wired – Page 14

NSA report shows China hacked 600+ US targets over 5 years

NBC has released a 2014 slide from a secret NSA Threat Operations Center (NTOC) briefing—a map that shows the locations of “every single successful computer intrusion” by Chinese state-sponsored hackers over a five-year period. Over 600 US businesses and institutions were breached during that period. The slide was provided to NBC by an unnamed “intelligence source,” who said the briefing “highlighted China’s interest in Google and defense contractors like Lockheed Martin, and in air traffic control systems… [and] catalogued the documents and data Chinese government hackers have exfiltrated,” the network reported. The report suggests that the NSA has been tracking Chinese cyber-attacks for years and that its own network surveillance of China gives the agency the ability to correlate those attacks with specific sources. The briefing shown to NBC listed locations for the sources of each of the “exploitations and attacks,” NBC reported. Read 5 remaining paragraphs | Comments

View post:
NSA report shows China hacked 600+ US targets over 5 years

Sony’s profits triple as PS4 sales reach 25 million units worldwide

Sony’s profits have more than tripled year-on-year in the April to June quarter ( PDF link ), thanks to strong sales of camera sensors and the PlayStation 4, which has now sold 25.3 million units globally to date. The company’s overall net profit rose to ¥82.4 billion yen (£425 million, $664 million), significantly surpassing market expectations. Sony moved three million PS4s during the quarter, while peripheral and software shipments also increased, leading to the division’s 12.1 percent increase in sales to ¥288.6 billion (£1.4 billion, $2.3 billion), and an operating profit of ¥19.5 billion (£100 million, $160 million). The PS4 has taken a significant lead in the console market, massively outselling the rival Xbox One and Nintendo Wii U, the latter of which has sold just 10 million units . Sony’s devices division—which makes the camera sensors in high-end phones from Samsung and Apple— continues to grow . The unit saw a 35.1 percent increase in sales to ¥237.9 billion (£1.2 billion, $2 billion). Sales to external customers—i.e., those high-end phone makers—increased 41.2 percent year-on-year. Read 2 remaining paragraphs | Comments

So far, WordPress denied 43% of DMCA takedown requests in 2015

This week WordPress released the latest edition of its recurring transparency report , revealing 43 percent of the Digital Millennium Copyright Act (DMCA) takedown requests it received have been rejected in the first six months of 2015. It’s the lowest six-month period shown in the report, though it only dates back to 2014. However, WordPress said this headline figure would be even higher if it “counted suspended sites as rejected notices.” That change in calculation would bump the WordPress DMCA denial rate to 67 percent between January 1 and June 30, 2015. In total, the publishing platform received 4,679 DMCA takedown requests as of June 30, identifying 12 percent of those as “abusive.” The top three organizations submitting these requests were Web Sheriff, Audiolock, and InternetSecurities. “Not surprisingly, the list is dominated by third party take down services, many of whom use automated bots to identify copyrighted content and generate takedown notices,” WordPress noted. The company wrote at length about this practice in April, both explaining and condemning the general procedure. “These kind of automated systems scour the Web, firing off takedown notifications where unauthorized uses of material are found—so humans don’t have to,” WordPress wrote . “Sounds great in theory, but it doesn’t always work out as smoothly in practice. Much akin to some nightmare scenario from the Terminator , sometimes the bots turn on their creators.” Read 3 remaining paragraphs | Comments

View original post here:
So far, WordPress denied 43% of DMCA takedown requests in 2015

Bug in latest version of OS X gives attackers unfettered root privileges

A bug in the latest version of Apple’s OS X gives attackers the ability to obtain unfettered root user privileges, a feat that makes it easier to surreptitiously infect Macs with rootkits and other types of persistent malware. The privilege-escalation bug, which was reported in a blog post published Tuesday by security researcher Stefan Esser, is the type of security hole attackers regularly exploit to bypass security protections built into modern operating systems and applications. Hacking Team, the Italian malware-as-a-service provider that catered to governments around the world, recently exploited similar elevation-of-privileges bugs in Microsoft Windows . When combined with a zero-day exploit targeting Adobe’s Flash media player , Hacking Team was able to pierce security protections built into Google Chrome , widely regarded as the Internet’s most secure browser by default. According to Esser, the OS X privilege-escalation flaw stems from new error-logging features that Apple added to OS X 10.10. Developers didn’t use standard safeguards involving additions to the OS X dynamic linker dyld , a failure that allows attackers to open or create files with root privileges that can reside anywhere in the OS X file system. Read 4 remaining paragraphs | Comments

Taken from:
Bug in latest version of OS X gives attackers unfettered root privileges

Nintendo asks GitHub to make Javascript-based Game Boy emulator disappear

This week, GitHub posted a takedown notice it received from Nintendo of America’s legal representation. The Mario makers believe that a popular Javascript-based Game Boy Advance emulator hosting its source on GitHub violated the company’s copyright for the games involved. “Nintendo requests that GitHub, Inc., disable public access to the website at http://jsemu.github.io/gba/,” the letter reads. “This website provides access to unauthorized copies of Nintendo’s copyright-protected video games and videos making use of Nintendo’s copyrighted Pokémon characters and imagery in violation of Nintendo’s exclusive rights.” The takedown notice cites both the Digital Millennium Copyright Act and GitHub’s own ” Guide to Filing a DMCA Notice .” In total, Nintendo identified more than 20 games and two franchises ( Metroid and Pokémon ) with patents being infringed, and the individual titles run the gamut of popular ( Pokémon Silver and Gold ) to obscure (remember Golden Sun ?). The company requested GitHub immediately remove 32 unique URLs corresponding to various emulators. The notice denotes each individual patent and infringing URL, and the sites in question now deliver 404s. Read 2 remaining paragraphs | Comments

Visit site:
Nintendo asks GitHub to make Javascript-based Game Boy emulator disappear

Adobe Flash exploit that was leaked by Hacking Team goes wild; patch now!

