What is Malware?
The word Malware is short for malicious software, and is a general term used to describe all of the viruses, worms, spyware, and pretty much anything that is specifically designed to cause harm to your PC or steal your information.
Viruses Wreak Havoc On Your Files
The term computer virus is often used interchangeably with malware, though the two don't actually have the same meaning. In the strictest sense, a virus is a program that copies itself and infects a PC, spreading from one file to another, and then from one PC to another when the files are copied or shared. Image by Joffley
Most viruses attach themselves to executable files, but some can target a master boot record, autorun scripts, MS Office macros, or even in some cases, arbitrary files. Many of these viruses, like CIH, are designed to render your PC completely inoperable, while others simply delete or corrupt your files—the general point is that a virus is designed to cause havoc and break stuff.
You can protect yourself from viruses by making certain your antivirus application is always updated with the latest definitions and avoiding suspicious looking files coming through email or otherwise. Pay special attention to the filename—if the file is supposed to be an mp3, and the name ends in .mp3.exe, you're dealing with a virus.
Spyware Steals Your Information
Spyware is any software installed on your PC that collects your information without your knowledge, and sends that information back to the creator so they can use your personal information in some nefarious way. This could include keylogging to learn your passwords, watching your searching habits, changing out your browser home and search pages, adding obnoxious browser toolbars, or just stealing your passwords and credit card numbers.
Since spyware is primarily meant to make money at your expense, it doesn't usually kill your PC—in fact, many people have spyware running without even realizing it, but generally those that have one spyware application installed also have a dozen more. Once you've got that many pieces of software spying on you, your PC is going to become slow.
What many people don't realize about spyware is that not every antivirus software is designed to catch spyware. You should check with the vendor to make sure the application you are using to protect you from malware is actually checking for spyware as well. If you come across a PC that is already heavily infected, run a combination of MalwareBytes and SuperAntiSpyware to clean it thoroughly.
Scareware Holds Your PC for Ransom
Scareware is a relatively new type of attack, where a user is tricked into downloading what appears to be an antivirus application, which then proceeds to tell you that your PC is infected with hundreds of viruses, and can only be cleaned if you pay for a full license. Of course, these scareware applications are nothing more than malware that hold your PC hostage until you pay the ransom—in most cases, you can't uninstall them or even use the PC.
If you manage to come across a PC infected with one of these, your best bet is to Google the name of the virus and find specific instructions on how to remove it, but the steps are usually the same—run a combination of MalwareBytes, SuperAntiSpyware, and maybe ComboFix if you need to.
For more on scareware, including a full walk-through of how a PC actually gets infected in the first place, check out the guide I wrote on removing Internet Security 2010 and other fake antivirus malware.
Trojan Horses Install a Backdoor
Trojan horses are applications that look like they are doing something innocuous, but secretly have malicious code that does something else. In many cases, trojans will create a backdoor that allows your PC to be remotely controlled, either directly or as part of a botnet—a network of computers also infected with a trojan or other malicious software. The major difference between a virus and a trojan is that trojans don't replicate themselves—they must be installed by an unwitting user. Image by otzberg
Once your PC has been infected with the trojan, it can be used for any number of nefarious purposes, like a denial of service (DoS) attack against a web site, a proxy server for concealing attacks, or even worse—for sending out buckets of spam. Protection against trojans works the same way as viruses—make sure that your antivirus application is up to date, don't open suspicious attachments, and think long and hard before you try and use a downloaded crack for Photoshop—that's one of malware authors' favorite spots to hide a trojan.
Worms Infect Through the Network
Computer worms use the network to send copies of themselves to other PCs, usually utilizing a security hole to travel from one host to the next, often automatically without user intervention. Because they can spread so rapidly across a network, infecting every PC in their path, they tend to be the most well-known type of malware, although many users still mistakenly refer to them as viruses. Image by me and the sysop
Some of the most famous worms include the ILOVEYOU worm, transmitted as an email attachment, which cost businesses upwards of 5.5 billion dollars in damage. The Code Red worm defaced 359,000 web sites, SQL Slammer slowed down the entire internet for a brief period of time, and the Blaster worm would force your PC to reboot repeatedly.
Because worms often exploit a network vulnerability, they are the one type of malware that can be partially prevented by making sure your firewall is enabled and locked down—you'll still need an updated antivirus software, of course.
