Month: November 2017

New Microsoft Word attacks infect PCs sans macros

Enlarge (credit: Microsoft ) Fancy Bear, the advanced hacking group researchers say is tied to the Russian government, is actively exploiting a newly revived technique that gives attackers a stealthy means of infecting computers using Microsoft Office documents, security researchers said this week. Fancy Bear is one of two Russian-sponsored hacking outfits researchers say breached Democratic National Committee networks ahead of last year’s presidential election.  The group was recently caught sending a Word document that abuses a feature known as Dynamic Data Exchange. DDE allows a file to execute code stored in another file and allows applications to send updates as new data becomes available. In a blog post published Tuesday , Trend Micro researchers said Fancy Bear was sending a document titled IsisAttackInNewYork.docx that abused the DDE feature. Once opened, the file connects to a control server to download a first-stage of piece of malware called Seduploader and installs it on a target’s computer. DDE’s potential as an infection technique has been known for years, but a post published last month by security firm SensePost has revived interest in it. The post showed how DDE could be abused to install malware using Word files that went undetected by anti-virus programs. Read 6 remaining paragraphs | Comments

View post:
New Microsoft Word attacks infect PCs sans macros

Lovesense sex toys make accidental audio recordings of your sex sessions, which the company describes as a "minor bug"

Lovesense — the company that made the Bluetooth-enabled vibrating buttplugs that could be detected and hacked remotely and settled a class-lawsuit over collecting vibrator users’ personal information for $3.75M — has told users of its Lovesense Remote vibrator app not to worry about the “minor bug” that causes it to record the audio of their sex sessions. (more…)

Follow this link:
Lovesense sex toys make accidental audio recordings of your sex sessions, which the company describes as a "minor bug"

Intel to build discrete GPUs, hires AMD’s top graphics guy to do it

(credit: Intel) One might have thought that with Monday’s announcement that Intel is going to produce processors with embedded AMD GPUs that the two processor companies were on good terms. That’s looking a little less likely now. On Tuesday, AMD announced that Raja Koduri, its chief GPU architect, was to leave the company. Where was he going? That question was resolved on Wednesday : Intel. And what’s he going to do at Intel? He’s going to be the senior vice president of a new group—Core and Visual Computing—that will expand Intel’s graphics reach both into the low-end, with integrated graphics reaching into the Internet-of-Things space, and more excitingly, at the high end, with discrete GPUs. Koduri led AMD’s Radeon Technologies Group, responsible for both AMD’s discrete and integrated GPUs. Before that, he was director of graphics technology at Apple. Intel has dabbled with discrete GPUs before; its 740 GPU, released in 1998, was a standalone part using the then new AGP port. A second attempt to build a standalone GPU was the Larrabee project , but that never shipped as a GPU. In 2009 Larrabee was repositioned with Intel deciding to make it a massively multicore accelerator—the predecessor to the current Xeon Phi chips—rather than a graphics processor. Read 6 remaining paragraphs | Comments

See the original article here:
Intel to build discrete GPUs, hires AMD’s top graphics guy to do it

Delhi becomes “gas chamber” as air pollution reaches ludicrous levels

Enlarge / Indian visitors walk through the courtyard of Jama Masjid amid heavy smog in the old quarters of New Delhi on November 8, 2017. SAJJAD HUSSAIN/ AFP/ Getty Images) With calm winds, seasonal crop burns, and the usual vehicle and industrial emissions, an extremely thick, toxic fog of pollution has settled on Delhi, choking and sickening residents. Pollution measurements and indexes have exceeded charted ranges, blowing past the highest categorized levels dubbed “severe” and hazardous to health. In some areas of the gigantic metropolitan area, measurements of certain pollutants were around 30 times the levels considered safe by the World Health Organization. Local journalists reported that the smog is causing throat irritation, wheezing, nausea, vomiting, and extreme fatigue. Delhi’s chief minister, Arvind Kejriwal, took to Twitter to call the city a “ gas chamber .” Read 8 remaining paragraphs | Comments

See the original article here:
Delhi becomes “gas chamber” as air pollution reaches ludicrous levels

Apple pushes out iOS 11.1.1 to fix annoying autocorrect bug

Apple gave its mobile software a facelift when it released iOS 11 back in September, but bugs led the company to push out an 11.1 update a month later to protect user security from that WPA2 Krack vulnerability. Turns out that version introduced another set of squirrely issues, which has led Apple to release iOS 11.1.1 today. You can finally say goodbye to that stupid autocorrect bug switching out the letter ‘i’ for all manner of gibberish. The update also addresses an issue where the ‘Hey Siri’ feature occasionally stops working. And…that’s it. Even the security content is the same as the 11.1 release, meaning Apple pushed this update out just to fix these two issues. Consider your outrage heard, given that Apple could have waited to fix until the forthcoming 11.2 update; Reportedly, some GPS issues with the iPhone 8 and iPhone X are fixed in the 11.2 beta. Via: Ars Technica Source: Apple

