COMPUTERS/INTERNET/SECURITY | WHAT REALLY HAPPENED


COMPUTERS/INTERNET/SECURITY

Jan 23 18:54

'I think I just shoplifted?': Amazon customers left VERY confused after shopping at checkout-free supermarket where cameras track what they buy

The grocery store on the bottom floor of the company's Seattle headquarters allows shoppers to scan their smartphone with the Amazon Go app at a turnstile, pick out the items they want and leave.

The tech mega-company still has some kinks to work out.

A CNBC tech reporter accidentally shoplifted a yogurt when the cameras failed to notice it, but the company responded 'it's on us' with a winking emoji.

Other Twitter users made jokes about how long the line was to get into the checkout-free grocery store - which promised no queue to exit.

Still others joked about how Seattle created another way to 'avoid human interaction' with the cashier-free method.

Another user questioned how he entered the store and somehow spent over $50 in just 57 seconds.

Jan 23 15:54

Zuckbook: Surveys Of Users Will Determine Which News is 'Trustworthy,' Results Will Be Kept Secret

Mark Zuckerberg is planning to battle "fake news" on Facebook by surveying users to determine which news sources are "broadly trusted," in other words the news you'll see will based on a popularity contest.

By using such a methodology, we can assume sites which report uncomfortable, politically incorrect truths will be demoted, while sites which reprint popular, politically correct lies and tell people what they want to hear will be promoted.

Jan 23 12:13

Amazon Go Is Dazzling. But How Many Jobs Will It Kill?

Amazon Go, the Seattle supermarket built to get rid of lines inside the store, opened for business on Monday with a big line outside.

Jan 23 08:59

Your iPhone X/8 battery could wear out in about 18 months

Wireless charging and fast charging might be a great solution to the pressures that more power-thirsty devices are placing on batteries, but these solutions could very well cause other problems down the line.

Jan 23 08:59

Spectre of unpredictable chips makes Intel recommend halt of its patchy patch

The chip giant believes it has found the root cause of the issue forcing Haswell and Broadwell chips to unexpectedly reboot.

Jan 23 08:44

Hackers Have Walked Off With About 14% of Big Digital Currencies

In less than a decade, hackers have stolen $1.2 billion worth of Bitcoin and rival currency Ether, according to Lex Sokolin, global director of fintech strategy at Autonomous Research LLP. Given the currencies’ explosive surge at the end of 2017, the cost in today’s money is much higher.

Jan 23 08:33

Net neutrality showdown: Now Mozilla and 21 states sue FCC over internet freedom

States sue the Federal Communications Commission in a bid to block its repeal of Obama's net neutrality rules.

Jan 23 08:33

Flurry of Lawsuits Filed to Fight Repeal of Net Neutrality

The legal fight against the Federal Communications Commission’s recent repeal of so-called net neutrality regulations began on Tuesday, with a flurry of lawsuits filed to block the agency’s action.

One suit, filed by 21 state attorneys general, said the agency’s actions broke federal law. The commission’s rollback of net neutrality rules were “arbitrary and capricious,” the attorneys general said, and a reversal of the agency’s longstanding policy to prevent internet service providers from blocking or charging websites for faster delivery of content to consumers.

Mozilla, the nonprofit organization behind the Firefox web browser, said the new F.C.C. rules would harm internet entrepreneurs who could be forced to pay fees for faster delivery of their content and services to consumers. A similar argument was made by another group that filed a suit, the Open Technology Institute, a part of a liberal think tank, the New America Foundation.

Jan 23 08:32

Mozilla Files Suit Against FCC to Protect Net Neutrality

Today, Mozilla filed a petition in federal court in Washington, DC against the Federal Communications Commission for its recent decision to overturn the 2015 Open Internet Order.

Jan 23 08:27

Self-driving cars and AI will leave a 'THIRD of the population unemployed' and cause people to slip into a meaningless life of misery, expert warns

The rise of the machines could leave a third of the population out of work.