Should I Quit Facebook Altogether?We've all had that one friend who deactivated his/her Facebook and was never seen again, because no one could establish contact. As if the telephone, email, and IM were never invented, many people are at a loss as to how to contact you if your Facebook isn't an easy click away. Even if the situation isn't quite that dire, Facebook is still how a lot of people keep connected, and severing that connection completely is a big deal. But now, privacy-minded folks have many legitimate reasons you should quit Facebook (or reasons you should but can't go through with it), the same thing is on everyone's mind: Is the grief of quitting worth avoiding future privacy breaches? Top Ten Reasons You Should Quit FacebookFacebook privacy policies keep going down the drain. That's enough reason for many to abandon it.… Read moreThe Less Extreme AlternativeLuckily, there is another, more middle-of-the-road option. That's not to say this isn't still extreme—this isn't for the faint of heart. It isn't a tutorial about how to change your privacy settings. This is a tutorial on how to create the most minimalist Facebook profile possible, with as little information on yourself as possible, to be used only for communication between you and your friends. You won't be able to do much on the site; you probably won't even visit the site that often. This is not for people who want to continue using Facebook; it is for the people who are ready to up and quit tomorrow, but don't want to miss out on the next party just because they care about their privacy. So if you're really ready to give up wall posts, comments, Farmville, and fan pages, here's how to proceed without falling off the face of the Earth. Create a Disposable Email Address for Your AccountWe've talked about disposable email addresses before, and most people probably already have one. (The idea being that if you create a second email address for free and sign up for the sketchy sites with it, you won't have to deal with spam in your main account later on.) With all the bugs and privacy gaffes surrounding Facebook, it has certainly become one of those sites you could call sketchy. With this email address, you can also set up notifications for messages and event invites and get all that by email (so you don't ever have to actually "check" Facebook), and even forward it to your main email account. That way, you won't have to check this separate one, but if something ever happens (like Facebook making your email public for 30 minutes), you can delete the disposable address, make a new one, link it with Facebook, and not have to deal with the spam forever. You can use any service to do this, but I'd personally just make a new Gmail address separate from my regular Google account, sign into it using Private Browsing mode (so you don't sign yourself out of your regular Gmail), set up the forwarding filters, and forget it. (To set up forwarding, just log into your disposable account, click Create Filter, and set the filter to forward any email From:facebook to your real account. If things get ugly, you can always turn the filter off.) Email Addresses Briefly Made Public on FacebookFrom the files of the Facebook's Tenuous Grasp on Privacy Dept.: Numerous users saw their email… Read moreCreate a New Account and Transfer Your FriendsTechnically, this part is optional, but I also think it has the biggest impact on how the rest of your experience will pan out. You could just edit all the information on your current account, but if you make a new one and delete the old one you'll have a completely clean slate. You won't have any posts lingering around anywhere, no personal information for the taking and no photos tagged of you. Plus, this is prime time to get rid of all your friends that you don't need. Do you really still need to be Facebook friends with that girl you met at that party that time? Didn't think so. This process is actually quite simple, especially because you have a new email address as created in step one. Log out of Facebook and create a new account using that email address. Don't enter any information, and for now, don't make any new friends except with yourself (you'll need to friend your old account for this to work smoothly). Bask in the glory of that clean, privacy-filled profile, and then log back into your old account and accept the friend request to your new one. Alternatively, open up a second browser and use one for your old account and one for your new account, just for this process—you'll be switching back and forth a lot. Conveniently, Facebook will then ask you to suggest friends for your new account (if not, you can do so by visiting your new account's profile page from your old account). This is the part of the process in which you'll transfer over the friends you actually want with one fell swoop—no spending hours searching each and every one of them out. Go through the entire list of your friends and check off the ones you want to keep. It won't take nearly as long as you think it will, I promise. Click Send and then move over to your new account. All those suggestions will be pending friend requests that you can run through quickly and add each as a friend (again, it looks like a tedious process, but shouldn't take too long) and you'll have all the friends you need. If you want to hold on to your old account during the transition, that's fine, but the point of making a new one is to delete all the old stuff, so when you're ready, go ahead and delete (not just deactivate) that old account. It'll try to tempt you into staying by showing you pictures of your friends, but you can press continue without guilt knowing you're still going to (mostly) be around. Turn Off the Wall on Your ProfileThere are a few privacy settings we need to tweak on the new account, so hit "Account" in the upper left hand corner of your window and click Privacy Settings. The first area we'll venture into is "Personal Information and Posts" to turn off the wall. This way, you won't have your profile covered with the stupid things your friends say; it'll just be your very barren news feed. Everything else here can stay the same; you don't need to make anything else private. You aren't going to be making any posts, you aren't going to be filling out information, and you aren't going to be uploading photos, so no need to cover them up. Again, keep in mind—this isn't about changing privacy, this is about quitting unnecessary Facebook activity, so it doesn't matter what these privacy settings are. They're just going to go public again after the next redesign, so why mess with them