Tech Spite

People around the world are rallying to subvert Iran's internet shutdown, but actually pulling it off is proving difficult and risky. from Wired https://ift.tt/xfNsqU0

It appears that not even the iconic Windows logo is safe from malware anymore, as some cybercriminals managed to successfully hide malicious code inside it.  Cybersecurity experts at Symantec claim to have spotted one such campaign using a process of hiding malicious code in otherwise harmless images, otherwise known as steganography.  It is usually done to avoid detection by antivirus programs, as such solutions rarely detect images as malicious. Going after governments In this particular case, the group engaged in steganography attacks is called Witchetty, a known threat-actor allegedly strongly tied to the Chinese state-sponsored actor Cicada (AKA APT10), and also considered part of the TA410 organization that has targeted US energy providers in the past. The group kicked off its latest campaign in February 2022, targeting at least two governments in the Middle East.  What’s more, an attack against a stock exchange in Africa is allegedly still active. Witchetty used stegano

The rise of low-code could soon see it topple more "traditional" forms of operations, new research has claimed. Mendix's 2022 State of Low-Code found a rise in low-code adoption from 77% in 2021 to 94% this year, with four in 10 businesses now using low-code for mission-critical solutions in their business operations.  The report cites a Gartner projection which places low-code or no-code applications at 70% by 2025, up from 25% in 2020. Should I use low-code? Mendix outlined several benefits of low-code, many of which were most notable at the height of the pandemic.  When business ground to a halt and economies froze, many businesses were faced with incredibly tough decisions. One in nine businesses surveyed said that they would have had to face reputational damage or look at cost-cutting measures like rising prices or losing staff had they not adopted low-code.  As such, 69% saw no-code evolving from a crisis technology to a core technology that they intend to in

Anker’s new flagship pair of earbuds is jam-packed with features that could very well rival Apple's AirPods Pro 2 . Called Liberty 4 , the buds are part of Anker’s Soundcore audio devices brand. They'll house some of the same features as the AirPods Pro 2, including active noise canceling via HearID ANC and spatial audio. Unique to the Liberty 4 is a heart rate monitor nestled in the right earbud, something that was supposed to be present in the Apple earbuds but was, apparently, cut.  As it’s described, you must first activate the heart rate sensor via the Soundcore app ; no other accessory is needed. Soundcore claims the sensor can measure blood oxygen levels with a little red light turning on when it's doing this. The company does admit the feature is meant for general health and fitness use rather than being a proper medical device, so it may not be the most accurate.  Features Expanding on the other features, the Liberty 4’s spatial audio should make users feel l

The developers behind Brave Browser have announced that it will begin to block cookie consent notice popups that negatively impact browsing experience for many users. In an update, the anonymous browser ’s Privacy Updates blog called cookie consent an “infamous and near-constant annoyance”, while citing an academic study that found many browser popups track users across the internet regardless of their choice. Users of the latest Nightly branch (and version 1.45 when it releases in October) will only have to click “yes” on a dialog box on start-up to block all cookie consent popups, using a set of rules and filters that will look familiar to those who use web browser ad blocking extensions. Fighting back against Google’s privacy changes  Brave cited Google’s latest raft of proposed changes to Chrome as reasons why an open web, and content-blocking tools, must be fought for, starting with blocking cookie consent popups. These changes include its upcoming switch to the Manifest

Oracle NetSuite is unconcerned about chasing the leaders of the pack in sub-markets like CRM , despite its stake in these areas, the firm’s GVP of Strategy has said. In conversation with TechRadar Pro at SuiteWorld 2022 , Jason Cowan answered questions around the company’s ability to compete with Salesforce in the CRM market, as well as single-product vendors in other segments covered by its platform. “At the end of the day, the core to Salesforce is CRM and the core to NetSuite is the ERP financials,” he told us. “I don’t think that means we need to chase Salesforce, to create a best-of-breed CRM. We can have a very compelling offering for a lot of industries, without saying we have to win in every market.” Greatness in ‘suiteness’ Although NetSuite is a powerhouse in the ERP market, it plays second fiddle to Salesforce in CRM specifically. Equally, Salesforce is fast expanding outwards beyond CRM - into areas like ecommerce , analytics and so forth - in such a way that may have

