The Linkielist

Linking ideas with the world

Chinese hackers stealing everything from flight passenger data to IP for past 3 years

NCC Group and Fox-IT have been tracking a threat group with a wide set of interests, from intellectual property (IP) from victims in the semiconductors industry through to passenger data from the airline industry. In their intrusions they regularly abuse cloud services from Google and Microsoft to achieve their goals. NCC Group and Fox-IT observed Read more about Chinese hackers stealing everything from flight passenger data to IP for past 3 years[…]

Valve, Bandai, Capcom, Focus Home, Koch Media, Zenimax fined $9.4M by EU for illegal geo-blocking, antitrust collusion

A lengthy antitrust investigation into PC games geo-blocking in the European Union by distribution platform Valve and five games publishers has led to fines totalling €7.8 million (~$9.4 million) after the Commission confirmed today that the bloc’s rules had been breached.The geo-blocking practices investigated since before 2017 concerned around 100 PC video games of different Read more about Valve, Bandai, Capcom, Focus Home, Koch Media, Zenimax fined $9.4M by EU for illegal geo-blocking, antitrust collusion[…]

Beware This Text String That Can Crash Windows and ‘Corrupt’ Your Drive

Hackers are exploiting a strange bug that lets a simple text string ‘corrupt’ your Windows 10 or Windows XP computer’s hard drive if you extract a ZIP file, open a specific folder, or even click on a Windows shortcut. The hacker adds the text string to a folder’s location, and the moment you open it, bam—hard Read more about Beware This Text String That Can Crash Windows and ‘Corrupt’ Your Drive[…]

FireEye publishes details of SolarWinds hacking techniques, gives out free tool to detect signs of intrusion

n an update and white paper [PDF] released on Tuesday, FireEye warned that the hackers – which intelligence services and computer security outfits have concluded were state-sponsored Russians – had specifically targeted two groups of people: those with access to high-level information, and sysadmins. But the targeting of those accounts will be difficult to detect, Read more about FireEye publishes details of SolarWinds hacking techniques, gives out free tool to detect signs of intrusion[…]

Indian government slams Facebook over WhatsApp ‘privacy’ update, wants its own Europe-style opt-out switch

The Indian government has sent a fierce letter to Facebook over its decision to update the privacy rules around its WhatsApp chat service, and asked the antisocial media giant to put a halt to the plans.In an email from the IT ministry to WhatsApp head Will Cathcart, provided to media outlets, the Indian government notes Read more about Indian government slams Facebook over WhatsApp ‘privacy’ update, wants its own Europe-style opt-out switch[…]

Brave Will Become First Browser To Offer IPFS peer to peer content hosting

On Tuesday, privacy-focused browser Brave released an update that makes it the first to feature peer-to-peer protocol for hosting web content. Known as IPFS, which stands for InterPlanetary File System, the protocol allows users to load content from a decentralized network of distributed nodes rather than a centralized server. It’s new — and much-heralded — technology, Read more about Brave Will Become First Browser To Offer IPFS peer to peer content hosting[…]

Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments

While Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor. We can confirm the existence of another intrusion vector that works by abusing applications with privileged access to Microsoft Office 365 and Azure environments. After an extensive investigation, we determined the attacker only gained access to Read more about Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments[…]

How to batch export ALL your WhatsApp chats in one go for non rooted Android on PC

It’s a process that requires quite some installation and some good reading of the instructions but it can be done. The trick is to install an older version of WhatsApp, extract the key and then copy the message databases. Then you can decrypt the database file and read it using another program. The hardest bit Read more about How to batch export ALL your WhatsApp chats in one go for non rooted Android on PC[…]

Behind a Secret Deal Between Google and Facebook – how monopolies define winners and kill losers

In 2017, Facebook said it was testing a new way of selling online advertising that would threaten Google’s control of the digital ad market. But less than two years later, Facebook did an about-face and said it was joining an alliance of companies backing a similar effort by Google.Facebook never said why it pulled back Read more about Behind a Secret Deal Between Google and Facebook – how monopolies define winners and kill losers[…]

Socialarcs 400GB of scraped data exposing 200+ million Facebook, Instagram and LinkedIn users. Again.

