandwidth when you don’t have a connection.

By default, Amazon devices including Alexa, Echo, Ring, security cams, outdoor lights, motion sensors, and Tile trackers will enroll in the system. And since only a tiny fraction of people take the time to change default settings, that means millions of people will be co-opted into the program whether they know anything about it or not.

Read 9 remaining paragraphs | Comments

#amazon-sidewalk, #biz-it, #policy, #privacy, #security, #tech, #wireless

0

Covert channel in Apple’s M1 is mostly harmless, but it sure is interesting

Logo for Apple's M1 line.

Enlarge (credit: Apple)

Apple’s new M1 CPU has a flaw that creates a covert channel that two or more malicious apps—already installed—can use to transmit information to each other, a developer has found.

The surreptitious communication can occur without using computer memory, sockets, files, or any other operating system feature, developer Hector Martin said. The channel can bridge processes running as different users and under different privilege levels. These characteristics allow for the apps to exchange data in a way that can’t be detected—or at least without specialized equipment.

Technically, it’s a vulnerability but…

Martin said that the flaw is mainly harmless because it can’t be used to infect a Mac and it can’t be used by exploits or malware to steal or tamper with data stored on a machine. Rather, the flaw can be abused only by two or more malicious apps that have already been installed on a Mac through means unrelated to the M1 flaw.

Read 14 remaining paragraphs | Comments

#apple, #biz-it, #covert-channels, #cpus, #errata, #m1, #tech, #vulnerabilities

0

Microsoft says SolarWinds hackers targeted US agencies in a new campaign

Microsoft says SolarWinds hackers targeted US agencies in a new campaign

Enlarge (credit: Getty Images)

The Kremlin-backed hackers who targeted SolarWinds customers in a supply chain attack have been caught conducting a malicious email campaign that delivered malware-laced links to 150 government agencies, research institutions and other organizations in the US and 23 other countries, Microsoft said.

The hackers, belonging to Russia’s Foreign Intelligence Service, first managed to compromise an account belonging to USAID, a US government agency that administers civilian foreign aid and development assistance. With control of the agency’s account for online marketing company Constant Contact, the hackers had the ability to send emails that appeared to use addresses known to belong to the US agency.

Nobelium goes native

“From there, the actor was able to distribute phishing emails that looked authentic but included a link that, when clicked, inserted a malicious file used to distribute a backdoor we call NativeZone,” Microsoft Vice President of Customer Security and Trust Tom Burt wrote in a post published on Thursday evening. “This backdoor could enable a wide range of activities from stealing data to infecting other computers on a network.”

Read 14 remaining paragraphs | Comments

#apt29, #biz-it, #malicious-email, #nobelium, #solarwinds, #tech

0

Charter charges more money for slower Internet on streets with no competition

A Charter Spectrum service truck on a snowy street.

Enlarge / A Charter Spectrum service truck in McKinney, Texas, on Tuesday, Feb. 16, 2021. (credit: Getty Images | Bloomberg)

It’s no surprise that cable companies charge lower prices for broadband when they face competition from fiber-to-the-home services. But an article yesterday by Stop the Cap provides a good example of how dramatically promotional prices for Charter’s Spectrum Internet service can vary from one street to the next.

In this example, Charter charges $20 more per month for slower speeds on the street where it faces no serious competition. When customers in two areas purchase the same speeds, the customer on the street without competition could have to pay $40 more per month and would have their promotional rates expire after only one year instead of two.

Stop the Cap said it examined promotional offers to new customers in the metro Rochester, New York, market, “where Spectrum faces token competition from Frontier’s slow speed DSL service” and more robust competition in limited areas from Greenlight Networks’ fiber service. Greenlight fiber is available in 23 percent of Rochester, while Charter cable is available to homes throughout the city, according to BroadbandNow. Greenlight prices start at $50 per month for 500Mbps.

Read 21 remaining paragraphs | Comments

#biz-it, #broadband, #cable, #charter, #fiber, #policy, #spectrum

0

No, it doesn’t just crash Safari. Apple has yet to fix exploitable flaw

No, it doesn’t just crash Safari. Apple has yet to fix exploitable flaw

Enlarge (credit: Getty Images)

Apple has yet to patch a security bug found in iPhones and Macs despite the availability of a fix released almost three weeks ago, a researcher said.

