COMPUTERS/INTERNET/SECURITY | WHAT REALLY HAPPENED


COMPUTERS/INTERNET/SECURITY

Oct 23 17:00

Censorship Upgrade: Facebook Testing Burying Posts From News Outlets And Businesses In 6 Countries Unless They Pay

By Aaron Kesel

Facebook is currently testing a change that would force news publishers to pay to show their posts from their Facebook Pages in the timeline of Facebook users in an effort disguised to fight “fake news.”

In the test, pages are now shown in a separate Explore tab, while the main timeline only shows posts from friends, ads, and posts that companies have paid to promote, Business Insider reported...

Oct 23 12:20

FACEBOOK TESTS ‘PAY TO PLAY’ NEWS

Watch out, publishers: a nightmare scenario for Facebook may soon be a reality.

Oct 23 09:22

Google's £800 Pixel 2 XL has a serious burn-in issue that ruins screens, testers claim

It was launched to much fanfare earlier this month, but the Google Pixel 2 XL is facing complaints just weeks after it was released for testing.

Screen burn-in issues have been reported by some of the first people to get their hands on the XL model, primarily tech reviewers.

While screen burn is a problem with most types of display, for it to occur in such a short space of time is almost unheard of.

Oct 23 09:12

Man arrested after ‘good morning’ post was mistranslated by Facebook as ‘attack them’

A smiling Palestinian construction worker posted a photo of himself leaning against a bulldozer and holding a cup of coffee and a cigarette. He posted the photo on Facebook along with “good morning” in Arabic.

Israeli police, relying on Facebook’s translation service, believed the post said “attack them.” Haaretz reported, “The automatic translation service offered by Facebook uses its own proprietary algorithms. It translated ‘good morning’ as ‘attack them’ in Hebrew and ‘hurt them’ in English.”

The Palestinian man’s photo showed a bulldozer on the construction site in the Beitar Illit settlement which is located on the West Bank near Jerusalem. Bulldozers have been used in terror attacks against Israelis in the past.

Israeli police did not consult any Arabic-speaking officer, but instead relied completely on Facebook’s translation. As a result, the Palestinian man was arrested.

Oct 23 09:05

The recent catastrophic Wi-Fi vulnerability was in plain sight for 13 years behind a corporate paywall

When this week’s KRACK wi-fi vulnerabity hit, I saw a series of tweets from Emin Gür Sirer, who’s mostly tweeting on bitcoin topics but seemed to know something many didn’t about this particular Wi-Fi vulnerability: it had been in plain sight, but behind paywalls with corporate level fees, for thirteen years. That’s how long it took open source to catch up with the destructiveness of a paywall.

Apparently, WPA2 was based on IEEE standards, which are locked up behind subscription fees that are so steep that open source activists and coders are just locked out from looking at them. This, in turn, meant that this vulnerability was in plain sight for anybody who could afford to look at it for almost a decade and a half.

Oct 23 08:59

Malware hidden in vid app is so nasty, victims should wipe their Macs

It's going to be an unpleasant weekend for some Mac users who are facing a complete system wipe and reinstall – after hackers stashed malware in legitimate applications.

Eltima Software, which makes the popular Elmedia Player and download manager Folx, today confessed the latest versions of those two apps came with an unwelcome extra – the rather horrid OSX.Proton malware.

The software nasty, which was injected into downloads of the applications, was spotted by security shop ESET, which alerted Elmedia. A subsequent investigation revealed miscreants had got into the developer's servers, implanted the malware into the download files, and then let the company infect its users as they fetched the software.

Proton is a remote-control trojan designed specifically for Mac systems.

Oct 23 08:56

'We've nothing to hide': Kaspersky Lab offers to open up source code

Russian cybersecurity software flinger Kaspersky Lab has offered to open up its source code for third-party review.

The firm's Global Transparency Initiative is in response to moves to ban the use of its technology on US government systems by the Department of Homeland Security over concerns of alleged ties with the Russian government.

The initiative comes days after reports that Russian government hackers used Kaspersky antivirus software to siphon off classified material from a PC belonging to a NSA contractor.

Oct 22 16:37

Scott Adams: The Power of the Presidential Tweet

As a trained hypnotist and a lifelong student of persuasion, I’m often impressed by how much “work” President Trump gets out of his tweets. Most of them are harmless retweets about whatever is going right, and they tend to be forgettable. The good ones are something entirely different, and many are gems of persuasion.

Oct 22 09:11

Palestinian Arrested By Israeli Police After Facebook Software Mistranslates His Post

By Joe Wright

In a chilling example of how social media has been latched onto by the surveillance state, AFP has reported that a Palestinian man was arrested by Israeli police in the West Bank after posting the message “good morning” in Arabic while standing in front of a bulldozer. Somehow, the Facebook algorithm translated this to mean “attack them” and “hurt them” in Hebrew and English respectively...

Oct 21 09:34

Facespook! Social media giant becomes arm of US intel

Facebook, the world’s top social media platform, is reportedly seeking to hire hundreds of employees with US national security clearance licenses. Purportedly with the aim of weeding out “fake news” and “foreign meddling” in elections.

If that plan, reported by Bloomberg, sounds sinister, that’s because it is. For what it means is that people who share the same worldview as US intelligence agencies, the agencies who formulate classified information, will have a direct bearing on what millions of consumers on Facebook are permitted to access.

Oct 21 09:23

FLASHBACK - HILLARY THE SPY?

