By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

Attackers can use genuine binaries from Microsoft Teams to execute a malicious payload using a mock installation folder for the collaboration software. The problem affects most Windows desktop apps that use the Squirrel installation and update framework, which uses NuGet packages. A list of impacted products, as tested by the security researcher that made the discovery, includes WhatsApp, Grammarly, GitHub, Slack, and Discord. Reverse engineer Reegun Richard found that he could create a fake Microsoft Teams package and use a signed binary to execute anything present in a specific location. One notable aspect of the experiment is that no resources are required on the target system other than the minimum package created by the attacker. The researcher found that the genuine 'Update.exe' file and two folders - 'current' and 'packages,' all being part of a normal Microsoft Teams installation, are sufficient to launch on the system malware that inherits the trust of the signed executable, allowing the defeat of some defense mechanisms. It appears that the 'Update' executable blindly deploys anything that is present in the 'current' folder. The 'packages' location needs to have a 'RELEASES' file, albeit it does not have to be valid. "It just needs the format 'SHA1 filename size'. Microsoft is aware of the problem but decided not to address it. The researcher says that the reason the company gave him was that the glitch "did not meet the bar of security issue." The researcher explains that not all NuGet packages are vulnerable but all apps relying on the Squirrel one-click installer are. More details can be found on OUR FORUM.

On Monday, 50 attorneys general from US states and territories signed onto an antitrust investigation into Google, placing even more pressure on the major tech firms that are already facing intense scrutiny over their market dominance from the government. The probe, led by Republican Attorney General Ken Paxton from Texas, will focus primarily on Google’s advertising and search businesses. But in remarks given Monday, the attorneys general suggested that they may expand the investigation later. California and Alabama are the only two state attorneys general staying out of the probe. At Monday’s press conference in front of the Supreme Court, Paxton said that Google “dominates all aspects of advertising on the internet and searching on the internet,” The Washington Post reported. “We applaud the 50 state attorneys general for taking this unprecedented stand against Big Tech by uniting to investigate Google’s destruction of competition in search and advertising,” the Open Markets Institute said in a statement. “We haven’t seen a major monopolization case against a tech giant since Microsoft was sued in 1998. Today’s announcement marks the start of a new era.” Running parallel to the states’ investigation, the Justice Department and Federal Trade Commission are also probing the companies out of concerns they may be stifling competition in the industry. In its last quarterly earnings, Facebook disclosed that the FTC had opened an antitrust investigation into the company in June. Follow this on OUR FORUM.

Microsoft President and Chief Legal Officer Brad Smith says the way the U.S. government is treating Huawei is un-American. As far as he knows, China’s leading maker of networking equipment and mobile phones should be allowed to buy U.S. technology, including software from his company. Such actions shouldn’t be taken without a “sound basis, in fact, logic, and the rule of law,” says Smith in an interview with Bloomberg Businessweek, adding that Microsoft has asked U.S. regulators to explain themselves. “Oftentimes, what we get in response is, ‘Well, if you knew what we knew, you would agree with us,’” he says. “And our answer is, ‘Great, show us what you know so we can decide for ourselves. That’s the way this country works.’” U.S. President Donald Trump has said Huawei, run by a former Chinese army technologist, is a national security threat, and his Department of Commerce has added the company to an export blacklist scheduled to take full effect in November. Trump should know better, Smith says, citing Trump’s experience in the hotel industry. “To tell a tech company that it can sell products, but not buy an operating system or chips, is like telling a hotel company that it can open its doors, but not put beds in its hotel rooms or food in its restaurant. Either way, you put the survival of that company at risk.” Book cover of Tools and Weapons: The Promise and the Peril of the Digital Age by Brad Smith Why, yes, Huawei is a key customer for Microsoft’s Windows operating system, which comes loaded on its branded consumer laptops. Four years ago, Smith and Microsoft Chief Executive Officer Satya Nadella hosted Chinese President Xi Jinping at Microsoft for a photo op with tech leaders including Apple CEO Tim Cook and Facebook CEO Mark Zuckerberg. That probably won’t happen again. Follow along on OUR FORUM.