The vulnerability resides in WebKit, the browser engine that powers Safari and all browsers that run on iOS. When the vulnerability was fixed almost three weeks ago by open source developers outside of Apple, the fix’s release notes said that the bug caused Safari to crash. In fact, a researcher from security firm Theori said the flaw is exploitable, and despite the availability of a fix, it still hasn’t made its way into either iOS or macOS.

Mind the gap

“This bug yet again demonstrates that patch-gapping is a significant danger with open source development,” Theori researcher Tim Becker wrote in a post published Tuesday. “Ideally, the window of time between a public patch and a stable release is as small as possible. In this case, a newly released version of iOS remains vulnerable weeks after the patch was public.”

Read 9 remaining paragraphs | Comments

#apple, #biz-it, #exploits, #ios, #macos, #tech, #vulnerabilities, #zerodays

0

Amazon to buy MGM for $8 billion in major boost to Prime Video library

Illustration of the MGM logo with a picture of Jeff Bezos instead of a lion, James Bond actor Daniel Craig, and a man wearing a jacket with an Amazon logo.

Enlarge (credit: Aurich Lawson | Steve Jurvetson)

Amazon today announced a definitive agreement to buy MGM (Metro-Goldwyn-Mayer) for $8.45 billion. Amazon said that MGM’s filmmaking prowess “complements the work of Amazon Studios, which has primarily focused on producing TV show programming.”

Buying MGM would let Amazon add plenty of movies to its Prime Video streaming service. It’s not clear whether MGM’s theatrical-release strategy would change. “Amazon will help preserve MGM’s heritage and catalog of films and provide customers with greater access to these existing works. Through this acquisition, Amazon would empower MGM to continue to do what they do best: great storytelling,” the merger announcement said.

Amazon said the purchase “is subject to regulatory approvals and other customary closing conditions” but did not provide an estimated closing date. The acquisition announcement came about a week after news reports revealed the negotiations.

Read 12 remaining paragraphs | Comments

#amazon, #biz-it, #mgm, #policy

0

Vulnerability in VMware product has severity rating of 9.8 out of 10

Close-up photo of police-style caution tape stretched across an out-of-focus background.

Enlarge (credit: Michael Theis / Flickr)

Data centers around the world have a new concern to contend with—a remote code vulnerability in a widely used VMware product.

The security flaw, which VMware disclosed and patched on Tuesday, resides in the vCenter Server, a tool used for managing virtualization in large data centers. vCenter Server is used to administer VMware’s vSphere and ESXi host products, which by some rankings are the first and second most popular virtualization solutions on the market. Enlyft, a site that provides business intelligence, shows that more than 43,000 organizations use vSphere.

“Serious”

A VMware advisory said that vCenter machines using default configurations have a bug that, in many networks, allows for the execution of malicious code when the machines are reachable on a port that is exposed to the Internet. The vulnerability is tracked as CVE-2021-21985 and has a severity score of 9.8 out of 10.

Read 8 remaining paragraphs | Comments

#biz-it, #patches, #tech, #vcenter-server, #vmware, #vulnerabilities

0

It’s ransomware, or maybe a disk wiper, and it’s striking targets in Israel

The flag of Iran.

Enlarge (credit: Getty Images)

Researchers say they’ve uncovered never-before-seen disk-wiping malware that’s disguising itself as ransomware as it unleashes destructive attacks on Israeli targets.

Apostle, as researchers at security firm SentinelOne are calling the malware, was initially deployed in an attempt to wipe data but failed to do so, likely because of a logic flaw in its code. The internal name its developers gave it was “wiper-action.” In a later version, the bug was fixed and the malware gained full-fledged ransomware behaviors, including the leaving of notes demanding victims pay a ransom in exchange for a decryption key.

A clear line

In a post published Tuesday, SentinelOne researchers said they assessed with high confidence that, based on the code and the servers Apostle reported to, the malware was being used by a never-before-seen group with ties to the Iranian government. While a ransomware note they recovered suggested that Apostle had been used against a critical facility in the United Arab Emirates, the primary target was Israel.

