Tag: privacy-rights

Mac malware that infected Facebook bypassed OS X Gatekeeper protection

Researchers have identified the Mac malware that infected employees of Apple, Facebook, and Twitter, and say it may have been used to compromise machines in other US organizations, including auto manufacturers, government agencies, and a leading candy maker, according to a published report. Pintsized.A is a new family of Mac malware that uses an exploit to bypass Gatekeeper, an OS X protection that allows end users to tightly control which sources are permitted to install apps , according to an article published Monday by The Security Ledger. Mac antivirus provider Intego says  the trojan masquerades on infected machines as Linux printing software known as cupsd, although it runs from a different location than the legitimate title. It’s unclear exactly how the malware gets around Gatekeeper. Once installed, Pintsized establishes a reverse shell to a command and control server controlled by the attackers. It uses a modified version of the OpenSSH utility to encrypt traffic, a measure that can help it remain undetected on infected networks. One of the domain names that hosted such a server was corp-aapl.com. It caught the attention of members of Facebook’s security team, tipping them off that there was an infected machine inside their network . When they later took control of the domain, they discovered multiple other companies were also compromised by the same attackers. Around the same time, Apple , Twitter , and Microsoft were also hit with attacks that meet the same pattern. Read 1 remaining paragraphs | Comments

Link:
Mac malware that infected Facebook bypassed OS X Gatekeeper protection

Meet the men who spy on women through their webcams

Aurich Lawson / Thinkstock “See! That shit keeps popping up on my fucking computer!” says a blond woman as she leans back on a couch, bottle-feeding a baby on her lap. The woman is visible from thousands of miles away on a hacker’s computer. The hacker has infected her machine with a remote administration tool (RAT) that gives him access to the woman’s screen, to her webcam, to her files, to her microphone. He watches her and the baby through a small control window open on his Windows PC, then he decides to have a little fun. He enters a series of shock and pornographic websites and watches them appear on the woman’s computer. The woman is startled. “Did it scare you?” she asks someone off camera. A young man steps into the webcam frame. “Yes,” he says. Both stare at the computer in horrified fascination. A picture of old naked men appears in their Web browser, then vanishes as a McAfee security product blocks a “dangerous site.” Read 65 remaining paragraphs | Comments

More:
Meet the men who spy on women through their webcams

EA not altering return policy for furious SimCity buyers

Aurich Lawson / Thinkstock Electronic Arts has indicated that it will not be altering its usual digital refund policy in the wake of SimCity server issues that have led to access problems and scaled-back features for players that are able to log in, days after the game’s North American release. “In general we do not offer refunds on digital download games,” EA tweeted through its official Origin account yesterday, directing people to the company’s  online policy on returns and cancellations . While downloadable games purchased in North America are not be refunded “as a general policy,” EA does offer a “14-day unconditional guarantee” on any physical product sold through the Origin store. European customers, however, may be able to withdraw their downloadable purchase during a 14-day “Cooling Off period” as outlined on EA’s European return policy page . The recent tweet comes after a message posted to EA’s forums by Community Manager Raven on Tuesday, stating that “[i]f you regrettably feel that we let you down, you can of course request a refund for your order… though we’re currently still in the process of resolving this issue.” That message has now been revised to simply say “please review our refund policy here .” Read 6 remaining paragraphs | Comments

See the article here:
EA not altering return policy for furious SimCity buyers

Microsoft comes to its senses, allows Office 2013 to move PCs

In a substantial regression from the terms offered for Office 2010, the original Office 2013 license died with your PC . You couldn’t install a retail copy of Office on a new PC, even if you removed it from the old one. But after much public outcry, Microsoft has relented . The Office 2013 terms and conditions are being updated so that transfers are allowed. You’ll be allowed one transfer every 90 days unless the transfers are due to hardware failures. (In that case they can be made immediately.) The change is effective immediately, but it will take some time before it trickles out to the activation servers. If you’re transferring Office 2013 to a different PC and activation fails, you’ll have to call customer support. Microsoft insists that the support people know the score and will be able to activate you manually. Read on Ars Technica | Comments

Visit site:
Microsoft comes to its senses, allows Office 2013 to move PCs

How two volunteers built the Raspberry Pi’s operating system

Aurich Lawson When you buy a Raspberry Pi, the $35 computer doesn’t come with an operating system. Loading your operating system of choice onto an SD card and then booting the Pi turns out to be pretty easy. But where do Pi-compatible operating systems come from? With the Raspberry Pi having just  turned one year old , we decided to find out how  Raspbian —the officially recommended Pi operating system—came into being. The project required 60-hour work weeks, a home-built cluster of ARM computers, and the rebuilding of 19,000 Linux software packages. And it was all accomplished by two volunteers. Like the Raspberry Pi itself, an unexpected success story Although there are numerous operating systems for the Pi, the Raspberry Pi Foundation recommends one for the general populace. When the Pi was born a year ago, the  recommended operating system was a version of Red Hat’s Fedora tailored to the computer’s ARM processor. But within a few months, Fedora fell out of favor on the Pi and was replaced by Raspbian. It’s a version of Debian painstakingly rebuilt for the Raspberry Pi by two volunteers named Mike Thompson and Peter Green. Read 53 remaining paragraphs | Comments

