By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

Federal prosecutors are conducting a criminal investigation into data deals Facebook struck with some of the world’s largest technology companies, intensifying scrutiny of the social media giant’s business practices as it seeks to rebound from a year of scandal and setbacks. A grand jury in New York has subpoenaed records from at least two prominent makers of smartphones and other devices, according to two people who were familiar with the requests and who insisted on anonymity to discuss confidential legal matters. Both companies had entered into partnerships with Facebook, gaining broad access to the personal information of hundreds of millions of its users. The companies were among more than 150, including Amazon, Apple, Microsoft, and Sony, that had cut sharing deals with the world’s dominant social media platform. The agreements, previously reported in The New York Times, let the companies see users’ friends, contact information and other data, sometimes without consent. Facebook has phased out most of the partnerships over the past two years. “We are cooperating with investigators and take those probes seriously,” a Facebook spokesman said in a statement. “We’ve provided public testimony, answered questions and pledged that we will continue to do so.” It is not clear when the grand jury inquiry, overseen by prosecutors with the United States attorney’s office for the Eastern District of New York, began or exactly what it is focusing on. Facebook was already facing scrutiny by the Federal Trade Commission and the Securities and Exchange Commission. And the Justice Department’s securities fraud unit began investigating it after reports that Cambridge Analytica, a political consulting firm, had improperly obtained the Facebook data of 87 million people and used it to build tools that helped President Trump’s election campaign. Get the full story on OUR FORUM.

Microsoft last year announced that it will stop pushing out cumulative updates to Windows 7 on January 14, 2020, and there will be no support or service updates pushed after the deadline. As the end of support, the deadline is approaching, Microsoft is planning to inform Windows 7 via notifications. Today, Microsoft revealed that customers who are still using Windows 7 will start receiving a notification about the OS end of support soon. The license customers will, however, be able to pay for the updates on Windows 7 but for regular users, they will have to upgrade to the latest version after the said date in order to remain secure. Currently, Windows 7 accounts for around 40 percent of the market share of all Windows PCs which would become obsolete and open to attackers after the January 14, 2020 deadline. Microsoft has also confirmed that the friendly warning pop-ups may show up once in a while but users will have the option to permanently dismiss the notifications. The pop up will provide details of what the users need to do after the deadline. “Beginning next month, if you are a Windows 7 customer, you can expect to see a notification appear on your Windows 7 PC. This is a courtesy reminder that you can expect to see a handful of times in 2019,” Microsoft explains. Follow this on OUR FORUM.

An update was released today that adds SHA-2 code signing support to Windows 7 SP1 and Windows Server 2008 R2 SP1. If this update is not installed, these Windows operating systems will no longer be able to receive Windows updates starting on July 16th, 2019. Currently, all Windows updates are dual signed with both SHA-1 and SHA-2 code signing certificates. As there are flaws in the SHA-1 algorithm that make it less secure, Microsoft has stated that starting on July 16th, 2019, Windows updates will only be signed using the SHA-2 algorithm going forward. As both Windows 7 SP1 and Windows Server 2008, R2 SP1 does not support SHA-2 code-signing certificates, Microsoft has stated that they were going to release an update that would introduce this feature into the operating systems. As part of the March 2019 Patch Tuesday updates, Microsoft released updates KB4490628 and KB4474419 to add SHA-2 support to both Windows 7 SP1 and Windows Server 2008 R2 SP1. These updates will be installed automatically and should not be prevented as doing so will cause Windows Update to no longer work in the future. For users who decide to not install this update, Microsoft will redeliver them again as security updates on April 9, 2019. Learn more by visiting OUR FORUM.

In addition to encrypting a victim's files, the STOP ransomware family has also started to install the Azorult password-stealing Trojan on victim's computer to steal account credentials, cryptocurrency wallets, desktop files, and more. The Azorult Trojan is a computer infection that will attempt to steal usernames and passwords stored in browsers, files on a victim's desktop, cryptocurrency wallets, Steam credentials, browser history, Skype message history, and more. This information is then uploaded to a remote server that is under the control of the attacker. When we first covered the DJVU variant of the STOP Ransomware being distributed by fake software cracks in January, we noted that when the malware was executed it would download various components that are used to perform different tasks on a victim's computer. These tasks include showing a fake Windows Update screen, disabling Windows Defender, and blocking access to security sites by adding entries to Windows's HOSTS file. When ransomware researcher Michael Gillespie tested some recent variants he noticed that an Any.Run install indicated that one of the files downloaded by the ransomware created traffic that was from an Azorul infection. Gillespie further told BleepingComputer that four different samples all showed network traffic associated with Azorult. The Promorad Ransomware variant samples we tested also download a file named 5.exe and executed it. When executed, the program will create network traffic that is identical to known command & control server communications for the Azorult information-stealing Trojan.  Learn more by visiting OUR FORUM.

Huawei has already confirmed that it'll unveil a new batch of flagship smartphones, the P30 series, on March 26, 2019. Now, in what can only be described as a fairly unique marketing ploy, Huawei has started to reveal details about its as-yet-unannounced handsets ahead of the hotly-anticipated press conference next month. Huawei Vice President of Global Product Marketing Clement Wong has confirmed the P30 Pro will boast a new, periscope-style “superzoom” camera. Leaked images had already suggested the new flagship phone would include a 10x optical zoom feature akin to the system Oppo debuted at Mobile World Congress last month. Huawei Vice President Wong stopped short of confirming exactly what level of zoom customers can expect from the next handset, refusing to confirm the rumored 10x optical zoom functionality. However, Wong did tell AndroidCentral that the new periscope system would do  “something nobody [has done] before," which could hint towards an even greater level of zoom than rival Oppo has managed, or could suggest Huawei has managed to squeeze a mechanical zooming lens onto the back of its next smartphone. Either way, we're very excited. Wong also promised the P30 series will bring improvements to night mode. According to the executive, the new solution will be able to go further than “software-only” systems favored by rivals – an extremely thinly-veiled jibe at the Night Sight feature rolled-out to the Pixel 3 and Pixel 3 XL last year. Floow the upcoming launch of this amazing device on OUR FORUM.

The number of Android users attacked by banking malware saw an alarming 300% increase in 2018, with 1.8 million of them being impacted by at least one such attack during the last year. While in 2016 the overall number of attacked users was of 786,325 and during 2017 it dropped to 515,816, in April 2018 the number of attacks went on a severely increasing trend. The growth in the number of incidents reached the highest values during June and September, the year ending with an astounding 1,799,891 of users having been hit by at least one Android banking malware family. Out of the total number of Android users affected by financial malware, the highest percentage was found in Russia, South Africa, and the United States, while 85% of the attacks were conducted by bad actors using only three banking malware families. According to Kaspersky Lab's "Financial Cyber threats in 2018" report, "Asacub peaked more than twice to almost 60%, followed by Agent(14.28%) and Svpeng (13.31%). All three of them experienced explosive growth in 2018, especially Asacub as it peaked from 146,532 attacked users in 2017 to 1,125,258. While Asacub was also the top dog in the Android banking malware rankings in 2017, during 2018 this Android malware family was behind 58% of all detected attacks, more than doubling its "market share."  For the full scope of this banking malware problem visit OUR FORUM.

 

GTranslate