That's according to Dr Subhash Kak, a computing expert at Oklahoma University, who claims AI and self-driving cars will lead to mass unemployment.

He also warns that as robots take control of the world, humans will slip into a life of 'meaningless' misery.

Jan 23 08:25

Only birds tweeted, and Amazon was a forest: PM Modi recalls massive changes in 20 years

As Prime Minister Narendra Modi stated that he is the first Indian PM in two decades to attend the World Economic Forum since H D Deve Gowda in 1997, he focussed on the changes that have taken place in the first during this time. "In 1997, India's GDP was a little more than USD 400 billion, but now it has increased more than six-times," he said.

Jan 23 08:10

Whose fault? Tesla crashes into fire truck, driver blames autopilot

A Tesla Model S has rear-ended a fire truck parked on a freeway in the US. The driver, however, says it wasn’t his fault, blaming the state-of-the-art technology instead.

On Monday morning, the Tesla car, going 65mph, hit a parked fire truck, the Culver City Fire Department tweeted. The firefighters were there attending to a “freeway accident,” when their truck was hit by the electric-powered vehicle, which was travelling on autopilot, according to the driver. The truck apparently sustained only minor damage, while the hood of the Tesla seems almost completely smashed.

Jan 23 07:59

Montana governor takes stand for state to honor ‘net neutrality’

Montana will sign contracts only with internet service providers that honor “net neutrality” firms, Governor Steve Bullock said on Monday, the latest effort by a state to undermine a Federal Communications Commission order rolling back rules introduced in 2015.

Bullock signed an executive order requiring state contract recipients to adhere to so-called net neutrality, which barred internet service providers from blocking or throttling traffic or offering paid fast lanes, also known as paid prioritization.

The Republican-majority FCC voted in December along party lines to reverse the 2015 rules. The new rules will not take effect for at least three months, the FCC has said.

A spokeswoman for the FCC declined to comment on the decision by Bullock, a Democrat.

Jan 23 07:58

Hackers are flooding the internet with more fake domain names. Here’s how you can protect yourself

A new report released Wednesday shows the use of fake internet domain names to trick consumers into giving up personal information is more widespread than experts originally thought.

This is largely because of the heightened use of Internationalized Domain Names (IDNs), which use homographs carefully crafted to look exactly like their English counterparts. Hackers create domain names that replace an English-language character with a look-alike character from another language — replacing the Latin letter ‘a’ with the Cyrillic letter ‘a,’ for instance — as a way of luring users to fake websites where they’re prompted to enter their personal information.

Jan 23 06:07

The NSA’s voice-recognition system raises hard questions for Echo and Google Home

How long could Waldo go without making a phone call on public lines? And even if he’s careful about phone calls, the world is full of microphones — how long before he gets picked up in the background while his friend talks to her Echo?

As it turns out, the NSA had roughly the same idea. In an Intercept piece on Friday, reporter Ava Kofman detailed the secret history of the NSA’s speaker recognition systems, dating back as far as 2004. One of the programs was a system known as Voice RT, which was able to match speakers to a given voiceprint (essentially solving the Waldo problem), along with generating basic transcriptions.

Jan 23 05:50

Linus Torvalds declares Intel fix for Meltdown/Spectre ‘COMPLETE AND UTTER GARBAGE’

The always outspoken Linus Torvalds, best known for his continuing work on the innermost code of Linux systems, has harsh words to say and accusations to level against Intel. His evaluation of Intel’s latest proposed fix for the Meltdown/Spectre issue: “the patches are COMPLETE AND UTTER GARBAGE.” As a potential line of inquiry, he suggests: “Has anybody talked to them and told them they are f*cking insane?” (Asterisk his.)

Jan 23 05:36

Critical Flaw in All Blizzard Games Could Let Hackers Hijack Millions of PCs

A Google security researcher has discovered a severe vulnerability in Blizzard games that could allow remote attackers to run malicious code on gamers’ computers.

Played every month by half a billion users—World of Warcraft, Overwatch, Diablo III, Hearthstone and Starcraft II are popular online games created by Blizzard Entertainment.

