5 minutes with a Thunderbolt machine leaves it completely open using Thunderspy – evil maids don’t need much knowledge

Thunderspy targets devices with a Thunderbolt port. If your computer has such a port, an attacker who gets brief physical access to it can read and copy all your data, even if your drive is encrypted and your computer is locked or set to sleep. Thunderspy is stealth, meaning that you cannot find any traces Read more about 5 minutes with a Thunderbolt machine leaves it completely open using Thunderspy – evil maids don’t need much knowledge[…]

Gigantic new 3D map traces every neuron in a tiny mouse brain | Live Science

Researchers at the Allen Institute for Brain Science, a Seattle nonprofit dedicated to neuroscience, have been painstakingly recording every brain cell and every connection between those neurons in mice for the past several years. The result represents major progress since an earlier, simpler map they released in 2016. The now-complete map encompasses about 100 million Read more about Gigantic new 3D map traces every neuron in a tiny mouse brain | Live Science[…]

Oil Crash Busted Broker’s Computers and Inflicted Big Losses

Syed Shah usually buys and sells stocks and currencies through his Interactive Brokers account, but he couldn’t resist trying his hand at some oil trading on April 20, the day prices plunged below zero for the first time ever. The day trader, working from his house in a Toronto suburb, figured he couldn’t lose as Read more about Oil Crash Busted Broker’s Computers and Inflicted Big Losses[…]

Cognizant expects to lose between $50m and $70m following ransomware attack

IT services provider Cognizant said in an earnings call this week that a ransomware incident that took place last month in April 2020 will negatively impact its Q2 revenue. “While we anticipate that the revenue impact related to this issue will be largely resolved by the middle of the quarter, we do anticipate the revenue Read more about Cognizant expects to lose between $50m and $70m following ransomware attack[…]

One malicious MMS is all it takes to pwn a Samsung smartphone: Bug squashed amid Android patch batch

Samsung has patched a serious security hole in its smartphones that can be exploited by maliciously crafted text messages to hijack devices. It appears no user interaction is required: if Samsung’s messaging app bundled with phones since 2015 receives a booby-trapped MMS, it will parse it automatically before the user even opens it. This will Read more about One malicious MMS is all it takes to pwn a Samsung smartphone: Bug squashed amid Android patch batch[…]

Privacy Enhancements for Android

Privacy Enhancements for Android (PE for Android) is a platform for exploring concepts in regulating access to private information on mobile devices. The goal is to create an extensible privacy system that abstracts away the details of various privacy-preserving technologies. PE for Android allows app developers to safely leverage state-of-the-art privacy techniques without knowledge of Read more about Privacy Enhancements for Android[…]

GitHub blasts code-scanning tool into all open-source projects

GitHub has made its automated code-scanning tools available to all open-source projects free of charge. The aim, said the code repo house, is to help developers suss out potential security vulnerabilities ahead of time, and to do so at a scale that will work for both small and large projects. The feature, based on the Read more about GitHub blasts code-scanning tool into all open-source projects[…]

Nervous, Adobe? It took 16 years, but open-source vector graphics editor Inkscape v1.0 now works properly on macOS

Open-source, cross-platform vector drawing package Inkscape has reached its version 1.0 milestone after many years of development. Inkscape can be seen as an alternative to commercial products such as Adobe Illustrator or Serif Affinity Designer – though unlike Inkscape, neither of those run on Linux. The native format of Inkscape is SVG (Scalable Vector Graphics), Read more about Nervous, Adobe? It took 16 years, but open-source vector graphics editor Inkscape v1.0 now works properly on macOS[…]

Hackers hide web skimmer behind a website’s favicon

a hacker group created a fake icons hosting website in order to disguise malicious code meant to steal payment card data from hacked websites. The operation is what security researchers refer to these days as a web skimming, e-skimming, or a Magecart attack. Hackers breach websites and then hide malicious code on its pages, code Read more about Hackers hide web skimmer behind a website’s favicon[…]