Read 11 remaining paragraphs | Comments

#biz-it, #disk-wipers, #iran, #israel, #policy, #tech

0

Actively exploited macOS 0day let hackers take screenshots of infected Macs

Gloved hands manipulate a laptop with a skull and crossbones on the display.

Enlarge (credit: CHUYN / Getty Images)

Malicious hackers have been exploiting a vulnerability in fully updated versions of macOS that allowed them to take screenshots on infected Macs without having to get permission from victims first.

The zeroday was exploited by XCSSET, a piece of malware discovered by security firm Trend Micro last August. XCSSET used what at the time were two zerodays to infect Mac developers with malware that stole browser cookies and files; injected backdoors into websites; stole information from Skype, Telegram, and other installed apps; took screenshots; and encrypted files and showed a ransom note.

A third zeroday

Infections came in the form of malicious projects that the attacker wrote for Xcode, a tool that Apple makes available for free to developers writing apps for macOS or other Apple OSes. As soon as one of the XCSSET projects was opened and built, TrendMicro said, the malicious code would run on the developers’ Macs. An Xcode project is a repository for all the files, resources, and information needed to build an app.

Read 10 remaining paragraphs | Comments

#biz-it, #macos, #macs, #malware, #tech, #transparency-consent-and-control

0

Hear ye, DarkSide! This honorable ransomware court is now in session

Hear ye, DarkSide! This honorable ransomware court is now in session

Enlarge (credit: Getty Images)

A crime forum is holding a quasi-judicial proceeding against the makers of DarkSide, the ransomware that shut down Colonial Pipeline two weeks ago, to hear claims from former affiliates who say the makers skipped town without paying. Or, at least that’s what members of crime forum XSS.is want us all to believe.

A Russian-speaking person using the handle “darksupp” took to XSS.is in November to recruit affiliates for DarkSide, researchers at security firm FireEye said recently. At the time, DarkSide was the new ransomware-as-a-service on the block, and it was in search of business partners.

Since then, DarkSide has cashed in spectacularly. According to newly released figures from cryptocurrency tracking firm Chainalysis, DarkSide netted at least $60 million in its first seven months, with $46 million of it coming in the first three months of this year.

Read 8 remaining paragraphs | Comments

#biz-it, #darkside, #ransomware, #tech, #xss

0

Vulnerabilities in billions of Wi-Fi devices let hackers bypass firewalls

Farewell to Firewalls: Wi-Fi bugs open network devices to remote hacks

Enlarge (credit: Mathy Vanhoef)

One of the things that makes Wi-Fi work is its ability to break big chunks of data into smaller chunks, and vice versa, depending on the needs of the network at a given moment. These mundane network plumbing features, it turns out, have been harboring vulnerabilities that can be exploited to send users to malicious websites or exploit or tamper with network-connected devices, newly published research shows.

In all, researcher Mathy Vanhoef found a dozen vulnerabilities, either in the Wi-Fi specification or in the way the specification has been implemented in huge numbers of devices. Vanhoef has dubbed the vulnerabilities FragAttacks, short for fragmentation and aggregation attacks, because they all involve frame fragmentation or frame aggregation. Broadly speaking, they allow people within radio range to inject frames of their choice into networks protected by WPA-based encryption.

Bad news

Assessing the impact of the vulnerabilities isn’t straightforward. FragAttacks allow data to be injected into Wi-Fi traffic, but they don’t make it possible to exfiltrate anything out. That means FragAttacks can’t be used to read passwords or other sensitive information the way a previous Wi-Fi attack of Vanhoef, called Krack, did. But it turns out that the vulnerabilities—some that have been part of Wi-Fi since its release in 1997—can be exploited to inflict other kinds of damage, particularly if paired with other types of hacks.

Read 27 remaining paragraphs | Comments

#biz-it, #fragattacks, #tech, #wi-fi, #wpa2, #wpa3

0

4 vulnerabilities under attack give hackers full control of Android devices

A computer screen filled with ones and zeros also contains a Google logo and the word hacked.

Enlarge (credit: Getty Images)

Unknown hackers have been exploiting four Android vulnerabilities that allow the execution of malicious code that can take complete control of devices, Google warned on Wednesday.