Let us start with an historical fact. Treason and betrayal by the highest levels is a common feature of history, whether it is Judas vs Jesus, Brutus vs Julius Caesar, Benedict Arnold, the Rosenbergs, Jonathan Pollard, Aldrich Ames, Robert Hanssen. It is just a fact of life. It does happen.

Back in 1996, when Bill Clinton was running for re-election, he authorized the transfer of highly sensitive technology to China. This technology had military applications and allowed China to close the gap in missile performance with the United States. The transfers were opposed and severely criticized by the Defense Department.

Webmaster's Commentary: 

I figure with the Uranium One deal finally breaking into corporate media (at least FOX) it is time to look back at all the crimes of the Clintons.

Oct 20 12:59

The Dark Secret at the Heart of AI

No one really knows how the most advanced algorithms do what they do. That could be a problem.

Oct 20 12:04

Facebook bans the word 'English' from electrician's profile

after he used it on the social media site for nine years

Oct 20 11:30

NHL to Install Facial Recognition Cameras to Limit Their Liability

By MassPrivateI

It’s official, big brother has invaded sports arenas, stadiums and parks.

According to an article in TSN, The National Hockey League (NHL) plans to install facial recognition cameras in their arenas...

Oct 20 10:52

This new botnet could take down the internet - and it's rapidly spreading across the world

Up to a million organisations around the world have already been infected by a new computer bot network that has the potential to "take down the internet", researchers warn.

According to cybersecurity company Check Point, a new botnet has been spotted which is enslaving internet-of-things (IoT) devices – mainly internet routers and remote cameras. "The next cyber-hurricane is about to come," the firm claimed in a report this week (19 October).

Research suggested that the new botnet is evolving at a rapid pace, and could soon be weaponised to launch cyberattacks in the same fashion as "Mirai" last year.

Webmaster's Commentary: 

Now who would want to take down the entire internet right now?!? :)

Oct 20 09:28

Former FEC Chair Wants Law To Charge Readers Who Spread Fake News With Libel

By Aaron Kesel

A former commissioner of the Federal Election Commission, Ann Ravel, has proposed an insane new law that seeks to punish readers of news with libel if a story is deemed false. Yes, you read that right, she wants to charge you the person reading this right now. Talk about an Orwellian law.

The new proposal is titled Fool Me Once: The Case for Government Regulation of ‘Fake News.’ and would be implemented to “improve voter competence.”...

Oct 20 08:07

Unpatched Microsoft Word DDE Exploit Being Used In Widespread Malware Attacks

Since DDE is a Microsoft's legitimate feature, most antivirus solutions do not flag any warning or block MS Office documents with DDE fields, neither the tech company has any plans of issuing a patch that would remove its functionality.

So, you can protect yourself and your organisation from such attacks by disabling the "update automatic links at open" option in the MS Office programs.

To do so, Open Word ? Select File ? Options ? Advanced and scroll down to General and then uncheck "Update Automatic links at Open."

However, the best way to protect yourself from such attacks is always to be suspicious of any uninvited document sent via an email and never click on links inside those documents unless adequately verifying the source.

Oct 20 07:51

Blaming Russia For The Internet 'Sewer'

As the Russia-gate hysteria spirals down from the implausible to the absurd, almost every bad thing is blamed on the Russians, even how they turned the previously pristine Internet into a 'sewer'...

Oct 19 17:39

Enable Google's New "Advanced Protection" If You Don't Want to Get Hacked

It is good to be paranoid when it comes to cybersecurity.

Google already provides various advanced features such as login alerts and two-factor authentication to keep your Google account secure.

However, if you are extra paranoid, Google has just introduced its strongest ever security feature, called "Advanced Protection," which makes it easier for users, who are usually at high risk of targeted online attacks, to lock down their Google accounts like never before.

Oct 19 17:38

Anti-Piracy Group Joins Internet Organization That Controls Top-Level Domain

An anti-piracy outfit, whose members include major international studios and record labels, has been welcomed as a member of the organization with overall responsibility for Denmark's top-level domain. Rights Alliance, which is behind the blocking of dozens of leading torrent and streaming sites, says it wants to create a "more secure internet" for companies doing business online.

Oct 19 13:31

Judge lambasts 'insane' NYPD claim that they can't reveal how much cash they've seized from people because their $25.5 million database is 'broken'

The NYPD has told a court that it can't reveal what happened to money seized by its officers under civil forfeiture laws because its database is broken.

Responding to a freedom of information request in Manhattan Supreme Court, city attorney Neil Giovanatti said that the PD was unable to extract the information from its Property and Evidence Tracking System (PETS).

He added that technicians can't even figure out how to back up the database, which cost the city more than $25.5 million in 2009.

Webmaster's Commentary: 

BULL BISCUITS!!!!!

Oct 19 10:50

Is It OVER For YouTube? – A Decentralized Alternative Is Here! (DTube)

osh Sigurdson talks with Dan Dicks of Press For Truth about the recent demonetization of countless YouTube channels.

In the past several months, YouTube has really stepped up their game demonetizing those with views that don’t fit official establishment narratives. Not only that, but completely non-controversial people doing video game tutorials and play-throughs.

With some of the top YouTubers affected, it was only a matter of time before alternatives would provide the services the customers are asking for and that alternative is here!

As we’ve gone into before at WAM, DTube provides people a censorship free decentralized alternative to YouTube which has been long awaited.
DTube is powered through Steemit, the decentralized alternative to Facebook!

Oct 19 09:21

DHS Chief: Tech Firms Must Act Quicker to Remove Extremist Propaganda

By Aaron Kesel

The acting U.S. Homeland Security Secretary Elaine Duke has called on Silicon Valley to remove extremist content, Reuters reported.