Details of 44m Pakistani mobile users leaked online, part of bigger 115m cache

The details of 44 million Pakistani mobile subscribers have leaked online this week, ZDNet has learned. The leak comes after a hacker tried to sell a package containing 115 million Pakistani mobile user records last month for a price of $2.1 million in bitcoin. ZDNet has obtained copies of both data sets. We received the Read more about Details of 44m Pakistani mobile users leaked online, part of bigger 115m cache[…]

Jet propulsion by microwave air plasma in the atmosphere: AIP Advances: Vol 10, No 5

We propose a prototype design of a propulsion thruster that utilizes air plasma induced by microwave ionization. Such a jet engine simply uses only air and electricity to produce high temperature and pressurized plasma for jet propulsion. We used a home-made device to measure the lifting force and jet pressure at various settings of microwave Read more about Jet propulsion by microwave air plasma in the atmosphere: AIP Advances: Vol 10, No 5[…]

No cookie consent walls — and no, scrolling isn’t consent, says EU data protection body

You can’t make access to your website’s content dependent on a visitor agreeing that you can process their data — aka a ‘consent cookie wall’. Not if you need to be compliant with European data protection law. That’s the unambiguous message from the European Data Protection Board (EDPB), which has published updated guidelines on the Read more about No cookie consent walls — and no, scrolling isn’t consent, says EU data protection body[…]

Google Lens can now copy and paste handwritten notes to your computer

Google has added a very useful feature to Google Lens, its multipurpose object recognition tool. You can now copy and paste handwritten notes from your phone to your computer with Lens, though it only works if your handwriting is neat enough. In order to use the new feature, you need to have the latest version Read more about Google Lens can now copy and paste handwritten notes to your computer[…]

Researcher Discovers That Old Tesla Media Control Units Are Full Of Owner’s Private Data Even After A Factory Reset

There’s a hacker/security researcher with the Twitter handle GreenTheOnly that has been doing some interesting work with used Tesla parts. This time specifically, he’s acquired three Tesla Model 3 integrated media control units (MCU) and Autopilot (HW) units (known as the ICE computer, just for Models 3 and Y), and a Model X MCU unit. Read more about Researcher Discovers That Old Tesla Media Control Units Are Full Of Owner’s Private Data Even After A Factory Reset[…]

Amazon Sued for Acting Like Users Own “Purchased” Movies (Spoiler Alert: You Don’t)

The question of whether you own your digital purchases, or whether you’re simply licensing that content from whatever tech giant du jour hosts it, has always been a bit of a black box for consumers. Recently, this lack of transparency has prompted one California user to file a lawsuit against Amazon for saying customers can Read more about Amazon Sued for Acting Like Users Own “Purchased” Movies (Spoiler Alert: You Don’t)[…]

IAB Europe Guide to the Post Third-Party Cookie Era

This Guide has been developed by experts from IAB Europe’s Programmatic Trading Committee (PTC) to prepare brands, agencies, publishers and tech intermediaries for the much-anticipated post third-party cookie advertising ecosystem. It provides background to the current use of cookies in digital advertising today and an overview of the alternative solutions being developed. As solutions evolve, Read more about IAB Europe Guide to the Post Third-Party Cookie Era[…]

Air Force Announces it Can Save $7 Million by Adjusting One Plane’s Windshield Wipers

The Air Force recently proved through a series of tests that its KC-135 Stratotanker aircraft can fly more efficiently just by mounting the cockpit window’s wiper blades vertically instead of horizontally. The potential fuel cost savings: about $7 million per year. Researchers with the Advanced Power and Technology Office, part of the Air Force Research Read more about Air Force Announces it Can Save $7 Million by Adjusting One Plane’s Windshield Wipers[…]

Apple sues Corellium for copyright – and sues everybody who talks about Corellium or is / was their customer. Strong arm much?

