Tag: facebook

Surveillance Cameras Sold On Amazon Found Infected With Malware

An anonymous reader shares a report on ZDNet: Security researcher Mike Olsen has warned that some products sold through the Amazon marketplace are harboring a dark secret — malware. Olsen said in a blog post that while scouring Amazon for a decent set of outdoor surveillance cameras for a friend, he came across a deal for 6 PoE cameras and recording equipment. The seller, Urban Security Group, had generally good reviews and was offering a particular Sony setup on sale. After purchasing the kit, Olsen started setting up the surveillance system, logging into the administrator panel to configure it. Upon investigation, Olsen found that the device was talking to a server with hostname Brenz.pl, which is linked to malware distribution. If the device’s firmware links to this domain, malware can be downloaded and installed, potentially leading to unlawful surveillance and data theft.Perhaps the company which made the device didn’t realize its source code was compromised. While the aforementioned incident should serve as a reminder to people on why they need to be wary of the product they are purchasing, this isolated occurrence doesn’t prove in any way that “plenty” of cameras on Amazon are also infected, as the article and the original blog post are subtly trying to imply. Read more of this story at Slashdot.

Link:
Surveillance Cameras Sold On Amazon Found Infected With Malware

Experts Crack Petya Ransomware, Enable Hard Drive Decryption For Free

Reader itwbennett writes: Petya appeared on researchers’ radar last month when criminals distributed it to companies through spam emails that masqueraded as job applications. It stood out from other file-encrypting ransomware programs because it overwrites a hard drive’s master boot record (MBR), leaving infected computers unable to boot into the operating system. Now, security experts have devised a method that, while not exactly straightforward, allows users to recover data from computers infected with the ransomware without paying money to cyber criminals. Folks over at BleepingComputer have confirmed that the aforementioned technique works. Read more of this story at Slashdot.

Continue Reading:
Experts Crack Petya Ransomware, Enable Hard Drive Decryption For Free

Sophisticated Bribe Scheme Gets Malware Onto Chinese Antivirus Whitelist

An anonymous reader writes “Malware operators have bribed employees of a gaming company to bundle malware with their mobile apps.” Because the app-maker reportedly had a good-faith agreement with China’s biggest antivirus company, the apps were apparently whitelisted without a thorough check, according to Softpedia. They cite a report from Check Point which describes how attackers would later pretend to be shoppers on a popular Chinese site where pictures of the desired items are sent to sellers. “The seller would open the picture on a PC and become infected, ” writes Check Point, “because the Trojan would not be detected, ” and a subsequent request for a refund would deliver the login credentials for the seller’s payment account. “This example illustrates how important it is to avoid third-party stores and to instead at least rely on stores with more reliable security, ” argues Check Point. “But even still, stores like the App Store and Google Play aren’t immune to threats.” Read more of this story at Slashdot.

Read the original post:
Sophisticated Bribe Scheme Gets Malware Onto Chinese Antivirus Whitelist

FBI Director Says Unlocking Method Won’t Work On Newer iPhones

Even though the FBI was able to gain access to the San Bernardino terrorist’s iPhone without Apple’s help, the Apple-FBI saga continues. It was reported yesterday the FBI is telling members of Congress of the methods used to break into the iPhone 5c. The most recent tidbit comes from FBI Director James Comey in regard to how many iPhones are at risk from the unlock tool. An anonymous reader quotes a report from CNN: FBI Director James Comey said Wednesday that the government had purchased “a tool” from a private party in order to unlock the iPhone used by one of the San Bernardino shooters. “Litigation between the government and Apple over the San Bernardino phone has ended, because the government has purchased, from a private party, a way to get into that phone, 5c, running iOS 9, ” Comey said. The FBI director also said the purchased tool worked only on a “narrow slice of phones” that does not include the newest Apple models, or the 5s. Read more of this story at Slashdot.

More:
FBI Director Says Unlocking Method Won’t Work On Newer iPhones

Facebook Rolls Out Major Live Video Update

An anonymous reader writes: Facebook Live was launched last year, allowing public figures and celebrities to live stream to their timeline. Today, Facebook has released a host of new features to its live broadcasting tool, which lets anyone post live streams of themselves to their timeline. Not only can users add filters to their videos, but they can also draw and add doodles as well. “Live Reactions” lets people react in a similar way to live videos as they do to posts, and it will also allow people to replay the comments they receive during their stream. The site has also added new ways of finding videos, either by location or by inviting friends. It also features a new button for people to ask their friends to watch a live video alongside them, for example. The live streaming features are limited to people in the U.S. right now, with new features rolling out to iOS and Android devices “in the coming weeks, ” the company said. Read more of this story at Slashdot.