The United States and Britain are set to push social media firms to deal with the problem at a G7 meeting of interior ministers this week, Duke told reporters in London where she had been meeting British Home Secretary (interior minister), Amber Rudd...

Oct 19 07:37

UK GOV'T CONSIDERING REDEFINING SOCIAL MEDIA SERVICES AS PUBLISHERS TO MAKE IT EASIER TO CONTROL THEM

Like seemingly every other government on the planet, the UK government wants internet companies like Google and Facebook to do more. Everyone has an axe to grind, whether it's not enough censorship, or the wrong kind of censorship, or the innate desire to hold companies accountable for the actions of their users. The voluntary moderation efforts made by these platforms always fall short of politicians' ideals. These legislators believe -- without evidence -- that perfectly moderated services are just a couple of button pushes away.

Oct 18 12:47

Internet Researchers Harnessed The Power Of Algorithm To Find ‘Hate Speech’

During the municipal elections in spring 2017, a group of researchers and practitioners specialising in computer science, media and communication implemented a hate speech identification campaign with the help of an algorithm based on machine learning.

Oct 18 10:28

Yes, Robot Lawyers Are Now A Thing

On the screen on the Xiaofa’s chest, answers to “over 40,000 litigation questions and 30,000 legal issues” will appear for those seeking advice, China Daily reports.

Oct 18 09:26

Is a stranger hacking your child's smart watch? Warning that loopholes in the devices are being targeted to track youngsters' movements

Alarming security loopholes mean the watches, which include GPS tracking and a mobile phone SIM card, can be accessed remotely.

As a result, strangers can track where a child is and see information on all of their past movements.

On some devices, it is possible to listen in to what a child is doing by sending a hidden text to the watch.

Hackers can intercept and change the geographical location of the watch in what is known as ‘location spoofing’.

This means that a child can appear to be in one spot when they are actually somewhere else.

Oct 18 09:25

UK SPIES USING SOCIAL MEDIA DATA FOR MASS SURVEILLANCE

Privacy rights group Privacy International says it has obtained evidence for the first time that UK spy agencies are collecting social media information on potentially millions of people.

Oct 18 09:24

Digital brains are as error-prone as humans: Expert warns poor decision-making by AI could lead to a 'toxic' future for humanity

Imagine a future where you are regularly stopped and searched by the police, based simply on bad information fed into a computer.

That is the fear of one authority on the subject, who is concerned that human biases and errors are being programmed into machine learning systems.

Studies have already shown that AI experiments, including predictive policing, demonstrate exaggerated versions of human biases when put into practice.

Experts are worried that this could lead to a 'toxic' future where machines make bad decisions on our behalf, unless something is done now to prevent it.

Oct 18 09:20

What could possibly go wrong? Google's machine learning AI has been able to replicate itself for the first time

Google's machine learning artificial intelligence software has learned to replicate itself for the first time.

The firm first revealed its AutoML project in May - an AI designed to help the firm create other AIs.

Now, AutoML has outdone human engineers by building machine-learning software that's more efficient and powerful than the top human-designed systems.

The achievement marks the next big step for the AI industry, in which development is automated as the software becomes too complex for humans to understand.

The breakthrough could one day lead to machines that can learn without human input.

Oct 17 16:21

Apple And Google Promise Updates To Fix An ‘Unprecedented’ Flaw In Wi-Fi Protection That Has Left Almost ALL Home Routers At Risk Of Being Hacked

Google and Apple have promised to update the software that caused severe flaws in Wi-Fi home technology networks, leading to one of the biggest security scares of the year.

Oct 17 16:17

SJW-Tinged, Triple-A Video Game 'Lawbreakers' Crashes And Burns

The much-hyped blockbuster video game Lawbreakers from designer Cliff "Cliffy B" Bleszinski of Gears of War fame had only 10 concurrent players at its lowest point last week.

For a multi-million dollar production as big as any Hollywood movie, this is unprecedented.

Oct 17 16:06

Skype goes down AGAIN!

Oct 17 12:26

Facebook seeking hires with national security clearances|

motivated by the possibility that Russian actors may have manipulated its platform

Oct 17 09:31

Serious Crypto-Flaw Lets Hackers Recover Private RSA Keys Used in Billions of Devices

If you think KRACK attack for WiFi is the worst vulnerability of this year, then hold on…

...we have got another one for you which is even worse.

Microsoft, Google, Lenovo, HP and Fujitsu are warning their customers of a potentially serious vulnerability in widely used RSA cryptographic library produced by German semiconductor manufacturer Infineon Technologies.

It's noteworthy that this crypto-related vulnerability (CVE-2017-15361) doesn't affect elliptic-curve cryptography and the encryption standard itself, rather it resides in the implementation of RSA key pair generation by Infineon's Trusted Platform Module (TPM).

Oct 17 09:30

Microsoft Kept Secret That Its Bug-Tracking Database Was Hacked In 2013

It was not just Yahoo among "Fortune 500" companies who tried to keep a major data breach incident secret.

Reportedly, Microsoft had also suffered a data breach four and a half years ago (in 2013), when a "highly sophisticated hacking group" breached its bug-reporting and patch-tracking database, but the hack was never made public until today.

According to five former employees of the company, interviewed separately by Reuters, revealed that the breached database had been "poorly protected with access possible via little more than a password."

This incident is believed to be the second known breach of such a corporate database after a critical zero-day vulnerability was discovered in Mozilla's Bugzilla bug-tracking software in 2014.

Oct 17 09:29

Dangerous Malware Allows Anyone to Empty ATMs—And It’s On Sale!