Last year, Apple accused a cybersecurity startup based in Florida of infringing its copyright by developing and selling software that allows customers to create virtual iPhone replicas. Critics have called the Apple’s lawsuit against the company, called Corellium, “dangerous” as it may shape how security researchers and software makers can tinker with Apple’s products and Read more about Apple sues Corellium for copyright – and sues everybody who talks about Corellium or is / was their customer. Strong arm much?[…]

‘Artificial leaf’ concept inspires research into solar-powered fuel production

Rice University researchers have created an efficient, low-cost device that splits water to produce hydrogen fuel. The platform developed by the Brown School of Engineering lab of Rice materials scientist Jun Lou integrates catalytic electrodes and perovskite solar cells that, when triggered by sunlight, produce electricity. The current flows to the catalysts that turn water Read more about ‘Artificial leaf’ concept inspires research into solar-powered fuel production[…]

New study spotlights the dark side of venture capitalist funding – shows it’s also bad for the bottom line

A new study from The School of Business at Portland State University suggests that the aggressive cultures of private equity firms, like venture capitalists, might spill over into the companies that they fund. Venture capitalists are often the hidden players in business decision making, and they are funding startups like Uber, SpaceX and AirBnB. With Read more about New study spotlights the dark side of venture capitalist funding – shows it’s also bad for the bottom line[…]

Tesla stock rise appears to qualify CEO Musk for $700 million payday – and the chance to buy loats of Tesla stock at low prices

Shares of Tesla Inc (TSLA.O) jumped more than 8% on Monday, putting Tesla’s market capitalization at $141.1 billion at the close. More importantly for Musk, Tesla’s stock market value reached a six-month average of $100.2 billion, according to an analysis of Refinitiv data. Hitting a six-month average of $100 billion triggers the vesting of the Read more about Tesla stock rise appears to qualify CEO Musk for $700 million payday – and the chance to buy loats of Tesla stock at low prices[…]

Study reveals single-step strategy for recycling used nuclear fuel

A typical nuclear reactor uses only a small fraction of its fuel rod to produce power before the energy-generating reaction naturally terminates. What is left behind is an assortment of radioactive elements, including unused fuel, that are disposed of as nuclear waste in the United States. Although certain elements recycled from waste can be used Read more about Study reveals single-step strategy for recycling used nuclear fuel[…]

Sweet TCAS! We can make airliners go up-diddly-up whenever we want, say infosec researchers

Not only can malicious people make airliners climb and dive without pilot input – they can also control where and when they do so, research from Pen Test Partners (PTP) has found. TCAS spoofing, the practice of fooling collision detection systems aboard airliners, can be controlled to precisely determine whether an airliner fitted with TCAS Read more about Sweet TCAS! We can make airliners go up-diddly-up whenever we want, say infosec researchers[…]

OK, so you’ve air-gapped that PC. Cut the speakers. Covered the LEDs. Disconnected the monitor. Now, about the data-leaking power supply unit…

Israeli cyber-security side-channel expert Mordechai Guri has devised a way to pilfer data from devices that have been air-gapped and silenced. Organizations with extreme security needs may keep certain computer hardware disconnected from any network, a practice known as air-gapping, to preclude the possibility of miscreants hacking in from compromised systems on the network, or Read more about OK, so you’ve air-gapped that PC. Cut the speakers. Covered the LEDs. Disconnected the monitor. Now, about the data-leaking power supply unit…[…]

Apple’s T2 Security Chip ensure used laptops become unrecyclable junk, a Nightmare for MacBook Refurbishers

As predicted, the proprietary locking system Apple rolled out with its 2018 MacBook Pros is hurting independent repair stores, refurbishers, and electronics recyclers. A combination of secure software locks, diagnostic requirements, and Apple’s new T2 security chip are making it hard to breathe new life into old MacBook Pros that have been recycled but could Read more about Apple’s T2 Security Chip ensure used laptops become unrecyclable junk, a Nightmare for MacBook Refurbishers[…]