To play Blizzard games online using web browsers, users need to install a game client application, called 'Blizzard Update Agent,' onto their systems that run JSON-RPC server over HTTP protocol on port 1120, and "accepts commands to install, uninstall, change settings, update and other maintenance related options."

Google's Project Zero team researcher Tavis Ormandy discovered that the Blizzard Update Agent is vulnerable to a hacking technique called the "DNS Rebinding" attack that allows any website to act as a bridge between the external server and your localhost.

Jan 22 18:12

Montana becomes first state to implement net neutrality after FCC repeal

Montana Gov. Steve Bullock (D) signed an executive order on Monday requiring internet service providers with state contracts to abide by net neutrality principles. The order makes his state the first to push back on the Federal Communications Commission’s decision to repeal the open internet rules last month.

Jan 22 16:53

Belay that order: Intel says you should NOT install its Meltdown firmware fixes

The warning, which encompasses just about every Intel processor out there, from all PC manufacturers, takes effect immediately. And there’s no indication when it will get fixed.

Jan 22 15:48

Lawsuits reveal Google's secret 'speech police'

More than 100 nongovernment organizations (NGOs) and government agencies around the world help police YouTube for extremist content, ranging from so-called hate speech to terrorist recruiting videos.

All of them have confidentiality agreements barring Google, YouTube's parent company, from revealing their participation to the public, a Google representative told The Daily Caller on Thursday.

Jan 22 10:39

Assange Keeps Warning Of A.I. Censorship, And It's Time We Started Listening

"...increasingly more advanced forms of artificial intelligence... can hide information which goes against the interests of those power structures and elevate narratives which support those interests, all of course while maintaining the illusion of freedom and lively debate..."

Jan 22 09:40

THANKS TO "CONSENT" BURIED DEEP IN SALES AGREEMENTS, CAR MANUFACTURERS ARE TRACKING TENS OF MILLIONS OF US CARS

Millions of new cars sold in the US and Europe are "connected," having some mechanism for exchanging data with their manufacturers after the cars are sold; these cars stream or batch-upload location data and other telemetry to their manufacturers, who argue that they are allowed to do virtually anything they want with this data, thanks to the "explicit consent" of the car owners -- who signed a lengthy contract at purchase time that contained a vague and misleading clause deep in its fine-print.

Car manufacturers are mostly warehousing this data (leaving it vulnerable to leaks and breaches, search-warrants, government hacking and unethical employee snooping), and can't articulate why they're saving it or how they use it.

Webmaster's Commentary: 

Given the way new cars can gather and transmit data to who knows where, I think that Mike and I, in our pilgrimage to find a newer car than our 18 year old Crudmobile, will be looking at a classic from the 50s, and adopt a Cuban mechanic!!

Jan 22 08:10

NHS OKs offshoring patient data to cloud providers stateside

The NHS has said that patient data can be stored in the cloud – and has given US data centres party to Privacy Shield the thumbs-up.

In a major policy shift, NHS Digital has given care providers the go-ahead to store patient information outside the UK in a bid to hurry them into the cloud to save cash.

Jan 22 08:09

Nearly Half of the Norway Population Exposed in HealthCare Data Breach

Cybercriminals have stolen a massive trove of Norway's healthcare data in a recent data breach, which likely impacts more than half of the nation's population.

An unknown hacker or group of hackers managed to breach the systems of Health South-East Regional Health Authority (RHF) and reportedly stolen personal info and health records of some 2.9 million Norwegians out of the country's total 5.2 million inhabitants.

Jan 21 20:19

Terrorists Could Use Teslas to Kill Us

It's a calm Saturday morning in August of next year. Suddenly, across the nation, 12,000 Tesla Model S sedans start up at the same time. They engage Tesla's vaunted autopilot feature and head out onto the road. Some of them make their way to local gas stations. Some to electrical substations. And then, as they approach, they accelerate to top speed. The explosions are fantastic as the Model S batteries rupture and spark fires, which ignite anything flammable in the area. The power grid in the Los Angeles area is brought down almost immediately. Hundreds of fires rage. America is under attack. This might sound like science fiction. It's not.

