Ms. Smith

Author Archives: Ms. Smith

FCC should produce logs to prove ‘multiple DDoS attacks’ stopped net neutrality comments

After John Oliver urged viewers of HBO’s Last Week Tonight to fight for net neutrality (again) and post comments on the FCC's site, people were not able to submit comments because the site turned to molasses.The FCC blamed the problem on “multiple” DDoS attacks: “These were deliberate attempts by external actors to bombard the FCC’s comment system with a high amount of traffic to our commercial cloud host. These actors were not attempting to file comments themselves; rather they made it difficult for legitimate commenters to access and file with the FCC.”To read this article in full or to leave a comment, please click here

Google Project Zero researchers find ‘crazy bad’ Windows RCE flaw

A remote code execution (RCE) vulnerability is about as bad as it gets. And if it is in Windows, then a multitude of people are at risk until it is patched.The question is, though, if the existence of a critical flaw is disclosed shortly before Patch Tuesday, will Microsoft scramble to immediately close that hole or will the company sit on it and wait out the 90-day disclosure deadline? We will find out tomorrow on Patch Tuesday if Microsoft took immediate action to close a “crazy bad” RCE flaw in Windows that was discovered by Google’s zero-day finders.On the cusp of the weekend, Google Project Zero researcher Tavis Ormandy sent out an alarming tweet. He and fellow Project Zero researcher Natalie Silvanovich had discovered not just an RCE in Windows, but the “worst Windows remote code exec in recent memory.” He went so far as to call it “crazy bad.”To read this article in full or to leave a comment, please click here

Google Project Zero researchers find ‘crazy bad’ Windows RCE flaw

A remote code execution (RCE) vulnerability is about as bad as it gets. And if it is in Windows, then a multitude of people are at risk until it is patched.The question is, though, if the existence of a critical flaw is disclosed shortly before Patch Tuesday, will Microsoft scramble to immediately close that hole or will the company sit on it and wait out the 90-day disclosure deadline? We will find out tomorrow on Patch Tuesday if Microsoft took immediate action to close a “crazy bad” RCE flaw in Windows that was discovered by Google’s zero-day finders.On the cusp of the weekend, Google Project Zero researcher Tavis Ormandy sent out an alarming tweet. He and fellow Project Zero researcher Natalie Silvanovich had discovered not just an RCE in Windows, but the “worst Windows remote code exec in recent memory.” He went so far as to call it “crazy bad.”To read this article in full or to leave a comment, please click here

HandBrake mirror server hacked to serve up Proton RAT for Macs

If you recently downloaded the HandBrake app for Mac, then there’s a good chance your system is infected with a nasty Remote Access Trojan (RAT).On Saturday, the HandBrake team posted a security alert after learning one of the mirror download servers was hacked. The attacker replaced the Mac version of the HandBrake client with a malicious version.In case you don’t know, HandBrake is an open source video transcoder app which allows users to convert video to other formats.The HandBrake team said an attacker compromised the download mirror server at download.handbrake.fr and replaced the HandBrake-1.0.7.dmg installer file with a version infected with a new variant of the Proton RAT.To read this article in full or to leave a comment, please click here

HandBrake mirror server hacked to serve up Proton RAT for Macs

If you recently downloaded the HandBrake app for Mac, then there’s a good chance your system is infected with a nasty Remote Access Trojan (RAT).On Saturday, the HandBrake team posted a security alert after learning one of the mirror download servers was hacked. The attacker replaced the Mac version of the HandBrake client with a malicious version.In case you don’t know, HandBrake is an open source video transcoder app which allows users to convert video to other formats.The HandBrake team said an attacker compromised the download mirror server at download.handbrake.fr and replaced the HandBrake-1.0.7.dmg installer file with a version infected with a new variant of the Proton RAT.To read this article in full or to leave a comment, please click here

May the Fourth be with you on World Password Day

Get ready to be bombarded with “May the Fourth be with you” puns regarding your passwords and identity, as this year May 4 is not only Star Wars Day but also World Password Day.Leading up to World Password Day, I received dozens of emails about how bad our password hygiene still is, studies about poor password management, reminders to change passwords, pitches about password managers and biometric options to replace passwords, reminders to use multi-factor authentication (MFA) as well as the standard advise for choosing a stronger password. Some of that advice contradicts NIST-proposed changes for password management.Although NIST closed comments on for its Digital Identity Guidelines draft on May 1, VentureBeat highlighted three big changes. Since this is NIST and changes to password management rules will eventually affect even nongovernment organizations and trickle down to affect pretty much everyone online, it’s important to look at them. Those changes, according to VentureBeat, boil down to:To read this article in full or to leave a comment, please click here