Hacking ATM is now easier than ever before.

Usually, hackers exploit hardware and software vulnerabilities to hack ATMs and force them to spit out cash, but now anyone can simply buy a malware to steal millions in cash from ATMs.

Hackers are selling ready-made ATM malware on an underground hacking forum that anybody can simply buy for around $5000, researchers at Kaspersky Lab discovered after spotting a forum post advertising the malware, dubbed Cutlet Maker.

Oct 17 09:14

Massive WiFi Flaw Affects All Connected Devices: ‘You Have To Wonder If It Was Corrupted On Purpose’

The security protocol used to protect the vast majority of WiFi connections has been broken. This will expose wireless internet traffic to malicious attack, according to the researcher who discovered this weakness.

It doesn’t bode well that the mainstream media is also ignoring this problem completely because it’s a very big deal. Anytime the mainstream media brushes something off, most start asking questions. Unfortunately, none of the answers we have so far to those questions are of comfort.

Considering every single cellphone now has WiFi in it and this major “weakness” could affect almost everyone. According to ARS Technica, researchers have disclosed a serious weakness in the WPA2 protocol that allows attackers within range of vulnerable device or access point to intercept passwords, e-mails, and other data presumed to be encrypted, and in some cases, to inject ransomware or other malicious content into a website a client is visiting.

Oct 16 16:07

5G Explained

Oct 16 15:22

Here's a timeless headline: Adobe rushes out emergency Flash fix after hacker exploits bug

The booby-trapped Flash file is wrapped in an ActiveX object, and embedded in Microsoft Office documents that are presumably emailed to victims. Once opened, the Flash file exploits the memory-corruption bug to read and write memory as it pleases, which is used to execute an initial shellcode stage.

This first stage disguises some of its code – the NOP sled – to avoid detection by antivirus packages, and downloads and runs a second stage called mo.exe.

This executable is the latest version of FinFisher, the multitool spyware developed for government snoops by Gamma International that was dumped online and into the hands of crooks. The malware can hijack the computer, and spy on the users' activities, as well as connect to three command-and-control servers to receive fresh orders from its masterminds.

Oct 16 15:15

Is There A Link Between Dental Amalgams And Wi-Fi EMFs?

By Catherine J. Frompovich

One of the most unlikely and neurotoxic practices in public health and consumer healthcare modalities is the use of mercury in amalgam dental restorations, aka “silver fillings.” The amount of mercury in dental amalgams is 50%! When I was writing my 2009 book, Our Chemical Lives And The Hijacking of Our DNA, A Probe Into What’s Probably Making Us Sick, I interviewed a holistic, non-amalgam, practicing dentist and got the lowdown on dental amalgams. Here’s what I wrote about that in Our Chemical Lives… on page 240...

Oct 16 10:21

Microsoft faces Dutch crunch over Windows 10 private data slurp

Yet another European nation is turning up the heat on Microsoft for extracting heaps and heaps of telemetry and other intelligence from Windows 10 PCs.

This time, it's privacy authorities in the Netherlands who are calling out Redmond for its hog-wild harvesting of data from machines that run Windows 10 Home and Pro. The Dutch Data Protection Authority (DPA) said on Friday it will impose sanctions on Microsoft should the American tech giant fail to make changes to its software.

Of particular concern to the agency is the way Windows 10 collects and transmits user telemetry data, and the way it gets user consent to slurp their goodies. Essentially, we're told, the operating system does not make it clear what information is beamed back to headquarters and why, and the Dutch want this clarified and made obvious to punters.

Oct 16 10:15

Assange thanks USA for forcing him to invest in booming Bitcoin

My deepest thanks to the US government, Senator McCain and Senator Lieberman for pushing Visa, MasterCard, Payal, AmEx, Mooneybookers, et al, into erecting an illegal banking blockade against @WikiLeaks starting in 2010. It caused us to invest in Bitcoin -- with > 50000% return. pic.twitter.com/9i8D69yxLC

— Julian Assange ???? (@JulianAssange) October 14, 2017

Oct 16 10:07

Hackers Use New Flash Zero-Day Exploit to Distribute FinFisher Spyware

FinSpy—the infamous surveillance malware is back and infecting high-profile targets using a new Adobe Flash zero-day exploit delivered through Microsoft Office documents.

Security researchers from Kaspersky Labs have discovered a new zero-day remote code execution vulnerability in Adobe Flash, which was being actively exploited in the wild by a group of advanced persistent threat actors, known as BlackOasis.

The critical type confusion vulnerability, tracked as CVE-2017-11292, could lead to code execution and affects Flash Player 21.0.0.226 for major operating systems including Windows, Macintosh, Linux and Chrome OS.

,,,

Kaspersky Lab reported the vulnerability to Adobe, and the company has addressed the vulnerability with the release of Adobe Flash Player versions 27.0.0.159 and 27.0.0.130.

Oct 16 09:40

'Almost all' home routers are at risk of being HACKED: Massive flaw in Wi-fi protection is found that lets cyber criminals spy on your every move

Our home networks may be vulnerable to attack by hackers, thanks to a 'severe' security flaw.

Computer security experts are on high alert after it emerged encryption algorithms designed to protect people's privacy online have been cracked.

That means cyber criminals within physical range of any WPA2 protected wireless router - which includes almost all home users - can spy on your every move online.

It could also provide them easy access to data from smart devices, including baby monitors and internet connected security cameras.

