Daily Archives: December 9, 2019

Uninstall AVAST and AVG free anti-virus: they are massively slurping your data! Mozilla and Opera have removed them from their stores

Posted on by

Two browsers have yanked Avast and AVG online security extensions from their web stores after a report revealed that they were unnecessarily sucking up a ton of data about users’ browsing history.

Wladimir Palant, the creator behind Adblock Plus, initially surfaced the issue—which extends to Avast Online Security and Avast SafePrice as well as Avast-owned AVG Online Security and AVG SafePrice extensions—in a blog post back in October but this week flagged the issue to the companies themselves. In response, both Mozilla and Opera yanked the extensions from their stores. However, as of Wednesday, the extensions curiously remained in Google’s extensions store.

Using dev tools to examine network traffic, Palant was able to determine that the extensions were collecting an alarming amount of data about users’ browsing history and activity, including URLs, where you navigated from, whether the page was visited in the past, the version of browser you’re using, country code, and, if the Avast Antivirus is installed, the OS version of your device, among other data. Palant argued the data collection far exceeded what was necessary for the extensions to perform their basic jobs.

Source: Avast and AVG Plugins Reportedly Doing Some Shady Data Collection

NASA to launch projectile (DART) to see if it can deflect asteroids

Posted on by

DART is a planetary defense-driven test of technologies for preventing an impact of Earth by a hazardous asteroid.  DART will be the first demonstration of the kinetic impactor technique to change the motion of an asteroid in space.  The DART mission is in Phase C, led by APL and managed under NASA’s Solar System Exploration Program at Marshall Space Flight Center for NASA’s Planetary Defense Coordination Office and the Science Mission Directorate’s Planetary Science Division at NASA Headquarters in Washington, DC.

DART Spacecraft Bus
Two different views of the DART spacecraft. The DRACO (Didymos Reconnaissance & Asteroid Camera for OpNav) imaging instrument is based on the LORRI high-resolution imager from New Horizons. The left view also shows the Radial Line Slot Array (RLSA) antenna with the ROSAs (Roll-Out Solar Arrays) rolled up. The view on the right shows a clearer view of the NEXT-C ion engine.

The binary near-Earth asteroid (65803) Didymos is the target for the DART demonstration. While the Didymos primary body is approximately 780 meters across, its secondary body (or “moonlet”) is about 160-meters in size, which is more typical of the size of asteroids that could pose the most likely significant threat to Earth. The Didymos binary is being intensely observed using telescopes on Earth to precisely measure its properties before DART arrives.

Didymos and its moonlet
Fourteen sequential Arecibo radar images of the near-Earth asteroid (65803) Didymos and its moonlet, taken on 23, 24 and 26 November 2003. NASA’s planetary radar capabilities enable scientists to resolve shape, concavities, and possible large boulders on the surfaces of these small worlds. Photometric lightcurve data indicated that Didymos is a binary system, and radar imagery distinctly shows the secondary body.
Didymos system
Simulated image of the Didymos system, derived from photometric lightcurve and radar data. The primary body is about 780 meters in diameter and the moonlet is approximately 160 meters in size. They are separated by just over a kilometer. The primary body rotates once every 2.26 hours while the tidally locked moonlet revolves about the primary once every 11.9 hours. Almost one sixth of the known near-Earth asteroid (NEA) population are binary or multiple-body systems.
Credits: Naidu et al., AIDA Workshop, 2016
DART spacecraft with the Roll Out Solar Arrays (rOSA)
Illustration of the DART spacecraft with the Roll Out Solar Arrays (ROSA) extended. Each of the two ROSA arrays in 8.6 meters by 2.3 meters.

The DART spacecraft will achieve the kinetic impact deflection by deliberately crashing itself into the moonlet at a speed of approximately 6.6 km/s, with the aid of an onboard camera (named DRACO) and sophisticated autonomous navigation software. The collision will change the speed of the moonlet in its orbit around the main body by a fraction of one percent, but this will change the orbital period of the moonlet by several minutes – enough to be observed and measured using telescopes on Earth.

