The United States Department of Justice is pushing Google to sell Google Chrome to break their search monopoly (not yet official).
Source
@Kalilinux
On Monday Amazon confirmed a breach of employee data which was published on a crime-focused forum, according to a statement from Amazon to 404 Media.
@Kalilinux
https://www.404media.co/amazon-confirms-breach-of-employee-data/
https://supporters.eff.org/donate/fed-up-give-today
Читать полностью…
All donations to the Tor Project matched 1:1, now through Dec 31
Each year during this season, the Tor Project holds a fundraiser during which we ask for your support. We do this because the Tor Project is a nonprofit organization, powered by donations from our community.
Donations make it possible for the Tor Project to build tools powered by people-not profit.
Over the next few months, well be sharing stories from some of the millions of people you’re helping when you support Tor, details about what’s coming next to our suite of privacy and censorship circumvention tools, and ways you can help make privacy online easy and accessible.
Now is a great time to give and spread the word about the Tor Project because through the end of the year, all donations will be matched. That means when you donate $25, you’re making a $50 impact. Plus, we’ve introduced a brand-new item to our list of gifts you can receive in return for making a donation.
https://torproject.org/donate/donate-tel-yec2024
Gen Threat Labs has recently discovered a sophisticated rootkit targeting Arch Linux (6.10.2-arch1-1 x86_64)
More details in the pictures and here is the source
@Kalilinux
Yet another supply chain attack, yet another Chinese App on Google play.
We're talking about the new version of the Necro malware loader for Android which has the same payload configurations and payloads as the previous version and is installed on 11 million devices through Google Play in malicious SDK supply chain attacks.
Wuta Camera, a selfie retouching app developed by Shanghai Benqumark Network Technology and the Max Browser, which marketed itself as a privacy-focused browser for Android are the two Apps involved.
the two apps were infected by an advertising SDK named 'Coral SDK,' which employed obfuscation to hide its malicious activities and also image steganography to download the second-stage payload, shellPlugin, disguised as harmless PNG images.
While the trojan was removed in version 6.3.7.138, any payloads that might have been installed via the older versions might still lurk on Android devices.
source-01
source-02
More detailed source-03
@kalilinux
North Korean hackers target Python developers with malware disguised as coding tests — hack has been underway for a year and is likely to be continued.
@Kalilinux
Source-01
Sourse-02
Today the United States Department of Justice announced the conviction of Remy St. Felix. St. Felix is accused of being the mastermind behind a string of violent home invasions targeting individuals possessing large quantities of cryptocurrency.
Prosecutors state St. Felix targeted crypto holders in North Carolina, Florida, Texas, and New York.
Due to the violence of the actions — including assaulting victims, zip-tying them, holding them at a gunpoint, and threatening to murder their family, St. Felix is facing charges for; conspiracy, kidnapping, Hobbs Act robbery, wirefraud, and brandishing a firearm in furtherance of a crime of violence. He is facing a maximum sentence of life in prison.
@Kalilinux
Source
A new version of the Open Source AI Definition has been released with one new feature and a cleaner text, based on comments received from public discussions and recommendations.
You can also join the community and participate in this historic moment by providing precise feedback on the text of the latest draft.
@kalilinux
https://opensource.org/blog/community-input-drives-the-new-draft-of-the-open-source-ai-definition
Let's have a glance on the fragility of the open-source software supply chain.
Experts believe "The community model of just trusting [the code] because it’s open source was never a great model" and it needs to be changed.
When trust meets transparency in open-source, security risks aren’t far behind.
@kalilinux
https://cyberscoop.com/open-source-security-trust-xz-utils/
Joseph Cox asked Signal's president whether the FBI has approached any of Signal's engineers to put certain code into Signal (the CEO of Telegram recently said FBI did approach Telegram engineers to try to do this).
@kalilinux
404media is reporting that #Reddit is blocking ALL search engine crawls EXCEPT #Google – which is currently paying $60,000,000/year for the right to scrape Reddit for #AI training data.
More information:
https://www.404media.co/google-is-the-only-search-engine-that-works-on-reddit-now-thanks-to-ai-deal/
@kalilinux
Source
A CrowdStrike update is breaking computers running Windows, causing them to crash and display the blue screen of death. Across industries, companies around the world haven’t been able to reboot, according to reports. Firms affected by the outage include Sky News, which has been unable to broadcast.
Microsoft said it is taking “mitigation actions” after service issues it said started at about 6 p.m. Eastern Time. The company says it is investigating issues with cloud services in the U.S. and “an issue impacting several of its apps and services,” Sky News reported.
“We are aware of a scenario in which customers experience issues with their machines causing a bug check (blue screen) due to a recent CrowdStrike update,” a Microsoft spokesperson said. “We recommend customers to follow guidance provided by CrowdStrike.”