More:
Facebook Rolls Out Major Live Video Update

New Windows 10 Preview For PCs With Bash, Cross-Device Cortana Released

An anonymous reader writes: Microsoft has released a new Windows 10 preview for PCs. The preview, dubbed build 14316, comes with a range of features including support for Bash, which Microsoft had announced at its developer conference Build last week. Users interested in it can enable the feature by turning on Developer Mode (detailed instructions here), searching for “Windows Features, ” choosing “Turn Windows features on or off, ” and enable Windows Subsystem for Linux (Beta). To get Bash installed, open Command Prompt and type in “bash” (without the quotes.) Other features included in the new build include low battery notification, find my phone (ring my phone), and the ability to share map directions across devices. Additionally, the company has also released a new universal Skype app. Read more of this story at Slashdot.

See the article here:
New Windows 10 Preview For PCs With Bash, Cross-Device Cortana Released

Scientists To Open Mass-Cloning Factory in China This Year To Clone Cows, Pets, Humans

An anonymous reader writes: Scientists in China are planning to open a mass-cloning factory by the end of the year. The ambitious and futuristic facility hopes to be mass-producing one million cows every 12 months by 2020. Not only will it clone cattle, but the factory, which will be located in the northern Chinese port of Tianjin, will also cater to more specific needs by genetically engineering police dogs and thoroughbred race horses. It is part of a $21m plan which is backed by the Boyalife group in collaboration with South Korean company Sooam Biotech Research Foundation. Read more of this story at Slashdot.

Taken from:
Scientists To Open Mass-Cloning Factory in China This Year To Clone Cows, Pets, Humans

WhatsApp Enables End-To-End Encryption For All Forms of Communications By Default

Popular instant messaging app WhatsApp, on Tuesday, announced that it is turning on end-to-end encryption for all its users by default. The company says that every call a user makes, every text message they send, all photos and videos they share will now be more secure. Furthermore, the encryption status of any chat is visible under the chat’s preferences screen. The announcement comes a little over a year after the Facebook-owned company partnered with Open Whisper Systems, a nonprofit software group that develops collaborative open source projects with a mission to “make private communication simple.” The end-to-end encryption feature is available on the latest version of the app. In a blog post, Open Whisper Systems further explains the feature: Once a client recognizes a contact as being fully e2e capable, it will not permit transmitting plaintext to that contact, even if that contact were to downgrade to a version of the software that is not fully e2e capable. This prevents the server or a network attacker from being able to perform a downgrade attack. In a blog post, WhatsApp writes: While WhatsApp is among the few communication platforms to build full end-to-end encryption that is on by default for everything you do, we expect that it will ultimately represent the future of personal communication. WhatsApp has also made available the technical details about how the two companies implemented this feature (PDF). For those of you who haven’t heard of WhatsApp, it’s an instant messaging and voice calling app. The free service, which is available across all popular platforms, is used by more than a billion people worldwide every month. A report on Wired says that a team of only 15 engineers enabled this security feature for over a billion users. Privacy researcher and activist Christopher Soghoian rightfully adds, “Google has no excuse.” Read more of this story at Slashdot.

View the original here:
WhatsApp Enables End-To-End Encryption For All Forms of Communications By Default

Free Wi-Fi Program in Los Angeles Fails to Provide Free Wi-Fi

The Los Angeles Time found no internet connectivity in 24 public locations, despite a three-year, $500, 000 grant to provide them with free Wi-Fi service. Investigations both last year and again in March found that none of the 18+ locations checked were able to successfully connect to the internet, prompting a PUC investigation that confirmed only two of the hotspots were working. The grant was part of a $315 million state-wide program using surcharges on utility bills to promote high-quality communication services, though in Los Angeles most of the money for “underserved” areas was being directed to outreach and education. The Wi-Fi company’s executive director said maintaining their networks had proved to be difficult, though one economist argued it would’ve been more productive to give net-access subsidies directly to the poor, a program the FCC recently voted to expand. Read more of this story at Slashdot.

View post:
Free Wi-Fi Program in Los Angeles Fails to Provide Free Wi-Fi

Patch Out For ‘Ridiculous’ Trend Micro Command Execution Vulnerability

An anonymous reader shares a report on The Register: A bug in its software meant that Trend Micro accidentally left a remote debugging server running on customer machines. The flaw, discovered by Google’s Project Zero researcher Tavis Ormandy, opened the door to command execution of vulnerable systems (running either Trend Micro Maximum Security, Trend Micro Premium Security or Trend Micro Password Manager). Ormandy — who previously discovered a somewhat similar flaw in Trend Micro’s technology — described the latest flaw as ‘ridiculous’. Trend Micro issued a patch for the flaw, a little over a week after Ormandy reported the bug to it on 22 March. The patch is not complete but does address the most critical issues at hand, according to the security firm. Read more of this story at Slashdot.

Continue reading here:
Patch Out For ‘Ridiculous’ Trend Micro Command Execution Vulnerability