See original article:
Apple pushes out iOS 11.1.1 to fix annoying autocorrect bug

A new ‘Star Wars’ trilogy is coming from ‘The Last Jedi’ director

The Last Jedi helmer Rian Johnson has signed on to write and direct a new trilogy within the Star Wars universe, Disney announced today . There aren’t any details to share about the new project yet, but the company explicitly noted that it’ll feature new characters and be completely separate from the Skywalker saga. If anything, the new spin-off trilogy is a sign that the company was pleased with his work on The Last Jedi , which hits theaters on December 5th. “We all loved working with Rian on The Last Jedi , ” Kathleen Kennedy, president of Lucasfilm, said in a statement. “He’s a creative force, and watching him craft The Last Jedi from start to finish was one of the great joys of my career. Rian will do amazing things with the blank canvas of this new trilogy.” Source: Disney

Taken from:
A new ‘Star Wars’ trilogy is coming from ‘The Last Jedi’ director

A live-action ‘Star Wars’ show is headed to Disney’s streaming service

After years of rumors of a live-action Star Wars TV series, it’s finally happening. The only catch? It’ll be exclusive to Disney’s upcoming streaming service, Polygon reports . CEO Bob Iger didn’t have any details to share about the new series, but the fact that it’s coming is still a bombshell for the Star Wars universe. And, of course, it’s also a smart way to sell Disney’s streaming service, which is set to launch in 2019 . Additionally, Disney will be producing three other original series from its Marvel, Monster’s Inc. and High School Musical franchises. Disney revealed a few months ago that it’ll remove its content from Netflix, which includes existing Star Wars films, and move it over to the company’s streaming service in 2019. Via: Polygon

Read More:
A live-action ‘Star Wars’ show is headed to Disney’s streaming service

Linux Has a USB Driver Security Problem

Catalin Cimpanu, reporting for BleepingComputer: USB drivers included in the Linux kernel are rife with security flaws that in some cases can be exploited to run untrusted code and take over users’ computers. The vast majority of these vulnerabilities came to light on Monday, when Google security expert Andrey Konovalov informed the Linux community of 14 vulnerabilities he found in the Linux kernel USB subsystem. “All of them can be triggered with a crafted malicious USB device in case an attacker has physical access to the machine, ” Konovalov said. The 14 flaws are actually part of a larger list of 79 flaws Konovalov found in Linux kernel USB drivers during the past months. Not all of these 79 vulnerabilities have been reported, let alone patched. Most are simple DoS (Denial of Service) bugs that freeze or restart the OS, but some allow attackers to elevate privileges and execute malicious code. Read more of this story at Slashdot.

View article:
Linux Has a USB Driver Security Problem

Scientists on new supernova: WTF have we been looking at?

Enlarge / A more typical Type-IIp supernova. (credit: NASA SWIFT ) A supernova may be one of the most extraordinary events in the Universe, but the Universe is a very big place, and the extraordinary happens with great regularity. We’ve now observed a huge number of these events and have managed to break them down into categories based on patterns in the light they produce. Astrophysicists have built models of exploding stars that explain these properties, matching them to the mass of the original star and the process by which it exploded. We’re at the point where, after just a few observations, we can understand exactly what we’re looking at. Except when we can’t. Today in Nature , a team of researchers is announcing observations of a supernova that it simply can’t explain. In some ways, the event looks like a prosaic stellar explosion. Except it’s stayed bright over six times longer than it should and experienced five periods of enhanced brightness that we can’t explain. Different features of the supernova appear to be arising from physically distinct locations in space. And even the best model for what triggered this—something that involves a type of explosion we haven’t definitively observed previously—doesn’t account for all the observations. Read 12 remaining paragraphs | Comments

Read More:
Scientists on new supernova: WTF have we been looking at?

Windows 10’s Version ofd AirDrop Lets You Quickly Share Files Between PCs

Microsoft is testing its “Near Share” feature of Windows 10 in the latest Insider build (17035) today, which will let Windows 10 PCs share documents or photos to PCs nearby via Bluetooth. The Verge reports: A new Near Share option will be available in the notification center, and the feature can be accessed through the main share function in Windows 10. Files will be shared wirelessly, and recipients will receive a notification when someone is trying to send a file. Microsoft’s addition comes just a day after Google unveiled its own AirDrop-like app for Android. Read more of this story at Slashdot.

View article:
Windows 10’s Version ofd AirDrop Lets You Quickly Share Files Between PCs