Adobe Systems has updated its Flash media player to patch a vulnerability that attackers started exploiting soon after attack code leaked from the devastating Hacking Team breach. As Ars reported Tuesday morning, the previously unknown Flash vulnerability was part of some 400 gigabytes of data dumped on the Internet by unknown attackers who hacked Hacking Team over the weekend. By Tuesday afternoon, the critical flaw was being targeted in the wild by an array of malware titles, including the Angler and Nuclear exploit kits, as first documented by the security researcher known as Kafeine . The exploit has also been folded in to the Metasploit hacking framework . The vulnerability is cataloged as CVE-2015-5119 and is active in Flash versions 18.0.0.194 and earlier. According to security firm Rapid 7, it stems from a use-after-free bug that can be exploited while Flash is handling ByteArray objects. The update is available for Windows, Mac OS X, and Linux systems. Adobe has credited Google’s Project Zero and Morgan Marquis-Boire, director of security, First Look Media, for reporting the critical bug and working to protect Flash users. Read 1 remaining paragraphs | Comments

More:
Adobe Flash exploit that was leaked by Hacking Team goes wild; patch now!

Google-owned Waze launches “RideWith” carpooling app on Android

RideWith, seen here looking very, very Waze-y. 5 more images in gallery Waze, the traffic-mapping app that Google acquired in 2013 for upwards of $1 billion, launched its first spin-off app on Monday. The new app, RideWith, sees Waze and Google entering the carpooling business. The app is now live in the Google Play store for Android devices, but it currently only works in Waze’s home country of Israel (and you’ll need to turn Google Translate on if you visit the official site and don’t read Hebrew). An announcement at Waze’s official blog described the app as a “carpool pilot,” and it clarified that hopeful passengers will need to download and load the new app while drivers could opt into the program directly through the Waze app. With the RideWith app, riders can enter their commute info, then wait for an alert when a route-friendly driver has been found. Users can suss out drivers by way of profiles, prior riders’ reviews, and even through a chat option. The announcement explained that the app creates a price quote, based on distance and wear-and-tear values, when someone seeks a ride (which they can edit with their own “maximum” value). Potential drivers can then decide whether or not they want to accept that payment and take the passenger in question. The app handles payment with an apparent “nominal Waze commission” added to the price. The announcement didn’t clarify an amount, and a Google spokesperson declined to answer our question about the exact figure. Read 2 remaining paragraphs | Comments

Follow this link:
Google-owned Waze launches “RideWith” carpooling app on Android

From the Wirecutter: The best consumer-grade Wi-Fi extender

This post was done in partnership with The Wirecutter, a list of the best technology to buy. Read the full article below at TheWirecutter.com . The winning EX6200 is much bigger than most of the other extenders we tested. The performance is worth it, but the EX6200’s size could affect where you place it in your home or apartment. After spending a total of 110 hours researching 25 different Wi-Fi extenders (and testing 10 of them), plus analyzing reviews and owner feedback, we found that the $100 Netgear EX6200 is the best Wi-Fi extender for most people right now. It costs as much as a great router and it shouldn’t be the first thing you try to fix your Wi-Fi range, but it has the best combination of range, speed, flexibility, and physical connections of any extender we tested. Read 20 remaining paragraphs | Comments

View original post here:
From the Wirecutter: The best consumer-grade Wi-Fi extender

Chicago Netflix customers: Your bill is about to go up 9 percent

Starting Wednesday, the city of Chicago’s new ” cloud tax ” went into effect: it imposes a 9-percent tax on “patrons of amusement,” including those services that are “delivered electronically.” In short: Netflix users in Chicago will be paying a little extra for their subscriptions pretty soon. “We will be adding it to the cost we charge subscribers,” Anne Marie Squeo, a Netflix spokeswoman, told Ars in a statement. “Jurisdictions around the world, including the US, are trying to figure out ways to tax online services. This is one approach.” Read 16 remaining paragraphs | Comments

See the original post:
Chicago Netflix customers: Your bill is about to go up 9 percent

Daily builds? Microsoft bangs out two public Windows 10 builds in two days

Daily Windows 10 builds? OK, not really. Or at least not yet. But Microsoft will today be releasing a new Windows 10 Insider Preview build, version 10159, to its fast track testers just a day after releasing build 10158 to the fast track. Yesterday’s build was the first to sport the new Microsoft Edge branding in the browser—prior builds had used the “Project Spartan” codename—along with many bug fixes and other minor improvements. Today’s build includes a further 300 fixed bugs, along with another piece of branding: it includes the new default wallpaper, a Windows logo made with lasers. As we discussed a couple of weeks ago , both yesterday’s build and today’s build are on the final path toward creating the release-to-manufacturing (RTM) build. While early builds didn’t have Windows Activation and preinstalled the Insider Hub for getting news about the previews, the latest builds are set up for the general public. As such, they include the activation system and only preinstall the apps that will ship when Windows 10 goes live. Read 1 remaining paragraphs | Comments

Taken from:
Daily builds? Microsoft bangs out two public Windows 10 builds in two days

Ken May

Tag: wired