now? Hide Your Email AddressNext, head back to your Privacy settings and go to "Contact Information". You could add more info here, like your phone number, if you want your friends to have easy access, but we've already seen how Facebook can make information public, even unintentionally. That's why we created the junk email address back at the beginning of this process. I'd just leave it all blank. Down next to your registered email address is the privacy setting for who can see it. Click on it and hit customize. In the dropdown at the top of the popup window, choose "only me" and click save. Your email address is now hidden from everyone, including your friends. If you want to make it visible to them, you can—sometimes people get in a bind and may want to contact you via email with something that physically can't be sent via Facebook message—but again, it's just a junk email address. You don't want your friends actually thinking that's your address, because then you have a lot more work to do if you ever have to trash it and get a new one as mentioned above. Just keep it a secret. Hide Media Tagged With Your NameAs of right now, you can only keep tagged photos and videos out of search results and off your profile. There is currently no way to actually prevent people from tagging photos of you. With this setting, people won't be able to see photos of you from your profile page, but if they get to the picture by other means (by, say, looking at the actual album or linking to it from the profile of someone else tagged in it) they will still see your name on the photo. Yes, it's a glaring omission from the privacy features in Facebook, but it also doesn't matter much. Unfortunately, the responsibility does and will always have to lie with your friends that are uploading pictures. Facebook will never be able to stop them from uploading a picture of you, and they'll never be able to stop that person from tagging that photo with a name, any name (including yours), whether or not it is linked to a profile. But even if it does, your profile is completely empty. What's the difference between it linking to your empty profile and being unclickable text? The only fool-proof solution to the photo tagging problem is to kick your friends in the shin if they post embarrassing pictures of you. Or, you know, get some more mature friends. To stop tagged photos from showing up on your profile, though, go back to Privacy Settings and hit "Friends, Tags, & Connections". Edit the "Photos and Videos of Me" setting just like you did in the last step so only you can see the tags, and save the settings. This will delete the link to "photos of you" under your profile picture. Hide Yourself from Facebook and Google SearchesYou can tweak this next step to your liking. You probably don't want your profile showing up in Google, but if you want people to find you on Facebook you might want to stay in those search results (since people won't be able to find you through activity on your friends' walls, because there won't be any). At the same time, you may wish to have complete control over who you become Facebook friends with, and that's fine too. In Privacy Settings, hit up the "Search" section and uncheck Public Search Results. Set your Facebook Search Results to whatever you want the same way you did for photos. Lock Down Applications (Just In Case)This is the one area where I would just make everything as private as possible. You never know what those darned applications are going to do, and while you're not going to be running around Facebook installing anything, you can never be too careful. I wouldn't even recommend you stay logged into Facebook while you browse the web, since we've all seen they're always watching you. Under Privacy Settings, head to Applications and Websites and go nuts. Edit what your friends can share about you and what you can share about your friends down to nothing, and set your activity visible only to you. Again, keep in mind that even if applications were to share your information—you don't really have any information to share, so you're probably safe. The darned things are just so annoying that I'd like to lock them down as much as possible. I'd also go into notification settings (under Account > Account Settings > Notifications) and turn off any notifications having to do with applications. In fact, while you're there, you might as well turn everything else off except for messages, event invitations, and (if you want) photo tagging, because you won't be doing much else on Facebook, so there's no reason to clutter up your inbox. Every once in a while, it's probably a good idea to log in and clear all your unnecessary notifications, but other than that, you should be able to get the few necessary features to notify you via email. While I'd like to say you won't have to pay attention to Facebook's privacy gaffes ever again, that just isn't the case. With each redesign, you'll want to do a quick scan of either the privacy settings, policy, or just the blogosphere to see what fresh new hell Facebook unleashes, but in general, no matter how much of your information they try to share, there isn't much on this minimal profile that can get out there. There are a few things Facebook will always have on you, such as your email address and list of friends, so these are the important things to check up on. But if you don't have anything else on your profile, it's hard to see how applications taking information from your profile is going to be a big disadvantage if there isn't anything on it to take. Your life won't be completely free of Facebook drama, but it will be significantly easier since you won't have to pour through how-tos (like this one) trying to figure out how to get everything set straight again. It should be a pretty easy process from now on. And, best of all, your friends can't complain about you being "hard to get a hold of", and you won't miss out on the next gathering just because the invitation went out on Facebook. To be perfectly clear, though: I'm not saying this is what everybody should do. If you're not violently furious with Facebook (I'm personally not), let it go. But, if you are seriously thinking about quitting, I think this is a set-up to consider, if you haven't already. If you have, be sure to share your tips for a minimalist Facebook in the comments READ More Here https://lifehacker.com/how-to-quit-facebook-without-actually-quitting-facebook-5538697 Share
