Luc Pauwels from Belgium’s VRT News took his Vauxhall (GM) Opel Astra in for service, and a mechanic there disclosed that Vauxhall had asked him to flash the firmware of any diesel Opel Zafira to remove a defeat-device that caused it to emit 500% of the legal NOx limit — an order that came down right after the Dieselgate scandal broke. (more…)
Taken from:
GM’s Dieselgate: mechanics privately admit update removes crimeware from Opel cars
https://www.youtube.com/watch?v=UHSFf0Lz1qc Hardware hacker/security researcher Samy Kamkar is legendary for his legion of playful, ha-ha-only-serious gadgets that show how terrible information security is, and now he’s turned his attention to the American Express company, which turns out to be a goddamned train-wreck. (more…)
See the original post:
Tiny open-source gadget simulates replacement Amex cards, disables chip-&-PIN
Silverpush, a startup that’s just received $1.25M in venture capital, uses ultrasonic chirps that are emitted by apps, websites, and TV commercials to combine the identities associated with different devices (tablets, phones, computers, etc), so that your activity on all of them can be aggregated and sold to marketers. (more…)
More:
Startup uses ultrasound chirps to covertly link and track all your devices
The fallout from Hillary Clinton’s homebrew email setup is getting weird. The Department of State just shut down part of its unclassified email system in an attempt to eradicate malware they just found from Russian hackers. But State’s spokespeople say everything is okay. Probably. Read more…
Continue Reading:
Fearing Hackers, U.S. State Dept. Has Shut Off Part of Its Email System
New details have emerged about exactly how Hillary Clinton secured the homebrew private email servers she used as Secretary of State. The punchline? Clinton didn’t encrypt her emails or use a certificate for her first three months running the State Department. Read more…
More:
Hillary Clinton Didn’t Encrypt Her Secretary of State Emails For Months
Don’t click any porn links on Facebook. Just don’t. It’s a good rule of thumb, but there’s an extra good reason right now. There’s a troubling type of porn-based malware that’s apparently infected over 110, 000 Facebook users in two days. And you could get the same Click Transmitted Disease. Read more…
See the original post:
Beware: Porn-Based Malware Is Sweeping Across Facebook
A Snowden leak accompanying today’s story on the NSA’s Tailored Access Operations group (TAO) details the NSA’s toolbox of exploits , developed by an NSA group called ANT (Advanced or Access Network Technology). ANT’s catalog runs to 50 pages, and lists electronic break-in tools, wiretaps, and other spook toys. For example, the catalog offers FEEDTROUGH, an exploit kit for Juniper Networks’ firewalls; gimmicked monitor cables that leak video-signals; BIOS-based malware that compromises the computer even before the operating system is loaded; and compromised firmware for hard drives from Western Digital, Seagate, Maxtor and Samsung. Many of the exploited products are made by American companies, and hundreds of millions of everyday people are at risk from the unpatched vulnerabilities that the NSA has discovered in their products. The ANT division doesn’t just manufacture surveillance hardware. It also develops software for special tasks. The ANT developers have a clear preference for planting their malicious code in so-called BIOS, software located on a computer’s motherboard that is the first thing to load when a computer is turned on. This has a number of valuable advantages: an infected PC or server appears to be functioning normally, so the infection remains invisible to virus protection and other security programs. And even if the hard drive of an infected computer has been completely erased and a new operating system is installed, the ANT malware can continue to function and ensures that new spyware can once again be loaded onto what is presumed to be a clean computer. The ANT developers call this “Persistence” and believe this approach has provided them with the possibility of permanent access. Another program attacks the firmware in hard drives manufactured by Western Digital, Seagate, Maxtor and Samsung, all of which, with the exception of latter, are American companies. Here, too, it appears the US intelligence agency is compromising the technology and products of American companies. Shopping for Spy Gear: Catalog Advertises NSA Toolbox [Jacob Appelbaum, Judith Horchert and Christian Stöcker/Spiegel]
Read the original post:
NSA has a 50-page catalog of exploits for software, hardware, and firmware