All four of the vulnerabilities were disclosed two weeks ago in Google’s Android Security Bulletin for May. Google has released security updates to device manufacturers, who are then responsible for distributing the patches to users.

Google’s May 3 bulletin initially didn’t report that any of the roughly 50 vulnerabilities it covered were under active exploitation. On Wednesday, Google updated the advisory to say that there are “indications” that four of the vulnerabilities “may be under limited, targeted exploitation.” Maddie Stone, a member of Google’s Project Zero exploit research group, removed the ambiguity. She declared on Twitter that the “4 vulns were exploited in-the-wild” as zero-days.

Read 10 remaining paragraphs | Comments

#android, #biz-it, #exploits, #security, #tech, #vulnerabilities, #zerodays

0

Florida water plant compromise came hours after worker visited malicious site

A small-town water treatment facility.

Enlarge (credit: myoldsmar.com)

An employee for the city of Oldsmar, Florida, visited a malicious website targeting water utilities just hours before someone broke into the computer system for the city’s water treatment plant and tried to poison drinking water, security firm Dragos said Tuesday.

The website, which belonged to a Florida water utility contractor, had been compromised in late December by hackers who then hosted malicious code that seemed to target water utilities, particularly those in Florida, Dragos researcher Kent Backman wrote in a blog post. More than 1,000 end-user computers visited the site during the 58-day window the site was infected.

One of those visits came on February 5 at 9:49 am Florida time from a computer on a network belonging to the City of Oldsmar. In the evening of the same day, an unknown actor gained unauthorized access to the computer interface used to adjust the chemicals that treat drinking water for the roughly 15,000 residents of the small city that’s about 16 miles northwest of Tampa.

Read 12 remaining paragraphs | Comments

#biz-it, #ics, #industrial-control-systems, #policy, #tech, #water-treatment-plant, #watering-hole-attacks

0

AT&T to spin off WarnerMedia, basically admitting giant merger was a mistake

AT&T's logo and stock price displayed on a monitor on the floor of the New York Stock Exchange in January 2019.

Enlarge (credit: Getty Images | Bloomberg)

AT&T today announced it will spin off WarnerMedia—including HBO and Warner Bros.—into a new company, less than three years after AT&T bought Time Warner Inc. for $108 billion.

AT&T said it struck a deal with Discovery, Inc. to combine WarnerMedia and Discovery’s assets into a “standalone global entertainment company.” AT&T would receive $43 billion in the all-stock transaction through “a combination of cash, debt securities, and WarnerMedia’s retention of certain debt.” AT&T shareholders would receive stock in 71 percent of the new media company, while Discovery shareholders would own the other 29 percent.

AT&T expects it to take a full year to complete the spinoff and combination with Discovery. “The transaction is anticipated to close in mid-2022, subject to approval by Discovery shareholders and customary closing conditions, including receipt of regulatory approvals,” AT&T said.

Read 15 remaining paragraphs | Comments

#att, #biz-it, #discovery, #fiber, #policy, #warnermedia

0

Colonial Pipeline paid a $5 million ransom—and kept a vicious cycle turning

Colonial Pipeline paid a $5 million ransom—and kept a vicious cycle turning

Enlarge (credit: Sean Rayford | Getty Images)

Nearly a week after a ransomware attack led Colonial Pipeline to halt fuel distribution on the East Coast, reports emerged on Friday that the company paid a 75 bitcoin ransom—worth as much as $5 million, depending on the time of payment—in an attempt to restore service more quickly. And while the company was able to restart operations Wednesday night, the decision to give in to hackers’ demands will only embolden other groups going forward. Real progress against the ransomware epidemic, experts say, will require more companies to say no.

Not to say that doing so is easy. The FBI and other law enforcement groups have long discouraged ransomware victims from paying digital extortion fees, but in practice many organizations resort to paying. They either don’t have the backups and other infrastructure necessary to recover otherwise, can’t or don’t want to take the time to recover on their own, or decide that it’s cheaper to just quietly pay the ransom and move on. Ransomware groups increasingly vet their victims’ financials before springing their traps, allowing them to set the highest possible price that their victims can still potentially afford.

