Tag: linkedin

‘GoldenEye: Source’ Updated: A Classic, Free Multiplayer Game

An anonymous reader quotes The Verge: GoldenEye: Source received its first update in more than three years this week. It’s free to download and it features 25 recreated maps, 10 different multiplayer modes, and redesigned versions of the original game’s 28 weapons. It was created using Valve’s Source engine, the same set of tools used to create Counter Strike and Half-Life games. So it’s a massive step up in both visuals and performance for one of the more drastically dated gaming masterpieces of the last 20 years… GoldenEye 007, the beloved N64 first-person shooter, has been recreated in high-definition glory by a team of dedicated fans over the course of 10 years…the attention to detail and the amount of effort that went into GoldenEye: Source make it one of the most polished HD remakes of a N64 classic. With 8 million copies sold, Wikipedia calls it the third best-selling Nintendo 64 game of all-time (although this version doesn’t recreate its single-player campaigns). Anyone have fond memories of playing Goldeneye 007? Read more of this story at Slashdot.

See more here:
‘GoldenEye: Source’ Updated: A Classic, Free Multiplayer Game

Linux Trojan Mines For Cryptocurrency Using Misconfigured Redis Servers

An anonymous reader writes: In another installment of “Linux has malware too, ” security researchers have discovered a new trojan that targets Linux servers running Redis, where the trojan installs a cryptocurrency miner. The odd fact about this trojan is that it includes a wormable feature that allows it to spread on its own. The trojan, named Linux.Lady, will look for Redis servers that don’t have an admin account password, access the database, and then download itself on the new target. The trojan mines for the Monero crypto-currency, the same one used by another worm called PhotoMiner, which targets vulnerable FTP servers. According to a recent Risk Based Security report from last month, there are over 30, 000 Redis servers available online without a password, of which 6, 000 have already been compromised by various threat actors. Read more of this story at Slashdot.

Visit link:
Linux Trojan Mines For Cryptocurrency Using Misconfigured Redis Servers

Popular Sex Toy Caught Sending Intimate Data To Manufacturer

In a world where thermostats, and smart locks can be hacked, and companies covertly record information, why should sex toys remain unaffected. Fusion is reporting that the We-Vibe 4 Plus, a popular vibrator sends a range of intimate data to its manufacturer. The sex toy uses a smartphone app, which lets a use control the vibration among other things. From the report: When the device is in use, the We-Vibe 4 Plus uses its internet connectivity to regularly send information back to its manufacturer, Standard Innovations Corporation. It sends the device’s temperature every minute, and lets the manufacturer know each time a user changes the device’s vibration level. The company could easily figure out some seriously intimate personal information like when you get off, how long it takes, and with what combinations of vibes. This was revealed on Friday at hacker conference Defcon in Las Vegas by two security researchers, who wish to be called only by their handles @gOldfisk and @rancidbacon. The two examined the app’s code and the information being sent by the device over Bluetooth. In a statement sent by email, Standard Innovation Corporation’s president Frank Ferrari confirmed that the company collects this information. Read more of this story at Slashdot.

View the original here:
Popular Sex Toy Caught Sending Intimate Data To Manufacturer

Seagate Reveals ‘World’s Largest’ 60TB SSD

An anonymous reader writes: While Samsung has the world’s largest commercially available SSD coming in at 15.36TB, Seagate officially has the world’s largest SSD for the enterprise. ZDNet reports: “[While Samsung’s PM1633a has a 2.5-inch form factor, ] Seagate’s 60TB Serial Attached SCSI (SAS) SSD on the other hand opts for the familiar HDD 3.5-inch form factor. The company says that its drive has “twice the density and four times the capacity” of Samsung’s PM1633a, and is capable of holding up to 400 million photos or 12, 000 movies. Seagate thinks the 3.5-inch form factor will be useful for managing changing storage requirements in data centers since it removes the need to support separate form factors for hot and cold data. The company says it could also scale up capacity to 100TB in the same form factor. Seagate says the 60TB SSD is currently only a ‘demonstration technology’ though it could release the product commercially as early as next year. It hasn’t revealed the price of the unit but says it will offer ‘the lowest cost per gigabyte for flash available today.'” Read more of this story at Slashdot.

More:
Seagate Reveals ‘World’s Largest’ 60TB SSD

Facebook Will Force Advertising On Ad-Blocking Users

Long-time reader geek writes: Facebook is going to start forcing ads to appear for all users of its desktop website, even if they use ad-blocking software (Could be paywalled; alternate source). The social network said on Tuesday that it will change the way advertising is loaded into its desktop website to make its ad units considerably more difficult for ad blockers to detect. “Facebook is ad-supported. Ads are a part of the Facebook experience; they’re not a tack on, ” said Andrew “Boz” Bosworth, Facebook’s vice president of engineering for advertising and pages. Read more of this story at Slashdot.