Security experts have once again highlighted how it’s almost 2023 and we’re still holding on to the password as our number one cybersecurity measure.  Despite a continued stream of headlines concerning businesses suffering tremendous losses due to poor cyberhygiene practices, most employees are still being reckless with their sensitive data, sharing them with other people, or simply keeping them around for everyone to see. Research from Yubico surveying more than 16,000 employees in different industries, and in eight countries found over half (59%) still rely on usernames and passwords as their primary method of authentication. Multi-factor authentication The company's State of Global Enterprise Authentication Survey 2022 found that not only do people rely mostly on passwords, but 54% also admitted to writing down, or sharing their passwords, as well.  At the same time, almost a quarter (22%) consider passwords the most secure method of authentication. More than half (54%) s

The company will issue refunds as it shuts down its ambitious cloud gaming service. from Wired https://ift.tt/WcuOBjf

Google Chrome extensions are set to see another year of support for enterprise use following the company’s decision to postpone their deletion from the Chrome Web Store until January 2024. The announcement on the Google Chrome Developers blog offers a stay of execution for sweeping changes to the Chromium engine that privacy advocates say will neuter web browser extensions designed to block advertisements. But no such reprieve is being offered to personal Chrome users, who Google say will be subject to extensions built on the existing Manifest V2 (MV2) API being temporarily phased out in a series of “experiments” next year. Google Chrome’s phased API changes Though the new enterprise policy will give businesses more time with extensions critical to their workflow, Google Chrome extension developers have less time to adapt to the browser’s adoption of the Manifest V3 (MV3) API. From January 2023, Google says that it will no longer highlight MV2 extensions on the Chrome Web Sto

Apple Watch deals can save you some serious cash on the high-end smartwatch, and we're holding out for some even better discounts on the Watch 7 over the next few weeks as well. That's because the new Series 8 will shortly take centre stage, pushing previous generations further down the price bracket and offering up some excellent Apple Watch prices for the rest of us.  We're making sure you're always on top of even the most fleeting Apple Watch sales, with price comparison technology bringing you all the web's lowest prices just below. You'll find all the best discounts across the current lineup here, updated every half hour. We've been tracking these savings for years now, so we're also rounding up all the retailers we regularly check for the heaviest savings further down the page as well. The Apple Watch 7 has had a few months on the shelves now, and so is primed for some major discounts. However, we'd also keep a close eye on sixth generation

Cybersecurity researchers have discovered a new malware strain that infects Windows and Linux endpoints of all sizes and uses them for distributed denial of service (DDoS) attacks and cryptocurrency mining. Experts from Lumen's Black Lotus Labs say the malware is written in Chinese and uses China-based command & control (C2) infrastructure. They called it Chaos, and say it is built on Go. It is able to infect all kinds of devices, from those running on x86 infrastructure, to certain ARM-based devices. In a nutshell, everything from home routers to enterprise servers is at risk. Apparently, Chaos is the next iteration of the Kaiji malware, another strain that was able to mine cryptocurrencies and launch DDoS attacks.  Kaiji returns "Based upon our analysis of the functions within the more than 100 samples we analyzed for this report, we assess Chaos is the next iteration of the Kaiji botnet," they said. It expands by looking for known, unpatched vulnerabilities,

Alienware has revealed its upcoming flagship prebuilt desktop, the renewed Aurora R15, designed to house some powerful hardware – just be prepared to pay an arm and a leg for it. The company is being rather vague in disclosing what kind of graphics card will be in the Aurora R15. According to the announcement , the Aurora R15 is designed to support a GPU from NVIDIA’s recently announced GeForce RTX 40 Series. Alienware even name-drops the 4090 model GPU. The company also mentions support for graphics cards belonging to the AMD Radeon RX 6000 series and GeForce RTX 30-Series. Given the wording, it’s leading us to believe that the Aurora R15 may have different models based on different graphics cards. We reached out to Alienware for clarification. This story will be updated if we hear back. Alienware also announced its new 34-inch curved Gaming Monitor and a Tenkeyless Gaming Keyboard to make up a full computer setup. All three devices will launch in the United States and Canada late