May the Fourth be with you on World Password Day

Get ready to be bombarded with “May the Fourth be with you” puns regarding your passwords and identity, as this year May 4 is not only Star Wars Day but also World Password Day.Leading up to World Password Day, I received dozens of emails about how bad our password hygiene still is, studies about poor password management, reminders to change passwords, pitches about password managers and biometric options to replace passwords, reminders to use multi-factor authentication (MFA) as well as the standard advise for choosing a stronger password. Some of that advice contradicts NIST-proposed changes for password management.Although NIST closed comments on for its Digital Identity Guidelines draft on May 1, VentureBeat highlighted three big changes. Since this is NIST and changes to password management rules will eventually affect even nongovernment organizations and trickle down to affect pretty much everyone online, it’s important to look at them. Those changes, according to VentureBeat, boil down to:To read this article in full or to leave a comment, please click here

Dataset of scraped Tinder pics poof from Kaggle after Tinder complains

Tinder was ticked after 40,000 profile photos were scraped to create the People of Tinder dataset, accused the person behind the script of violating its terms of service, and asked Kaggle to remove the dataset from the platform. Nevertheless, it was downloaded hundreds of time before the take-down which now results in a 404 error.The People of Tinder dataset was created by Stuart Colianni; it consisted of 40,000 images from Tinder users in the San Francisco Bay Area – half were of women and half were of men. He intends to use the dataset with Google’s TensorFlow’s Inception to create a neural network capable of distinguishing between male and female images.To read this article in full or to leave a comment, please click here

Dataset of scraped Tinder pics poof from Kaggle after Tinder complains

Tinder was ticked after 40,000 profile photos were scraped to create the People of Tinder dataset, accused the person behind the script of violating its terms of service, and asked Kaggle to remove the dataset from the platform. Nevertheless, it was downloaded hundreds of time before the take-down which now results in a 404 error.The People of Tinder dataset was created by Stuart Colianni; it consisted of 40,000 images from Tinder users in the San Francisco Bay Area – half were of women and half were of men. He intends to use the dataset with Google’s TensorFlow’s Inception to create a neural network capable of distinguishing between male and female images.To read this article in full or to leave a comment, please click here

Leaked document shows how Facebook can target emotionally vulnerable teens for ads

Facebook is so proud of its algorithms, it conducted research about exploiting posts by kids as young as 14 to show how its algorithms could help advertisers pinpoint emotionally vulnerable moments for the purpose of targeted ads.The Australian (paywall) got its hands on a 23-page Facebook document, dated in 2017, marked as “Confidential: Internal Only,” and authored by two Australian Facebook executives, Andy Sinn and David Fernandez. While no screenshots were included, the report allegedly explained how Facebook could analyze posts, photos and interactions to help determine the emotional states of 6.4 million “high schoolers,” “tertiary” (college) students and “young Australians and New Zealander ... in the workforce.”To read this article in full or to leave a comment, please click here

Leaked document shows how Facebook can target emotionally vulnerable teens for ads

Facebook is so proud of its algorithms, it conducted research about exploiting posts by kids as young as 14 to show how its algorithms could help advertisers pinpoint emotionally vulnerable moments for the purpose of targeted ads.The Australian (paywall) got its hands on a 23-page Facebook document, dated in 2017, marked as “Confidential: Internal Only,” and authored by two Australian Facebook executives, Andy Sinn and David Fernandez. While no screenshots were included, the report allegedly explained how Facebook could analyze posts, photos and interactions to help determine the emotional states of 6.4 million “high schoolers,” “tertiary” (college) students and “young Australians and New Zealander ... in the workforce.”To read this article in full or to leave a comment, please click here

Facebook able to target emotionally vulnerable teens for ads

Facebook is so proud of its algorithms that it conducted research about exploiting posts by kids as young as 14 to show how its algorithms could help advertisers pinpoint emotionally vulnerable moments for the purpose of targeted ads.The Australian (paywall) got its hands on a 23-page Facebook document, dated in 2017, marked as “Confidential: Internal Only,” and authored by two Australian Facebook executives, Andy Sinn and David Fernandez. While no screenshots were included, the report allegedly explained how Facebook could analyze posts, photos and interactions to help determine the emotional states of 6.4 million “high schoolers,” “tertiary” (college) students and “young Australians and New Zealanders ... in the workforce.”To read this article in full or to leave a comment, please click here

Facebook able to target emotionally vulnerable teens for ads

Facebook is so proud of its algorithms that it conducted research about exploiting posts by kids as young as 14 to show how its algorithms could help advertisers pinpoint emotionally vulnerable moments for the purpose of targeted ads.The Australian (paywall) got its hands on a 23-page Facebook document, dated in 2017, marked as “Confidential: Internal Only,” and authored by two Australian Facebook executives, Andy Sinn and David Fernandez. While no screenshots were included, the report allegedly explained how Facebook could analyze posts, photos and interactions to help determine the emotional states of 6.4 million “high schoolers,” “tertiary” (college) students and “young Australians and New Zealanders ... in the workforce.”To read this article in full or to leave a comment, please click here

