Tech News
$30 doorbell cameras can be easily hijacked, says Consumer Reports
Security - Posted On:2024-02-29 12:15:01 Source: arstechnica
Video doorbell cameras have been commoditized to the point where they're available for $30–$40 on marketplaces like Amazon, Walmart, Temu, and Shein. The true cost of owning one might be much greater, however.
Consumer Reports (CR) has released the findings of a security investigation into two budget-minded doorbell brands, Eken and Tuck, which are largely the same hardware produced by the Eken Group in China, according to CR. The cameras are further resold under at least 10 more brands. The cameras are set up through a common mobile app, Aiwit. And the cameras share something else, CR claims: "troubling security vulnerabilities."
$30 doorbell cameras have multiple serious security flaws, says Consumer Reports
Security - Posted On:2024-02-29 06:45:01 Source: arstechnica
Video doorbell cameras have been commoditized to the point where they're available for $30–$40 on marketplaces like Amazon, Walmart, Temu, and Shein. The true cost of owning one might be much greater, however.
Consumer Reports (CR) has released the findings of a security investigation into two budget-minded doorbell brands, Eken and Tuck, which are largely the same hardware produced by the Eken Group in China, according to CR. The cameras are further resold under at least 10 more brands. The cameras are set up through a common mobile app, Aiwit. And the cameras share something else, CR claims: "troubling security vulnerabilities."
Beware of scammers sending live couriers to liquidate victims’ life savings
Security - Posted On:2024-01-29 17:30:00 Source: arstechnica
Scammers are stepping up their game by sending couriers to the homes of elderly people and others as part of a ruse intended to rob them of their life savings, the FBI said in an advisory Monday.
“The FBI is warning the public about scammers instructing victims, many of whom are senior citizens, to liquidate their assets into cash and/or buy gold, silver, or other precious metals to protect their funds,” FBI officials with the agency’s Internet Crime Complaint Center said. “Criminals then arrange for couriers to meet the victims in person to pick up the cash or precious metals.”
The scammers pose as tech or customer support agents or government officials and sometimes use a multi-layered approach as they falsely claim they work on behalf of technology companies, financial institutions, or the US government. The scammers tell the targets they have been hacked or are at risk of being hacked and that their assets should be protected. The scammers then instruct the targets to liquidate assets into cash. In some cases, the scammers instruct targets to wire funds to a fake metal dealer who will ship purchased merchandise to the victims’ homes.
Just 10 lines of code can steal AI secrets from Apple, AMD, and Qualcomm GPUs
Security - Posted On:2024-01-17 14:15:00 Source: arstechnica
As more companies ramp up development of artificial intelligence systems, they are increasingly turning to graphics processing unit (GPU) chips for the computing power they need to run large language models (LLMs) and to crunch data quickly at massive scale. Between video game processing and AI, demand for GPUs has never been higher, and chipmakers are rushing to bolster supply. In new findings released today, though, researchers are highlighting a vulnerability in multiple brands and models of mainstream GPUs—including Apple, Qualcomm, and AMD chips—that could allow an attacker to steal large quantities of data from a GPU’s memory.
The silicon industry has spent years refining the security of central processing units, or CPUs, so they don’t leak data in memory even when they are built to optimize for speed. However, since GPUs were designed for raw graphics processing power, they haven’t been architected to the same degree with data privacy as a priority. As generative AI and other machine learning applications expand the uses of these chips, though, researchers from New York-based security firm Trail of Bits say that vulnerabilities in GPUs are an increasingly urgent concern.
New attack steals AI secrets from GPUs made by Apple, AMD, and Qualcomm
Security - Posted On:2024-01-17 13:30:00 Source: arstechnica
As more companies ramp up development of artificial intelligence systems, they are increasingly turning to graphics processing unit (GPU) chips for the computing power they need to run large language models (LLMs) and to crunch data quickly at massive scale. Between video game processing and AI, demand for GPUs has never been higher, and chipmakers are rushing to bolster supply. In new findings released today, though, researchers are highlighting a vulnerability in multiple brands and models of mainstream GPUs—including Apple, Qualcomm, and AMD chips—that could allow an attacker to steal large quantities of data from a GPU’s memory.
The silicon industry has spent years refining the security of central processing units, or CPUs, so they don’t leak data in memory even when they are built to optimize for speed. However, since GPUs were designed for raw graphics processing power, they haven’t been architected to the same degree with data privacy as a priority. As generative AI and other machine learning applications expand the uses of these chips, though, researchers from New York-based security firm Trail of Bits say that vulnerabilities in GPUs are an increasingly urgent concern.