Read 11 remaining paragraphs | Comments

#biz-it, #colonial-pipeline, #ransomware, #security

0

Pipeline attacker Darkside suddenly goes dark—here’s what we know

Pipeline attacker Darkside suddenly goes dark—here’s what we know

Enlarge

Darkside—the ransomware group that disrupted gasoline distribution across a wide swath of the US this week—has gone dark, leaving it unclear if the group is ceasing, suspending, or altering its operations or is simply orchestrating an exit scam.

On Thursday, all eight of the dark web sites Darkside used to communicate with the public went down, and they remain down as of publication time. Overnight, a post attributed to Darkside claimed, without providing any evidence, that the group’s website and content distribution infrastructure had been seized by law enforcement, along with the cryptocurrency it had received from victims.

The dog ate our funds

“At the moment, these servers cannot be accessed via SSH, and the hosting panels have been blocked,” the post stated, according to a translation of the Russian-language post published Friday by security firm Intel471. “The hosting support service doesn’t provide any information except ‘at the request of law enforcement authorities.’ In addition, a couple of hours after the seizure, funds from the payment server (belonging to us and our clients) were withdrawn to an unknown account.”

Read 18 remaining paragraphs | Comments

#biz-it, #colonial-pipeline, #darkside, #ransomware, #revil, #tech

0

Ireland’s health care system taken down after ransomware attack

St. Vincent's University Hospital in Dublin, Ireland.

Enlarge / St. Vincent’s University Hospital in Dublin, Ireland. (credit: Bloomberg | Getty Images)

Ireland has shut down most of the major IT systems running its national health care service, leaving doctors unable to access patient records and people unsure of whether they should show up for appointments, following a “very sophisticated” ransomware attack.

Paul Reid, chief executive of Ireland’s Health Service Executive, told a morning radio show that the decision to shut down the systems was a “precautionary” measure after a cyber attack that impacted national and local systems “involved in all of our core services.”

Some elements of the Irish health service remain operational, such as clinical systems and its Covid-19 vaccination program, which is powered by separate infrastructure. Covid tests already booked are also going ahead.

Read 12 remaining paragraphs | Comments

#biz-it, #cybercrime, #ireland, #ransomware

0

Biden signs executive order to strengthen US cybersecurity

Biden signs executive order to strengthen US cybersecurity

Enlarge (credit: Getty Images | Photographer is my life)

Joe Biden signed an executive order on Wednesday in an attempt to bolster US cybersecurity defenses, after a number of devastating hacks including the Colonial pipeline attack revealed vulnerabilities across business and government.

“Recent cybersecurity incidents… are a sobering reminder that US public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cyber criminals,” the White House said.

Under the order, federal agencies will be required to introduce multi-factor authentication to their systems and encrypt all data within six months in a bid to make it harder for hackers to penetrate their IT infrastructure.

Read 10 remaining paragraphs | Comments

#2fa, #biden-administration, #biz-it, #cybersecurity, #policy, #us

0

Colonial Pipeline resumes operations after ransomware prompted closure

A paper sign reading no gas in both English and Spanish has been taped to a gasoline pump.

Enlarge (credit: Getty Images)

Colonial Pipeline said it restarted operations on Wednesday afternoon after a five-day outage brought on by a ransomware attack caused gasoline shortages and panic buying in East Coast states.

“Following this restart, it will take several days for the product delivery supply chain to return to normal,” the operator of the 5,500-mile pipeline said on its website. “Some markets served by Colonial Pipeline may experience, or continue to experience, intermittent service interruptions during the start-up period. Colonial will move as much gasoline, diesel, and jet fuel as is safely possible and will continue to do so until markets return to normal.”

Colonial temporarily halted operations on Saturday, after determining that it was the victim of a ransomware attack. The pipeline runs through 11 states, from New Jersey to Texas.

Read 5 remaining paragraphs | Comments

#biz-it, #colonial-pipeline, #ransomware, #tech

0

Ransomware crooks post cops’ psych evaluations after talks with DC police stall

Ransomware crooks post cops’ psych evaluations after talks with DC police stall

Enlarge (credit: carlballou / Getty Images)

A ransomware gang that hacked the District of Columbia’s Metropolitan Police Department (MPD) in April posted personnel records on Tuesday that revealed highly sensitive details for almost two dozen officers, including the results of psychological assessments and polygraph tests; driver’s license images; fingerprints; social security numbers; dates of birth; and residential, financial, and marriage histories.