Jan 21 14:47

Southfront.org Hit By Hacker Attack

Jan 20 09:33

Explaining What Shadow Banning Is - It's A Crime

Jan 20 09:32

Class Action Lawsuit - Google, Twitter, Facebook, YouTube, GoFundMe & Patreon

Youtube is Stealing MILLIONS OF DOLLARS and millions from channel owners, in ways of stealing ad revenue. When videos are monetized, they are running the ads, deleting the views and comments left on channels, and then demeaning channel success by subtracting thousands of views per channel, to steal the revenue.

We have been robbed by so many thousand dollars. They have tampered with accounts, closed accounts, deleted subscribers, views, entire channels. They have Breached Their own Contract with Channel owners. They changed user terms, lying about their advertisers, just to embezzle more revenue & stress out channel owners. However in a contract, people have to be alerted to changes in terms & also agree w/ them. When they are hidden to deceive, how can anyone agree?

Jan 20 09:29

New Smoking Gun Clinton Emails!

One of the myths perpetrated by Hillary Clinton and her lieutenants is that she was mostly helpless when it came to using email and that she knew nothing about keeping it secure. It has been repeated so often that it has been accepted as true, even though it defies common sense.

Now there is even more evidence to debunk this myth.

This week we released 78 pages of new documents from the State Department containing emails that former Secretary of State Clinton sent and received over her unsecure, non-“state.gov” email system. Three of the email exchanges include classified information. The emails also reveal that Clinton had detailed knowledge about the security issues with her non-State Department email system.

Jan 20 09:14

FINDING YOUR VOICE

A classified NSA memo from January 2006 describes NSA analysts using a “technology that identifies people by the sound of their voices” to successfully match old audio files of Pelton to one another. “Had such technologies been available twenty years ago,” the memo stated, “early detection and apprehension could have been possible, reducing the considerable damage Pelton did to national security.”

These and other classified documents provided by former NSA contractor Edward Snowden reveal that the NSA has developed technology not just to record and transcribe private conversations but to automatically identify the speakers.

Jan 20 08:20

How Much Do You Know?

If you do not understand Bitcoin and Blockhain and their difference, then this is for you.

Jan 20 07:15

A COMPREHENSIVE GUIDE TO CORPORATE ONLINE SURVEILLANCE IN EVERYDAY LIFE

Cracked Labs' massive report on online surveillance by corporations dissects all the different ways in which our digital lives are tracked, from the ad-beacons that follow us around the web to the apps that track our physical locations as we move around the world.

Importantly, the report shows how tracking companies join up the dots we leave behind, creating stable identifiers that can connect the data-trails from purchases, apps, devices, and clicks, creating a fantastically detailed picture of our lives built up our of these fragmentary details.

This is important because each little fragmentary disclosure can feel harmless at the time, but once they're merged into a unitary whole, the picture they from is disturbingly detailed.

Jan 19 15:23

Thousands hit in OnePlus credit card hack

Up to 40,000 people were caught out by hackers who stole credit card details from the site of phone maker OnePlus.

The company stopped taking card payments via its site earlier this week after learning about the attack.

An investigation has revealed that attackers stole data by exploiting a loophole in its payment system between mid-November 2017 and 11 January.

The company apologised and said affected customers would get free help to resolve card problems.

Jan 19 15:19

Amazon raises monthly Prime price in US

Amazon has raised the price of monthly Prime memberships in the US by $2 to $12.99 (£9.40), in a bid to push more people to an annual plan.

The annual cost of Prime, which includes two-day shipping and video streaming, was unchanged at $99.

Amazon said the change does not affect the UK or other countries.

Jan 19 11:39

Clinton Had Detailed Knowledge of Email Server Security Risks, Emails Show

Then-Secretary of State Hillary Clinton had detailed knowledge about the security vulnerabilities involved in continuing to use her personal email despite claims that she didn’t really "stop and think" about the email system she was planning to use, newly released State Department emails show.