Oct 15 11:00

Dubai Adds Hoverbikes To Its Technocratic Police State, Becoming Ground Zero for Cities of the Future

By Nicholas West

Most readers (and certainly this writer) will likely never visit the exorbitantly priced Dubai, which might make the following story seem less threatening. However, Dubai is emerging as the perfect insulated testing ground for a range of high-tech applications that could very well spread to many corners of the world in the near future...

Oct 15 10:34

Telcos "selling realtime ability to associate web browsing with name & address"

Telcos provide API access to your phone's location, along with your name and address, writes Philip Neutstrom. With two links, to danalinc.com and payfone.com, he shows that these sites can access this data when your phone connects. The pages are demos for the API and serve some of the data provided back to the visitor.

Oct 15 10:31

Dubai police have announced they will soon have officers buzzing around the skies on Star Wars-style electric hoverbikes capable of speeds of up to 70 kilometres per hour

Dubai police have announced they will soon have officers buzzing around the skies on Star Wars-style electric hoverbikes capable of speeds of up to 70 kilometres per hour. The Hoversurf Scorpion was unveiled at the Gitex Technology Week conference, Gulf News reported.

Oct 15 07:46

Twitter CEO Announces More Censorship In Response To Backlash Over McGowan Censorship

Twitter CEO Jack Dorsey responded to backlash over his censoring of Rose McGowan by announcing he will be expanding their censorship regime in the name of protecting women.

Oct 15 06:40

Apple Diversity Chief Apologizes For Saying White People Can Be Diverse

Apple VP of Inclusion and Diversity Denise Young Smith apologized on Friday for saying that a group of "blue-eyed blonde men" can contribute to diversity because of their "different life experiences."

Oct 13 18:12

From Tex Mex to Mex Tech: A Study of Northern Inattention

In America two narratives about Mexico dominate. First, chiefly emanating from anti-immigrant ideologues who usually have never been here, holds that Mexicans have low IQs and cannot function at other than a primitive level. Breitbart News and something called Vdare are chief among these. They don’t quite expect to find all Mexicans either robbing banks or sleeping at the foot of cactuses win big hats and a burro, but they come close.

Oct 13 15:54

Cyber attack hits 41 Hyatt Hotel properties: Customers' personal information put at risk after hackers breach the chain's credit card system

The chain announced on Thursday that they had discovered unauthorized access to payment card information at certain Hyatt-managed locations between March 18, 2017 and July 2, 2017.

They said the incident meant personal information such as names, card numbers, expiration dates and internal verification codes with cards that were either manually entered or swiped at the front desk were at risk.

A total of 41 properties were affected in 13 countries, with China accounting for 18 properties, three in Hawaii were affected, as well as three in Puerto Rico and also one in Guam.

Oct 13 09:47

Neglected Pure Connect speaker app silenced in iOS 11's war on 32-bit

Wireless speaker maker Pure appears to be more the first casualties in Apple's war on 32-bit iOS apps.

Pure's 32-bit Connect software for iThings won't work on Apple's new 64-bit-only iOS 11, meaning folks using Cupertino's latest firmware and handsets can't control their space-age hi-fis. The audio remote-control app joins various games, utilities and other 32-bit-only programs that are not allowed to run on iOS 11 and later.

Oct 13 09:42

MS Office Built-in Feature Allows Malware Execution Without Macros Enabled

Security researchers at Cisco's Talos threat research group have discovered one such attack campaign spreading malware-equipped Microsoft Word documents that perform code execution on the targeted device without requiring Macros enabled or memory corruption.

This Macro-less code execution in MSWord technique, described in detail on Monday by a pair of security researchers from Sensepost, Etienne Stalmans and Saif El-Sherei, which leverages a built-in feature of MS Office, called Dynamic Data Exchange (DDE), to perform code execution.

Oct 13 09:38

New Ransomware Not Just Encrypts Your Android But Also Changes PIN Lock

DoubleLocker—as the name suggests, it locks device twice.

Security researchers from cybersecurity firm ESET have discovered a new Android ransomware that not just encrypts users’ data, but also locks them out of their devices by changing lock screen PIN.

On top of that:

DoubleLocker is the first-ever ransomware to misuse Android accessibility—a feature that provides users alternative ways to interact with their smartphone devices, and mainly misused by Android banking Trojans to steal banking credentials.

Oct 13 08:00

IRS Pulls Equifax Contract In "Precautionary Step"

Until today's headlines indicating the possibility of another breach of Equifax's security, dip-buyers had been enjoying a few days' relief as analysts clammored to explain how one of the biggest cyberhacks of all time did nothing to hinder Equifax's business model. Tonight, they might just start questioning that as Politico reports The IRS has temporarily suspended the $7.2 million, no-bid contract it awarded to Equifax to verify the identities of taxpayers.

Oct 13 07:50

NOT THE ONION --- Russia used Pokémon Go in an effort to inflame racial tensions

CNN Claims Russians Meddled in 2016 Election With Racist ‘Pokémon Go’

– Gets Savaged on Twitter

Oct 13 07:49

Exclusive: The Democrat's IT Scandal Started With This Big Oversight

None of the six officially vetted IT firms that do work for congressional offices employed Rep. Debbie Wasserman Schultz’s (D-FL) now indicted IT aide, Imran Awan. This is odd, as congressional offices are given a pre-approved list of tech firms to work with for IT support.

Oct 12 13:06

‘Human Input Into YouTube Machinery’ Makes Specific News Trend – Project Veritas

YouTube’s curation team are able to promote even non-trending videos on the platform by “using some kind of intervention” into algorithms controlling the website. This allows specific news organizations to be favored, Project Veritas revealed.

