Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Windows

New Bug In Windows 10 Anniversary Update Brings Wi-Fi Disconnects (infoworld.com) 135

Some Windows 10 PCs are now experiencing sudden drops in their Wi-Fi connections, with the Network Diagnostics tool reporting "Wi-Fi doesn't have a valid IP configuration." An anonymous reader quotes InfoWorld's Woody Leonhard: I've heard from many people who blame the Wi-Fi disconnect on Friday's KB 3201845, the patch (which still isn't documented on the Win10 update history site) that brings version 1607 up to build 14393.479. It's unlikely that the new patch brought on the bug because the large influx of complaints started on December 7 -- two days before the patch...

Speculation at this point says the disconnect results when a machine performs a fast startup, setting the machine's IP address to 169.x.x.x. It's an old problem, but somehow it's come back in spades in the past two days. I have no idea what triggered the sudden outbreak, as there were no Win10 1607 patches issued on December 6, 7 or 8.

Microsoft acknowledged the problem Thursday, recommending customers try restarting their PCs (or performing a clean start). Woody writes that it looks like Microsoft's latest Windows 10 patch "didn't cause the bug. But the patch didn't fix it, either."
Government

DHS Tried To Breach Our Firewall, Says Georgia's Secretary of State (cyberscoop.com) 137

An anonymous reader quotes a report from CyberScoop: Georgia's secretary of state has claimed the Department of Homeland Security tried to breach his office's firewall and has issued a letter to Homeland Security Secretary Jeh Johnson asking for an explanation. Brian Kemp issued a letter to Johnson on Thursday after the state's third-party cybersecurity provider detected an IP address from the agency's Southwest D.C. office trying to penetrate the state's firewall. According to the letter, the attempt was unsuccessful. The attempt took place on Nov. 15, a few days after the presidential election. The office of the Georgia Secretary of State is responsible for overseeing the state's elections. "At no time has my office agreed to or permitted DHS to conduct penetration testing or security scans of our network," Kemp wrote in the letter, which was also sent to the state's federal representatives and senators. "Moreover, your department has not contacted my office since this unsuccessful incident to alert us of any security event that would require testing or scanning of our network. This is especially odd and concerning since I serve on the Election Cyber Security Working Group that your office created." "The Department of Homeland Security has received Secretary Kemp's letter," a DHS spokesperson told CyberScoop. "We are looking into the matter. DHS takes the trust of our public and private sector partners seriously, and we will respond to Secretary Kemp directly." Georgia was one of two states that refused cyber-hygiene support and penetration testing from DHS in the leadup to the presidential election. The department had made a significant push for it after hackers spent months exposing the Democratic National Committee's internal communications and data.
Privacy

Twitter Cuts API Access For Media Sonar, Spy Tool Used To Target Black Lives Matter (dailydot.com) 101

Police have now one less tool to monitor users on Twitter. The Daily Dot is reporting that Twitter has cut ties with a third-party social network surveillance firm, citing company policies intended to safeguard users against the surreptitious collection of data by law enforcement agencies. From the report: The severed contract follows Twitter nullifying the commercial data agreements of two other leading social-network-surveillance firms, Geofeedia and Snaptrends. Previously unreported, Twitter severed the access of Media Sonar, an Ontario-based company founded in 2012, which has sold surveillance software to police departments across the United States. Nineteen local government services are known to have each spent at least $10,000 on the software between 2014 and 2016, according to documents acquired under state open-records laws. Twitter informed the Daily Dot this week that it had terminated Media Sonar's access to its public API in October. If the company attempts to create other API keys, Twitter said, "we will terminate those as well and take further action as appropriate."
Android

Verizon Says It Will Not Push Samsung's Update That Disables Galaxy Note7 Because Of User Inconvenience (verizon.com) 189

Samsung confirmed on Friday that it will indeed release an update to Galaxy Note7 smartphones in the United States to "prevent US Galaxy Note7 devices from charging and will eliminate their ability to work as mobile devices." In a new wrinkle to this whole situation, Verizon said today it will not be releasing Samsung's software update to Galaxy Note7 users on Verizon network. In a blog post, Verizon said: "Verizon will not be taking part in this update because of the added risk this could pose to Galaxy Note 7 users that do not have another device to switch to. We will not push a software upgrade that will eliminate the ability for the Note 7 to work as a mobile device in the heart of the holiday travel season. We do not want to make it impossible to contact family, first responders or medical professionals in an emergency situation." To recall, the Galaxy Note7 remains banned on airlines by the FAA and has also been prohibited from being used on many other public transit services in the United States. Elsewhere in the world, similar bans have been imposed on the phone.
Facebook

