Tuesday, March 31, 2020

OpenWRT is vulnerable to attacks that execute malicious code

Enlarge (credit: OpenWRT) For almost three years, OpenWRT—the open source operating system that powers home routers and other types of embedded systems—has been vulnerable to remote code-execution attacks because updates were delivered over an unencrypted channel and digital...

Zoom’s privacy problems are growing as platform explodes in popularity

Enlarge / Zoom's San Jose, Calif., headquarters looks like a lovely place to be socially distanced from. (credit: Smith Collection | Gado | Getty Images) We have several more weeks, if not several more months, to go in...

Comcast waiving data caps hasn’t hurt its network—why not make it permanent?

Enlarge (credit: Aurich Lawson / Getty Images) Back in the before times, when a larger percentage of the human race roamed the Earth, i.e., several weeks ago, Comcast customers had to deal with something called a "data cap."...

Saudi Arabia reportedly tracked phones by using industry-wide carrier weakness

Enlarge (credit: Gary Lerude / Flickr) The Guardian says it has evidence that Saudi Arabia is exploiting a decades-old weakness in the global telecoms network to track the kingdom’s citizens as they travel in the United States. The publication...

OneWeb goes bankrupt, won’t challenge SpaceX in satellite-broadband race

Enlarge / Illustration of a OneWeb satellite. (credit: OneWeb) OneWeb has filed for bankruptcy and intends to sell its business, bringing an abrupt end to the company's plan to offer high-speed satellite Internet service around the world. OneWeb announced...

WireGuard VPN makes it to 1.0.0—and into the next Linux kernel

Enlarge / WireGuard will be in tree for Ubuntu 20.04 LTS (pictured), as well as the upcoming 5.6 kernel. (credit: WireGuard) We've been anticipating WireGuard's inclusion into the mainline Linux kernel for quite some time—but as of Sunday...

>4,000 Android apps silently access your installed software

Enlarge (credit: Mike MacKenzie / Flickr) More than 4,000 Google Play apps silently collect a list of all other installed apps in a data grab that allows developers and advertisers to build detailed profiles of users, a recently...

No, Microsoft isn’t killing the Control Panel off just yet

Enlarge / We find Windows 10's Settings dialog difficult to love. (credit: Jim Salter) You may have seen dark rumors around the Web that Microsoft is about to kill off the classic Control Panel. Rest assured, friend, we...

Broadband speeds fall in dozens of big US cities during pandemic

Enlarge (credit: Getty Images | imaginima) Home-Internet download speeds have fallen during the COVID-19 pandemic in dozens of the biggest US cities as millions of Americans stay home due to school and business closures. However, typical download speeds...

Charter gives techs $25 gift cards instead of hazard pay during pandemic

Enlarge / A Charter Spectrum vehicle. (credit: Charter) Charter Communications is giving its cable technicians $25 restaurant gift cards instead of hazard pay for going into customer homes during the coronavirus pandemic, BuzzFeed reported yesterday. The gift cards are...

Google sent users 40,000 warnings of nation-state hack attacks in 2019

Enlarge (credit: Google) Google’s threat analysis group, which counters targeted and government-backed hacking against the company and its users, sent account holders almost 40,000 warnings in 2019, with government officials, journalists, dissidents, and geopolitical rivals being the most...

New attack on home routers sends users to spoofed sites that push malware

Enlarge (credit: Wikipedia) A recently discovered hack of home and small-office routers is redirecting users to malicious sites that pose as COVID-19 informational resources in an attempt to install malware that steals passwords and cryptocurrency credentials, researchers said...

The exFAT filesystem is coming to Linux—Paragon software’s not happy about it

Enlarge / Proprietary filesystem vendor Paragon Software seems to feel threatened by the pending inclusion of a Microsoft-sanctioned exFAT in the Linux 5.7 kernel. (credit: MTV / Geffen / Paramount Pictures) When software and operating system giant Microsoft...

How to get Verizon and AT&T data-cap fees waived during pandemic

Enlarge (credit: Getty Images | Aurich Lawson) Verizon Wireless and AT&T say they're both waiving mobile-data overage fees to help customers deal with the coronavirus pandemic, but the fees will not be waived automatically. Instead, Verizon and AT&T...

Never-before-seen attackers are targeting Mideast industrial organizations

(credit: Saudi Aramco) Researchers have unearthed an attack campaign that uses previously unseen malware to target Middle Eastern organizations, some of which are in the industrial sector. Researchers with Kaspersky Lab, the security firm that discovered the campaign, have...

Palantir, The $20 Billion, Peter Thiel-Backed Big Data Giant, Is Providing A Coronavirus Monitoring Tool To The CDC

Palantir will help the Centers for Disease Control keep on top of ventilator and mask needs to treat coronavirus victims, sources say.

Defense Evasion Dominated 2019 Attack Tactics

Researchers mapped tactics and techniques to the MITRE ATT&CK framework to determine which were most popular last year.

Watering-Holes Target Asian Ethnic Victims with Flash Update Decoy

About 10 compromised websites employ a multi-stage, targeted effort to fingerprint and compromise victims.

OpenWRT is vulnerable to attacks that execute malicious code

Enlarge (credit: OpenWRT) For almost three years, OpenWRT—the open source operating system that powers home routers and other types of embedded systems—has been vulnerable to remote code-execution attacks because updates were delivered over an unencrypted channel and digital...
SC Magazine

Privacy in critical care after telehealth demands jump

As coughs and body aches drive anxious Americans to telemed services in record numbers, relieving the burden on medical facilities stressed to breaking with COVID-19 cases, the subsequent relaxation of privacy requirements puts them at risk of PHI compromises,...