Tag: hash

Verizon’s new “Custom TV” is small step toward a la carte pricing

The dreaded pay-TV bundles that result in US homes watching only about 10 percent of the channels they pay for aren’t going away any time soon, but Verizon’s FiOS TV service is taking a small step in the right direction. Starting Sunday, new and existing FiOS customers will be able to choose from new “Custom TV” bundles that offer more flexibility and could (depending on one’s interests) save subscribers a bit of money. Verizon’s new Custom TV pricing, available beginning Sunday. 6 more images in gallery “It’s a simple way for customers to choose the types of channels they want without paying for those they don’t,” Verizon said in a description of the new pricing system that was e-mailed to reporters. Read 9 remaining paragraphs | Comments

Read this article:
Verizon’s new “Custom TV” is small step toward a la carte pricing

Faked Flash-based ads on HuffPo, other sites downloaded extortionware

Google’s DoubleClick advertising network is the lifeblood of many websites driven by ad revenue—and it’s also a potential path of attack for criminals trying to spread extortionware and other malware. Some Huffington Post readers fell victim to malicious advertisements spread through Google’s DoubleClick network early this week, but another simultaneous attack may have reached an even bigger audience. Two ad network merchants became an unwitting accomplice to attackers with similar Flash-based ads, displaying them on multiple legitimate sites. The Huffington Post advertisement—a fraudulent Hugo Boss ad which also appeared on other major legitimate sites (including the real estate site Zillow.com)—was spread through DoubleClick via the ad network AdButler, according to Malwarebytes, which tracked the attack . That attack attempted to download Cryptowall ransomware to victims’ PCs. The second attack came to DoubleClick through Merchanta, an ad network that serves up 28 billion advertisement impressions a month in the US alone. There is no estimate of how many people were exposed to the attack, but it likely cast a worldwide net and could have infected thousands of PCs with malware. Malwarebytes did not collect the malware payload of the Merchanta attack, but Malwarebytes Lab’s Jérôme Segura wrote in a post on the attack  that the Flash exploit used in both attacks was identical, using the same Flash exploit kit. “It is worth noting that this malicious SWF (Flash file) had zero detection on VirusTotal when it was first submitted,” Segura said. Read 3 remaining paragraphs | Comments

Read this article:
Faked Flash-based ads on HuffPo, other sites downloaded extortionware

J.J. Abrams reveals new Force Awakens teaser, details

On Thursday, J.J. Abrams kicked off a weekend-long Star Wars convention by revealing the second teaser trailer for the upcoming Star Wars: The Force Awakens film, and it included the first reveal of Harrison Ford reprising his role as Han Solo. “Chewie, we’re home!” Ford says with Chewbacca standing behind him to close the teaser, which also included footage of a Millennium Falcon chase, a melted Darth Vader mask, a lightsaber hand-off, and Mark Hamill narrating a speech to an heir apparent (though unseen). Stormtroopers, X-Wings, TIE Fighters, new droids, and the sequel’s three new leads also feature prominently. As a lead-up to that teaser reveal, Entertainment Weekly columnist Anthony Breznican hosted a panel with Abrams and Lucasfilm president Kathleen Kennedy, where he asked questions about filming scenes in Abu Dhabi, designing new droids (including new droid “BB8,” whose impressive rolling ball design includes a head that swivels on its top), and casting the series’ three new lead actors. Read 8 remaining paragraphs | Comments

Read More:
J.J. Abrams reveals new Force Awakens teaser, details

Los Angeles school district demands multi-million dollar refund from Apple

On Wednesday, the Los Angeles Unified School District (LAUSD) told Apple that it would not accept any further deliveries of Pearson curriculum, which Apple has been providing as part of a $1.6 billion plan to give every student in the nation’s second-largest school district an iPad. LAUSD also asked for a “multi-millon dollar refund” for software that had already been delivered,  according to local public radio station KPCC . In 2013 the school district signed an initial $30 million deal with Apple in a program that was supposed to cost up to $1.3 billion. As part of the program, LAUSD said it would buy iPads from Apple at $768 each , and then Pearson, a subcontractor with Apple, would provide math and science curriculum for the tablets at an additional $200 per unit. Not a month after the pilot program launched, students were found disabling app and browser limitations on their tablets. A month after that, LAUSD reported that a third of the 2,100 iPads distributed during the pilot program had gone missing . A year later, media investigations revealed possible malfeasance in securing the contract with Apple and Pearson by LAUSD superintendent John Deasy. While Deasy has denied wrongdoing , he recently stepped down from his position and his successor, Ramon C. Cortines, has said he will scrap the program . Read 5 remaining paragraphs | Comments

Read More:
Los Angeles school district demands multi-million dollar refund from Apple

How the heck did so much Game of Thrones leak in 2015?

As the fifth season premiere of Game of Thrones inched towards its Sunday debut, we wondered whether HBO could withstand so many fans rushing its Internet doors. Major GoT airings have made the HBO Go service falter in the past, and this time, the company’s spanking-new HBO Now offering would have to withstand a whole slew of “Thronies.” As it turns out, HBO’s servers held up just fine, but something else sprung a leak. Before the fifth season’s first episode officially aired in the United States, it had already leaked online—along with a few more episodes. The season’s  first four episodes appeared on torrent sites  late Saturday night, and they all appeared to have been sourced from DVD “screener” copies that had been sent to critics ahead of the season premiere. We’re used to TV episodes popping up on torrent sites as soon as they air; it doesn’t take much more than a capture card, a modern PC, and a decent broadband connection to nab some sweet Internet notoriety. But we were dumbstruck by the mess HBO found itself in. It’s 2015. What the heck were they doing? Read 14 remaining paragraphs | Comments

Read More:
How the heck did so much Game of Thrones leak in 2015?

