Software News - Page 1
With millions at home right now, it is the time to strike if you're making malicious software -- and disguising coronavirus phishing campaigns through Excel spreadsheets? That's nasty.
Recently, the Microsoft Security Intelligence Team discovered that there are two rather large phishing campaigns that are fooling people into downloading, and then opening malicious Excel files. Once they do, hackers have remote access to their PCs and it is game over.
The emails get disguised to look like they're coming from the likes of Johns Hopkins University, while other emails coming through are personal COVID-19 testing solutions, and more. The emails themselves arrive with Excel documents attached, with click bait-y titles such as "WHO COVID-19 SITUATION REPORT" that once opened, will install NetSupport Manager -- a remote desktop access tool.
The Google Project Zero team announced this week that it had discovered significant flaws in Apple's Image I/O that were likely candidates to be targeted by zero-click attack vectors. The bugs were discovered in Apple's Image I/O software, which ships with iOS, MacOS, watchOS, and tvOS. The flaws were present on every major platform that Apple offers.
The Project Zero team withheld any publication of the bugs until they were patched by Apple. The team says that the Image I/O problems Apple had linked to relatively well-known issues surrounding image format parsers. Flaws of this sort are commonly targeted by hackers because they could allow the various multimedia assets to be processed with the ability to run code on a target system without user interaction.
Google's team used a process called "fuzzing" to determine how the Image I/O framework responded to malformed image files. The team chose that particular technique because Apple restricts access to a majority of the tool source code. During the research, the Google team successfully found six vulnerabilities in Image I/O, along with another eight vulnerabilities in OpenEXR, which is a third-party HDR image file format.
Microsoft announced a few weeks ago that it would be replacing its Office 365 plans with Microsoft 365 Personal and Family and plans for is Business users. The new Microsoft 365 plans are essentially the same as the plans Microsoft offered as Office 365 in the past. For those who've been wanting to subscribe, the new Microsoft 365 plans are now generally available to all.
The first of the plans is Microsoft 365 Family, which was formerly Office 365 Home. Microsoft 365 Family costs $99.99 per year or $9.99 per month. It includes access to Word, Excel, PowerPoint, OneNote, Outlook, Access, and Publisher. The last two of those apps are only available on PC while the others are available on Mac as well. Up to six people and devices along with up to 6TB (1TB per person) of cloud storage are covered in the plan.
Microsoft 365 Personal is available for $69.99 per year or $6.99 per month. That includes access to the same apps along with 1TB of cloud storage. The main difference is only one person can have access to that account. For those who aren't interested in subscriptions, Office Home & Student 2019 is available for $149.99 as a one-time purchase. The big catch here is that it only brings Word, Excel, and PowerPoint for one PC or Mac.
Twitter has announced an official update for the Mac app that brings with it a feature that many users have wanted for a long time. The update adds in the ability for Mac users to view a livestream of recent Tweets. Before this update, the only way that users could see a stream of newly published Tweets was to refresh the application manually.
This new feature will likely win users for the official Twitter for Mac app from third-party Twitter clients like Tweetbot. Third-party apps that lost the timeline streaming ability back in 2018 when Twitter made a change to its API. Twitter for Mac users do have to enable live tweets but the process is easy to do and very straightforward.
To enable live tweets, users need to install the latest version of Twitter for Mac from the Mac App Store and then click the start icon at the top of the app. Users can then turn on the "Pin to the top" option that enables timeline streaming. Twitter says that once that feature is enabled, users will see new tweets as they're shared at the top of the timeline.
With millions of people around the world stuck at home because of the coronavirus outbreak, businesses and workers from all sorts of fields have turned to videoconferencing apps such as Zoom. Zoom has been one of the highest-profile videoconferencing companies to gain popularity during the coronavirus outbreak. It's also had some very notable security issues. While end-users have been surprised by the security issues presented by Zoom, a new report claims that Zoom's business partners knew the company had security problems.
A new report claims that Zoom partner Dropbox knew for months that Zoom had security issues. The report, from the New York Times, claims that Dropbox knew a year ago that there was a significant security vulnerability in the videoconferencing app, which was used by Dropbox employees. The vulnerability was discovered by a pair of Australian hackers while on a flight to attend a live hacking competition sponsored by Dropbox in Singapore.