Read the article:
How two volunteers built the Raspberry Pi’s operating system

Trigger word: e-mail monitoring gets easy in Office 365, Exchange

I’m in ur email, watching ur filez. Diana Dee Sophia Exchange 2013 and Office 365 include a new feature that can peek into e-mail messages and enclosed documents, then flag them, forward them, or block them entirely based on what it finds. This sort of data loss prevention technology has become increasingly common in corporate mail systems. But its inclusion as a feature in Office 365’s cloud service makes it a lot more accessible to organizations that haven’t had the budget or expertise to monitor the e-mail lives of their employees. As we showed in our review of the new Office server platforms , the data loss prevention feature of Microsoft’s new messaging platforms can detect things like credit card numbers, social security numbers, and other content that has no business travelling by e-mail.  Because of how simple it is to configure rules for Microsoft’s DLP and security features, administrators will also have the power to do other sorts of snooping into what’s coming and going from users’ mailboxes. Unfortunately, depending on the mix of mail servers in your organization—or which Exchange instances you happen to hit in the O365 Azure cloud—they may not work all the time. And they won’t help defeat someone determined to steal data via e-mail. Read 9 remaining paragraphs | Comments

Read More:
Trigger word: e-mail monitoring gets easy in Office 365, Exchange

Bitcoin reaches an all-time trading high of over $33

After rising steadily over the last several months, Bitcoin has reached an all-time high according to data on Bitcoin Charts . As of this writing, Mt. Gox , the most popular Bitcoin trading site (which announced on Wednesday that  its operations  would move to Silicon Valley), recorded a high price of $33.22 per Bitcoin. There’s no single explanation as to why Bitcoin has continued to rise, accelerating particularly over the last month. That said, it’s been clear that interest in the digital currency has been rapidly rising, as any regular reader of Ars knows. It’s likely that online gambling has played a part. As we’ve reported earlier this year, one Bitcoin-based site took in $500,000 in profit in just six months in 2012—and Bitcoin gambling is set to get even bigger . For now, gambling with the cryptocurrency, like using Bitcoins in general, remains in a legal grey area  (which may be part of the appeal as well). Read 3 remaining paragraphs | Comments

View article:
Bitcoin reaches an all-time trading high of over $33

The Pirate Bay leaves Sweden for friendlier waters

The Swedish Pirate Party has stopped hosting the notorious website The Pirate Bay, according to TorrentFreak. While no one knows where the site is actually run from, Web-hosting services have been provided through the Swedish Pirate Party for a few years now. Now, the site’s hosting will be taken care of by the Pirate Parties in Norway and Sweden. TPB is being forced to move because the Swedish Pirate Party is under pressure from Rights Alliance, a Swedish anti-piracy group representing large music and movie interests. Rights Alliance threatened legal action against the Pirate Party if the group didn’t stop hosting the site by tomorrow. Spain in particular could turn out to be a safe haven for the piracy-driven website, since judges in that country have found simply linking to other infringing sites is not a basis for copyright liability. The sports-streaming site Rojadirecta, for example, was exonerated after legal action against it was initiated in Spain. (That didn’t stop it from having its domain name grabbed by a US agency, before being given back last summer.) Read 1 remaining paragraphs | Comments

See more here:
The Pirate Bay leaves Sweden for friendlier waters

Earthquakes’ booms big enough to be detected from orbit

Artist’s impression of GOCE satellite. European Space Agency Last year, we reported on some mysterious booms in a small Wisconsin town that turned out to be small earthquakes. While it was an unusual story, it’s actually not that uncommon of an occurrence. Early in the summer of 2001, folks in Spokane, Washington started reporting similar booms. The sounds continued, off and on, for about five months. The mystery didn’t last long, as the earthquakes responsible were picked up by seismometers in the area. (A particularly loud one that took place exactly one month after the September 11, 2001 terrorist attacks in New York did rattle some nerves, however.) In total, 105 earthquakes were detected, with a couple as large as magnitude 4.0. For most of them, there wasn’t good enough seismometer coverage to really pinpoint locations, but some temporary units deployed around the city in July located a number of events pretty precisely: the earthquakes were centered directly beneath the city itself. While a dangerously large earthquake is pretty unlikely in Wisconsin, the possibility can’t be ignored in Washington. The 2011 earthquake in Christchurch, New Zealand was only a magnitude 6.3, but the damage was extensive because the epicenter was so close to the city. In L’Aquila, Italy, a swarm of small earthquakes in 2009 was followed by a deadly magnitude 6.3. (The poor public communication of risk during that swarm netted six seismologists manslaughter convictions .) Read 10 remaining paragraphs | Comments

View article:
Earthquakes’ booms big enough to be detected from orbit

Server hack prompts call for cPanel customers to take “immediate action”

The providers of the cPanel website management application are warning some users to immediately change their systems’ root or administrative passwords after discovering one of its servers has been hacked. In an e-mail sent to customers who have filed a cPanel support request in the past six months, members of the company’s security team said they recently discovered the compromise of a server used to process support requests. “While we do not know if your machine is affected, you should change your root level password if you are not already using SSH keys,” they wrote, according to a copy of the e-mail posted to a community forum . “If you are using an unprivileged account with ‘sudo’ or ‘su’ for root logins, we recommend you change the account password. Even if you are using SSH keys we still recommend rotating keys on a regular basis.” Read 3 remaining paragraphs | Comments

View post:
Server hack prompts call for cPanel customers to take “immediate action”