Facebook on Monday rejected a request from the United States, the United Kingdom and Australia for a "backdoor" in its end-to-end encrypted messenger apps to help law enforcement agencies combat crime and terrorism. "Cybersecurity experts have repeatedly proven that when you weaken any part of an encrypted system, you weaken it for everyone, everywhere," WhatsApp head Will Cathcart and Facebook Messenger head Stan Chudnovsky wrote in a letter to U.S. Atty. Gen. William Barr, Acting U.S. Homeland Security Sec. Chad Wolf, UK Home Office Sec. Priti Patel, and Australian Minister of Home Affairs Peter Dutton. "The 'backdoor' access you are demanding for law enforcement would be a gift to criminals, hackers and repressive regimes, creating a way for them to enter our systems and leaving every person on our platforms more vulnerable to real-life harm," the Facebook executives maintained. "It is simply impossible to create such a backdoor for one purpose and not expect others to try and open it," they noted. "People's private messages would be less secure and the real winners would be anyone seeking to take advantage of that weakened security. That is not something we are prepared to do." Facebook's staunch stand against weakening the encryption of its messenger apps should polish its public image. "It's really good publicity for them," said Karen North, director of the Annenberg Program on Online Communities at the University of Southern California in Los Angeles. "This is a good thing for Facebook because it's an announcement that Facebook values our privacy, that it's willing to go to the mat to protect the privacy of each and every one of us," she told TechNewsWorld. "It's also an announcement that the government can't infiltrate Facebook's encryption," North added, "because if they could, why would they ask for a backdoor?" Pandora's DoorIn theory, a backdoor accessible only to a specific authorized party, like a law enforcement agency, is possible, said Julian Sanchez, a senior fellow with the Cato Institute, a public policy think tank in Washington, D.C. "As a practical matter, though, Facebook is right," he told TechNewsWorld. "Implementing secure communications is a hard problem under the best of circumstances, and deliberately designing in functionality for surreptitious interception inherently creates an additional vulnerability that makes an attractive attack surface," Sanchez explained. "It increases both the risk of technical exploits that malicious hackers might take advantage of," he continued, "and of what we might call 'legal exploits' -- because once such a capability is designed, it will be virtually impossible to make it available to nice democratic governments that respect human rights, while denying it to repressive regimes that criminalize political dissent." Backdoors affect more than individual privacy. "When it comes to backdoors, you're talking about a privacy issue, but you're also talking about an infrastructure issue that has really far-reaching implications," said Liz Miller, principal analyst at Constellation Research, a technology research and advisory firm in Cupertino, California. "We live in a world where people are looking for exploits and ways into the infrastructure of systems every day," she told TechNewsWorld. "If we start to weaken that infrastructure, it's not just the privacy of an individual message that's at risk, it's the privacy of the entire network." Legislation NeededGovernment and law enforcement officials maintain the tech sector is overstating the danger of weakening encryption. "The single most important criminal justice challenge in the last 10 years is, in my opinion, the use of mobile devices by bad actors to plan, execute, and communicate about crimes," said New York County District Attorney Cyrus R. Vance Jr. in written testimony submitted to the U.S. Senate Judiciary Committee at a hearing on encryption and lawful access held Tuesday. "Just as ordinary citizens rely on digital communication, so do people involved in terrorism, cyber fraud, murder, rape, robbery, and child sexual assault," he continued. His office is not anti-encryption, Vance maintained. "That does not mean encrypted material should be beyond the law when a judge signs a search warrant -- especially when we're talking about evidence tied to a child sex abuse case or a potential terrorist attack," he argued. It is "unconscionable that smartphone manufacturers, rather than working with government to address public safety concerns, have dug in their heels and mounted a campaign to convince their customers that government is wrong and that privacy is at risk," Vance said. "Because Apple and Google refuse to reconsider their approach, I believe the only answer is federal legislation ensuring lawful access," he added. "Tech goliaths have shown time and again they have no business policing themselves." Downside of Lawful AccessThere can be hangups, however, with the "lawful access" Vance and others seek. "The U.S. government can require an American company to install backdoors, but they can't require people to use those backdoored services," the Cato Institute's Sanchez pointed out. "There are already widely available open source encryption tools with no backdoors, which sophisticated users can switch to if they no longer trust compromised encryption," he continued, "and competing tech companies outside U.S. jurisdiction are sure to eagerly promote their products as an uncompromised, more secure alternative." In either case, the big loser would be Facebook. "People utilize WhatsApp because of the encryption," Constellation's Miller observed. "If you take that away, a lot of people will leave the platform, and they'll begin to question whether they want to do business with Facebook." Support of encryption backdoors by global governments has the security community concerned, observed Kevin Bocek, vice president for security strategy and threat intelligence at Salt Lake City-based Venafi, maker of a platform to protect digital keys and certificates. "This is not rocket science. Backdoors inevitably create vulnerabilities that can be exploited by cyberattackers. It's understandable that so many security and privacy professionals are concerned. Backdoors are especially appealing to hostile and abusive attackers," he told TechNewsWorld. "This is a tense moment for technology professionals because they know backdoors make our critical infrastructure and devices more vulnerable. We know that attackers don't abide by restrictions. They don't follow the rules or buy products in controlled markets," Bocek continued. "Countries that enact these restrictions harm law-abiding businesses and court economic damage," he warned, "as well as intrusions focused on sovereign government processes."