The data, included in a 161GB download from a website on the dark web, was made available after negotiations broke down between members of the Babuk ransomware group and MDP officials, according to screenshots purporting to be chat transcripts between the two organizations. After earlier threatening to leak the names of confidential informants to crime gangs, the operators agreed to remove the data while they carried out the now-aborted negotiations, the transcripts showed.

“This is unacceptable”

The operators demanded $4 million in exchange for a promise not to publish any more information and provide a decryption key that would restore the data.

Read 8 remaining paragraphs | Comments

#babuk, #biz-it, #data-breach, #extortion, #ransomware, #tech

0

Amazon “seized and destroyed” 2 million counterfeit products in 2020

Several Amazon trailers lined up outside a shipping center.

Enlarge / Amazon trailers backed into bays at a distribution center in Miami, Florida, in August 2019. (credit: Getty Images | Lawrence Glass)

Amazon “seized and destroyed” over 2 million counterfeit products that sellers sent to Amazon warehouses in 2020 and “blocked more than 10 billion suspected bad listings before they were published in our store,” the company said in its first “Brand Protection Report.”

In 2020, “we seized and destroyed more than 2 million products sent to our fulfillment centers and that we detected as counterfeit before being sent to a customer,” Amazon’s report said. “In cases where counterfeit products are in our fulfillment centers, we separate the inventory and destroy those products so they are not resold elsewhere in the supply chain,” the report also said.

Third-party sellers can also ship products directly to consumers instead of using Amazon’s shipping system. The 2 million fakes found in Amazon fulfillment centers would only account for counterfeit products from sellers using the “Fulfilled by Amazon” service.

Read 14 remaining paragraphs | Comments

#amazon, #biz-it, #counterfeit-products, #policy

0

Security researcher successfully jailbreaks an Apple AirTag

This weekend, German security researcher stacksmashing declared success at breaking into, dumping, and reflashing the microcontroller of Apple’s new AirTag object-location product.

Breaking into the microcontroller essentially meant being able both to research how the devices function (by analyzing the dumped firmware) and to reprogram them to do unexpected things. Stacksmashing demonstrated this by reprogramming an AirTag to pass a non-Apple URL while in Lost Mode.

Lost Mode gets a little more lost

When an AirTag is set to Lost Mode, tapping any NFC-enabled smartphone to the tag brings up a notification with a link to found.apple.com. The link allows whoever found the lost object to contact its owner, hopefully resulting in the lost object finding its way home.

Read 7 remaining paragraphs | Comments

#airtag, #airtags, #apple, #biz-it, #firmware-hacking, #tech

0

Major ransomware attack cripples gas pipeline on US East Coast

Problems with Colonial Pipeline's distribution system tend to lead to gasoline runs and price increases across the US Southeast and Eastern seaboard. In this September 2016 photo, a man prepared to refuel his vehicle after a Colonial leak in Alabama.

Enlarge / Problems with Colonial Pipeline’s distribution system tend to lead to gasoline runs and price increases across the US Southeast and Eastern seaboard. In this September 2016 photo, a man prepared to refuel his vehicle after a Colonial leak in Alabama. (credit: Luke Sharrett via Getty Images)

On Friday, Colonial Pipeline took many of its systems offline in the wake of a ransomware attack. With systems offline to contain the threat, the company’s pipeline system is inoperative. The system delivers approximately 45 percent of the East Coast’s petroleum products, including gasoline, diesel fuel, and jet fuel.

Colonial Pipeline issued a statement Sunday saying that the US Department of Energy is leading the US federal government response to the attack. “[L]eading, third-party cybersecurity experts” engaged by Colonial Pipeline itself are also on the case. The company’s four main pipelines are still down, but it has begun restoring service to smaller lateral lines between terminals and delivery points as it determines how to safely restart its systems and restore full functionality.

Colonial Pipeline has not publicly said what was demanded of it or how the demand was made.