Universal backdoor for e-commerce platform lets hackers shop for victims

As people become more aware of the threat of targeted “phishing” attacks via e-mail and social media, malware-armed attackers are turning to new ways to target specific victims where they least expect it—by exploiting the legitimate websites they frequent and assume to be secure. Last week, Swiss security firm Hi-Tech Bridge disclosed that the Web store of a corporate customer had been used to deliver a targeted attack against a specific site visitor. The attackers were also able to retrieve the store’s customer database, which they may have used to search for desirable targets. The attack exploited a current and patched version of osCommerce Online Merchant (version 2.3.4, released last June), a common Web store content management system used by a number of high-profile companies—including Canonical’s Ubuntu Shop . The attacker inserted malicious PHP script that provided a backdoor into the site and could be configured to check users’ IP addresses and login credentials as they visit the site for specific targets. Once a desired target is detected, the script attempts to download malware to the victim from another site. The attacker can then remotely delete the backdoor and altered PHP files and replace them with the original by connecting to the script with a “?del” parameter added to its URL. The backdoor script is labeled as “osCommerce 2.x.x universal pwner by Piht0z,” and it’s just that: a generic PHP-based backdoor for osCommerce sites. According to Ilia Kolochenko, High-Tech Bridge’s CEO, there have been similar cases of targeted attacks on users of e-commerce sites before, but “it’s the first time we see a universal backdoor for a large e-commerce platform,” he said in a blog post about the discovery. “This means that hackers started using this vector on a regular basis to achieve their goals.” Read on Ars Technica | Comments

View post:
Universal backdoor for e-commerce platform lets hackers shop for victims

Hacked French network exposed its own passwords during TV interview

While French authorities continued investigating how the TV5Monde network had 11 of its stations’ signals interrupted the night before, one of its staffers proved just how likely a basic password theft might have led to the incident. In an interview with French news program 13 Heures , TV5Monde reporter David Delos unwittingly revealed at least one password for the station’s social media presence. That’s because he was filmed in front of a staffer’s desk—which was smothered in sticky notes and taped index cards that were covered in account usernames and passwords. Delos’s segment revealed the usernames and passwords for TV5Monde’s Twitter and Instagram accounts, but they were too difficult to read in an archived video of the broadcast . That wasn’t the case for the YouTube information, however;  Twitter user pent0thal confirmed that account’s displayed password was “lemotdepassedeyoutube,” which translates in English to “the password of YouTube.” Read 2 remaining paragraphs | Comments

Continue Reading:
Hacked French network exposed its own passwords during TV interview

Eighth-grader charged with felony for shoulder-surfing teacher’s password

A 14-year-old Florida boy has been charged with felony computer intrusion after shoulder-surfing his school’s computer network password and using it to play a prank on a teacher. Domanik Green, an eighth-grader at Paul R. Smith Middle School in Holiday, Florida, was charged with an offense against a computer system and felony unauthorized access, according to a report published Thursday by The Tampa Bay Times . In late March, the youth allegedly used the administrative-level password without permission to log in to the school’s network and change the images displayed on a teacher’s computer to one of two men kissing. One of the computers accessed allegedly contained encrypted questions to the FCAT, short for the Florida Comprehensive Assessment Test . While the factual allegations laid out in the article seem to indicate the youth perpetrated some form of trespass, they also alleged a litany of poor practices on the part of school administrators. These practices include weak passwords, entering passwords in front of others, and widespread unauthorized access, possibly that went undetected. From the report: Read 1 remaining paragraphs | Comments

Original post:
Eighth-grader charged with felony for shoulder-surfing teacher’s password

US, European police take down highly elusive botnet known as Beebone

US and European police have shut down a botnet that provided a captive audience of backdoored PCs to criminals who were looking for an easy way to quickly install malware on large numbers of computers. The takedown of the Beebone botnet is something of a coup because the underlying malware was so resistant to detection. Polymorphic downloader software at the heart of the malicious program updated itself as many as 19 times a day. Beebone also relied on a pair of programs that re-downloaded each other, acting as an insurance policy should one of them be removed, authorities told the Associated Press . “From a techie’s perspective, they made it as difficult as they possibly could for us,” a Europol advisory told the news organization. The takedown was a joint operation that involved the US FBI, Europol’s European Cybercrime Center, and private security groups including Kaspersky Lab, Shadowserver, and McAfee. Read 4 remaining paragraphs | Comments

See more here:
US, European police take down highly elusive botnet known as Beebone

Server shutdown disables single-player saves in NBA2K14

Anyone that plays online games has to accept the fact that the servers for those games will probably eventually be shut down by the centralized publisher that operates them (games with player-controlled server support notwithstanding). What most players probably don’t expect is for their single-player game saves to become permanently unusable because an online server somewhere goes down. That’s what has been happening to players of NBA2K14 this past week, though. As Polygon reports , since a planned online server shutdown for the game on March 31, previously created save files in the MyCareer and MyGM modes can no longer pass a built-in server check on the PS4 and Xbox One versions of the game. That means those files are simply unusable, and all that single player progress has effectively been lost. “This means that if you had created a MyCareer or a MyGM online save file that was once connected to our servers it too sadly has retired and is no longer available for use and it would be necessary to re-create these files as offline saves,” 2K Support writes in a message to affected users, obtained by Polygon. “Sadly this may come as an inconvenience to some of you and if so we truly do understand and can feel for how upsetting this may seem as there always is a special bond that occurs between a player and their MyCareer save but all good things must come to an end and rest assured your MyCareer or MyGM went out while on top!” Read 7 remaining paragraphs | Comments

Continue Reading:
Server shutdown disables single-player saves in NBA2K14