Google researchers report critical 0-days in Chrome and all Apple OSes
Security - Posted On:2023-12-01 09:45:00 Source: arstechnica
Researchers in Google's Threat Analysis Group have been as busy as ever with discoveries that have led to the disclosure of three high-severity zero-day vulnerabilities under active exploitation in Apple OSes and the Chrome browser in the span of 48 hours.
Apple on Thursday said it was releasing security updates fixing two vulnerabilities present in iOS, macOS, and iPadOS. Both of them reside in WebKit, the engine that drives Safari and a wide range of other apps, including Apple Mail, the App Store, and all browsers running on iPhones and iPads. While the update applies to all supported versions of Apple OSes, Thursday’s disclosure suggested that the in-the-wild attacks that are exploiting the vulnerabilities targeted earlier versions of iOS.
“Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1,” Apple officials wrote of both vulnerabilities, which are tracked as CVE-2023-42916 and CVE-2023-42917.
Google researchers report critical zero-days in Chrome and all Apple OSes
Security - Posted On:2023-11-30 20:15:00 Source: arstechnica
Researchers in Google's Threat Analysis Group have been as busy as ever, with discoveries that have led to the disclosure of three high-severity zero-day vulnerabilities under active exploitation in Apple OSes and the Chrome browser in the span of 48 hours.
Apple on Thursday said it was releasing security updates fixing two vulnerabilities present in iOS, macOS, and iPadOS. Both of them reside in WebKit, the engine that drives Safari and a wide range of other apps, including Apple Mail, the App Store, and all browsers running on iPhones and iPads. While the update applies to all supported versions of Apple OSes, Thursday’s disclosure suggested in-the-wild attacks exploiting the vulnerabilities targeted earlier versions of iOS.
“Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1,” Apple officials wrote of both vulnerabilities, which are tracked as CVE-2023-42916 and CVE-2023-42917.
Rocket Report: Beyond Gravity to study fairing reuse; North Korea launches satellite
Security - Posted On:2023-11-23 08:00:01 Source: arstechnica
Welcome to Edition 6.20 of the Rocket Report! We apologize for missing last week, but both Stephen and I were in transit to South Texas for the Starship launch. To make up for it this week's report is extra long, and a day early due to the Thanksgiving holiday in the United States. But that doesn't mean the spaceflight action stops, with an eagerly awaited hot fire test of the Ariane 6 rocket expected Thursday. See below for details on how to watch live.
As always, we welcome reader submissions, and if you don't want to miss an issue, please subscribe using the box below (the form will not appear on AMP-enabled versions of the site). Each report will include information on small-, medium-, and heavy-lift rockets as well as a quick look ahead at the next three launches on the calendar.
North Korea launches spy satellite. North Korea's launch of a small, solid-fueled Chŏllima-1 rocket, which has a capacity of about 300 kg to low-Earth orbit, appears to have been successful, Reuters reports. Jonathan McDowell, an astronomer and astrophysicist at the Harvard–Smithsonian Center for Astrophysics, said the US Space Force data had cataloged two new objects in an orbital plane consistent with the launch from North Korea at the time stated by Pyongyang.
Thousands of Android devices come with unkillable backdoor preinstalled
Security - Posted On:2023-10-07 07:15:00 Source: arstechnica
When you buy a TV streaming box, there are certain things you wouldn’t expect it to do. It shouldn’t secretly be laced with malware or start communicating with servers in China when it’s powered up. It definitely should not be acting as a node in an organized crime scheme making millions of dollars through fraud. However, that’s been the reality for thousands of unknowing people who own cheap Android TV devices.
In January, security researcher Daniel Milisic discovered that a cheap Android TV streaming box called the T95 was infected with malware right out of the box, with multiple other researchers confirming the findings. But it was just the tip of the iceberg. This week, cybersecurity firm Human Security is revealing new details about the scope of the infected devices and the hidden, interconnected web of fraud schemes linked to the streaming boxes.
Here’s what we know about a mysterious launch from Florida this week
Security - Posted On:2023-09-05 19:15:00 Source: arstechnica
Airspace and maritime navigation warnings released to pilots and mariners suggest the US military might launch a hypersonic missile this week on a test flight from Cape Canaveral, Florida.
This test could be one of the final milestones before the US Army fields the nation's first ground-based hypersonic weapon, which is more maneuverable and more difficult for an enemy to track and destroy than a conventional ballistic missile. Russia has used hypersonic in combat against Ukraine, and US defense officials have labeled China as the world's leader in emerging hypersonic missile technology.