Facebook Discloses New Measurement Errors, Continues To Hone Its Math (marketingland.com) 35

An anonymous reader shares an article on MarketingLand: For the third time since September, Facebook is disclosing new measurement errors. The two new errors affected the reaction counts Facebook reports on Pages' Live videos, as well as the engagement figures Facebook reports for off-Facebook links; the latter link engagement metrics were recently used in investigations by BuzzFeed and The New York Times into fake news articles' performance on Facebook. In addition to acknowledging the two new errors -- of which one has been corrected and one is still being inspected -- Facebook has refined a measurement marketers may reference when buying ads through the social network. None of the aforementioned metrics had any impact on how much money Facebook charges advertisers for their campaigns. But they may have informed brands' Facebook ad-buying strategies as well as brands', publishers' and others' Facebook-related content-publishing strategies.
Security

Zeus Variant 'Floki Bot' Targets PoS Data (onthewire.io) 22

Trailrunner7 quotes a report from On the Wire: Malware gangs, like sad wedding bands bands, love to play the hits. And one of the hits they keep running back over and over is the Zeus banking Trojan, which has been in use for many years in a number of different forms. Researchers have unearthed a new piece of malware called Floki Bot that is based on the venerable Zeus source code and is being used to infect point-of-sale systems, among other targets. Flashpoint conducted the analysis of Floki Bot with Cisco's Talos research team, and the two organizations said that the author behind the bot maintains a presence on a number of different underground forums, some of which are in Russian or other non-native languages for him. Kremez said that attackers sometimes will participate in foreign language forums as a way to expand their knowledge. Along with its PoS infection capability, Floki Bot also has a feature that allows it to use the Tor network to communicate. "During our analysis of Floki Bot, Talos identified modifications that had been made to the dropper mechanism present in the leaked Zeus source code in an attempt to make Floki Bot more difficult to detect. Talos also observed the introduction of new code that allows Floki Bot to make use of the Tor network. However, this functionality does not appear to be active for the time being," Cisco's Talos team said in its analysis.
Businesses

Yik Yak Lays Off 60 Percent of Employees As Growth Collapses (theverge.com) 71

An anonymous reader quotes a report from The Verge: Yik Yak has laid off 60 percent of employees amid a downturn in the app's growth prospects, The Verge has learned. The three-year-old anonymous social network has raised $73.5 million from top-tier investors on the promise that its young, college-age network of users could one day build a company to rival Facebook. But the challenge of growing its community while moving gradually away from anonymity has so far proven to be more than the company could muster. Employees who were affected were informed of the layoffs Thursday morning, sources told The Verge. Yik Yak employed about 50 people, and now only about 20 remain, the company said. The community, marketing, design, and product teams were all deeply affected, one source said. Atlanta-based Yik Yak was founded in 2014 by Furman University students Tyler Droll and Brooks Buffington. The app updated the concept of dorm newsletters for the mobile era, letting anyone post comments about school, their campus, or life in general. The fact that comments were anonymous initially helped the app grow, as it encouraged more candid forms of sharing than students might otherwise post on Facebook or Instagram.
AT&T

AT&T To Cough Up $88 Million For 'Cramming' Mobile Customer Bills (networkworld.com) 37

An anonymous reader quotes a report from Network World: Some 2.7 million ATT customers will share $88 million in compensation for having had unauthorized third-party charges added to their mobile bills, the Federal Trade Commission announced this morning. The latest shot in the federal government's years-long battle against such abuses, these refunds will represent the most money ever recouped by victims of what is known as "mobile cramming," according to the FTC. From an FTC press release: "Through the FTC's refund program, nearly 2.5 million current ATT customers will receive a credit on their bill within the next 75 days, and more than 300,000 former customers will receive a check. The average refund amount is $31. [...] According to the FTC's complaint, ATT placed unauthorized third-party charges on its customers' phone bills, usually in amounts of $9.99 per month, for ringtones and text message subscriptions containing love tips, horoscopes, and 'fun facts.' The FTC alleged that ATT kept at least 35 percent of the charges it imposed on its customers." The matter with ATT was originally made public in 2014 and also involved two companies that actually applied the unauthorized charges, Tatto and Acquinity.
Microsoft

PowerShell Security Threats Greater Than Ever, Researchers Warn (computerweekly.com) 118