Linux machines have been plagued by Windows-centric hardware management since 2002, but this could be about to change. Sophisticated interfaces between a machine’s operating system and its hardware, such as the chips that have been slowing down your Linux machine, have long been required in order to ensure that processors with billions of transistors maintain efficiency. Although the latest ACPI standard replaced the outgoing APM standard in 1996, however even more than a quarter of a century ago, it still had one key flaw.  Slower performance Computer engineers carry out most of their testing on the industry-standard operating system, which for a long time has been Windows, which leaves Linux distros and macOS mostly unthought-for when they use third-party chips like AMD processors. With the introduction of its own silicon, Apple has found one way to boost performance all-round with the processors it uses in its computers. The company’s M-series chips are now in their second ge

Cybercriminals have been observed using SEO poisoning to distribute a new malware loader which tries to infect the target endpoint with a dozen malware families. Researchers from Kaspersky discovered that for many people, typing the keyword “software crack” into Google brings up multiple websites distributing this new malware loader, some of which have even made it to the famed first page of the search results. The loader in question is called “NullMixer”, and is designed for the Windows operating system and apparently, it installs all kinds of password stealers, viruses, backdoors, banking trojans, crypto miners, you name it. The only thing seemingly missing is ransomware . Among the malware families installed this way are Redline Stealer, Danabot, Raccoon Stealer, Vidar Stealer, SmokeLoader, PrivateLoader, ColdStealer, Fabookie, PseudoManuscrypt, and others. Baiting with cracks The attackers chose “software crack” as their main keyword, researchers believe, due to the fact tha

Damage to the pipeline that runs between Russia and Germany is being treated as deliberate. Finding out what happened may not be straightforward. from Wired https://ift.tt/xIvwJhk

Amazon has upped its Fire TV game considerably with today’s announcement of the Omni QLED series 4K TVs. The new sets, which will be available in 65- and 75-inch screen sizes, bring features typically found in higher-priced TVs such as Quantum Dots and full-array local dimming, and also come with a new Fire TV Ambient Experience that allows for artwork and photos to be displayed when the set is not in use. Quantum Dots on the Omni QLED sets will allow for an enhanced color range to be displayed with high dynamic range (HDR) sources, while the full-array local dimming backlight (up to 96 zones on the 75-inch model) should result in deeper, better detailed, and more uniform blacks – a shortcoming of the company’s previous Fire TV Omni series sets. All the Amazon Event News • Amazon’s new Fire TV Cube brings Alexa voice control to more of your devices • New Amazon Echo Dot promises bigger bass and better sound • Amazon is turning your Alexa smart speaker into a Wi-Fi extender •

Sometimes it's easy to forget that we have the greatest power source in the universe merrily burning away a mere 150 million kilometers above us. With blackouts, increasing energy bills and controversy over fossil fuels becoming more and more widespread, why did just 5% of global electricity come from solar power in 2021? On a domestic level, cost and complexity are the twin barriers to powering our homes with sunlight. But they're no longer as insurmountable as you might think. The heart of the system is Bluetti tech's EP600 power station, with form as simple and striking as its function. Traditionally this kind of kit comes encased in the same sort of injection molded, ruggedly masculine plastic as power tools, but the Bluetti model resembles nothing so much as a handcrafted piece of designer luggage. No terminals or wires, just nice rounded corners and a subtly stenciled logo. (Image credit: Bluetti) Just plug a solar panel (either one of Bluetti's own

Google has set out plans to overhaul the formatting of its search engine results pages, with a view to surfacing a broader selection of content types. Presented at this year’s Google Search On event, the update will see images and video content blended directly into results, as opposed to featuring under separate tabs or in dedicated box-outs. Speaking to TechRadar Pro and other press ahead of Search On 2022, Google’s VP Engineering, Rajan Patel, explained the goal is to “organize results to better reflect the way people explore topics.” (Image credit: Google) Multimedia makeover Beyond the ability to highlight relevant resources across a range of formats, Google says the update will also mean results that appear further down the rankings are likely to become more valuable. “There are so many questions where a range of results can be helpful, and there are so many ways you might branch off. So we’re making it easy to scroll down the page and find all the different paths

