Google is in some hot water right now, with 50 state attorneys general (had to Google that, it is indeed attorneys general and not attorney generals) launching a new antitrust probe into Google.
The leader of the 50 strong AGs is Texas Attorney General Ken Paxton, who has said the investigation will kick off looking into Google's advertising business, before it looks deeper into how the company operates itself. On the steps of the Supreme Court, Paxton said: "The facts will lead where the fact lead".
What happens from here? Well, the antitrust probe isn't a lawsuit just yet -- but if the company has broken US antitrust rules then Google could be broken up into smaller pieces. For example, YouTube has long been accused of censoring conservative voices, personalities, channels, and normal everyday people -- yet they can't be held accountable, yet.
We know that Google has political bias (it's not a hidden thing, it's just hiding in plain sight) something that Project Veritas broke open less than a month ago now.
Facebook has been paying contractors to listen to users audio clips and transcribe them, according to anonymous sources who spoke with The Associated Press.
The sources state that the social networking giant has hired outside contractors to go over the audio clips, with every single word (good and bad, secret and explicit conversations) being transcribed. Worse yet, the contractors do not know why Facebook needs the voice clips transcribed.
But don't worry, because Facebook confirmed it had been transcribing users' audio calls but it wouldn't do it anymore. On Tuesday, Facebook said: "Much like Apple and Google, we paused human review of audio more than a week ago". Pegging them into the first week of August 2019 where they stopped transcribing voice chats.
Further reading: Mark Zuckerberg has tape covering his microphone and webcam on his laptop, all the way back in June 2016.
Facebook CEO Mark Zuckerberg responded to US Senator Gary Peters back in April 2018 during his Congressional testimony over privacy concerns, where he said: "You're talking about this conspiracy theory that gets passed around that we listen to what's going on on your microphone and use that for ads. We don't do that".
NCIX is in some big effing trouble with a story breaking over the weekend that someone had access to their old servers that went for auction and were purchased, after the Canadian retailer went bankrupt in 2017.
The servers that were previously owned by NCIX somehow ended up on Craigslist, with Travis Doering from Privacy Fly access the servers and pretending to be someone called "Jeff" for privacy (fly) reasons. Doering was after the data on the NCIX server, making is clear he was after the contents of the HDD alone and not the juicy server hardware. Doering met with the seller multiple times, confirming that they were ex-NCIX servers and that they indeed had NXIC user and business data on it.
The used servers were sold because NCIX reportedly didn't pay their warehouse storage bills in late-2017 with over $115,000 owed, where the servers were given to the warehouse owner to sell to recoup costs. Yeah well, the NCIX servers weren't wiped and millions of customers private detailed were exposed, as well as business customers who used to buy many millions worth of goods.
Doering said that Jeff, the guy selling the NCIX servers on Craigslist, had access to "300 desktop computers from NCIX's corporate offices and retails stores, 18 DELL Poweredge servers, as well as at least two Supermicro server's running StarWind iSCSI Software that NCIX had used to back up their hard disks". Jeff also gave Doering access to even more storage, with "109 hard drives which had been removed from servers before auction and one large pallet of 400-500 used hard drives from various manufacturers".
What Is Bitdefender BOX?
This is a hard one to explain because people think that most security is done either on your PC (with software) or on your router (hardware protection). But, this is where Bitdefender steps in with their hardware offering in the Bitdefender BOX 2, the successor to the original BOX device.
The new BOX is the same hardware security appliance that the original one was, which works with your modem or router, but it can also function as the router if you don't already have one.
BOX can protect your various devices that are running Windows, Mac OS or Android... but it can also protect iOS devices, Kindle-based devices, smart TVs, consoles, smart thermostats, and any other internet-connected device. It's not just a simple solution, it's an all-round security solution.
BOX 1 + BOX 2: What Are The Differences?
There are some rather large hardware-based changes between the BOX 1 and BOX 2, with the original BOX packing a single-core CPU at 400MHz, 64MB DDR2, 16MB flash, 802.11 b/g/n Wi-Fi, and 100Mbps of throughput.
BOX 2 is beast in comparison, increasing the CPU up to a dual-core chip at 1.2GHz (300% faster, double the cores). RAM goes up to 1GB, flash memory up to 4GB, 802.11ac MiMo Wi-Fi, and 1Gbps of throughput. BOX 2 is a serious upgrade from BOX 1, with specifications magnitudes better than its predecessor.
Amazon have their evil tentacles in as many places as you can imagine, including a huge $10 billion deal with The Pentagon, so the news of a 1984-style facial recognition technology system shouldn't surprise you, at all.