The new batch of emails also show three more exchanges containing classified information, according to Judicial Watch, a watchdog group that obtained the emails through a Freedom of Information Act lawsuit.

Justin Cooper, an aide to former President Bill Clinton, warned in 2011 about "overseas" use and other security issues concerning her emails and her personal BlackBerrys.

Jan 19 09:53

James O'Keefe on Hannity - January 15, 2018

Webmaster's Commentary: 

More about Project Veritas' look into Twitter!

Jan 18 18:43

A New Wave Of Bad Ads Is Hijacking Even Top-Tier Websites

Over the past couple of weeks, internet users have been complaining of a new wave of hard-to-close, misleading, and malicious ads popping across websites big and small. Some of the ads even make it impossible for people to read news and other content by redirecting browsers to spammy sites or popping up mobile app store pages for undesired software.

Many social media posts lamented that even top-tier publishers like The New York Times and The Atlantic were willing to run such intrusive ads on their sites. But experts say the problem isn’t with lack of discernment on the part of site publishers but with an extremely complex online advertising system that makes it hard for publishers involved to detect, let alone weed out, misleading and malware-laden ads.

Jan 18 18:25

You get a lawsuit! And you get a lawsuit! And you! Now Apple sued over CPU security flaws

A 17-page class-action complaint [PDF] – filed earlier this month in a San Jose district court in California – accuses the Cupertino iGiant of failing to keep the Arm-compatible processors in iPhones, iPads, and Apple TVs secure as advertised.

The claim does not cover the Intel-powered Macs Apple sells, which are also affected by Meltdown and Spectre. Chipzilla is separately fending off class-action claims over those CPU blunders.

The complaint, which cites The Register's original report on the processor industry's design cockups, claims Apple withheld information on the flaws from customers for months, selling products it knew to be vulnerable to data-theft attacks. Starting with the A6 chip in 2012's iPhone 5, Apple has designed and shipped its own custom Arm-compatible processor cores, meaning Cupertino had a hand in introducing insecurities into its silicon.

Jan 18 18:19

New alert over WhatsApp scam that tries to fool users into paying for a subscription to the free service

Fake text messages have been sent out in recent weeks warning recipients that their Whatsapp subscription has run out.

The message also contains instructions to receive a lifetime subscription for a small fee and are being used by criminals to trick people into providing their payment details.

People who have received the message should delete it immediately.

If you have clicked on the link it contains, you should also run antivirus software to ensure your device has not been infected with malware.

Jan 18 16:33

New Colorado Bill Could Implement Nanotechnology to Track Legal Cannabis

By Derrick Broze

A new Colorado bill would require the implementation of technology to scan cannabis to determine whether it was legally purchased.

Colorado lawmakers have introduced a new bill which would require the development of “marijuana tracking technology” to help law enforcement distinguish between legal and illegally purchased cannabis. The bill, SB18-029, was introduced by Representatives Leroy Garcia, Daniel Pabon, Kent D. Lambert and Yeulin Willett on January 10 under the title “Development of Marijuana Tracking Technology.”...

Jan 18 12:13

Facebook and Google Outline Unprecedented Mass Censorship at US Senate Hearing

Behind the backs of the US and world populations, social media companies have built up a massive censorship apparatus staffed by an army of “content reviewers” capable of seamlessly monitoring, tracking, and blocking millions of pieces of content.

The character of this apparatus was detailed in testimony Wednesday from representatives of Facebook, Twitter, and Google’s YouTube before the United States Senate Committee on Commerce, Science, and Transportation, chaired by South Dakota Republican John Thune.

The hearing was called to review what technology companies are doing to shut down the communications of oppositional political organizations. It represented a significant escalation of the campaign, supported by both Democrats and Republicans, to establish unprecedented levels of censorship and control over the Internet.