Read 10 remaining paragraphs | Comments

#biz-it, #colonial-pipeline, #cyberattack, #darkside, #department-of-energy, #ransomware, #russia

0

Apple brass discussed disclosing 128-million iPhone hack, then decided not to

Apple brass discussed disclosing 128-million iPhone hack, then decided not to

Enlarge (credit: Getty Images)

In September 2015, Apple managers had a dilemma on their hands: should, or should they not, notify 128 million iPhone users of what remains the worst mass iOS compromise on record? Ultimately, all evidence shows, they chose to keep quiet.

The mass hack first came to light when researchers uncovered 40 malicious App Store apps, a number that mushroomed to 4,000 as more researchers poked around. The apps contained code that made iPhones and iPads part of a botnet that stole potentially sensitive user information.

128 million infected.

An email entered into court this week in Epic Games’ lawsuit against Apple shows that, on the afternoon of September 21, 2015, Apple managers had uncovered 2,500 malicious apps that had been downloaded a total of 203 million times by 128 million users, 18 million of whom were in the US.

Read 14 remaining paragraphs | Comments

#app-store, #apple, #biz-it, #iphone, #tech, #xcodeghost

0

Ajit Pai promised cheaper Internet—real prices rose 19 percent instead

Illustration of fiber Internet lines with dollar signs.

Enlarge (credit: Getty Images | MirageC)

The average US home-Internet bill increased 19 percent during the first three years of the Trump administration, disproving former Federal Communications Commission Chairman Ajit Pai’s claim that deregulation lowered prices, according to a new report by advocacy group Free Press. For tens of millions of families that aren’t wealthy, “these increases are felt deeply, forcing difficult decisions about which services to forgo so they can maintain critical Internet access services,” Free Press wrote.

The 19 percent Trump-era increase is adjusted for inflation to match the value of 2020 dollars, with the monthly cost rising from $39.35 in 2016 to $47.01 in 2019. Without the inflation adjustment, the average household Internet price rose from $36.48 in 2016 to $46.38 in 2019, an increase of 27 percent.

The nominal increase in each of the three years was between 7.27 percent and 9.94 percent, while inflation each year ranged from 1.81 percent to 2.44 percent.

Read 24 remaining paragraphs | Comments

#biz-it, #broadband-prices, #policy

0

Researchers peek at proprietary data of US particle physics lab Fermilab

Researchers peek at proprietary data of US particle physics lab Fermilab

Enlarge (credit: Glukicov)

Multiple unsecured entry points allowed researchers to access data belonging to Fermilab, a national particle physics and accelerator lab supported by the Department of Energy.

This week, security researchers Robert Willis, John Jackson, and Jackson Henry of the Sakura Samurai ethical hacking group have shared details on how they were able to get their hands on sensitive systems and data hosted at Fermilab.

After enumerating and peeking inside the fnal.gov subdomains using commonly available tools like amass, dirsearch, and nmap, the researchers discovered open directories, open ports, and unsecured services that attackers could have used to extract proprietary data.

Read 15 remaining paragraphs | Comments

#biz-it, #data-explosure, #fermilab, #science, #tech

0

Fix for critical Qualcomm chip flaw is making its way to Android devices

Fix for critical Qualcomm chip flaw is making its way to Android devices

Enlarge (credit: Getty Images)

Makers of high-end Android devices are responding to the discovery of a Qualcomm chip flaw that researchers say could be exploited to partially backdoor about a third of the world’s smartphones.

The vulnerability, discovered by researchers from security firm Check Point Research, resides in Qualcomm’s Mobile Station Modem, a system of chips that provides capabilities for things like voice, SMS, and high-definition recording, mostly on higher-end devices made by Google, Samsung, LG, Xiaomi, and OnePlus. Phone-makers can customize the chips so they do additional things like handle SIM unlock requests. The chips run in 31 percent of the world’s smartphones, according to figures from Counterpoint Research.

The heap overflow the researchers found can be exploited by a malicious app installed on the phone, and from there the app can plant malicious code inside the MSM, Check Point researchers said in a blog post published Thursday. The nearly undetectable code might then be able to tap into some of a phone’s most vital functions.

Read 7 remaining paragraphs | Comments

#android, #biz-it, #chips, #phones, #qualcomm, #tech, #vulnerabilities

0

Severe vulnerabilities in Dell firmware update driver found and fixed

A computer screen filled with numbers is interrupted by a rudimentary image of a padlock.