The new surveillance system is reportedly called "Rekognition", with Amazon having a huge library of "tens of millions of faces" that will see it track up to 100 individuals in a given image, and then analyze their identity. Don't worry about your privacy as this is all for security and your personal safety.
Don't think that Amazon's super-secret Rekognition system is just a pipe dream, it is already deployed in some US cities. Washington County Sheriff's Office is already using Rekognition to reduce the time suspect identification takes, down from multiple days to a few minutes.
Intel is set to go through another battle with security holes in its CPUs with a revised version of Spectre found, with 8 new Spectre-like issues discovered.
Spectre Next Generation, or Spectre NG is what it's called, with Intel recently being notified of the security holes. 4 of them were rated high, while the remaining 4 were medium severity. The technical details behind Spectre NG haven't been announced, but we know that they will be similar or worse than the original Spectre, which was bad enough.
Intel is reportedly working on getting Spectre Next Generation problems fixed, with Microsoft and others working on OS level adjustments. There will reportedly be two new waves of updates, with the first coming soon and another reportedly in August, but these dates could vary depending on how bad Spectre NG really is.
Twitter has been hit in a big way today, with the social networking giant urging all of its 330 million users to change their passwords immediately after they were exposed in a bug in plain text.
The company wasn't hacked at all, with Twitter recommending people change their passwords out of an "abundance of caution". Twitter wants you to change your password on the site itself, and anywhere else that you've used that password, including third-party Twitter apps.
How did it happen? Well, Twitter says that the bug occurred through an issue in the hashing process, where it masks passwords by replacing them with a random string of characters that then get sorted on Twitter's system. An error in this process happened, so the passwords were then saved in plain text to an internal log. Twitter says they found the bug on their own, and removed the passwords and is working on it so it doesn't happen again.
It looks like hackers have breached the armor of Under Armour, the athletic apparel brand, with the data breach exposing details of over 150 million MyFitnessPal users.
The data breach exposes MyFitnessPal users' usernames, email addresses, and hashed passwords. Government-issued identifiers such as social security numbers and drivers licenses weren't exposed, as the app doesn't collect that sort of data, including credit cards.
The intrusion was detected in late-February, but Under Armour began working with authorities on March 25. Under Armour purchased MyFitnessPal in 2015 for $475 million.
Back in 2014 Yahoo experienced a hack that exposed close to 500 million accounts, and now a Canadian citizen has just recently pleaded guilty to assisting a Russian intelligence officers in the hack. 22-year-old Karim Baratov has been arrested while another three individuals are facing charges back in Russia.
Prosecutors have stated that two of the Russian hackers are working for the Russian spy agency FSB, while the third is known Russian hacker Alexsey Belan. Dmitry Dokuchaev and Igor Sushchin are believed to have directed the attack and are also the ones that contacted Baratov when their targets were compromised with email accounts outside of Yahoos system. California's U.S Attorney's Office dives deeper into the details of the case, fleshing out the scope of abundant charges.
"According to his plea agreement, Baratov's role in the charged conspiracy was to hack webmail accounts of individuals of interest to the FSB and send those accounts' passwords to Dokuchaev in exchange for money. As alleged in the indictment, Dokuchaev, Sushchin, and Belan compromised Yahoo's network and gained the ability to access Yahoo accounts. When they desired access to individual webmail accounts at a number of other internet service providers, such as Google and Yandex (based in Russia), Dokuchaev tasked Baratov to compromise such accounts."
For a spy agency that has the word 'security' in its title, the National Security Agency seems to be worse than a teenager downloading MP3s from LimeWire. The NSA has been busted again exposing top secret data to people, this time on the cloud.
UpGuard Director of Cyber Risk Research Chris Vickery discovered back on September 27 an Amazon Web Services S3 cloud storage bucket that was configured for totally open public access. This means that anyone can enter the URL and see what's inside of trhe bucket, which was located on the AWS subdomain "inscom". This folder had 47 viewable files and other folders inside, three of which could be downloaded.
INSCOM is the intelligence command that is controlled by both the US Army, and the NSA. The worst part of this news is that the folder wasn't password protected, which seems awfully stupid (there are worse words) of the NSA.
Inside of the folder is some super-secret NSA contents, with an Oracle Virtual Appliance (.ova) that was titled "ssdev". Vickery loaded this file in VirtualBox discovering that it contained a virtual HDD with a Linux-based OS that he reports was "likely used for receiving Defense Department data from a remote location. While the virtual OS and HD can be browsed in their functional states, most of the data cannot be accessed without connecting to Pentagon systems - an intrusion that malicious actors could have attempted, had they found this bucket".