Ransomware tops the list of cybersecurity threats for 2020. While there have been efforts to convince individuals, corporations and municipalities not to pay ransoms, the simple fact is that whenever one is paid, the attack becomes a success that encourages cyberthieves to try again. Ransomware attacks increased 18 percent in 2019, up from an average 12 percent increase over the past five years, according to research from cyber risk insurance firm Chubb. It accounted for 40 percent of all manufacturers' cyber claims, and for 23 percent of cyber claims for smaller businesses last year. "Ransomware has not only continued to grow over the years, but it has also attracted more organized criminals who have begun targeting specific industries," said Javvad Malik, security awareness advocate at KnowBe4. That "has not only increased successful infections, but has also made criminals more brazen in the demands they've been making," he told TechNewsWorld. Easy PreventionOne irony of ransomware is that it remains among the easiest threats to control. Prevention would be effective if users would refrain from going to untrusted websites or from opening suspicious email attachments. "Ransomware will continue to be an issue until such time that a preventative measure can be found or every user can be educated well enough to not open files from unknown sources," said Tom Thomas, adjunct faculty member in Tulane University's Online Master of Professional Studies in Cybersecurity Management program. Ransomware is particularly nefarious because of its broad targets: individuals, businesses, government agencies and cities. The number of ransomware attacks increased in 2019 -- but worse, 22 of those cyberattacks shut down city, county and even state government computer systems. If it can't be stopped, the next best option is to make it less profitable. As a result of the attacks on municipalities, more than 225 U.S. mayors last summer signed a resolution at the U.S. Conference of Mayors, pledging not to pay the hackers. "Ransomware does not judge nor care if you are an individual, government or organization. It's about greed -- and let's be honest, organizations have more money than individuals," Thomas told TechNewsWorld. "The mayors' pledge is so much political maneuvering and sound bites. Their pledge means nothing to threat actors and criminals," he added. Those pledges are not the end of the story -- they are just the beginning, said KnowBe4's Malik. "Like an animal that acquires the taste of human flesh after its first kill, the rise and success of ransomware has given cybercriminals the taste of data," he remarked. A pressing concern is what those criminals might do with the data. "It will be common to see ransomware coupled with threats of data exposure as ransomware strains developers and expands on new methods to demand payment," predicted Erich Kron, security awareness advocate at KnowBe4. "We have seen these threats for years; however, data exposure has already happened late in 2019 and will become a common practice in 2020 for those who don't pay," he told TechNewsWorld. A King's RansomCity leaders may have more leverage in deciding not to pay a ransom than businesses, many of which have succumbed. For some companies, ransomware payouts now are factored in as an added cost of doing business. "From the perspective of a business owner of any size, ransomware is a frightening proposition. Imagine all of the endpoints in an organization failing in a few hours," warned Jason Kent, hacker in residence at Cequence Security. "Given that most organizations have difficulty doing the basics, knowing their assets, knowing if these assets are secured and patched, backing up data, etc. -- the rise of ransomware in the next few years will be most likely a foregone conclusion," he told TechNewsWorld. "If we look at the organizations that have been hit with ransomware, the recovery process was painful and took huge amounts of effort to get back online," Kent added. "If we are to make it through 2020 with our systems intact, we have to watch out for the ever-changing threat landscape." Wipe OutAlthough not new, the very sinister "wiper worms" threat, which first appeared as a new form of malware in spring of 2018, could be on the rise. Wiper worms, which can be very sophisticated programs, generally have three targets: files/data, the boot section of a computer's operating system; and system and data backups. "While not as common as ransomware, this type of malware is a major risk because of the devastating outcomes of such attacks," said Yaron Kassner, CTO of security firm Silverfort. One significant concern is that a wiper could be deployed on a network, and instead of merely locking out a user, it could be function much like an even more insidious form of ransomware. "I see wiper worms as one of the top cyberthreats for 2020," Kassner told TechNewsWorld. Those hit by such an infection may not even be able to rely on backups, which also are infected. If users restore data compromised by the worm, that doesn't resolve the problem, as each resoration attempt only replicates the problem. "Once attackers have a foothold, it's easier for them to encrypt data for ransom than to exfiltrate data to sell on the dark Web," noted Willy Leichter, vice president at Virsec. "Cryptocurrencies now make it easy for criminals to monetize attacks anonymously," he told TechNewsWorld. "Recent attacks have encrypted data and threatened to expose it publicly if the victim doesn't pay up. While this is probably a bluff, it raises the perceived stakes for victims, increasing their desperation and willingness to pay." Recovering Efforts LackingAnother troubling component of ransomware and wiperware is the effort required to recover from such an attack. Few businesses have a strategy in place should such an attack occur. "According to a recent Forrester report, most businesses are in denial about their ability to recover from such an attack," said Sean Beuby, chief architect at Semperis. "Seventy-seven percent are confident or very confident, but only 21 percent have contingency plans in place, and less than half that -- 11 percent -- believed they could recover within three days of an attack," he told TechNewsWorld. "Organizations must take a clear-eyed, hard look at how unprepared they are for a denial-of-availability malware attack and reshuffle their priorities accordingly," Beuby added. "Ransomware and other wiperware is unprecedented in its ability to lay waste to a corporate network without regard to physical location: NotPetya permanently encrypted 55,000 Maersk servers and other devices around the world in 7 minutes."
I hearing that Paige has been creating a lot of scripts for various Networks.keep it up sis and continue doing what you do Best.
Google has seemingly taken another step to sanitize the browsing environment for users. Allegedly, the tech giant is now planning to regularize advertisements for optimal loading. Consequently, in the days to come, Google Chrome will block heavy ads for seamless browsing. Chrome To Block Heavy AdsAs evident from the Chrome commit, Google has made plans to block heavy ads from loading. It will supposedly filter out those ads that consume more resources. This will, in turn, facilitate users for smooth browsing experience. First caught up by 9to5Google, the report reveals about some ongoing work towards achieving fast and smooth browsing. As mentioned in Chrome commit by John Delaney, Google is working on implementing ‘Heavy Ad Intervention’. The idea is to unload ad iframes that Google identifies for higher resource consumption. https://latesthackingnews.com/2019/07/06/google-chrome-will-block-heavy-ads-from-loading-in-future/
Cyber attack methods have evolved aggressively to become more targeted, more sophisticated, and more frequent. For this webinar we have distilled 5 of the most common and urgent problems that enterprises face, and will share our analysis of the issues and practical recommendations for addressing them within your own security program. Join Jack Danahy, SVP, Security, as he outlines steps to: Track and combat the evolving threat landscapeIncrease visibility and resistance at the attack surfaceBattle alert fatigue and the security talent shortageDefine a cyber-risk baseline and process for your security programhttps://www.alertlogic.com/resources/webinars/post-rsa-insights-five-recommendations-to-strengthen-your-security-program/?utm_medium=external&utm_source=The_Hacker_News&utm_campaign=5_Recommendations_to_Strengthen_Your_Security_Program_Webinar&utm_content=On_Demand_Promo
Looking for a good place to read up on the latest tech gadgets and tech updates.Look no further check this site out!! https://soniz-web.com/category/blog/
Your Independence Day visits to r/technology will be short indeed -- Reddit's tech subreddit is offline as part of a stand against social media. Wikipedia cofounder Larry Sangler led the push to "demand that giant, manipulative corporations give us back control over our data, privacy, and user experience."