Once launched, DART will deploy Roll Out Solar Arrays (ROSA) to provide the solar power needed for DART’s electric propulsion system.  The DART spacecraft will demonstrate the NASA Evolutionary Xenon Thruster – Commercial (NEXT-C) solar electric propulsion system as part of its in-space propulsion.  NEXT-C is a next-generation system based on the Dawn spacecraft propulsion system, and was developed at NASA’s Glenn Research Center in Cleveland, Ohio.  By utilizing electric propulsion, DART could benefit from significant flexibility to the mission timeline while demonstrating the next generation of ion engine technology, with applications to potential future NASA missions.

the ROSA array on the ISS
The ROSA array was tested on board the International Space Station (ISS) in June 2017.

Once launched, DART will deploy Roll Out Solar Arrays (ROSA) to provide the solar power needed for DART’s electric propulsion system.  The DART spacecraft will demonstrate the NASA Evolutionary Xenon Thruster – Commercial (NEXT-C)solar electric propulsion system as part of its in-space propulsion.  NEXT-C is a next-generation system based on the Dawn spacecraft propulsion system, and was developed at NASA’s Glenn Research Center in Cleveland, Ohio.  By utilizing electric propulsion, DART could benefit from significant flexibility to the mission timeline while demonstrating the next generation of ion engine technology, with applications to potential future NASA missions.

The DART spacecraft launch window begins in late July 2021.  DART will launch aboard a SpaceX Falcon 9 rocket from Vandenberg Air Force Base, California. After separation from the launch vehicle and over a year of cruise it will intercept Didymos’ moonlet in late September 2022, when the Didymos system is within 11 million kilometers of Earth, enabling observations by ground-based telescopes and planetary radar to measure the change in momentum imparted to the moonlet.

Source: Double Asteroid Redirection Test (DART) Mission | NASA

Bol.com partner Toppie Speelgoed loses 10000 Belgian and Dutch customer records, now for sale on hacker forum

Posted on by

Personal information and what they bought, where it was delivered to.

De gegevens van vermoedelijk bijna 10.000 Belgische en Nederlandse klanten die een paar jaar geleden online speelgoed kochten, worden door een hacker te koop aangeboden op het internet. Dat blijkt uit onderzoek van VRT NWS. Het gaat om persoonlijke gegevens en bepaalde aankopen van mensen. De overgrote meerderheid van de producten werden gekocht bij een lokale Nederlandse ondernemer via onder meer webwinkel Bol.com. Die hebben meteen een onderzoek geopend naar de ondernemer waar het lek bleek te zitten.

Het bestand met klantengegevens wordt aangeboden op een gespecialiseerd hackersforum op het internet, waar de oplichter beweert een ‘bol.com-database’ te hebben.

In het bestand kan je zien wat mensen gekocht hebben, wat hun voor- en achternaam is en soms ook wat de aankoop kost. Daarnaast zijn ook bezorggegevens beschikbaar. Ook zie je welke betalingswijze mensen hebben gekozen, zoals een kredietkaart of bancontact.

Lek bij Toppie Speelgoed, externe partner Bol.com

Onderzoek leert dat het bestand inderdaad aankoopgegevens bevat van mensen die via Bol.com speelgoed kochten. Na contact met Bol.com en een intern onderzoek bij de webshop zelf blijkt dat het datalek zit bij een partner van Bol.com die speelgoed verkoopt op onder meer bol.com en eigen webshops. Het gaat om Toppie Speelgoed. Wie rechtstreeks bij Toppie Speelgoed kocht, duikt ook met e-mailadres en telefoonnummer op in de lijst, als dat bij de aankoop werd achtergelaten. Wie via Bol.com een product kocht, enkel met naam en afleveradres. Dat komt omdat Bol.com slechts beperkte gegevens naar externe partners stuurt.

Source: Belgische en Nederlandse klantengegevens van speelgoedwinkel online te koop | VRT NWS

Budget Energy and NLE leak 29000 customer records – names, adresses, possibly phone numbers and bank accounts

Posted on by

De persoonsgegevens van mogelijk 29.000 klanten van energiebedrijven Budget Energie en NLE liggen op straat. Naast namen en adressen is er kans dat er ook telefoonnummers en bankrekeningnummers zijn gelekt. De data is niet per ongeluk gelekt, het gaat volgens het bedrijf om een moedwillige diefstal.

Moederbedrijf Nuts Groep heeft klanten van Budget Energie en NLE vanmorgen per e-mail op de hoogte gebracht van het datalek. Volgens het bedrijf gaat het niet om een softwarelek maar om ‘ongeautoriseerde toegang’ tot contractgegevens.