More:
Facebook Will Force Advertising On Ad-Blocking Users

Linux Kernel 4.8 Adds Microsoft Surface 3 Support

Brian Fagioli, writing for BetaNews:If you are a Windows user, and want a really great computer, you should consider Microsoft’s Surface line. Not only do they serve as wonderful tablets, but with the keyboard attachment, they can be solid laptops too. While many Linux users dislike Microsoft, some of them undoubtedly envy Windows hardware. While it is possible to run Linux distros on some Surface tablets, not everything will work flawlessly. Today, release candidate 1 of Linux Kernel 4.8 is announced, and it seems a particularly interesting driver has been added — the Surface 3 touchscreen controller. “This seems to be building up to be one of the bigger releases lately, but let’s see how it all ends up. The merge window has been fairly normal, although the patch itself looks somewhat unusual: over 20 percent of the patch is documentation updates, due to conversion of the drm and media documentation from docbook to the Sphinx doc format. There are other doc updates, but that’s the big bulk of it, ” says Linus Torvalds, Linux creator. Will Microsoft’s lower-priced (starting at $499) hybrid computer become the ultimate mobile Linux machine? Read more of this story at Slashdot.

Follow this link:
Linux Kernel 4.8 Adds Microsoft Surface 3 Support

900M Android Devices Vulnerable To New ‘Quadrooter’ Security Flaw

An anonymous Slashdot reader quotes a report from CNET: Four newly-discovered vulnerabilities found in Android phones and tablets that ship with a Qualcomm chip could allow an attacker to take complete control of an affected device. The set of vulnerabilities, dubbed “Quadrooter, ” affects over 900 million phone and tablets, according to Check Point researchers who discovered the flaws. An attacker would have to trick a user into installing a malicious app, which wouldn’t require any special permissions. If successfully exploited, an attacker can gain root access, which gives the attacker full access to an affected Android device, its data, and its hardware — including its camera and microphone. The flaw even affects several of Google’s own Nexus devices, as well as the Samsung Galaxy S7 and S7 Edge, according to the article, as well as the Blackberry DTEK50, which the company describes as the “most secure Android smartphone.” CNET adds that “A patch that will fix one of the flaws will not be widely released until September, a Google spokesperson confirmed.” Read more of this story at Slashdot.

View article:
900M Android Devices Vulnerable To New ‘Quadrooter’ Security Flaw

Luxury Liner SS United States Cannot Be Put Back In Service

tomhath writes: Once the fastest ocean liner ever built, the SS United States has been mothballed for almost 50 years. An ambitious project to refurbish the SS United States as a luxury liner has been abandoned due to insurmountable technical and commercial obstacles. Plan B, to turn it into a floating hotel/convention center, might go forward. Miami Herald provides some history of the SS United States in its report: “The iconic 1950s vessel, which was bigger than the Titanic and once carried celebrities across the Atlantic Ocean, was set for a $700 million overhaul by the Los Angeles-based luxury line, which also has offices in Miami. The SS United States was decommissioned in 1969 and has been gutted and docked in Philadelphia for two decades on the Delaware River. On its maiden voyage in 1952, the ship traversed the Atlantic in three days, 10 hours and 42 minutes — a record it held until 1990.” Read more of this story at Slashdot.

View original post here:
Luxury Liner SS United States Cannot Be Put Back In Service

New Attack Steals SSNs, E-mail Addresses, and More From HTTPS Pages

Security researchers at KU Leuven have discovered an attack technique, dubbed HEIST (HTTP Encrypted Information can be Stolen Through TCP-Windows), which can exploit an encrypted website using only a JavaScript file hidden in a maliciously crafted ad or page. ArsTechnica reports: Once attackers know the size of an encrypted response, they are free to use one of two previously devised exploits to ferret out the plaintext contained inside it. Both the BREACH and the CRIME exploits are able to decrypt payloads by manipulating the file compression that sites use to make pages load more quickly. HEIST will be demonstrated for the first time on Wednesday at the Black Hat security conference in Las Vegas. “HEIST makes a number of attacks much easier to execute, ” Tom Van Goethem, one of the researchers who devised the technique, told Ars. “Before, the attacker needed to be in a Man-in-the-Middle position to perform attacks such as CRIME and BREACH. Now, by simply visiting a website owned by a malicious party, you are placing your online security at risk.” Using HEIST in combination with BREACH allows attackers to pluck out and decrypt e-mail addresses, social security numbers, and other small pieces of data included in an encrypted response. BREACH achieves this feat by including intelligent guesses — say, @gmail.com, in the case of an e-mail address — in an HTTPS request that gets echoed in the response. Because the compression used by just about every website works by eliminating repetitions of text strings, correct guesses result in no appreciable increase in data size while incorrect guesses cause the response to grow larger. Read more of this story at Slashdot.

See the article here:
New Attack Steals SSNs, E-mail Addresses, and More From HTTPS Pages

Hacker Selling Data For 200 Million Yahoo Users On The Dark Web

An anonymous reader writes from a report via Softpedia: A listing was published today on TheRealDeal Dark Web marketplace claiming to be offering data on over 200 million Yahoo users, sold by the same hacker that was behind the LinkedIn, Tumblr, MySpace, and VK data dumps. In statements to Softpedia, Yahoo said it was investigating the breach, but based on the seller’s reputation, it is very likely the data is authentic. The data is up for sale for 3 Bitcoin (approximately ~$1, 800), and based on the sample the hacker provided, the data dump includes details such as usernames, MD5-hashed passwords, and dates of birth for all users. For some records, there is also a backup email address, country of origin, and ZIP code for U.S. users. The hacker, called Peace, has also told Softpedia that he previously made $50, 000 from the LinkedIn breach alone, and over $65, 000 in total from all breaches. Read more of this story at Slashdot.

See the original article here:
Hacker Selling Data For 200 Million Yahoo Users On The Dark Web