Microsoft's Windows PowerShell configuration management framework continues to be abused by cyber attackers, according to researchers at Symantec, who have seen a surge in associated threats. From a report on ComputerWeekly: More than 95% of PowerShell scripts analysed by Symantec researchers have been found to be malicious, with 111 threat families using PowerShell. Malicious PowerShell scripts are on the rise, as attackers are using the framework's flexibility to download their payloads, traverse through a compromised network and carry out reconnaissance, according to Candid Wueest, threat researcher at Symantec.
Sony

Backdoor Accounts Found in 80 Sony IP Security Camera Models (pcworld.com) 55

Many network security cameras made by Sony could be taken over by hackers and infected with botnet malware if their firmware is not updated to the latest version. Researchers from SEC Consult have found two backdoor accounts that exist in 80 models of professional Sony security cameras, mainly used by companies and government agencies given their high price, PCWorld reports. From the article: One set of hard-coded credentials is in the Web interface and allows a remote attacker to send requests that would enable the Telnet service on the camera, the SEC Consult researchers said in an advisory Tuesday. The second hard-coded password is for the root account that could be used to take full control of the camera over Telnet. The researchers established that the password is static based on its cryptographic hash and, while they haven't actually cracked it, they believe it's only a matter of time until someone does. Sony released a patch to the affected camera models last week.
Sony

Sony Has Sold 50 Million PlayStation 4 Units (gamespot.com) 72

Sony today shared sales figures of the PlayStation 4, saying the gaming console surpassed 50 million units as of this week. The console was launched in November 2013, and hit 40 million sales mark in May this year. In a statement, the company said, via GameSpot: "We're truly delighted that the PS4 community continues to flourish since launch three years ago," Sony Interactive Entertainment boss Andrew House said in a statement. "With tremendous support from our fans and partners across the globe, this year we were able to deliver an unprecedented lineup of hardware, including the new slimmer PS4, PS4 Pro, and PlayStation VR. We will continue to provide the best gaming experiences available through our ground-breaking software lineup and network services, as we focus on accelerating our business and expanding the PS4 ecosystem."According to an estimate Nvidia provided in August, Microsoft's Xbox One has an install base of 29 million.
HP

HP Shutting Down Default FTP, Telnet Access To Network Printers (pcworld.com) 83

Security experts consider the aging FTP and Telnet protocols unsafe, and HP has decided to clamp down on access to networked printers through the remote-access tools. From a report on PCWorld: Some of HP's new business printers will, by default, be closed to remote access via protocols like FTP and Telnet. However, customers can activate remote printing access through those protocols if needed. "HP has started the process of closing older, less-maintained interfaces including ports, protocols and cipher suites" identified by the U.S. National Institute of Standards and Technology as less than secure, the company said in a statement. In addition, HP also announced firmware updates to existing business printers with improved password and encryption settings, so hackers can't easily break into the devices.
United States

Sysadmin Gets Two Years In Prison For Sabotaging ISP (bleepingcomputer.com) 133

After being let go over a series of "personal issues" with his employer, things got worse for 26-year-old network administrator Dariusz J. Prugar, who will now have to spend two years in prison for hacking the ISP where he'd worked. An anonymous reader writes: Prugar had used his old credentials to log into the ISP's network and "take back" some of the scripts and software he wrote... "Seeking to hide his tracks, Prugar used an automated script that deleted various logs," reports Bleeping Computer. "As a side effect of removing some of these files, the ISP's systems crashed, affecting over 500 businesses and over 5,000 residential customers."

When the former ISP couldn't fix the issue, they asked Prugar to help. "During negotiations, instead of requesting money as payment, Prugar insisted that he'd be paid using the rights to the software and scripts he wrote while at the company, software which was now malfunctioning, a week after he left." This tipped off the company, who detected foul play, contacted the FBI and rebuilt its entire network.

Six years later, Prugar was found guilty after a one-week jury trial, and was ordered by the judge to pay $26,000 in restitution to the ISP (which went out of business in October of 2015). Prugar's two-year prison sentence begins December 27.
Iphone

iOS's 'Activation Lock' For Stolen iPads And iPhones Can Be Easily Bypassed (computerworld.com) 54

An anonymous reader quotes ComputerWorld: Two researchers claim to have found a way to bypass the activation lock feature in iOS that's supposed to prevent anyone from using an iPhone or iPad marked as lost by its owner... One of the few things allowed from the activation lock screen is connecting the device to a Wi-Fi network, including manually configuring one. [Security researcher] Hemanth had the idea of trying to crash the service that enforces the lock screen by entering very long strings of characters in the WPA2-Enterprise username and password fields.