Enlarge / At least three companies have reported the dbutil_2_3.sys security problems to Dell over the past two years. (credit: Blogtrepreneur / Flickr)

Yesterday, infosec research firm SentinelLabs revealed 12-year-old flaws in Dell’s firmware updater, DBUtil 2.3. The vulnerable firmware updater has been installed by default on hundreds of millions of Dell systems since 2009.

The five high-severity flaws SentinelLabs discovered and reported to Dell lurk in the dbutil_2_3.sys module, and they have been rounded up under a single CVE tracking number, CVE-2021-21551. There are two memory-corruption issues and two lack of input validation issues, all of which can lead to local privilege escalation and a code logic issue which could lead to a denial of service.

A hypothetical attacker abusing these vulnerabilities can escalate the privileges of another process or bypass security controls to write directly to system storage. This offers multiple routes to the ultimate goal of local kernel-level access—a step even higher than Administrator or “root” access—to the entire system.

Read 3 remaining paragraphs | Comments

#biz-it, #dell, #firmware-update, #infosec, #patch, #tech, #update

0

Twitter’s latest robo-nag will flag “harmful” language before you post

A cartoon speech bubble full of indistinct swear words has been blurred out next to a very small song bird.

Enlarge / Before you tweet, you might be asked if you meant to be so rude. (credit: Getty Images / Sam Machkovech)

Want to know exactly what Twitter’s fleet of text-combing, dictionary-parsing bots defines as “mean”? Starting any day now, you’ll have instant access to that data—at least, whenever a stern auto-moderator says you’re not tweeting politely.

On Wednesday, members of Twitter’s product-design team confirmed that a new automatic prompt will begin rolling out for all Twitter users, regardless of platform and device, that activates when a post’s language crosses Twitter’s threshold of “potentially harmful or offensive language.” This follows a number of limited-user tests of the notices beginning in May of last year. Soon, any robo-moderated tweets will be interrupted with a notice asking, “Want to review this before tweeting?”

Read 8 remaining paragraphs | Comments

#automoderation, #biz-it, #moderation, #social-media, #twitter

0

Data leak makes Peloton’s Horrible, No-Good, Really Bad Day even worse

Data leak makes Peloton’s Horrible, No-Good, Really Bad Day even worse

Enlarge (credit: Peloton)

Peloton is having a rough day. First, the company recalled two treadmill models following the death of a 6-year-old child who was pulled under one of the devices. Now comes word Peloton exposed sensitive user data, even after the company knew about the leak. No wonder the company’s stock price closed down 15 percent on Wednesday.

Peloton provides a line of network-connected stationary bikes and treadmills. The company also offers an online service that allows users to join classes, work with trainers, or do workouts with other users. In October, Peloton told investors it had a community of 3 million members. Members can set accounts to be public so friends can view details such as classes attended and workout stats, or users can choose for profiles to be private.

I know where you worked out last summer

Researchers at security consultancy Pen Test Partners on Wednesday reported that a flaw in Peloton’s online service was making data for all of its users available to anyone anywhere in the world, even when a profile was set to private. All that was required was a little knowledge of the faulty programming interfaces that Peloton uses to transmit data between devices and the company’s servers.

Read 9 remaining paragraphs | Comments

#biz-it, #data-leaks, #peloton, #personal-information, #tech

0

Starlink can serve 500,000 users easily, several million “more of a challenge”

Screenshot from the SpaceX Starlink pre-order website.

Enlarge / Screenshot from the Starlink order page, with the street address blotted out. (credit: SpaceX Starlink)

SpaceX has received more than 500,000 orders for Starlink broadband service, the company said yesterday.

“‘To date, over half a million people have placed an order or put down a deposit for Starlink,’ SpaceX operations engineer Siva Bharadvaj said during the launch webcast of its 26th Starlink mission,” CNBC reported.

SpaceX opened preorders for Starlink satellite service in February and is serving at least 10,000 users in its beta in the US and overseas combined. The preorders required a $99 deposit for service that would be available in the second half of this year. The 500,000 total orders presumably include both US residents and people in other countries; we asked SpaceX for more details and will update this article if we get a response.

Read 6 remaining paragraphs | Comments

#biz-it

0