Day: March 5, 2020

Enable MFA: 1.2 million Azure Active Directory (Office 365) accounts compromised every month, reckons Microsoft

Posted on by Robin Edgar

Microsoft reckons 0.5 per cent of Azure Active Directory accounts as used by Office 365 are compromised every month. The Window giant’s director of identity security, Alex Weinert, and IT identity and access program manager Lee Walker revealed the figures at the RSA conference last month in San Francisco. “About a half of a per Read more about Enable MFA: 1.2 million Azure Active Directory (Office 365) accounts compromised every month, reckons Microsoft[…]

Unfixable vulnerability in Intel CSME allows crypto key stealing and local access to files

Posted on by Robin Edgar

An error in chipset read-only memory (ROM) could allow attackers to compromise platform encryption keys and steal sensitive information. Intel has thanked Positive Technologies experts for their discovery of a vulnerability in Intel CSME. Most Intel chipsets released in the last five years contain the vulnerability in question. By exploiting vulnerability CVE-2019-0090, a local attacker Read more about Unfixable vulnerability in Intel CSME allows crypto key stealing and local access to files[…]

Apple pays piffling $500m to settle their performance decreases in old devices

Posted on by Robin Edgar

Apple – which banked $55bn profit in its 2019 fiscal year – is willing to pay up to $500m to settle US claims that the company secretly slowed certain iPhone models to preserve battery life, according to a proposed class action settlement. That’s about 18x more than the i-thing maker agreed to pay a month Read more about Apple pays piffling $500m to settle their performance decreases in old devices[…]

Hydro-Quebec To Commercialize Glass Battery Co-Developed By John Goodenough

Posted on by Robin Edgar

A rapid-charging and non-flammable battery developed in part by 2019 Nobel Prize winner John Goodenough has been licensed for development by the Canadian electric utility Hydro-Quebec. The utility says it hopes to have the technology ready for one or more commercial partners in two years. Hydro-Quebec, according to Karim Zaghib, general director of the utility’s Read more about Hydro-Quebec To Commercialize Glass Battery Co-Developed By John Goodenough[…]

Browser Tool Erases People From Live Webcam Feeds in Real Time

Posted on by Robin Edgar

Jason Mayes apparently likes to do things the hard way: He’s developed an AI-powered tool for browsers that can erase people from live webcam feeds in real-time but leave everything else in the shot. Mayes is a Google web engineer who developed his Disappearing-People tool using Javascript and TensorFlow, which is Google’s free, open source Read more about Browser Tool Erases People From Live Webcam Feeds in Real Time[…]

EU Commission to staff: Switch to Signal messaging app

Posted on by Robin Edgar

The European Commission has told its staff to start using Signal, an end-to-end-encrypted messaging app, in a push to increase the security of its communications. The instruction appeared on internal messaging boards in early February, notifying employees that “Signal has been selected as the recommended application for public instant messaging.” The app is favored by privacy Read more about EU Commission to staff: Switch to Signal messaging app[…]

Scientists Find The First-Ever Animal That Doesn’t Need Oxygen to Survive

Posted on by Robin Edgar

Scientists have just discovered that a jellyfish-like parasite doesn’t have a mitochondrial genome – the first multicellular organism known to have this absence. That means it doesn’t breathe; in fact, it lives its life completely free of oxygen dependency. This discovery isn’t just changing our understanding of how life can work here on Earth – Read more about Scientists Find The First-Ever Animal That Doesn’t Need Oxygen to Survive[…]

After blowing $100m to snoop on Americans’ phone call logs for four years, what did the NSA get? Just one lead

Posted on by Robin Edgar

The controversial surveillance program that gave the NSA access to the phone call records of millions of Americans has cost US taxpayers $100m – and resulted in just one useful lead over four years. That’s the upshot of a report [PDF] from the US government’s freshly revived Privacy and Civil Liberties Oversight Board (PCLOB). The Read more about After blowing $100m to snoop on Americans’ phone call logs for four years, what did the NSA get? Just one lead[…]

Wi-Fi of more than a billion PCs, phones, gadgets can be snooped on. But you’re using HTTPS, SSH, VPNs… right?

Posted on by Robin Edgar

A billion-plus computers, phones, and other devices are said to suffer a chip-level security vulnerability that can be exploited by nearby miscreants to snoop on victims’ encrypted Wi-Fi traffic. The flaw [PDF] was branded KrØØk by the bods at Euro infosec outfit ESET who discovered it. The design blunder is otherwise known as CVE-2019-15126, and Read more about Wi-Fi of more than a billion PCs, phones, gadgets can be snooped on. But you’re using HTTPS, SSH, VPNs… right?[…]

Dutch package post will raise prices during gift season and Black Friday

Posted on by Robin Edgar

PostNL will raise prices during SinterKlaas, Christmas and Black Friday. They claim that the package post infrastructure is not sufficient to cope with this raise in demand at those periods and so someone – the webshops, the consumers – have to pay for this spike. PostNL increased turnover with 32m to 471m in the last Read more about Dutch package post will raise prices during gift season and Black Friday[…]

