According to an investigation by Checkmarx security researchers, some Android devices may have an unpatched security flaw that an app could use to record you without your knowledge using your device’s camera and mic.
No attacks that exploit the bug have been reported so far, thankfully. Still, the Checkmarx researchers were able to successfully create and execute commands that could remotely record phone calls; capture photos, video, and audio; access GPS metadata from photos; and even check whether the phone was facing down—meaning hackers may one day create their own clever attacks for devices running an unpatched version of a device’s default camera apps.
Google and Samsung released patches for impacted smartphones earlier this year, but Checkmarx’s report suggests that many other Android smartphones may still be affected. Fortunately, there are ways you can check if your device has been patched.
Check for the bug on Pixel phones
Pay attention to the “Last Updated” date
Screenshot: Brendan Hesse
Pixel users can check for the patch easily: simply open your device’s settings then go to Apps & Notifications > See All Apps > Camera > Advanced > App details to open the app’s Google Play Store page. If the app has been updated since July 2019, you’re in the clear.
Check for the bug on other Android devices (manually)
If you’re not sure whether your smartphone’s manufacturer has issued an update for your phone’s camera app that fixes this bug, one way to find out is to try exploiting the bug yourself (which comes care of Ars Technica).
You’ll need:
A PC (this will work on Windows, Mac, and Linux).
Your Android device.
A USB cable to connect them.
Once you have those materials, here’s what you need to do:
First, you’ll need to install and configure ADB tools on your PC. All the necessary files and instructions for installing ADB for your PC’s OS can be found on the XDA Developer Forums.
After ADB is installed and configured, plug your Android phone into your PC with the USB cable. Next, we’re going to try to use codes to force the phone to take videos and photos without accessing the phone’s camera app.
Open your PC’s command terminal. On Windows: Press “Windows Key+R,” then type “cmd” and hit “run.” On Mac: Press “Command+Space” to open the Finder, then type “Terminal” and double click the Terminal icon to run.
In the command prompt window, run the following commands one at a time:
adb
shell am start-activity
-ncom.google.android.GoogleCamera/com.android.camera.CameraActivity
—ezextra_turn_screen_on true -a android.media.action.VIDEO_CAMERA
—ezandroid.intent.extra.USE_FRONT_CAMERA true
Then:
adb
shell am start-activity
-ncom.google.android.GoogleCamera/com.android.camera.CameraActivity
—ezextra_turn_screen_on true -a android.media.action.STILL_IMAGE_CAMERA
—ez android.intent.extra.USE_FRONT_CAMERA true
—eiandroid.intent.extra.TIMER_DURATION_SECONDS 3
Open your phone’s camera app and go to your photo/video library to check if the commands worked. If you find a new photo or video, then the bug is present on your device.
If you haven’t updated your device’s camera app in awhile, try checking for updates via the Google Play Store. Once you’ve installed anything that’s available for your phone’s default camera app, try the above ADB commands again. If they still work, you should report the issue to your device’s manufacturer as soon as possible. In addition, stay away from unknown camera, video, or audio recording apps, since this is the most likely method for hackers to slip malicious code onto your device and take a few photos.
A notice (PDF) posted by the long-operating department store chain said that, between October 7 and October 15 of this year, a Magecart script was running on the checkout page of its retail website.
The script was able to capture payment card details in two different ways: as it was being entered through the checkout page when placing an order, or if it was stored in the “wallet” page on the Macy’s website and then used to place an order.
“On October 15, 2019, we were alerted to a suspicious connection between macys.com and another website,” the retailer told exposed punters.
“Our security teams immediately began an investigation. Based on our investigation, we believe that on October 7, 2019 an unauthorized third party added unauthorized computer code to two pages on macys.com.”
Unfortunately for Macy’s customers, the script got pretty much everything needed for card fraud: card number, security code, and expiration date. Additionally, the malware was able to collect customer names as well as email and mailing addresses and phone numbers.
Macy’s notes that only the webpage was compromised: users who made purchases with the mobile app were not exposed. Experts say that the attack appears to be a rather bog-standard Magecart operation, albeit an extremely successful one.
Security company Onapsis estimates that roughly half of all companies using the Oracle EBS software have not yet patched CVE-2019-2648 and CVE-2019-2633, despite Big Red having pushed out fixes for both bugs back in April.