The researcher claims that, after awhile, the screen froze, and he used the iPad smart cover sold by Apple to put the tablet to sleep and then reopen it... "After 20-25 seconds the Add Wifi Connection screen crashed to the iPad home screen, thereby bypassing the so-called Find My iPhone Activation Lock," he said in a blog post.

There's also a five-minute video on YouTube which purports to show a newer version of the same attack.
Power

Nikola Motor Company Reveals Hydrogen Fuel Cell Truck With Range of 1,200 Miles (valuewalk.com) 105

An anonymous reader quotes a report from ValueWalk: Nikola Motor Company just unveiled a huge class 8 truck which will run on hydrogen fuel cells. Nikola claimed that the truck's operational range will be as much as 1,200 miles (1,900 km), and it will be released in 2020. Nikola designed the Nikola One for long-haul transport across a large landmass. The truck will deliver over 1,000 horsepower and 2,000 foot-pounds of torque. Provided these claims are true, the vehicle will provide nearly double the power of the current-gen diesel-powered semis/articulated lorries, notes Ars Technica. The leasing cost of the trucks will include the fuel price, servicing costs and warranty, but exactly how the lease will work is not known now, notes Ars Technica. The company says it has already accepted nearly $3 billion in future orders. A fully-electric drivetrain which gets power from high-density lithium batteries runs the vehicle, and a hydrogen fuel cell charges the batteries on the go. Its reach is presently limited, as hydrogen fueling stations currently exist in only small numbers. This made Nikola decide to construct a network of 364 hydrogen fueling stations across the U.S. and Canada, just like Tesla with its network of Superchargers. Milton claims it will come with a smart dashboard which has the capability of picking the most cost-efficient route for drivers. Also one or two full-size beds will be included inside the vehicle's enormous cab. It will have other luxuries and necessities as well, such as Wi-Fi, a refrigerator, 4G LTE connectivity, freezer, a 40-inch curved 4K TV with Apple TV and a microwave.
Twitter

Reuters Built An Algorithm That Can Identify Real News On Twitter (popsci.com) 121

Reuters has built an algorithm called News Tracer that flags and verifies breaking news on Twitter. The algorithm weeds through all 500 million tweets that are posted on a daily basis to "sort real news from spam, nonsense, ads, and noise," writes Corinne Iozzio via Popular Science: In development since 2014, reports the Columbia Journalism Review, News Tracer's work starts by identifying clusters of tweets that are topically similar. Politics goes with politics; sports with sports; and so on. The system then uses language-processing to produce a coherent summary of each cluster. What differentiates News Tracer from other popular monitoring tools, is that it was built to think like a reporter. That virtual mindset takes 40 factors into account, according to Harvard's NiemanLab. It uses information like the location and status of the original poster (e.g. is she verified?) and how the news is spreading to establish a "credibility" rating for the news item in question. The system also does a kind of cross-check against sources that reporters have identified as reliable, and uses that initial network to identify other potentially reliable sources. News Tracer can also tell the difference between a trending hashtag and real news. The mix of data points News Tracer takes into account means it works best with actual, physical events -- crashes, protests, bombings -- as opposed to the he-said-she-said that can dominate news cycles.
Facebook

Facebook Knows What You're Streaming (bloomberg.com) 100

Facebook is gathering information about the shows Roku and Apple TV owners are streaming. The company then uses the Facebook profile linked to the same IP addresses to tailor the commercials that are shown to individual users. From a report on Bloomberg: For the past few weeks, the social network says, it's been targeting ads to people streaming certain shows on their Roku or Apple TV set-top boxes. It customizes commercials based on the Facebook profiles tied to the IP addresses doing the streaming, according to a company spokesman. He says Facebook is trying out this approach with the A&E network (The Killing, Duck Dynasty) and streaming startup Tubi TV, selecting free test ads for nonprofits or its own products along with a handful of name brands. This push is part of a broader effort by social media companies to build their revenue with ads on video. Twitter is placing much of its ad-sales hopes on streaming partnerships with sports leagues and other content providers. In October, CFO Anthony Noto told analysts on an earnings call that the ads played during Twitter's NFL Thursday Night Football streaming exclusives had been especially successful, with many people watching them in their entirety with the sound turned on. The participants in these partnerships don't yet have a default answer to questions such as who should be responsible for selling the ads or who should get which slice of revenue.
Android

Multiple Vulnerabilities In AirDroid Opens At Least 10 Million Android Users To MITM Attacks, Hijackings (androidpolice.com) 30