"Following on from the announcement by Larry Sangler of a Social Media Strike," the notice reads. "/r/technology is joining the #SocialMediaStrike Click the links above for more info. Normal service will resume on the 5th."
UK businesses have reported a significant fall in cyber attacks over the last 12 months. The proportion identifying breaches or attacks in the least year was 32 per cent, compared with 43 per cent in 2018 and 46 per cent in 2017, according to a survey of 1,566 businesses by the Department for Digital, Culture, Media and Sport (DCMS) (PDF). Those figures echo the Crime Survey for England and Wales, which found that between September 2017 and September 2018, the number of computer misuse incidents among individuals fell from 1.5 million to 1 million. This was driven, according to Office for National Statistics data, by a significant reduction in computer viruses (down by 45 per cent over the same period). However, the DCMS report said other factors could be at play such as more investment in cybersecurity, better compliance due to GDPR, or a change in attack behaviour. For example, those carrying out cyber attacks could be focusing on a narrower (though still numerous) set of businesses. This fits with another broad trend in the survey showing that, among the 32 per cent of businesses that did identify breaches or attacks, the median number they recall facing has gone up, from two attacks in 2017 to six in 2019. Of those targeted, phishing attacks were the most common, with 80 per cent having been subject to email scams, while 27 per cent said they had been hit by viruses, spyware or malware. However, Ken Munro of Pen Test Partners said there are too many variables to make the findings conclusive. "Are the number of antivirus reports down because organisations (rightly) don't consider them to be attacks/breaches or incidents? Or is it because the antivirus products aren't detecting the types of malware that are being used now?" He added: "Without analysing the quality of phishing attacks, the data is also meaningless. Are untargeted phishing attempts being filtered out upstream? "I don't think anything can be concluded from the report other than that 'cyber stuff is still happening and some businesses are taking it more seriously'.
t is with great pleasure that I can now announce that kiwiirc.com and its development is now sponsored by Private Internet Access.
Some people may recognise the company as they have been sponsoring and helping out the IRC community for many years, such as the Freenode network. Having already shown their interest in pushing IRC forward and making sure that core IRC projects can stay afloat, it is a well suited match as a sponsor to the Kiwi IRC project as this can benefit every IRC network and community that uses the Kiwi IRC web client.
So what does this mean for the project?
There are no large changes being made. Kiwiirc.com and the open source project are still independent and run by volunteers. However, with the extra support, this allows me to be focusing on Kiwi IRC development much more closely and building up kiwiirc.com with new features and improvements at a faster pace.
It’s not just development that’s involved in this project. Serving kiwiirc.com for an instant, always available web IRC client for any network out there has been the larger bulk of the project and has exploded in recent years, growing from hundreds to millions of users every month. This has been a personal financial drain for some time (handling IRC isn’t cheap!) since I have never wanted to start showing adverts, but we can now easily expand to be supporting the new growth and continue supporting every IRC network out there with a simple, modern IRC client for the web and mobile.
What's happening next?
There has been a lot of silence with progress in recent months due to the lack of time available towards this project, however with that changing now we can start to pick up the pace of development some more.
Some highlights of whats currently happening:
An entire re-write has been in the works with a development preview available here
Amazing mobile and tablet device support
The open source project and related projects has now moved into it’s own organisation, https://github.com/kiwiirc
There has been some heavily requested features over time which I can now start putting resources into. I know some of these will be getting people excited so there will be another mention of these once the new release of Kiwi IRC has become generally available.
More information on these will appear in the near future so be sure to be following @kiwiirc on twitter or the mailing list to be getting the updates as they happen! Or just come say hey on irc.freenode.net/#kiwiirc :)
Finally, a big thanks to the new sponsor, PrivateInternetAccess, for helping not only Kiwi IRC but the IRC community as a whole. If you’re looking around for a VPN provider to keep yourself protected online, take a look at privateinternetaccess.com as they come highly recommended from many different sources and reviews!
Microsoft released a new Windows 10 build to the Fast ring a little earlier than usual today, after a week with no builds. Build 18932 includes some new Eye Control improvements and notification settings, but it also comes with a pretty long list of fixes issues.