Hackers leak 10 new Orange Is the New Black episodes after Netflix failed to pay ransom

On Saturday, the hacking group The Dark Overlord followed through with threats to release 10 of 13 new Orange Is the New Black episodes that it had in its possession after Netflix failed to pay a ransom. The Dark Overlord, or TDO, allegedly has tried to extort money from other big networks as well and used the leak to threaten those networks.TDO tweeted: “Who is next on the list? FOX, IFC, NAT GEO, and ABC. Oh, what fun we’re all going to have. We’re not playing games anymore.” Who is next on the list? FOX, IFC, NAT GEO, and ABC. Oh, what fun we're all going to have. We're not playing any games anymore.To read this article in full or to leave a comment, please click here

Hackers leak 10 new Orange Is the New Black episodes after Netflix failed to pay ransom

On Saturday, the hacking group The Dark Overlord followed through with threats to release 10 of 13 new Orange Is the New Black episodes that it had in its possession after Netflix failed to pay a ransom. The Dark Overlord, or TDO, allegedly has tried to extort money from other big networks as well and used the leak to threaten those networks.TDO tweeted: “Who is next on the list? FOX, IFC, NAT GEO, and ABC. Oh, what fun we’re all going to have. We’re not playing games anymore.” Who is next on the list? FOX, IFC, NAT GEO, and ABC. Oh, what fun we're all going to have. We're not playing any games anymore.To read this article in full or to leave a comment, please click here

Hackers leak 10 new Orange Is the New Black episodes after Netflix fails to pay ransom

On Saturday, the hacking group The Dark Overlord followed through with threats to release 10 of 13 new Orange Is the New Black episodes that it had in its possession after Netflix failed to pay a ransom. The Dark Overlord, or TDO, allegedly has tried to extort money from other big networks as well and used the leak to threaten those networks.TDO tweeted: “Who is next on the list? FOX, IFC, NAT GEO, and ABC. Oh, what fun we’re all going to have. We’re not playing games anymore.” Who is next on the list? FOX, IFC, NAT GEO, and ABC. Oh, what fun we're all going to have. We're not playing any games anymore.To read this article in full or to leave a comment, please click here

Hackers leak 10 new Orange Is the New Black episodes after Netflix fails to pay ransom

On Saturday, the hacking group The Dark Overlord followed through with threats to release 10 of 13 new Orange Is the New Black episodes that it had in its possession after Netflix failed to pay a ransom. The Dark Overlord, or TDO, allegedly has tried to extort money from other big networks as well and used the leak to threaten those networks.TDO tweeted: “Who is next on the list? FOX, IFC, NAT GEO, and ABC. Oh, what fun we’re all going to have. We’re not playing games anymore.” Who is next on the list? FOX, IFC, NAT GEO, and ABC. Oh, what fun we're all going to have. We're not playing any games anymore.To read this article in full or to leave a comment, please click here

Drunken man arrested for assaulting 300-lb. K5 security robot

So, you toss back a few drinks and decide now is the best time to “test” a 5-foot tall, 300-pound, egg-shaped security robot that is patrolling a Mountain View, California, parking lot. Although it might seem like a good idea when you are drunk, it might not be the best plan, considering it resulted in the arrest of 41-year-old man when he tried it.After Jason Sylvain assaulted Knightscope’s K5 Autonomous Data Machine in a parking lot, he was arrested and stands accused of “prowling and public intoxication.”Knightscope told ABC7, “It's a testament to the technology that police caught the aggressor and booked in him jail.”To read this article in full or to leave a comment, please click here

Drunken man arrested for assaulting 300-lb. K5 security robot

So, you toss back a few drinks and decide now is the best time to “test” a 5-foot tall, 300-pound, egg-shaped security robot that is patrolling a Mountain View, California, parking lot. Although it might seem like a good idea when you are drunk, it probably isn't the best plan, considering it resulted in the arrest of 41-year-old man when he tried it.After Jason Sylvain assaulted Knightscope’s K5 Autonomous Data Machine in a parking lot, he was arrested and stands accused of “prowling and public intoxication.”Knightscope told ABC7, “It's a testament to the technology that police caught the aggressor and booked in him jail.”To read this article in full or to leave a comment, please click here

Chaos for customers: Webroot flags Windows as malware and Facebook as phishing site

A Webroot antivirus signature update, which was supposedly live for only 13 minutes yesterday afternoon, flagged crucial Windows system files as malicious, causing chaos and 15 pages of customer complaints so far.The havoc began after Webroot flagged some Windows system files as the malware Win32.Trojan.Gen and moved key system files to quarantine. As legit files were shuffled around, thousands upon thousands of Webroot customers experienced OS errors or crashed Windows systems.To read this article in full or to leave a comment, please click here