The merc with the mouth has returned – and this time he’s bringing back a legend of the X-Men franchise, with Hugh Jackman officially confirmed to reprise the role of Wolverine for the next Deadpool film. In true Deadpool fashion, a video put out by Reynolds’ official Twitter account has the actor throwing shade at the character’s portrayal way back in 2009’s X-Men Origins: Wolverine. With references to the mercenary’s mouth being sewn shut and an apology for missing D23, Reynolds ends the video by asking Jackman if he’d like to return as Wolverine, to which the Australian actor nonchalantly replies “Yeah, sure.” Jackman’s return is a nice surprise for fans, as he had hung up the claws after 2017’s Logan . The actor has been portraying Wolverine in films since 2000’s X-Men, and Logan was seen by many as a great send-off for both the character and Jackman’s involvement. Regardless, fans of both characters will finally be able to see them battle it out on the big screen (ignoring the

At least two manufacturers have reduced their 2TB SSD to less than $100 over the past days on Amazon, an extraordinary floor price reached outside of Amazon Prime Day and Black Friday/Cyber Monday. Teamgroup, with its SATA-based AX2 , and Leven are the first to have breached the $50 per TB barrier, and it is likely that many more will follow in the incoming weeks/months. According to analyst firm TrendForce, NAND flash , the basic building block of all so-called solid state storage (e.g. SSD, eMMC, microSD cards , flash drives etc) has been in oversupply caused by a combination of increased inventory and drop in demand (both from consumers and enterprises). This in turn is going to cause some companies to reduce their prices significantly by as much as 20% as we approach the end of the year. Price parity with hard disk drives coming? TrendForce analyst Bryan Ao told TechRadar Pro , “Because NAND price continues to see gloomy price [sic] into 2023, more and more suppliers offer Q

Almost a hundred apps across the Android and iOS ecosystems have been discovered engaging in advertising fraud, researchers have claimed. The apps, 80 of which were built for Android, and nine for iOS, have more than 13 million downloads between them, and include games, screensavers, camera apps, and more - some with more than a million downloads.  Research from cybersecurity firm HUMAN Security found that by targeting advertising software development kits (SDK), the unknown threat actors were able to compromise these apps for their own personal benefit, in multiple ways: by pretending to be apps they’re not; by rendering ads in places where users wouldn’t be able to see them; and by faking clicks and taps (keeping track of real ad interactions and faking them later). Evolution of Poseidon The campaign, which HUMAN dubbed Scylla, is still ongoing, meaning at least some of the apps are still up and running. “These tactics, combined with the obfuscation techniques first observed i

Skullcandy is coming back to the world of gaming with three new headsets: the SLYR, SLYR Pro, and the PLYR headphones; all of which are aimed at varying levels of gamers. It’s been about 10 years since Skullcandy launched its last gaming headset, the PLYR 2 , a device the company doesn’t officially sell anymore. Since then, gaming headsets have evolved dramatically, which means Skullcandy has its work cut out for it. The solution, at least according to the announcement , is to offer headsets that have a wide range of functionality for multiple platforms at a decent price. Each pair of headphones is currently available for purchase on Skullcandy’s online store and are compatible with PC, mobile devices, and gaming consoles.   Features and specs First, you have the SLYR ($59.99) headset. Compared to the other two, this device is the more barebones model. It's a basic set of entry-level headphones; great for people who just want to plug in and listen. It houses two 50mm drivers

Cybercriminals are trying to distribute new information-stealing malware by presenting it as gaming cheats and hacks.  According to cybersecurity researchers from Cluster25, the malware, dubbed “Erbium”, is a malware-as-a-service, meaning whoever pays the monthly fee, gets to use all of its features. Right now, the tool is being distributed as a game crack, but that could change at any time, should another threat actor rent it out, or go after a different type of victim. Cheaper than RedLine Stealer When it comes to features and prices, Erbium is similar to the infamous RedLine Stealer in its abilities, but is available for a fraction of its cost.  The researchers are saying it can steal information stored in popular browsers (passwords, cookies, payment data, autofill information, etc.), data from cryptocurrency wallets (Atomic, Exodus, Electrum, and many others), two-factor authentication codes from a number of tools (Trezor Password Manager, EOS Authenticator, Authy 2FA, Au