Jan 18 09:33

The reluctant cyber hero: How a 22-year-old stumbled across the worst computer chip flaw in history while reading huge Intel processor manuals with thousands of pages

Horn was actually trying to work out whether processors could handle an intense piece of number-crunching code he had devised when he began picking through the doorstop-sized manuals last year, Bloomberg reports.

His research led him to a process known as speculative execution - where a chip tries to guess what it might be asked to do next and starts performing that task ahead of time in order to increase speed.

In doing so it starts fetching data from various parts of the machine and storing that information in its memory.

Horn discovered that, even if the chip guessed wrong, the data it had retrieved would still be stored and could potentially be stolen by a clever hacker.

Working from Google's Project Zero lab in Zurich, he compared notes with other researchers before making his discovery - chips could be tricked into retrieving data of a hacker's choosing, which could then be stolen.

Jan 18 09:26

Intel fix causes reboots and slowdowns

In an update on its website, Intel said the reboot problem had been identified in its Ivy Bridge, Sandy Bridge and Skylake processors.

It also affected Kaby Lake chips - its most recent offering.

Jan 18 09:25

Why Russia is Building Its Own Internet

Last November, news emerged that Russian president Vladimir Putin had approved a plan to create an independent Internet by 1 August 2018, first reported by the Russian news agency, RT. The alternate Internet would be used by BRICS nations—Brazil, Russia, India, China, and South Africa—and shield them from “possible external influence,” the Kremlin’s press secretary, Dmitry Peskov, told RT.

Jan 18 09:23

YouTube is taking down Tide Pod Challenge videos and oh my god don’t eat laundry pods

I’m not the first person to write this on the internet, and I won’t be the last, but good lord, DO NOT EAT TIDE PODS. Unfortunately, what started as a fairly ridiculous meme about how delicious-looking the detergent-filled gel pods are has spiraled into a dangerous meme, with people actually filming themselves eating the blighted poison packs for a shot at 15 minutes of internet fame in the “Tide Pod challenge.”

That buck stops here though, with YouTube commenting that it would remove any Tide Pod challenge videos, noting in a statement to Fast Company that “YouTube’s Community Guidelines prohibit content that’s intended to encourage dangerous activities that have an inherent risk of physical harm. We work to quickly remove flagged videos that violate our policies.”

Jan 18 09:15

Amazon won't say if it hands your Echo data to the government

The retail, cloud, and device giant stands as the least transparent of transparent tech companies.

Jan 18 09:14

Software that predicts whether crims will break the law again is no better than you or me

Software that predicts how likely a criminal will reoffend – and is used by the courts to mete out punishments – is about as smart as a layperson off the street.

That's according to a paper published in Science Advances on Wednesday. The research highlights the potential dangers of relying on black-box algorithms, particularly when a person's freedom is at stake.

Jan 18 09:12

Red Hat slams into reverse on CPU fix for Spectre design blunder

Techies are scratching their heads after Red Hat pulled a CPU microcode update that was supposed to mitigate variant two of the Spectre design flaw in Intel and AMD processors.

In a note to IT departments, the open-source player confirmed the latest version of its microcode_ctl package will not contain any solution for CVE-2017-5715, aka Spectre variant two, a processor security blunder we previously detailed here.

That's because the Spectre workaround in the microcode was causing systems to become unbootable.

Jan 18 09:10

Hackers Exploiting Three Microsoft Office Flaws to Spread Zyklon Malware

Security researchers have spotted a new malware campaign in the wild that spreads an advanced botnet malware by leveraging at least three recently disclosed vulnerabilities in Microsoft Office.

Dubbed Zyklon, the fully-featured malware has resurfaced after almost two years and primarily found targeting telecommunications, insurance and financial services.

Active since early 2016, Zyklon is an HTTP botnet malware that communicates with its command-and-control servers over Tor anonymising network and allows attackers to remotely steal keylogs, sensitive data, like passwords stored in web browsers and email clients.

Zyklon malware is also capable of executing additional plugins, including secretly using infected systems for DDoS attacks and cryptocurrency mining.

