Blackberry

BlackBerry Working With Automakers On Antivirus Tool For Your Car (reuters.com) 45

An anonymous reader quotes a report from Reuters: BlackBerry is working with at least two automakers to develop a security service that would remotely scan vehicles for computer viruses and tell drivers to pull over if they were in critical danger, according to a financial analyst. The service, which would also be able to install security patches to an idle car, is being tested by luxury automakers Aston Martin and Range Rover. The service could be launched as early as next year, generating about $10 a month per vehicle for BlackBerry, according to Papageorgiou, who has followed BlackBerry for more than 15 years. Vehicles increasingly rely on dozens of computers that connect to each other as well as the internet, mobile networks and Bluetooth communications systems that make them vulnerable to remote hacks.
Windows

Almost All WannaCry Victims Were Running Windows 7 (theverge.com) 123

An anonymous reader quotes a report from The Verge: According to data released today by Kaspersky Lab, roughly 98 percent of the computers affected by the ransomware were running some version of Windows 7, with less than one in a thousand running Windows XP. 2008 R2 Server clients were also hit hard, making up just over 1 percent of infections. Windows 7 is still by far the most common version of Windows, running on roughly four times as many computers as Windows 10 worldwide. Since more recent versions of Windows aren't vulnerable to WannaCry, it makes sense that most of the infections would hit computers running 7. Still, the stark disparity emphasizes how small of a role Windows XP seems to have played in spreading the infection, despite early concerns about the outdated operating system. The new figures also bear on the debate over Microsoft's patching practices, which generated significant criticism in the wake of the attack. Microsoft had released a public patch for Windows 7 months before the attack, but the patch for Windows XP was only released as an emergency measure after the worst of the damage had been done. The patch was available earlier to paying Custom Support customers, but most XP users were left vulnerable, each unpatched computer a potential vector to spread the ransomware further. Still, Kaspersky's figures suggest that unpatched XP devices played a relatively small role in the spread of the ransomware.
United States

Federal Agents Used a Stingray To Track an Immigrant's Phone (detroitnews.com) 103

An anonymous reader shares a report: Investigators from Immigration and Custom Enforcement as well as the FBI have been using controversial cell-spoofing devices to secretly track down undocumented immigrants, court records show. According to a report the Detroit News, which obtained an unsealed federal search warrant affidavit, FBI and ICE agents in Michigan used a Stingray device to ensnare a restaurant worker from El Salvador in March. The devices, which were originally intended for counter-terrorism use, have come under fire because there are currently no clear rules governing when law enforcement is allowed to deploy them. Even in cases where authorities have a clear target in mind, they run the risk of exposing personal information of other innocent people in range. Until 2015, Federal investigators were free to deploy the devices without a search warrant. At that point the Justice Department laid out a policy requiring investigators get approval to use the devices first.
Twitter

A Bug in Twitter's Old Vine App May Have Exposed Your Email (cnet.com) 6

An anonymous reader shares a report: If you had a Vine account, there's an alert you may want to know about. The video app, which Twitter bought in 2012 and shut down last year after its six-second videos failed to take off, sent out emails to some users Friday alerting them to a vulnerability in its service. Yeah, that's right, Vine is dead, but your account may have been compromised anyway. Apparently, the "bug" potentially exposed email addresses to hackers or other "third parties under certain circumstances." The vulnerability apparently existed for less than 24 hours, or 14,400 Vine videos. "We take these incidents very seriously, and we're sorry this occurred," Vine wrote in its email. It also said the information exposed could not be used to access accounts, and there were no indications any of the data had been misused.
Government

CIA Co-Developed 'Athena' Windows Malware With US Cyber Security Company, WikiLeaks Reveals (bleepingcomputer.com) 108