There is a workaround, they added:
1. Boot Windows into Safe Mode or WRE.
2. Go to C:\Windows\System32\drivers\CrowdStrike
3. Locate and delete file matching "C-00000291*.sys"
4. Boot normally.
When visiting a *.google.com domain, the Google site can use the API to query the real-time CPU, GPU, and memory usage of your browser, as well as info about the processor you're using, so that whatever service is being provided – such as video-conferencing with Google Meet – could, for instance, be optimized and tweaked so that it doesn't overly tax your computer. The functionality is implemented as an API provided by an extension baked into Chromium – the browser brains primarily developed by Google and used in Chrome, Edge, Opera, Brave, and others.
https://www.theregister.com/2024/07/12/chromium_api_system_information/
@kalilinux
Source
@Kalilinux
CVE-2024-44308 — JavaScriptCore — Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.
CVE-2024-44309 — WebKit — Processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.
https://www.404media.co/apple-quietly-introduced-iphone-reboot-code-which-is-locking-out-cops/
@Kalilinux
@Kalilinux
https://www.404media.co/suspected-snowflake-hacker-arrested-in-canada/
Internet Archive's "The Wayback Machine" has suffered a data breach after a threat actor compromised the website and stole a user authentication database containing 31 million unique records.
HIBP operator Troy Hunt confirmed to Bleeping Computer that nine days ago, he received a file containing “email addresses, screen names, password change timestamps, Bcrypt-hashed passwords, and other internal data” for 31 million unique email addresses, and confirmed it was valid by matching data with a user’s account.
But 54 percent of the accounts were already in its database from previous breaches.
Not so long after the breach, the Internet Archive suffered a DDoS attack, which has now been claimed by the BlackMeta hacktivist group, who says they will be conducting additional attacks.
read more ...
@Kalilinux
Caroline Ellison to 2 years for covering up Sam Bankman-Fried’s FTX fraud
Caroline Ellison "deeply regrets" FTX lies, must now forfeit $11 billion.
Source
@Kalilinux
UltraAV force-installed on Kaspersky users' PCs
#Kaspersky antivirus has reportedly begun silently installing a new #antivirus product called "Ultra AV" on United States-based users machines!
According to many online customer reports, including BleepingComputer's forums, UltraAV's software was installed on their computers without any prior notification, with many concerned that their devices had been infected with #malware.
"I woke up and saw this new antivirus system on my desktop and I tried opening kaspersky but it was gone. So I had to look up what happened because I was literally having a mini heart attack that my desktop somehow had a virus which uninstalled kaspersky somehow," one user said.
https://www.youtube.com/watch?v=MKTN2OiR2R8
@Kalilinux
#Zyxel is warning of nearly a dozen #vulnerabilities in a wide array of its products. If left unpatched, some of them could enable the complete takeover of the devices, which can be targeted as an initial point of entry into large #networks
@kalilinux
source
Telegram founder Pavel Durov arrested in Paris: 'Taken into custody by French secret services'
@kalilinux
source-fr
source-en
Is "open source" AI, really open? What is an #open_source Ai? Is it possible to have one? How?
The license for Meta’s LLaMa 2 restricts usage by any organization with 700 or more million monthly active users. Other licenses explicitly prohibit using #AI for illegal activities, which can vary widely country by country. Are those models open source?
@kalilinux
https://leaddev.com/tech/be-careful-open-source-ai
https://shiftmag.dev/unhappy-developers-stack-overflow-survey-3896/?utm_source=changelog-news
@kalilinux
Spoiler Alert:
Working with imperfect systems demoralizes programmers, making it difficult to do quality work.
ESET researchers discovered a #zero_day Telegram for Android exploit that allows sending #malicious files disguised as videos.
@kalilinux
We were able to locate an example of the exploit, allowing us to analyze it further, and report it to Telegram on June 26th, 2024. On July 11th, they released an update that fixes the vulnerability in Telegram versions 10.14.5 and above.
🚨🚨AT&T allegedly Paid a Hacker $370,000 to Delete Stolen Phone Records. "A security researcher who assisted with the deal says he believes the only copy of the complete dataset of call and text records of “nearly all” AT&T customers has been wiped—but some risks may remain." 🙂
@kalilinux
https://www.wired.com/story/atandt-paid-hacker-300000-to-delete-stolen-call-records/
Massive AT&T data breach exposes call logs of 109 million customers.
AT&T says that the stolen data contains the call and text records of nearly all AT&T mobile clients and customers of mobile virtual network operators (MVNOs) made from May 1 to October 31, 2022 and on January 2, 2023.
The stolen data includes:
. Telephone numbers of AT&T wireline customers and customers of other carriers.
. Telephone numbers with which AT&T or MVNO wireless numbers interacted.
. Count of interactions (e.g., the number of calls or texts).
. Aggregate call duration for a day or month.
. For a subset of records, one or more cell site identification numbers.