Politie-onderzoek

Het gaat om mogelijk 29.000 van de in totaal 700.000 klanten van de energiebedrijven. “Er is een onderzoek gestart door de politie. Zo lang dat loopt, doen wij geen uitspraken over de oorzaak van het lek en het aantal betrokkenen”, zegt Babette Huberts, manager legal van Nuts Groep tegen RTL Z. Ook wil Huberts niet kwijt hoe het lek is ontdekt.

Later op de dag heeft Huberts laten weten dat het gaat om een moedwillige actie.

Source: Datadiefstal bij Budget Energie en NLE: mogelijk 29.000 klanten geraakt | RTLZ

Reddit Uncovers Russian Interference Campaign Ahead of Pivotal UK Election

Posted on by

Fears of Russian interference ahead of a heated U.K. election were all but confirmed this week with a Reddit post.

In a post Friday, Reddit announced that its internal investigation found evidence that an account purportedly linked to Russian disinformation campaign was behind last month’s leak of contentious US-UK trade documents on the platform.

“We were recently made aware of a post on Reddit that included leaked documents from the UK. We investigated this account and the accounts connected to it, and today we believe this was part of a campaign that has been reported as originating from Russia,” Reddit wrote.

The online message board went on to say it’s banned 61 accounts and suspended one subreddit, r/ukwhistleblower, behind the campaign for violating the platform’s policies against vote manipulation and misuse. Reddit also purportedly found evidence linking this operation to another group behind similar foreign interference on Facebook earlier this year. The Atlantic Council’s dubbed them “Secondary Infektion” in reference to a misinformation campaign from the Soviet era.

“Suspect accounts on Reddit were recently reported to us, along with indicators from law enforcement, and we were able to confirm that they did indeed show a pattern of coordination,” Reddit said. “We were then able to use these accounts to identify additional suspect accounts that were part of the campaign on Reddit. This group provides us with important attribution for the recent posting of the leaked UK documents, as well as insights into how adversaries are adapting their tactics.”

The account behind the original Reddit leak as well as a number of others that reposted the documents and manipulated its upvotes and karma (ways to earn a post a more prominent placement in a subreddit) all used identical tactics as Secondary Infektion, according to Reddit, “causing us to believe that this was indeed tied to the original group.”

The papers in question detail trade talks between America and the UK and have launched a fiery debate among British officials leading up to the country’s general election. Labor Party leader Jeremy Corbyn claims these documents prove officials plan to put the country’s National Healthcare Service is at risk of being privatized in the event of a post-Brexit trade agreement with America. Prime Minister Boris Johnson has denied this, saying NHS wouldn’t be on the table in any future trade negotiations.

This isn’t the first time Reddit’s struggled with sussing out foreign propaganda campaigns on its platform. Russian influence operations have become a particularly insidious and reoccurring problem, leading Reddit to ban 944 “suspicious” accounts in April 2018 after purportedly tracing them back to Russia’s Internet Research Industry (IRA), the infamous troll factory behind pro-Trump efforts during the 2016 presidential campaign.

Later that September, Reddit users began to speculate that the notoriously awful (and now, thankfully, quarantined) subreddit r/The_Donald had become infiltrated by Russian trolls as well. Suspicions began circulating among its three-quarters of a million subscribers after a viral post documented clear signs of a pattern: The same few articles from websites affiliated with the IRA were being upvoted and shared in the forum thousands of times, and it’d been going on for years, according to a Buzzfeed News report. Reddit later issued a platform-wide ban for three of the trolls’ most commonly linked websites, USA Really, GEOTUS.band and GEOTUS.army.

A separate investigation Reddit launched around that same time uncovered 143 accounts linked to another influence operation reportedly targeting polarized subreddits on both sides of the aisle with pro-Iranian political narratives. Reddit began its inquiry after cybersecurity group FireEye released a report detailing just how far the campaign’s influence spanned, as bad actors were purportedly “leveraging a network of inauthentic news sites and clusters of associated accounts across multiple social media platforms.” Based on these findings, Facebook, Twitter, and Google also subsequently removed a bevy of accounts affiliated with Iran and Russia on their respective platforms.

Source: Reddit Uncovers Russian Interference Campaign Ahead of Pivotal UK Election