An anonymous reader writes: Today, WikiLeaks leaked documentation about a tool called Athena. According to leaked documents, which WikiLeaks previously claimed it received from hackers and CIA insiders, Athena is an implant -- a CIA technical term for "malware" -- that can target and infect any Windows system, from Windows XP to Windows 10, Microsoft's latest OS version. Documents leaked today are dated between September 2015 and February 2016, showing that the CIA had the ability to hack Windows 10 months after its launch, despite Microsoft boasting about how hard it would be to hack its new OS. [...] The documents reveal that CIA had received help from a non-government contractor in developing the malware. The company is Siege Technologies, a cyber-security company based in New Hampshire, which was acquired on November 15, 2016, by Nehemiah Security, another US company, based in Tysons, Virginia, on the outskirts of Washington and near CIA's headquarters, in a zone peppered with various military and defense contractors.
IBM

IBM is Telling Remote Workers To Get Back in the Office Or Leave (wsj.com) 215

For the last few years, IBM has built up a remote work program for its 380,000 employees. Now the Wall Street Journal reports that IBM is "quietly dismantling" this option, and has told its employees this week that they either need to work in the office or leave the company (Editor's note: the link could be paywalled; alternative source). From the report: IBM is giving thousands of its remote workers in the U.S. a choice this week: Abandon your home workspaces and relocate to a regional office -- or leave the company. The 105-year-old technology giant is quietly dismantling its popular decades-old remote work program to bring employees back into offices, a move it says will improve collaboration and accelerate the pace of work. The changes comes as IBM copes with 20 consecutive quarters of falling revenue and rising shareholder ire over Chief Executive Ginni Rometty's pay package. The company won't say how many of its 380,000 employees are affected by the policy change, which so far has been rolled out to its Watson division, software development, digital marketing, and design -- divisions that employ tens of thousands of workers. The shift is particularly surprising since the Armonk, N.Y., company has been among the business world's staunchest boosters of remote work, both for itself and its customers. IBM markets software and services for what it calls "the anytime, anywhere workforce," and its researchers have published numerous studies on the merits of remote work.
Security

French Researchers Find Last-ditch Cure To Unlock WannaCry Files (reuters.com) 36

French researchers said on Friday they had found a last-chance way for technicians to save Windows files encrypted by WannaCry, racing against a deadline as the ransomware threatens to start locking up victims' computers first infected a week ago. From a report: WannaCry, which started to sweep round the globe last Friday and has infected more than 300,000 computers in 150 nations, threatens to lock out victims who have not paid a sum of $300 to $600 within one week of infection. A loose-knit team of security researchers scattered across the globe said they had collaborated to develop a workaround to unlock the encryption key for files hit in the global attack, which several independent security researchers have confirmed. The researchers warned that their solution would only work in certain conditions, namely if computers had not been rebooted since becoming infected and if victims applied the fix before WannaCry carried out its threat to lock their files permanently. Also see: Windows XP PCs Infected By WannaCry Can Be Decrypted Without Paying Ransom.
Google

2B Pages On Web Now Use Google's AMP, Pages Now Load Twice As Fast (venturebeat.com) 60

At its developer conference I/O 2017 this week, Google also shared an update on its fast-loading Accelerated Mobile Pages (AMP). The company says that over 900,000 domains on the web have enabled AMP, and over two billion pages now load faster because of it. Taking things forward, Google says AMP access from Google Search is now twice as fast. From a report: Google first unveiled the open source AMP Project in October 2015. Since then, the company has been working hard to add new features and push AMP across not just its own products, but the larger web. Google Search only launched AMP support out of developer preview in September 2016. Eight months later, Google has already cut the time it takes to render content in half. The company explains that this is possible due to several key optimizations made to the Google AMP Cache. These include server-side rendering of AMP components and reducing bandwidth usage from images by 50 percent without affecting the perceived quality. Also helpful was the Brotli compression algorithm, which made it possible to reduce document size by an additional 10 percent in supported browsers (even Edge uses it). Google open-sourced Brotli in September 2015 and considers it a successor to the Zopfli algorithm.

Slashdot Top Deals