technology – Page 203

Linux Traffic Hijack Flaw Also Affects Most Android Phones, Tablets

Zack Whittaker, writing for ZDNet: As many as 80 percent of Android devices are vulnerable to a recently disclosed Linux kernel vulnerability. Security firm Lookout said in a blog post on Monday that the flaw affects all phones and tablets that are running Android 4.4 KitKat and later, which comes with the affected Linux kernel 3.6 or newer. According to recent statistics, the number of devices affected might run past 1.4 billion phones and tablets — including devices running the Android Nougat developer preview. Windows and Macs are not affected by the vulnerability. The flaw, disclosed at the Usenix security conference last week, is complicated and difficult to exploit. If an attacker can pull off an exploit, they could inject malicious code into unencrypted web traffic from “anywhere”. However, the source and destination IP address would need to be known in order to intercept the traffic, adding to the complexity of carrying out a successful attack.The exploitability isn’t easy, though. Read more of this story at Slashdot.

20 hotels suffer hack costing tens of thousands their credit card information

(credit: HEI Hotels & Resorts) The chain that owns Starwood, Marriott, Hyatt, and Intercontinental hotels—HEI Hotels & Resorts— said this weekend that the payment systems for 20 of its locations had been infected with malware that may have been able to steal tens of thousands of credit card numbers and corresponding customer names, expiration dates, and verification codes. HEI claims that it did not lose control of any customer PINs, as they are not collected by the company’s systems. Still, HEI noted on its website that it doesn’t store credit card details either. “We believe that the malware may have accessed payment card information in real-time as it was being inputted into our systems,” the company said. The breach appears to have hit 20 HEI Hotels, and in most cases, the malware appears to have been active from December 2, 2015 to June 21, 2016. In a few cases, hotels may have been affected as early as March 1, 2015. According to a statement on HEI’s website, the malware affected point-of-sale (POS) terminals at the affected properties, but online booking and other online transactions were not affected. Read 4 remaining paragraphs | Comments

Tesla Preps Bigger 100 KWh Battery For Model S and Model X

An anonymous reader writes: Tesla will soon offer a 100 kWh battery for the Model S and Model X that will allow for increased range — perhaps as much as 380 miles for the Model S. Currently, the 90 kWh batteries are the company’s largest capacity. Kenteken.TV is reporting that the Dutch regulator that certifies Tesla’s vehicles for use in the European Union, RDW, has recently published a number of new Tesla variants. RDW’s public database now includes entries for a Tesla “100D” and “100X, ” which are titles that follow Tesla’s current naming system based on battery capacity. The listing for the 100D claims the vehicle has a range of 381 miles or 613 kilometers. The motor output is reported as 90 kilowatts (121 horsepower), which is the maximum output the Tesla motors can sustain without overheating. Autoblog notes that EU range estimates tend to be more optimistic than those issued by the U.S. EPA. A more realistic range might be 310 to 320 miles. Read more of this story at Slashdot.

Link:
Tesla Preps Bigger 100 KWh Battery For Model S and Model X

‘GoldenEye: Source’ Updated: A Classic, Free Multiplayer Game

An anonymous reader quotes The Verge: GoldenEye: Source received its first update in more than three years this week. It’s free to download and it features 25 recreated maps, 10 different multiplayer modes, and redesigned versions of the original game’s 28 weapons. It was created using Valve’s Source engine, the same set of tools used to create Counter Strike and Half-Life games. So it’s a massive step up in both visuals and performance for one of the more drastically dated gaming masterpieces of the last 20 years… GoldenEye 007, the beloved N64 first-person shooter, has been recreated in high-definition glory by a team of dedicated fans over the course of 10 years…the attention to detail and the amount of effort that went into GoldenEye: Source make it one of the most polished HD remakes of a N64 classic. With 8 million copies sold, Wikipedia calls it the third best-selling Nintendo 64 game of all-time (although this version doesn’t recreate its single-player campaigns). Anyone have fond memories of playing Goldeneye 007? Read more of this story at Slashdot.

See more here:
‘GoldenEye: Source’ Updated: A Classic, Free Multiplayer Game

Next Generation of Wireless — 5G — Is All Hype

Many people have promised us that 5G will be here very soon. And it will be the best thing ever. To quote Lowell McAdam, the CEO of Verizon, 5G is “wireless fiber, ” and to quote SK Telecom, thanks to 5G we will soon be able to “transfer holograms” because the upcoming standard is “100 times faster” than our current communications system 4G LTE. But if we were to quote Science, the distant future isn’t nearly as lofty as the one promised by executives. Backchannel explains: “5G” is a marketing term. There is no 5G standard — yet. The International Telecommunications Union plans to have standards ready by 2020. So for the moment “5G” refers to a handful of different kinds of technologies that are predicted, but not guaranteed, to emerge at some point in the next 3 to 7 years. (3GPP, a carrier consortium that will be contributing to the ITU process, said last year that until an actual standard exists, ‘”5G’ will remain a marketing & industry term that companies will use as they see fit.” At least they’re candid.) At the moment, advertising something as “5G” carries no greater significance than saying it’s “blazing fast” or “next generation” — nut because “5G” sounds technical, it’s good for sales. We are a long way away from actual deployment. Second, this “wireless fiber” will never happen unless we have… more fiber. Real fiber, in the form of fiber optic cables reaching businesses and homes. (This is the “last mile” problem; fiber already runs between cities.) It’s just plain physics. In order to work, 99% of any “5G” wireless deployment will have to be fiber running very close to every home and business. The high-frequency spectrum the carriers are planning to use wobbles billions of times a second but travels incredibly short distances and gets interfered with easily. So it’s great at carrying loads of information — every wobble can be imprinted with data — but can’t go very far at all. Read more of this story at Slashdot.