AirDroid is a popular Android application that allows users to send and receive text messages and transfer files and see notifications from their computer. Zimperium, a mobile security company, recently released details of several major security vulnerabilities in the application, allowing attackers on the same network to access user information and execute code on a user's device. Since there are between 10 and 50 million installations of the app, many users may be imperiled by AirDroid. Android Police reports: The security issues are mainly due to AirDroid using the same HTTP request to authorize the device and send usage statistics. The request is encrypted, but uses a hardcoded key in the AirDroid application (so essentially, everyone using AirDroid has the same key). Attackers on the same network an intercept the authentication request (commonly known as a Man-in-the-middle attack) using the key extracted from any AirDroid APK to retrieve private account information. This includes the email address and password associated with the AirDroid account. Attackers using a transparent proxy can intercept the network request AirDroid sends to check for add-on updates, and inject any APK they want. AirDroid would then notify the user of an add-on update, then download the malicious APK and ask the user to accept the installation. Zimperium notified AirDroid of these security flaws on May 24, and a few days later, AirDroid acknowledged the problem. Zimperium continued to follow up until AirDroid informed them of the upcoming 4.0 release, which was made available last month. Zimperium later discovered that version 4.0 still had all these same issues, and finally went public with the security vulnerabilities today.
Botnet

International Authorities Take Down Massive 'Avalanche' Botnet, Sinkhole Over 800,000 Domains (arstechnica.com) 53

plover writes: Investigators from the U.S. Department of Justice, the FBI, Eurojust, Europol, and other global partners announced the takedown of a massive botnet named "Avalanche," estimated to have involved as many as 500,000 infected computers worldwide on a daily basis. A Europol release says: "The global effort to take down this network involved the crucial support of prosecutors and investigators from 30 countries. As a result, five individuals were arrested, 37 premises were searched, and 39 servers were seized. Victims of malware infections were identified in over 180 countries. In addition, 221 servers were put offline through abuse notifications sent to the hosting providers. The operation marks the largest-ever use of sinkholing to combat botnet infrastructures and is unprecedented in its scale, with over 800,000 domains seized, sinkholed or blocked." Sean Gallagher writes via Ars Technica: "The domains seized have been 'sinkholed' to terminate the operation of the botnet, which is estimated to have spanned over hundreds of thousands of compromised computers around the world. The Justice Department's Office for the Western Federal District of Pennsylvania and the FBI's Pittsburgh office led the U.S. portion of the takedown. 'The monetary losses associated with malware attacks conducted over the Avalanche network are estimated to be in the hundreds of millions of dollars worldwide, although exact calculations are difficult due to the high number of malware families present on the network,' the FBI and DOJ said in their joint statement. In 2010, an Anti-Phishing Working Group report called out Avalanche as 'the world's most prolific phishing gang,' noting that the Avalanche botnet was responsible for two-thirds of all phishing attacks recorded in the second half of 2009 (84,250 out of 126,697). 'During that time, it targeted more than 40 major financial institutions, online services, and job search providers,' APWG reported. In December of 2009, the network used 959 distinct domains for its phishing campaigns. Avalanche also actively spread the Zeus financial fraud botnet at the time."
Earth

Earthquake-Sensing Mobile App 'MyShake' Detects Over 200 Earthquakes Large and Small (techcrunch.com) 25

Back in February, researchers at UC Berkeley released an app called MyShake that detects strong earthquakes seconds before the damaging seismic waves arrive. Several months have passed since its release and app has already detected over 200 earthquakes in more than ten countries. TechCrunch reports: The app has received nearly 200,000 downloads, though only a fraction of those are active at any given time; it waits for the phone to sit idle so it can get good readings. Nevertheless, over the first six months the network of sensors has proven quite effective. "We found that MyShake could detect large earthquakes, but also small ones, which we never thought would be possible," one of the app's creators, Qingkai Kong, told New Scientist. A paper describing the early results was published in Geophysical Research Letters -- the abstract gives a general idea of the app's success: "On a typical day about 8000 phones provide acceleration waveform data to the MyShake archive. The on-phone app can detect and trigger on P waves and is capable of recording magnitude 2.5 and larger events. The largest number of waveforms from a single earthquake to date comes from the M5.2 Borrego Springs earthquake in Southern California, for which MyShake collected 103 useful three-component waveforms. The network continues to grow with new downloads from the Google Play store everyday and expands rapidly when public interest in earthquakes peaks such as during an earthquake sequence." You can download the app for Android here.

Slashdot Top Deals