The two vulnerabilities are found in the Thin Client Framework API and are described as reflected SQL injections. An attacker who could remotely access the EBS server via HTTPS would be able to exploit the bug and send arbitrary commands to the vulnerable machine.
While this flaw is dangerous to EBS as a whole, it is particularly bad for servers that use the Payments module included with the suite. The Payments tool allows companies to set up and schedule direct deposits and automatic money transfers to suppliers or partners as well as handle invoices and orders. The bank routing and account numbers for transfer orders are kept on the server as text files and automatically loaded when needed.
You can guess where this is going.
An attacker who exploited either of the SQL injection flaws would be able to remotely modify those transfer order files to include instructions to move cash to an account of their choosing. Instant bank fraud.
Astronomers at a Chilean observatory were rudely interrupted earlier this week when a SpaceX satellite train consisting of 60 Starlink satellites drifted overhead, in what scientists are apparently going to have to accept as the new normal.
Launched into orbit on November 11, the Starlink smallsat train took five minutes to pass over the Cerro Tololo Inter-American Observatory in Chile, according to a tweet from astronomer Clarae Martínez-Vázquez.
“Wow!! I am in shock!!,” tweeted Martínez-Vázquez. “The huge amount of Starlink satellites crossed our skies tonight at [Cerro Tololo]. Our DECam [Dark Energy Camera] exposure was heavily affected by 19 of them!,” to which she added: “Rather depressing… This is not cool!”
Responding to this tweet, astronomer Cliff Johnson, a team member and a CIERA Postdoc Fellow in Astronomy at Northwestern, tweeted out a view of the disrupted data, showing an array of satellite trails strewn across an image of space.
The astronomers were collecting data using the DECam instrument, a high-performance, wide-field imager on the CTIO Blanco 4-meter telescope, as part of the DELVE survey, which is currently mapping the outer fringes of the Large and Small Magellanic Clouds as well as a significant fraction of the southern sky at optical wavelengths. Key goals of the project are to study the stellar halo around the Magellanic Clouds and detect new dwarf galaxies in orbit around the Clouds or the nearby Milky Way.
The Starlink-tarnished DECam frame, showing satellite trails across the field of view.
Image: Clara Martínez-Vázquez, Cliff Johnson, CTIO/AURA/NSF
But this research was punctuated as the Starlink train passed overhead during the early morning of Monday, November 18.
SpaceX’s first full-scale Starship prototype – Mk1 – has experienced a failure at its Boca Chica test site in southern Texas. The failure occurred late in the afternoon on Wednesday, midway through a test of the vehicle’s propellant tanks.
As of a few weeks ago, the Mk1 Starship – which was shown off to the world in September as part of SpaceX’s and Elon Musk’s presentation of the design changes to the Starship system – was to fly the first 20 km test flight of the program in the coming weeks.
During the test, the top bulkhead of the vehicle ruptured and was ejected away from the site, followed by a large cloud of vapors and cryogenic liquid from the tank.
The cryogenic liquid – likely liquid oxygen or liquid nitrogen – was carried by the wind and dispersed over the launch complex.
The top bulkhead was seen landing nearby, but its precise location is unknown.
The bottom tank bulkhead appeared to fail as well. A second cloud of vapor appeared out of the base of the vehicle at the same time that the top ruptured – signaling that the entire internal tank structure may have failed.
we are making plans to adopt DNS over HTTPS (or DoH) in the Windows DNS client. As a platform, Windows Core Networking seeks to enable users to use whatever protocols they need, so we’re open to having other options such as DNS over TLS (DoT) in the future. For now, we’re prioritizing DoH support as the most likely to provide immediate value to everyone. For example, DoH allows us to reuse our existing HTTPS infrastructure.
For our first milestone, we’ll start with a simple change: use DoH for DNS servers Windows is already configured to use. There are now several public DNS servers that support DoH, and if a Windows user or device admin configures one of them today, Windows will just use classic DNS (without encryption) to that server. However, since these servers and their DoH configurations are well known, Windows can automatically upgrade to DoH while using the same server.
On Sunday, Motherboard reported that the hacker or hackers known as Phineas Fisher targeted a bank, stole money and documents, and is offering other hackers $100,000 to carry out politically motivated hacks. Now, the bank Phineas Fisher targeted, Cayman National Bank from the Isle of Man, confirmed it has suffered a data breach.