That has left the US military playing catch-up, and the Army is on the cusp of having its first ground-based hypersonic missiles ready for active duty. If informed speculation is correct, the test launch from Cape Canaveral Space Force Station this week—performed in partnership between the Army and the Navy—could be a full-scale test of the new solid-fueled hypersonic missile to propel a hypersonic glide vehicle to high speeds over the Atlantic Ocean.
Renegade certificate removed from Windows. Then it returns. Microsoft stays silent.
Security - Posted On:2023-08-25 21:00:00 Source: arstechnica
For three days, system administrators have been troubleshooting errors that have prevented Windows users from running applications such as QuickBooks and Avatax. We now know the cause: an unannounced move or glitch by Microsoft that removed a once-widely used digital certificate in Windows.
The removed credential is known as a root certificate, meaning it anchors the trust of hundreds or thousands of intermediate and individual certificates downstream. The root certificate—with the serial number 18dad19e267de8bb4a2158cdcc6b3b4a and the SHA1 fingerprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5—was no longer trusted in Windows. Because that root was tied to certificates that certify their authenticity and trust, people trying to use or install the app received the error.
Just minutes before this post was scheduled to go live, researchers learned that the certificate had been restored in Windows. It’s unclear how or why that occurred. The certificate immediately below this paragraph shows the certificate's status on Thursday. The one below that shows the status as of Friday.
How a cloud flaw gave Chinese spies a key to Microsoft’s kingdom
Security - Posted On:2023-07-13 16:45:01 Source: arstechnica
For most IT professionals, the move to the cloud has been a godsend. Instead of protecting your data yourself, let the security experts at Google or Microsoft protect it instead. But when a single stolen key can let hackers access cloud data from dozens of organizations, that trade-off starts to sound far more risky.
Late Tuesday evening, Microsoft revealed that a China-based hacker group, dubbed Storm-0558, had done exactly that. The group, which is focused on espionage against Western European governments, had accessed the cloud-based Outlook email systems of 25 organizations, including multiple government agencies.
Those targets encompass US government agencies including the State Department, according to CNN, though US officials are still working to determine the full scope and fallout of the breaches. An advisory from the US Cybersecurity and Infrastructure Security Agency says the breach, which was detected in mid-June by a US government agency, stole unclassified email data “from a small number of accounts.”
Microsoft 365 adds 'External' email tags for increased security
Security - Posted On:2021-03-08 16:30:00 Source: bleepingcomputer
Microsoft is working on boosting Exchange Online phishing protection capabilities by adding support for external email message tags to its cloud-based email service. [...]
New Sarbloh ransomware supports Indian farmers' protest
Security - Posted On:2021-03-08 16:30:00 Source: bleepingcomputer
A new ransomware known as Sarbloh encrypts your files while at the same time delivering a message supporting the protests of Indian farmers. [...]
Hackers hiding Supernova malware in SolarWinds Orion linked to China
Security - Posted On:2021-03-08 15:15:00 Source: bleepingcomputer
Intrusion activity related to the Supernova malware planted on compromised SolarWinds Orion installations exposed on the public internet points to an espionage threat actor based in China. [...]
Google Chrome to block port 554 to stop NAT Slipstreaming attacks
Security - Posted On:2021-03-08 13:30:00 Source: bleepingcomputer
Google Chrome will block the browser's access to TCP port 554 to protect against attacks using the NAT Slipstreaming 2.0 vulnerability. [...]
European Banking Authority discloses Exchange server hack
Security - Posted On:2021-03-08 11:15:02 Source: bleepingcomputer
The European Banking Authority (EBA) took down all email systems after their Microsoft Exchange Servers were hacked as part of the ongoing attacks targeting organizations worldwide. [...]
Flagstar Bank hit by data breach exposing customer, employee data
Security - Posted On:2021-03-08 10:29:57 Source: bleepingcomputer
US bank and mortgage lender Flagstar has disclosed a data breach after the Clop ransomware gang hacked their Accellion file transfer server in January. [...]
CISA takes over .GOV top-level domain (TLD) administration
Security - Posted On:2021-03-08 09:59:57 Source: bleepingcomputer
The US Cybersecurity and Infrastructure Security Agency (CISA) is taking over the administration of the.gov top-level domain (TLD) as its new policy and management authority. [...]
Unpatched QNAP devices are being hacked to mine cryptocurrency
Security - Posted On:2021-03-08 08:59:57 Source: bleepingcomputer
Unpatched network-attached storage (NAS) devices are targeted in ongoing attacks where the attackers try to take them over and install cryptominer malware to mine for cryptocurrency. [...]