High-flying and rapidly growing Chinese social media management company Socialarks has suffered a huge data leak leading to the exposure of over 400GB of personal data including several high-profile celebrities and social media influencers. The company’s unsecured ElasticSearch database contained personally identifiable information (PII) from at least 214 million social media users from around the Read more about Socialarcs 400GB of scraped data exposing 200+ million Facebook, Instagram and LinkedIn users. Again.[…]

AI upstart stealing facial data told to delete data and algorithms

Everalbum, a consumer photo app maker that shut down on August 31, 2020, and has since relaunched as a facial recognition provider under the name Paravision, on Monday reached a settlement with the FTC over the 2017 introduction of a feature called “Friends” in its discontinued Ever app. The watchdog agency claims the app deployed Read more about AI upstart stealing facial data told to delete data and algorithms[…]

Tesla Would Take Nearly 1,600 Years To Make The Amount Of Money The Stock Market Values It At

Tesla is an oddity in the business landscape. The company’s stock is so stratospheric that Elon Musk has surpassed Jeff Bezos as the world’s richest person. Now, we have another mind-blowing metric. At Tesla’s current price-to-earnings ratio, it would take the company almost 1,600 years to make what the stock market says it’s worth.The New Read more about Tesla Would Take Nearly 1,600 Years To Make The Amount Of Money The Stock Market Values It At[…]

Amazon Ring Neighbors App Left User Data Exposed, incl addresses, lat + long

Ring, the Amazon-owned friend to nosy police departments everywhere, has suffered another embarrassing security stumble. The surveillance company’s Neighbors app—which was launched in 2018 as a kind of “neighborhood watch” feature—apparently left users exact geographical data and home address information exposed to the internet. Neighbors is Ring’s online forum where users can share public safety Read more about Amazon Ring Neighbors App Left User Data Exposed, incl addresses, lat + long[…]

NYPD posts surveillance systems and use and requests comments

Beginning, January 11, 2020, draft surveillance technology impact and use policies will be posted on the Department’s website. Members of the public are invited to review the impact and use policies and provide feedback on their contents. The impact and use policies provide details of: 1) the capabilities of the Department’s surveillance technologies, 2) the Read more about NYPD posts surveillance systems and use and requests comments[…]

Epic Games files competition lawsuit against Google in the UK over Fortnite’s ejection from Play Store

Epic Games intends to file a competition lawsuit against Google in the UK as part of the ongoing Fortnite-kicked-off-platforms saga, according to documents lodged with the Competition Appeal Tribunal.The lawsuit will allege that Google, holder of “a dominant position in the Android app distribution market”, has unfairly restricted “competition from alternative app stores and other Read more about Epic Games files competition lawsuit against Google in the UK over Fortnite’s ejection from Play Store[…]

WhatsApp delays enforcement of privacy terms by 3 months, following backlash

WhatsApp said on Friday that it won’t enforce the planned update to its data-sharing policy until May 15, weeks after news about the new terms created confusion among its users, exposed the Facebook app to a potential lawsuit, triggered a nationwide investigation and drove tens of millions of its loyal fans to explore alternative messaging Read more about WhatsApp delays enforcement of privacy terms by 3 months, following backlash[…]

Apple Is Reportedly Cracking Down on App Sideloading on M1 Macs

Earlier this week, 9to5Mac spotted some iOS and macOS beta code that suggested Apple would prevent users from being able to sideload unsupported apps onto the new M1 Macs. Today, 9to5Mac reported that it’s now no longer possible to sideload apps that aren’t available in the Mac App Store even if they’re available on iOS. Read more about Apple Is Reportedly Cracking Down on App Sideloading on M1 Macs[…]