Facebook’s privacy tools are riddled with missing data

Posted on by Robin Edgar

Facebook wants you to think it’s consistently increasing transparency about how the company stores and uses your data. But the company still isn’t revealing everything to its users, according to an investigation by Privacy International. The obvious holes in Facebook’s privacy data exports paint a picture of a company that aims to placate users’ concerns Read more about Facebook’s privacy tools are riddled with missing data[…]

Turkey’s Killer Drone Swarm Poses Syria Air Challenge to Putin

Posted on by Robin Edgar

The retaliation for the killing last week of 33 Turkish soldiers by Syrian forces involved an unprecedented number of drones in coordinated action, said the senior official in Turkey with direct knowledge of President Recep Tayyip Erdogan’s Syria policy. It was the first time a country had commanded the air space over such a large Read more about Turkey’s Killer Drone Swarm Poses Syria Air Challenge to Putin[…]

US Gov wants to spy on all drones all the time: they must be constantly connected to the internet to give Feds real-time location data

Posted on by Robin Edgar

Drone enthusiasts are up in arms over rules proposed by the US Federal Aviation Administration (FAA) that would require their flying gizmos to provide real-time location data to the government via an internet connection. The requirement, for drones weighing 0.55lb (0.25kg) or more, would ground an estimated 80 per cent of gadgets in the United Read more about US Gov wants to spy on all drones all the time: they must be constantly connected to the internet to give Feds real-time location data[…]

Project Svalbard, Have I Been Pwned will not be sold after all

Posted on by Robin Edgar

This is going to be a lengthy blog post so let me use this opening paragraph as a summary of where Project Svalbard is at: Have I Been Pwned is no longer being sold and I will continue running it independently. After 11 months of a very intensive process culminating in many months of exclusivity Read more about Project Svalbard, Have I Been Pwned will not be sold after all[…]

Watch Elon Musk’s Mars ferry prototype explode on the pad during liquid nitrogen test

Posted on by Robin Edgar

The Starship SN1 prototype was undergoing pressure testing at the Musketeers’ factory at Boca Chica in Texas, USA, by filling its tanks with liquid nitrogen. The base of the rocket appears to have ruptured, sending the structure crashing to the ground, which you can see here: SpaceX supremo Elon Musk himself seemed sanguine about the Read more about Watch Elon Musk’s Mars ferry prototype explode on the pad during liquid nitrogen test[…]

Chinese security firm says CIA hacked Chinese targets for the past 11 years

Posted on by Robin Edgar

China’s largest cyber-security vendor has published today a report accusing the CIA of hacking Chinese companies and government agencies for more than 11 years. The report, authored by Qihoo 360, claims the CIA hacked targets in China’s aviation industry, scientific research institutions, petroleum industry, Internet companies, and government agencies. CIA hacking operations took place between Read more about Chinese security firm says CIA hacked Chinese targets for the past 11 years[…]

This wearable device camouflages its wearer from thermal cameras no matter the weather

Posted on by Robin Edgar

  Researchers at the University of California San Diego developed a wearable technology that can hide its wearer from heat-detecting sensors such as night vision goggles, even when the ambient temperature changes–a feat that current state of the art technology cannot match. The technology can adapt to temperature changes in just a few minutes, while Read more about This wearable device camouflages its wearer from thermal cameras no matter the weather[…]

Scientists Found Breathable Oxygen in Another Galaxy for the First Time

Posted on by Robin Edgar

Astronomers have spotted molecular oxygen in a galaxy far far away, marking the first time that this important element has ever been detected outside of the Milky Way. This momentous “first detection of extragalactic molecular oxygen,” as it is described in a recent study in The Astrophysical Journal, has big implications for understanding the crucial Read more about Scientists Found Breathable Oxygen in Another Galaxy for the First Time[…]

Ring doorbells to change privacy settings after study showed it shared personal information with Facebook and Google

Posted on by Robin Edgar

Ring, the Amazon-owned maker of smart-home doorbells and web-enabled security cameras, is changing its privacy settings two weeks after a study showed the company shares customers’ personal information with Facebook, Google and other parties without users’ consent. The change will let Ring users block the company from sharing most, but not all, of their data. Read more about Ring doorbells to change privacy settings after study showed it shared personal information with Facebook and Google[…]

Facebook Cuts Off Some Mobile tracking Ad Data With Advertising Partners, should have done this long long ago

Posted on by Robin Edgar

Facebook is tightening its rules around the use of raw, device-level data used for measuring ad campaigns that Facebook shares with an elite group of advertising technology partners. As first spotted by AdAge, the company recently tweaked the terms of service that apply to its “advanced mobile measurement partner” program, which advertisers tap into to track the Read more about Facebook Cuts Off Some Mobile tracking Ad Data With Advertising Partners, should have done this long long ago[…]

Your banks’ APIs are a major target for credential stuffing attacks

Posted on by Robin Edgar

Automating connections from 3rd party providers makes it easy to access your financial data because people re-use their logins and these logins have been repeatedly leaked online. New data from security and content delivery company Akamai shows that one in every five attempts to gain unauthorized access to user accounts is now done through application Read more about Your banks’ APIs are a major target for credential stuffing attacks[…]