Oct 12 12:24

Twitter Blocks Political Ad Over Claim Against Planned Parenthood

The social media giant is reportedly blocking any paid promotion of a video announcing Rep. Blackburn’s 2018 candidacy for a US Senate seat in Tennessee, which fellow Republican Senator Bob Corker is leaving vacant when he retires next year.

Oct 12 10:44

Mystery hacker steals ‘sensitive’ data on Australian F-35s & newest spy jets

Some 30 gigabytes of defense-related data covering fifth-generation F-35 fighter jets as well as Australia’s newest warships and spy planes has been stolen by a mystery hacker, local media reports citing a top cyber intelligence official.

The hacker, nicknamed “Alf” after the ‘Home and Away’ character played by Ray Meagher, breached a defense contractor’s database containing 30GB of files on some of the West’s most secretive and modern military programs, an official of the Australian Signals Directorate (ASD), the government's main cyber intelligence agency, said on Wednesday, the Sydney Morning Herald reports.

Oct 12 09:42

Hold off on that update: Windows 10 patch causes computers to crash and display the 'blue screen of death' each time they boot up

An update to Windows 10 is causing chaos for some users, who have been faced with the dreaded 'blue screen of death' crash message after installing it.

Others have been unable to get back into their machines after the system crash, entering an endless 'boot loop'.

Microsoft says it is working on a fix for the issue, which will be included in a future update, but users may wish to hold fire on updating their systems in the meantime.

Oct 12 09:34

Caught On Tape: Google Works To Censor Infowars

Project Veritas captured groundbreaking footage that reveals Google’s willingness to censor those who they are ideologically opposed to.

Oct 12 09:02

Dumb bug of the week: Outlook staples your encrypted emails to, er, plaintext copies when sending messages

Attention anyone using Microsoft Outlook to encrypt emails. Researchers at security outfit SEC Consult have found a bug in Redmond's software that causes encrypted messages to be sent out with their unencrypted versions attached.

You read that right: if you can intercept a network connection transferring an encrypted email, you can just read off the unencrypted copy stapled to it, if the programming blunder is triggered.

The bug is activated when Outlook users use S/MIME to encrypt messages and format their emails as plain text. When sent, the software reports the memo was delivered in an encrypted form, and it appears that way in the Sent folder – but attached to the ciphered text is an easily human-readable cleartext version of the same email. This somewhat derails the use of encryption.

Oct 12 09:01

Rejecting Sonos' private data slurp basically bricks bloke's boombox

"I'm deeply disappointed at their arrogance that they feel free to cut support for those of us who won't blindly accept new contract terms whenever they see fit," he said. "Whether I'm happy with the new terms or not is irrelevant to this issue. I might have considered accepting them had they not been forced in this way."

Dave also expressed concern that Sonos feels it's acceptable to keep personal data unnecessarily.

"Most of all, as a fairly senior technical person, I cannot fathom their requirement to keep my IP address on file for a device which offers no push functionality whatsoever. This is pure Big Brother at its best and needs to either be justified or stopped," our reader said. "I'd suggest that Sonos users monitor and firewall these devices in future. I'm probably going back to a traditional setup with buttons, stereo speakers, and wires. The sound was better, control better, and it still works after 20 years, without ever even needing any kind of agreement in place."

Oct 12 09:00

Armed Robots Could Soon Be Seen in Ukraine Conflict

Are we on the verge of entering the age of robotic warfare?

Russian-backed troops in Ukraine could soon be facing armed ground robots in battle. Ukrainian military leaders proudly displayed their Phantom robot at the Association of the U.S. Army annual meeting in Washington, D.C. on Monday, Defense One reports. The robot is currently in an experimental phase, but reportedly could be used in combat in Ukraine as early as next year.

Depending on the terrain, the Phantom (also spelled Fantom) can be outfitted with treads like a tank or wheels. It can also be armed with anti-tank weapons, grenade launchers or machine guns.

The Phantom is also equipped with a backup microwave-communication link, which allows it to continue operating even if its connection with the operator has been jammed or hacked.

Webmaster's Commentary: 

Is this article telegraphing that the Government of the Occupied, Unhinged, Surveilled States of America will be at war with Russia in Ukraine the biginning of next year?!?

I sincerely hope not!!

Oct 12 08:51

Microsoft's mystery update arouses anger, suspicion among Windows 10 users

Microsoft's update servers are pushing out a new Photos Add-on app, with no explanation of what it does. Windows 10 users aren't taking it well.

Oct 12 08:47

Google’s Home Mini Needed a Software Patch to Stop Some of Them from Recording Everything

Categorize this under “one of the worst possible PR nightmares for a Google smart speaker.” According to Artem Russakovskii at Android Police, the Google Home Mini he was reviewing was randomly and near-constantly recording sounds in his home and transmitting them to Google. The company acknowledged the problem and is issuing a software update to resolve the issue, which appears to boil down to a failure of the touch sensor on the top.

Webmaster's Commentary: 

This is a surveillance mechanism, pure and simple; Mike and I would never allow something like this in our homes, and neither should you!!

Even if Google swears that the problem is" fixed", I wouldn't trust this to be true at all.

Oct 11 13:32

O'Keefe Drops Part 2: NYT Editor Brags About Colluding With YouTube To Push Political Agenda

Yesterday we covered the latest James O'Keefe undercover video bombshell which featured the New York Times' Audience Strategy Editor, Nick Dudich, admitting to exploiting his position at the Times to promote content that intentionally sought to, among other things, damage President Trump's businesses as a means towards forcing his resignation (see: O'Keefe Strikes Again, Catches NYT Editors On Hidden Camera: "Targeting Trump's Businesses, His Dumb F**k Of A Son").