Most notably, Microsoft is seemingly converging settings synchronization engines into a single platform that's more reliable and less complex. For now, that means settings syncing will be disabled in 20H1 builds, but it should be good news for future releases. Here's the full list of improvements:
Read More Here
The field of science communication -- the practice of informing and educating people about science-related topics -- arose just after the start of the Enlightenment when Francesco Algarotti published his first edition of Newtonianism for the Ladies in 1737. While that bit of 18th century mansplaining doesn't really hold up by today's standards, in the nearly three centuries since, the pace of scientific progress has only accelerated -- with science communication evolving alongside it. The advent of social media, in particular, is an unprecedented, powerful tool for science communicators. "It was right after the election and I noticed that there was all this energy in the community, thinking about how we could better communicate our science to the public," University of Connecticut PhD student Sarah McAnulty told Engadget. "I thought we needed some way to engage scientists, in a low time-commitment, high-impact, kind of way." The result is Skype a Scientist. Launched in 2017, it connects researchers from a broad range of fields with students, teachers and other interested groups via, well, Skype. Each meeting lasts 30 minutes to an hour and operates as an informal Q&A session. "Typically it is structured as question and answer sessions, because we want people to feel as though they've really met a scientist, not just got lectured," McAnulty continued. "We want people to get answers to what they actually want to know about. That's really important." The operation itself is fairly straightforward. Teachers and interested parties fill out a Google form with their schedule availability while researchers and scientists fill out a similar form of their own. Then, a sorting algorithm designed by bioinformatician David Jenkins, a PhD student at Boston University, matches up the two groups for a session. "It's free," McAnulty points out. "As long as you have an internet connection, you're good to go." Before the advent of the internet, this sort of interaction simply wouldn't be feasible. Similar programs do exist, such as Letters to a Pre-Scientist, but nothing on this scale. In the last two and a half years, Skype a Scientist has served 15,000 classrooms and signed up 6,000 individual researchers to participate. "I basically did this whole thing via Twitter, I tweeted about it," McAnulty said. "And then the word of mouth spread extraordinarily quickly. Without that social media aspect of scientists talking to each other on Twitter, I can't imagine I would have gotten this many teachers or scientists." Before Skype a Scientist, McAnulty launched the Squid Scientists Tumblr page in 2014. "Originally, it was just I wanted to see what what if it was possible because Tumblr, generally speaking, wasn't a place where science communication was happening too much." Still, McAnulty found Tumblr to be less hostile to women than Reddit and that it skewed towards further a younger audience than Twitter. "I get more questions from Tumblr from young women who are thinking about being a scientist or just want to know more before they make a choice about what kind of careers they think they could see themselves in," she said. "So Tumblr has been really powerful for that." Indeed, the elimination of communication barriers and the waning influence of traditional "gatekeepers" to the scientific community has enabled female, PoC, LGBTQ+, and non-binary researches a direct line to an interested public. And given that a 2018 study found that only around 30 percent of studies published in the Nature Index journals were penned by female researchers, that ability to connect with not just the public but other researchers as well, could help reduce that discrepancy. McAnulty notes that mainstream science media outlets like the Discovery Channel or NatGeo will cast their scientist hosts based on who will return the best ratings. "In the process, they are choosing scientists that they think people will view as scientists," she said, "It's a positive feedback loop of sexism." However, with the rise of social media, especially Twitter, Instagram and YouTube, researchers from underrepresented groups don't have to wait for NatGeo to come knocking. They can produce their own content, cultivate their own audiences and share their passion for science directly. "The more that we're engaging with the public -- and even engaging in our own communities -- the more representation you have of everybody, the better and the stronger our scientific community will be," McAnulty said. The podcasting community has also become a hotbed for science communication. Take This Week In Science, for example. Originally a live radio show broadcast from KDVS on the University of California, Davis campus, it now reaches listeners in 60 countries as a weekly podcast. Neurophysiologist and science communicator, Dr. Kirsten "Kiki" Sanford, founded the show in 2000. "I was a graduate student when I started it and was really interested in the idea of talking with people about the stuff I was learning," she explained to Engadget. "I would hang out with my neighbors and we would talk about things that we had learned recently, things that were cutting edge research, and just how exciting they were." She quickly realized that there wasn't much of that sort of content available. "The only radio show at the time in the area that I lived, was Science Friday, which was great, but that was it," Sanford said. "And so we approached the local college radio station to see if they wanted to have a science show." In the 19 years (and 500-plus episodes) since, TWIS has held a number of live tapings at local clubs and science festivals. "I enjoy doing live shows, because there's that instant feedback," Sanford said. "You can see people's faces, whether or not they're engaged in what you're talking about whether or not they're bored. I can up-regulate what I'm saying, I can shift the way that I'm explaining it, I can ask the audience a question and you know, get a show of hands or get a response right then and there." Sanford and her team are expanding into other areas of social media, such as their recently-launched monthly newsletter. "I'd like to be able to get the show to stable financial basis, where we can put more time into doing shorter content for YouTube, or maybe a daily show" Sanford continued. "One fun idea that have been bounced around recently: I have an eight year old son and he's getting interested in [science]. So we've been talking about having a Twitch Junior program." These sorts of conversations wouldn't have occurred without the rise of these platforms. "With the access that people have, especially social media, I am seeing so many more scientists, talking to people not just to each other, but to people who are just like, 'Oh, what is this thing you study?'' Sanford noted. "And suddenly there's a conversation happening. That didn't happen before." Science communication is having an outsized effect on the scientific job market as well, Sanford points out, with people carving out careers in a field that didn't exist a decade ago. "You had science writers, you had science journalists, but to the idea of a science communicator?" Sanford quipped, "Now people are calling themselves science communicators all over the place. It's amazing." Though social media's open access regularly serves as a double-edged sword, with conspiracy theorists intentionally spreading misinformation online, both McAnulty and Sanford remain optimistic that the scientific community will be able to minimize the damage those bad-faith actors might cause. "That's social media's equality, and that is a blessing and a curse," McAnulty said. "I guess one of the goals for my science communication, and my career, is to help people connect with sources of information that they can trust."