The major security issue with Zoom the hackers discovered could have allowed an attacker to take control of certain users' Mac computers without the users knowing. The NYT cites three unnamed former Dropbox engineers who say that the vulnerability the hackers found was precisely what Dropbox feared. Since Zoom was so widely used by Dropbox, the company took on the policing of security practices for the videoconferencing app itself.
Information has been gathered by PreciseSecurity that reveals a list of the most commonly exploited applications in the third quarter of 2019.
According to PreciseSecurity, Microsoft Office solutions and applications are the most commonly exploited applications around the world. The data taken over the third quarter of 2019 shows that 72.85% of cyber exploits are done in Microsoft Office products.
The following software applications that come after Microsoft Office are: web browsers with 13.47%, Android with 9.09%, Java with 2.36%, Adobe Flash with 1.57%, and PDF with 0.66%. So, where are these cyber exploits coming from? PreciseSecurity traced the exploits back to five top countries. The United States with 79.16% of exploits, the Netherlands with 15.58%, Germany with 2.35%, France with 1.85%, and Russia with 1.05%. For more information about the exploits check out this link here.
What sort of passwords do you use? Things like '123456', 'qwerty' or even 'password'? If so, you are not alone, but you should be worried. These are among the most commonly used passwords around and all leave users accounts inherently vulnerable.
Fortunately, these days, more and more people are more and more aware of the benefits of using a Password Manager. They not only help keep your passwords secure but also make it easy for anyone to remember a whole host of complex passwords. A good Password Manager can also check how secure your passwords are, generate new secure ones for you, and much more.
But, while the case for using a Password Manager may be beyond dispute, choosing the best one is much harder. Which is why new research in this area is always welcome and that is what VPNCompare have delivered. Their in-house experts have been hard at work testing all the top Password Managers to see which is best.
Primate Labs has just announced its latest Geekbench software, with Geekbench 5 now released including a boat load of new features and tweaks.
Geekbench 5 kicks things off with a brand new CPU benchmarking suite that tests your system based on what its respective workload would be, with these including augmented reality and machine learning. Geekbench 5 also boosts the "memory footprint of existing workloads to more accurately account for the effect memory performance has on CPU performance".
The new Geekbench 5 CPU Benchmark also packs new modes of multi-threaded benchmarks, with the new software also better capturing the performance of different multi-threaded applications on personal computing devices.
You can read more about, and grab Geekbench 5 here.
Discord has become one of the most versatile utilities for gaming and many other subjects that require verbal communication. So how about the Nintendo Switch picks up some of that love?
We would love to bring Discord to the switcht! But we'd need Nintendo's blessing for that to happen first. Vote up the idea here and maybe it could be a thing someday:https://t.co/sHddT8z2Fn— Discord (@discordapp) May 12, 2019
On the official Twitter account for Discord, a fan has asked when we would see Discord for the Nintendo Switch. While this seems like a no brainer for the Nintendo Switch to have support for Discord, that isn't the case at the moment. Discord replied to the question saying "We would love to bring Discord to the switcht! But we'd need Nintendo's blessing for that to happen first." Discord even go on to say that Nintendo Switch users who support the idea of Discord on the Switch should "Vote up the idea here and maybe it could be a thing someday".
I'm not sure if Nintendo will accept Discord on the Nintendo Switch due to them already having their Nintendo Switch Online app that allows for voice communication across games. With that being said, the addition of Discord on the Switch would certainly undermine their already established communication method. This makes me think that Nintendo would decline the inclusion of this third-party software and instead stick to their own.
Most of the time artificial intelligence is brought up one of the main questions raised is how badly will the implementation of artificial intelligence in jobs be, and how many peoples jobs will be made redundant. Perhaps artificial intelligence if further along than we think and some serious amount of jobs could be at risk.
A new study has come out of MIT Technology Review Insights which has conducted the study in association with ADP, Infocomm Media Development Authority of Singapore, Genesys, Splunk and the Asia School of Business. The study features a executive survey of 900 leaders as well as "data set provided by Faethm, a future-of-work cloud software company, the report shows, by country and industry, the proportion of formal sector jobs that will become redundant through automation, and the jobs that will be augmented by AI, making them more productive and highly skilled".
The study says that "AI will affect one in five jobs in Asia-eliminating one in eight" and that across 11 Asian markets, 12% of current jobs are in the "high-risk" of being automated in the "next five years". The AI effect on jobs are said to be more prominent in the more wealthier economies than the poorer ones. Percentage separation clocks in at 14% in wealthier communities, and 10% in poorer ones.