Virgin Orbit launches rocket off a 747 aircraft, puts satellites into orbit

A 70-foot rocket, riding beneath the wing of a retrofitted Boeing 747 aircraft, detached from the plane and fired itself into Earth’s orbit on Sunday — marking the first successful launch for the California-based rocket startup Virgin Orbit. Virgin Orbit’s 747, nicknamed Cosmic Girl, took off from California around 10:30 am PT with the rocket, Read more about Virgin Orbit launches rocket off a 747 aircraft, puts satellites into orbit[…]

Turkey launches antitrust probe into WhatsApp and Facebook over the new privacy policy. Still can’t export Whatsapp chats.

WhatsApp updated its privacy policy at the turn of the new year. Users were notified via a popup message upon opening the app that their data would now be shared with Facebook and other companies come February 8. Due to Facebook’s notorious history with user data and privacy, the new update has since then garnered Read more about Turkey launches antitrust probe into WhatsApp and Facebook over the new privacy policy. Still can’t export Whatsapp chats.[…]

Firefox to block Backspace key from working as “Back” button

Mozilla developers plan to remove support for using the Backspace key as a Back button inside Firefox.The change is currently active in the Firefox Nightly version and is expected to go live in Firefox 86, scheduled to be released next month, in late February 2021.ZDNet RecommendsThe best free video streaming servicesThe best free video streaming Read more about Firefox to block Backspace key from working as “Back” button[…]

Every Deleted Parler Post, Many With Users’ Location Data, Has Been Archived. Parler goes down. Still can’t export your Whatsapp history.

In the wake of the violent insurrection at the U.S. Capitol by scores of President Trump’s supporters, a lone researcher began an effort to catalogue the posts of social media users across Parler, a platform founded to provide conservative users a safe haven for uninhibited “free speech” — but which ultimately devolved into a hotbed Read more about Every Deleted Parler Post, Many With Users’ Location Data, Has Been Archived. Parler goes down. Still can’t export your Whatsapp history.[…]

Ubiquiti iniquity: Wi-Fi box slinger warns hackers may have peeked at customers’ personal information

Networking vendor Ubiquiti has written to its customers to advise them of a possible leak of their personal information. “We recently became aware of unauthorized access to certain of our information technology systems hosted by a third-party cloud provider,” the email opens, before adding: “We have no indication that there has been unauthorized activity with Read more about Ubiquiti iniquity: Wi-Fi box slinger warns hackers may have peeked at customers’ personal information[…]

ODoH: Cloudflare and Apple design a new privacy-friendly internet protocol for DNS

Engineers at Cloudflare and Apple say they’ve developed a new internet protocol that will shore up one of the biggest holes in internet privacy that many don’t know even exists. Dubbed Oblivious DNS-over-HTTPS, or ODoH for short, the new protocol makes it far more difficult for internet providers to know which websites you visit. But Read more about ODoH: Cloudflare and Apple design a new privacy-friendly internet protocol for DNS[…]

Light Commands: Hacking Voice Assistants with Lasers / Light Commands: Laser-Based Audio Injection Attacks on Voice-Controllable

Our laser-based injection attack Light Commands shows how microphones can respond to light as if it was sound. By simply modulating the amplitude of laser light, we can inject fully inaudible and invisible commands into microphones of smart speakers, phones, and tablets, across large distances and through glass windows. In this talk, we will show: Read more about Light Commands: Hacking Voice Assistants with Lasers / Light Commands: Laser-Based Audio Injection Attacks on Voice-Controllable[…]

Turn a Touch Interface Touchless with Intel RealSense TCS

Today, Intel announced Intel® RealSense™ Touchless Control Software (TCS), a simple solution for converting a touch-based kiosk or digital sign into a safer, touchless one while maintaining a familiar and intuitive user experience. With the pandemic affecting people worldwide, pay and check-in stations, automated teller machines and ordering kiosks could use the Intel RealSense software Read more about Turn a Touch Interface Touchless with Intel RealSense TCS[…]