Jan 17 13:49

22 STATE ATTORNEYS GENERAL SUE TO BLOCK NET NEUTRALITY ROLLBACK

In one of the first high-profile attempts to block the FCC’s rollback of net neutrality rules through the courts, 22 state attorneys general have filed a lawsuit challenging the plan.

Led by New York Attorney General Eric Schneiderman, the petition asks a court to find that the FCC’s plan runs afoul of federal law.

“An open internet — and the free exchange of ideas it allows – is critical to our democratic process,” Schneiderman said in a statement announcing the suit. “The repeal of net neutrality would turn internet service providers into gatekeepers – allowing them to put profits over consumers while controlling what we see, what we do, and what we say online.”

Jan 17 08:18

If you get this message, do NOT open it: Devastating Apple ChaiOS 'text bomb' can crash your iPhone or Mac with a single link

A devastating 'text bomb' that crashes Apple devices has been uncovered by researchers.

It works by sending iPhones, iPads and Macs into a frenzy after a malicious web address is opened in Apple's Message app.

The ChaiOS hack, which causes devices to crash and can delete all your messages, affects any device running iOS and Mac OS.

A fix for the issue, which is not the first text bomb to hit Apple, has not yet been created but is expected in future updates.

Jan 17 08:14

A password for the Hawaii emergency agency was hiding in a public photo, written on a Post-it note

On Saturday, people in Hawaii were awakened by a terrifying false alert about an inbound missile. Hawaii's Emergency Management Agency has said a worker clicked the wrong item in a drop-down menu and sent it, and that its system was not hacked.

"It was a mistake made during a standard procedure at the changeover of a shift, and an employee pushed the wrong button," Gov. David Ige said.

But an Associated Press photo from July that recently resurfaced on Twitter has raised questions about the agency's cybersecurity practices.

In it, the agency's operations officer poses in front of a battery of screens. Attached to one is a password written on a Post-it note.

Jan 17 08:11

YouTube tightens rules around what channels can be monetized

Channels will need 4,000 hours of annual viewing time and over 1,000 subscribers

Jan 17 08:08

Oracle says SPARCv9 has Spectre CPU bug, patches coming soon

Oracle has told users of its SPARC-powered platforms that they have the Spectre processor design flaw.

A support document buried in Oracle’s customers-only portal, but seen by The Register, states: “Oracle believes that certain versions of Oracle Solaris on SPARCv9 are affected by the Spectre vulnerabilities.”

The document, dated today, confirms “Oracle is working on producing the patches for all affected versions that are under Premier Support or Extended Support.”

Jan 17 08:07

Hospital injects $60,000 into crims' coffers to cure malware infection

A US hospital paid extortionists roughly $60,000 to end a ransomware outbreak that forced staff to use pencil-and-paper records.

The crooks had infected the network of Hancock Health, in Indiana, with the Samsam software nasty, which scrambled files and demanded payment to recover the documents. The criminals broke in around 9.30pm on January 11 after finding a box with an exploitable Remote Desktop Protocol (RDP) server, and inject their ransomware into connected computers.

Medical IT teams were alerted in early 2016 that hospitals were being targeted by Samsam, although it appears the warnings weren’t heeded in this case.

According to the hospital, the malware spread over the network and was able to encrypt “a number of the hospital’s information systems,” reducing staff to scratching out patient notes on pieces of dead tree.

Jan 17 08:01

Another round of click-fraud extensions pulled from Chrome Store

A security researcher has claimed that half a million Chrome users have been hit by four malicious browser extensions pushing click and SEO fraud.

Icebrg's Justin Warner and Mario De Tore spotted the extensions while investigating a spike in outbound traffic from a workstation in a customer's network. The company claims the four extensions had more than 500,000 downloads in all.

The extensions were Change HTTP Request Header (a legitimate capability is to hide browser type from trackers) and three apparently related to it: Nyoogle - Custom Logo for Google, Lite Bookmarks, and Stickies - Chrome's Post-it Notes.

SHARE THIS ARTICLE WITH YOUR SOCIAL MEDIA