Follow this link:
Next Generation of Wireless — 5G — Is All Hype

Linux Trojan Mines For Cryptocurrency Using Misconfigured Redis Servers

An anonymous reader writes: In another installment of “Linux has malware too, ” security researchers have discovered a new trojan that targets Linux servers running Redis, where the trojan installs a cryptocurrency miner. The odd fact about this trojan is that it includes a wormable feature that allows it to spread on its own. The trojan, named Linux.Lady, will look for Redis servers that don’t have an admin account password, access the database, and then download itself on the new target. The trojan mines for the Monero crypto-currency, the same one used by another worm called PhotoMiner, which targets vulnerable FTP servers. According to a recent Risk Based Security report from last month, there are over 30, 000 Redis servers available online without a password, of which 6, 000 have already been compromised by various threat actors. Read more of this story at Slashdot.

Visit link:
Linux Trojan Mines For Cryptocurrency Using Misconfigured Redis Servers

Facebook Will Force Advertising On Ad-Blocking Users

Long-time reader geek writes: Facebook is going to start forcing ads to appear for all users of its desktop website, even if they use ad-blocking software (Could be paywalled; alternate source). The social network said on Tuesday that it will change the way advertising is loaded into its desktop website to make its ad units considerably more difficult for ad blockers to detect. “Facebook is ad-supported. Ads are a part of the Facebook experience; they’re not a tack on, ” said Andrew “Boz” Bosworth, Facebook’s vice president of engineering for advertising and pages. Read more of this story at Slashdot.

More:
Facebook Will Force Advertising On Ad-Blocking Users

London’s Metropolitan Police Still Running 27,000 Windows XP Desktops

An anonymous reader writes: London’s Met Police has missed its deadline for abandoning the out-of-date operating system Windows XP, as findings reveal 27, 000 computers still run on the software two years after official support ended. Microsoft stopped issuing updates and patches for Windows XP in Spring 2014, meaning that any new bugs and flaws in the operating system are left open to attack. A particularly risky status for the UK capital’s police force – itself running operations against hacking and other cybercrime activity. The figures were disclosed by Conservative politician Andrew Boff. The Greater London Assembly member said: ‘The Met should have stopped using Windows XP in 2014 when extended support ended, and to hear that 27, 000 computers are still using it is worrying.’ As in similar cases across civil departments, the core problem is bespoke system development, and the costs and time associated with integrating a new OS with customized systems. Read more of this story at Slashdot.

View post:
London’s Metropolitan Police Still Running 27,000 Windows XP Desktops

Nigerian Scammers Infect Themselves With Own Malware, Reveal New Fraud Scheme

“A pair of security researchers recently uncovered a Nigerian scammer ring that they say operates a new kind of attack…after a few of its members accidentally infected themselves with their own malware, ” reports IEEE Spectrum. “Over the past several months, they’ve watched from a virtual front row seat as members used this technique to steal hundreds of thousands of dollars from small and medium-sized businesses worldwide.” Wave723 writes: Nigerian scammers are becoming more sophisticated, moving on from former ‘spoofing’ attacks in which they impersonated a CEO’s email from an external account. Now, they’ve begun to infiltrate employee email accounts to monitor financial transactions and slip in their own routing and account info…The researchers estimate this particular ring of criminals earns about US $3 million from the scheme. After they infected their own system, the scammers’ malware uploaded screenshots and all of their keystrokes to an open web database, including their training sessions for future scammers and the re-routing of a $400, 000 payment. Yet the scammers actually “appear to be ‘family men’ in their late 20s to 40s who are well-respected, church-going figures in their communities, ” according to the article. SecureWorks malware researcher Joe Stewart says the scammers are “increasing the economic potential of the region they’re living in by doing this, and I think they feel somewhat of a duty to do this.” Read more of this story at Slashdot.

More:
Nigerian Scammers Infect Themselves With Own Malware, Reveal New Fraud Scheme

Man Says Tesla Autopilot Saved His Life By Driving Him To the Hospital

An anonymous reader writes: Last month a man sent an email to Elon Musk explaining how his Tesla Model S with Autopilot activated may have saved a pedestrian’s life. Now, it appears Autopilot may have saved the life of a Tesla Model X driver. CNBC reports: “A Missouri man says his Tesla helped saved his life by driving him to the hospital during a life-threatening emergency. Joshua Neally is a lawyer and Tesla owner from Springfield, Missouri, who often uses the semi-autonomous driving system called Autopilot on his Tesla Model X. The system has come under fire after it was involved in a fatal Florida crash in May, but Neally told online magazine Slate that Autopilot drove him 20 miles down a freeway to a hospital, while Neally suffered a potentially fatal blood vessel blockage in his lung, known as a pulmonary embolism. The hospital was right off the freeway exit, and Neally was able to steer the car the last few meters and check himself into the emergency room, the report said.” Read more of this story at Slashdot.

Ken May

Tag: technology