Today, Project Veritas is back with part 2 of their New York Times series which features Dudich bragging about his extensive contacts at YouTube that allow him to, among other things, bypass search algos and get his content promoted to the front page and/or buried, depending upon his personal preferences.

Oct 11 13:23

Facebook, Instagram Experiencing "Extreme" Outages As Complaints Pile Up

Facebook and Instagram are down for thousands of users across the world this morning, with websites like Outage Report recording “extreme” outages in the US Hungary, Kosovo, Germany, Poland and other countries. The sites went down shortly after 11 a.m.

This is the second widespread outage for both social networks (Instagram is owned by Facebook) in less than two months. Facebook blamed the most recent outage, which occurred on Aug. 26, on unspecified “technical issues.”

Oct 11 12:40

YouTube employee admits he curates trends for "legitimate news" #NYTimes, manipulates views away from content creators like @RealAlexJones.

Oct 11 09:32

Malicious iOS apps can easily create fake login pop-ups that look exactly like the ones used by Apple: Here's how to protect yourself

You can protect yourself from the fake pop-up scam by never inputting passwords into an Apple pop-up.

Instead, you should go into your iPhone's settings menu and enter it there to confirm it's a real request from Apple.

You can also click the home button whenever a pop-up is shown.

This will close the app if it is a phishing scam, but the pop-up will remain if it is a legitimate Apple ID request.

Oct 11 08:21

Google’s Home Mini needed a software patch to stop some of them from recording everything

Categorize this under “one of the worst possible PR nightmares for a Google smart speaker.” According to Artem Russakovskii at Android Police, the Google Home Mini he was reviewing was randomly and near-constantly recording sounds in his home and transmitting them to Google. The company acknowledged the problem and is issuing a software update to resolve the issue, which appears to boil down to a failure of the touch sensor on the top.

Oct 11 08:20

Pornhub hack: Millions of people using adult video site could have been spied on

Pornhub was hit by a hack that means anyone who used it could have contracted a virus.

A secret, malicious advert has been running on the free pornography site for more than a year. And it works by infiltrating people's computer and then having their machine taken over, all without a users' knowledge.

The problem was shut down almost as soon as it was discovered. But it has been running quietly for more than a year – and the damage could have spread across the entire internet.

Oct 11 08:18

OnePlus is collecting your private data without permission

OnePlus is mainly known as the little upstart that took on the big guns with the help of its solid, yet affordable, handsets. But, its in-house version of Android, dubbed OxygenOS, is once again threatening to dent its hard-fought for credibility. The problem lies with the company's approach to data-sharing, which is problematic (to say the least). As security researcher Chris Moore has repeatedly pointed out, the manufacturer's OxygenOS-based devices not only gather a ton of user data, but they also tie this info to individual devices, and user accounts in particular.

Some of the data-gathering is pretty standard fare, including how often you unlock your phone, the apps you open and use, and the Wi-Fi networks you connect to. The problem lies with the lack of anonymity. It turns out, OnePlus is transferring this info along with your phone's serial number, meaning that your activity is personally identifiable.

Oct 11 08:12

Equifax: About those 400,000 UK records we lost? It's now 15.2M. Yes, M for MEELLLION

Last month, US credit score agency Equifax admitted the personal data for just under 400,000 UK accounts was slurped by hackers raiding its database. On Tuesday this week, it upped that number ever-so-slightly to 15.2 million.

In true buck-passing fashion, at the time of writing, Equifax hadn't even released a public statement on the matter. Instead it fell to Blighty's National Cyber Security Centre to reveal the bad news that a blundering American firm had put them at risk of phishing attacks.

Oct 11 08:09

Outlook, Office 2007 slowly taken behind the shed, shots heard

A decade after their release, Microsoft Office 2007 and Outlook 2007 today fell out of extended support. Gaze teary-eyed at your installation discs. The software has entered the Long Dark Tea-Time of the Soul.

Oct 11 06:34

LEAKED: Worst Data Hack in US History Gets Worse

But without telling consumers, Equifax went around and told its customers – mainly banks and credit card companies – that the tally of driver’s license data that had also been stolen, previously minimized with the phrase “in some instances,” amounted to driver’s licences of 10.9 million consumers.

This wasn’t an announcement disclosed by the company in a vapid and robotically apologetic press release, but was leaked by “people familiar with the matter,” and reported today by the Wall Street Journal.

The fact that consumers whose DL data had been stolen and who’d become more vulnerable to some fraud didn’t need to be informed about it fortifies the simple fact that, for Equifax, consumers are just the lowly product – and dealing with that product is just an expense.

Oct 10 11:41

Rivero challenges the NSA

The US Government insists their demand for a ban on strong encryption or back doors into all of our electronic devices is to stop crime and terror.

But over the course of a year, as documented on this page, What Really Happened issued six encryption challenges based on systems of encryption created and programmed here on an air-gapped computer.

Now, I am not an encryption expert, and only a moderately decent programmer. The NSA would have a strong motive to break my codes to discourage others from creating their own systems of encryption.

None were ever solved.

If I can beat the NSA, it means real criminals and terrorists can defeat the NSA and keep their communications private.

Hence, the real agenda of the government is not to stop crime and terror but to monitor the American people to make sure they are not thinking those double-plus ungood thoughts about how this nation is being run!