“It is known that Cayman National Bank (Isle of Man) Limited was amongst a number of banks targeted and subject to the same hacking activity,” Cayman National told Motherboard in a statement issued Monday.
RELEASE: Sherwood – Copies of the servers of Cayman National Bank and Trust (CNBT), which has allegedly been used for money laundering by Russian oligarchs and others. Includes a HackBack readme explaining Phineas Fisher’s hack and exfiltration of funds. https://data.ddosecrets.com/file/Sherwood/
A YouTuber who used a royalty-free track supplied by YouTube itself has had all of his videos copyright claimed by companies including SonyATV and Warner Chappell. According to the music outfits, Matt Lownes’ use the use of the track ‘Dreams’ by Joakim Karud means that they are now entitled to all of his revenue.
[…]
In common with many YouTubers, Matt didn’t want any copyright issues on his channel. So, to play things safely, he obtained the track ‘Dreams‘ by Joakim Karud from YouTube’s very own audio library for use in his intro. Unfortunately, this strategy of obtaining supposedly risk-free music from a legitimate source still managed to backfire. (See update below, YouTube statement)
Very early last Friday, Matt says he received a “massive barrage” of emails from YouTube, targeting “pretty much all” of his KSP videos. The emails said that Matt’s videos “may have content owned or licensed by SonyATV, PeerMusic, Warner Chappell, Audiam and LatinAutor.”
[…]
A clearly exasperated Matt took to YouTube, noting that any ads that now show up on his videos “split up the revenue between all the companies listed” in the emails, with Matt himself “allowed to keep what’s left of that.” He doesn’t know what that amount might be, because he says there’s just no way of knowing.
After highlighting the vague use of the word “may” in YouTube’s emails to him, Matt then went on to describe the real “kick in the gut”, which revolves around the track itself.
‘Dreams’ composer Joakim Karud allows anyone to use his music on YouTube, even commercially, for free. And the fact that Matt downloaded the track from YouTube’s own library was the icing on this particularly bitter cake.
Matt said he had to time out to manually protest the automated claims against his account but he says his overtures were immediately rejected, “almost like it’s an automated bot or something.” But things get worse from there.
After contesting each claim and having all of those rejected, Matt says the only option left is to appeal every single one. However, if an appeal is lost, the video in question will be removed completely and a strike will be placed against his account.
It’s three strikes and you’re out on YouTube, so this is not an attractive option for Matt if the music companies somehow win the fight. So, instead, Matt is appealing against just one of the complaints in the hope that he can make some progress without putting his entire account at risk.
[…]
“SonyATV & Warner Chappell have claimed 24 of my videos because the royalty free song Dreams by Joakim Karud (from the OFFICIAL YOUTUBE AUDIO LIBRARY BTW) uses a sample from Kenny Burrell Quartet’s ‘Weaver of Dream’,” a Twitter user wrote on Saturday.
Sure enough, if one turns to the WhoSampled archive, Dreams is listed as having sampled Weaver of Dreams, a track from 1956 to which Sony/ATV Music Publishing LLC and Warner/Chappell Music, Inc. own the copyrights.
[…]
YouTube have been in touch to state that the music in question was not part of its official audio library. In a tweet directed at Matt Lowne, YouTube further added that it may have been made available by an unofficial channel that confusingly calls itself the YouTube Audio Library.
In recent weeks, China’s space program has made news by revealing some of its long-term ambitions for spaceflight. These include establishing an Earth-Moon space economic zone by 2050, which, if successful, could allow the country to begin to dictate the rules of behavior for future space exploration.
Some have questioned whether China, which has flown six human spaceflights in the last 16 years, can really build a large low-Earth space station, send taikonauts to the Moon, return samples from Mars, and more in the coming decade or two. But what seems clear is that the country’s authoritarian government has long-term plans and is taking steps toward becoming a global leader in space exploration.
By one important metric—orbital launches—China has already reached this goal.
In 2018, the country set a goal of 35 orbital launches and ended up with 39 launch attempts. That year, the United States (29 flights) and Russia (20) trailed China, according to Space Launch Report. It marked the first time China led the world in the number of successful orbital launches.
This year, China is set to pace the world again. Through Sunday, the country has launched 27 orbital missions, followed by Russia (19), and the United States (16). Although nearly a month and a half remain in this year, a maximum of six additional orbital launches are likely from the United States in 2019.