New York Attorney General Letitia James launched a multi-state antitrust investigation into Facebook on Friday, applying a new layer of pesky regulatory scrutiny to the scandal-ridden social network. The launch of the investigation comes amid greater federal and state oversight of major technology companies, including Facebook, Google, Amazon, and Apple. The state-level probe will examine a wide range of Facebook’s activities, including its handling of user data, its effects on consumer choice, and the price of advertising, New York’s attorney general said in a statement. “Even the largest social media platform in the world must follow the law and respect consumers. I am proud to be leading a bipartisan coalition of attorneys general in investigating whether Facebook has stifled competition and put users at risk,” James said. “We will use every investigative tool at our disposal to determine whether Facebook’s actions may have endangered consumer data, reduced the quality of consumers’ choices, or increased the price of advertising.” In addition to James, attorneys general from Colorado, Florida, Iowa, Nebraska, North Carolina, Ohio, Tennessee, and the District of Columbia will be on the investigation’s leadership team, according to James’ office. This probe adds to action at the federal level that began in earnest this summer. On July 23, the U.S. Department of Justice announced that it has begun an expansive investigation into “market-leading online platforms” to determine whether they “are engaging in practices that have reduced competition, stifled innovation, or otherwise harmed consumers.” We have more posted on OUR FORUM.

Web browser company Brave said on Wednesday that it learned how Google works around GDPR (the EU's data privacy regulation) to help its advertising partners identify European web users. According to the company, which offers its own privacy-focused web browser, Google uses Push Pages that contain unique identifiers to share information with its partners. Those pages appear to be made specifically for identifying web users; they have no other function. This isn't the first time Brave leveled allegations of GDPR violations against Google. The company told the UK Information Commissioner and Irish Data Protection Commission (DPC) in September 2018 that Google's advertising systems were a "massive and ongoing data breach that affects virtually every user on the web." The revelation of these Push Pages is supposed to help support those claims. Brave said the Push Pages rely on a "code of almost 2,000 characters, which Google adds at the end to uniquely identify the person that Google is sharing information about" and which can be used in conjunction with other identifiers, like browser cookies. This makes it easier for Google's partners to connect data about website visitors even if they aren't technically being given their real identity. The Push Pages don't appear to serve any other purpose. Brave said they're never visible to users, and even if someone enters their URL to visit them directly, they don't show any content. (Which implies that Google only intends for them to communicate with other background processes of which web users are probably unaware.) Visit OUR FORUM for more of Google's response to these allegations.

Malware is an unwanted code that somehow made its way onto your computer in order to perform functions designed with malicious intent. Sometimes these programs slow down a machine or cause it to crash entirely. The creators may then demand a ransom in order to fix the machine. Sometimes malware uploads information to remote servers, giving someone access to your saved data or vital credentials that you type, such as passwords and credit card numbers. People tend to create malware for Windows because that’s the operating system found on the most PCs. This increases the odds that a virus will spread from one computer to another. Virus makers tend to target less technical users that are easier to fool with bogus web banners and phishing scams. Viruses also spread among people who know how to pirate music and TV shows but don’t understand how these files may be infected. There are antivirus programs for Linux, but even their purpose is often to help protect Windows users. One piece of malware has recently made news for targeting the Linux desktop. EvilGNOME runs on the GNOME desktop environment by pretending to be an extension. GNOME is the most common Linux desktop environment, found as the default interface on two of the most popular Linux distros, Ubuntu and Fedora, and on computers that ship directly from Linux manufacturers such as System76 and Purism. Legitimate extensions allow you to alter many aspects of the GNOME desktop. The malware known as EvilGNOME is able to take screenshots and record audio from your PC’s microphone. It can also upload your personal files. A more detailed breakdown is available in a report by Intezer Labs, who gave EvilGNOME its name. This malware didn’t attract attention for being particularly likely to impact large numbers of people. It was considered newsworthy because it existed at all. Linux is relatively rare on desktops, but it’s the most prominent operating system found on servers powering the web and managing much of the world’s digital infrastructure. Follow this thread on OUR FORUM.

 

GTranslate