Webmaster's Commentary: 

I know I reposted this a few days ago, but this morning FOX News had another story about how DC wants to force Silicon Valley to further weaken encryption on digital devices, I assume so that the government and their buddies the cyber-criminals have less trouble stealing our secrets. But as this article demonstrates, real criminals and real terrorists can devise code systems which for all practical purposes are unbreakable by the NSA. Hence this push to weaken encryption is nothing more than a blatant attack on the Fourth Amendment rights of law-abiding citizens.

Optional Banner: 
WRH Exclusive
Oct 10 11:29

Smart Devices Are Snitching on Owners and Rewriting the Criminal Justice System

By Nicholas West

A new type of court case is slowly but steadily emerging within the American legal system: alleged crimes being detected from data supplied by smart devices.

Several cases over the last few years have focused on data transmitted within the modern smart home, while a couple of others add an extra dimension of police completely reconstructing a crime scene based upon data collected from the home as well as the various Internet-connected devices that we wear.

The very nature of the 1st, 4th and 5th Amendments to the Constitution appears to be at stake...

Oct 10 09:37

WikiLeaks Releases Moscow’s Surveillance Files

By Aaron Kesel

The international whistleblower coalition WikiLeaks who have had their sights on the CIA, pivoted their focus to Russia’s own surveillance, offering a look at technical details of how Moscow spies on its citizens’ mobile data online...

Oct 10 07:14

Hacking is inevitable, so it’s time to assume our data will be stolen

If recent hacking attacks such as the one at Equifax, which compromised personal data for about half of all Americans, have taught us anything, it’s that data breaches are a part of life. It’s time to plan for what happens after our data is stolen, according to Rahul Telang, professor of information systems at Carnegie Mellon University.

Oct 09 15:28

Hard Censorship Hits the Internet

Government in the United States and the media whores that service government agendas have an immense credibility problem. We cannot rely on the veracity of any government or media statement. Like the boy who cried “wolf,” Washington and the presstitutes have made it impossible to know when they are telling the truth.

Oct 09 14:59

RIP Windows 10 Mobile: Microsoft finally admits its troubled operating system is dead

Microsoft is no longer developing new features and hardware for Windows 10 mobile as the operating system is officially placed into servicing mode.

According to a series of tweets, Microsoft's Corporate Vice President in the Operating Systems Group Joe Belfiore revealed the system would just fix bugs and do security updates for existing users.

Oct 09 14:49

Disqus Hacked: More than 17.5 Million Users' Details Stolen in 2012 Breach

Another day, Another data breach disclosure.

This time the popular commenting system has fallen victim to a massive security breach.

Disqus, the company which provides a web-based comment plugin for websites and blogs, has admitted that it was breached 5 years ago in July 2012 and hackers stole details of more than 17.5 million users.

The stolen data includes email addresses, usernames, sign-up dates, and last login dates in plain text for all 17.5 million users.

What's more? Hackers also got their hands on passwords for about one-third of the affected users, which were salted and hashed using the weak SHA-1 algorithm.

Oct 09 14:47

Microsoft silently fixes security holes in Windows 10 – dumps Win 7, 8 out in the cold

Microsoft is silently patching security bugs in Windows 10, and not immediately rolling out the same updates to Windows 7 and 8, potentially leaving hundreds of millions of computers at risk of attack.

Flaws and other programming blunders that are exploitable by hackers and malware are being quietly cleaned up and fixed in the big Windows 10 releases – such as the Anniversary Update and the Creator's Update. But this vital repair work is only slowly, if at all, filtering back down to Windows 7 and Windows 8 in the form of monthly software updates.

Oct 09 14:44

Ghost in Musk's machines: Software bugs' autonomous joy ride

Last year, a dark historical landmark was reached. Joshua Brown became the first confirmed person to die in a crash where the car was, at least in part, driving itself. On a Florida highway, his Tesla Model S ploughed underneath a white truck trailer that was straddling the road, devastating the top half of the car.

Brown’s crash is well known. But more mundane bugs are finding their way into increasingly software-dependent, semi-autonomous cars. Software problems accounted for nearly 15 per cent of US car recalls in 2015, up from less than five per cent in 2011, according to the most recent report from financial advisors Stout Risius Ross.

Last year, to name a few examples, Toyota recalled around 320,000 cars after they found “improper programming” could cause airbags and seatbelt pretensioners to activate unbidden. Ford had to recall 23,000 cars because software problems in their electronic windows meant they had excessive “closing force.”

Oct 09 12:24

A Mysterious Virus Has Infiltrated America's Drone Program

There’s something deeply wrong at Creech Air Force Base, the notorious home of America’s drone program, where pilots remotely order US Reaper and Predator drones to unleash destructive missile strikes on unsuspecting villagers in Yemen, Libya, Iraq, Syria, Afghanistan and other war zones.

Less than a week after the Department of Homeland Security advised all federal agencies using anti-virus software created by Kaspersky Labs to remove the programs from their systems immediately, Ars Technica reports that two weeks ago the Defense Information Systems Agency detected mysterious spyware embedded in the drone “cockpits” – the control stations that pilots use to control the deadly machines.

Webmaster's Commentary: 

This looks, perhaps, like a coordinated targeting from a state actor with excellent computer capabilities.

The who and why cannot be demonstrated at this time; but what must be scary to our military experts running the drone program is, that the virus cannot be wiped from their computers.

Oct 09 10:45

The Dark Web's Largest Pedophile Site Was Secretly Run By Australian Police For A Year

- "the police sting involved undercover officers sharing extremely disturbing content and encouraging followers to engage in sexual acts with children.

But police say it was worth it."

SHARE THIS ARTICLE WITH YOUR SOCIAL MEDIA