Self-driving venture Waymo has been given permission by California authorities to transport people in its robotaxis. According to TechCrunch, the California Public Utilities Commission (CPUC) gave Waymo the green light this week, issuing a permit that will allow the company to participate in the state's Autonomous Vehicle Passenger Service pilot. This means that Waymo employees will be able to hail a self-driving vehicle and take guests on rides within the company's South Bay territory.
There are some restrictions, of course. Waymo can't charge for these rides, and every vehicle must have a safety driver behind the wheel. Interestingly, the CPUC will allow Waymo to contract out its safety driver operations to a third party -- a decision prompted by Waymo's assessment that operating and scaling a "meaningful pilot" requires a large group of drivers who are "more efficiently engaged." They will still go through Waymo's proprietary driver training program.
This isn't the first milestone for Waymo in its bid to roll out a nationwide service -- the company launched its first commercial ride-hailing offeringlast year in Arizona, where there's less regulatory red tape for companies to deal with. Nor is this the first permit of its kind to be issued in California -- Zoox scored that accolade in December last year. Nonetheless, the news represents an important advance for Waymo's efforts in the state, where the race is perpetually on to achieve firsts in what is essentially the tech capital of America.
More Here https://www.engadget.com/2019/07/03/waymo-test-self-driving-taxis-employees-california/
Hitman 2 has had its share of unusual updates and events, but its latest may be particularly appealing if you're music-minded. IO Interactive has outlined a July roadmap with a string of music-themed activities, most notably the "I'm With the Band" Challenge Pack arriving on July 11th. Finish five band-related tasks on the Santa Fortuna map and you'll unlock a violin -- you could literally bludgeon someone with your musical tastes. The rest of July shares a similar vibe. As of July 4th, there's an Escalation mission on the Isle of Sgail that has you taking out musicians through creative methods. On July 18th, Featured Contracts will revolve around the concept of "tone death." The Badboy Elusive Target returns to Sapienza a day later on July 19th for Legacy Pack owners. And on July 25th, another Escalation mission in Santa Fortuna will involve making some noise with explosives. And don't worry if you're sick of music by the end of the month. IO is giving expansion pass owners a second Sniper Assassin map, the Siberia-based Prison, on July 30th. More details are coming in the weeks ahead. For now, though, it's evident that IO has found a way to keep players busy after the novelty of the New York map has worn off.
Updated YouTube, under fire since inception for building a business on other people's copyrights and in recent years for its vacillating policies on irredeemable content, recently decided it no longer wants to host instructional hacking videos.
The written policy first appears in the Internet Wayback Machine's archive of web history in an April 5, 2019 snapshot. It forbids: "Instructional hacking and phishing: Showing users how to bypass secure computer systems or steal user credentials and personal data."
Lack of clarity about the permissibility of cybersecurity-related content has been an issue for years. In the past, hacking videos in years past could be removed if enough viewers submitted reports objecting to themor if moderators found the videos violated other articulated policies.
Now that there's a written rule, there's renewed concern about how the policy is being applied.
Kody Kinzie, a security researcher and educator who posts hacking videos to YouTube's Null Byte channel, on Tuesday said a video created for the US July 4th holiday to demonstrate launching fireworks over Wi-Fi has been removed because of the rule.
"I'm worried for everyone that teaches about infosec and tries to fill in the gaps for people who are learning," he said via Twitter. "It is hard, often boring, and expensive to learn cybersecurity."
The Register asked Google's YouTube for comment but we've not heard back.
Security professionals find the policy questionable. "Very simply, hacking is not a derogatory term and shouldn’t be used in a policy about what content is acceptable," said Tim Erlin, VP of product management and strategy at cybersecurity biz Tripwire, in an email to The Register.
"Google’s intention here might be laudable, but the result is likely to stifle valuable information sharing in the information security community."
Erlin said that while it may be reasonable to block content that shows actual illegal activities, like breaking into a specific organization's systems, instructional videos play an important role in cybersecurity education.
"In cybersecurity, we improve our defenses by understanding how attacks actually work," said Erlin. "Theoretical explanations are often not the most effective tools, and forcing content creators onto platforms restricted in distribution, like a paid training course, simply creates roadblocks to the industry. Sharing real world examples brings more people to the industry, rather than creating more criminals."
Tyler Reguly, manager of security R&D at Tripwire, said censorship has been a concern among YouTube video makers for some time. In an email to The Register, he expressed sympathy for the challenge YouTube faces as a business.
"If YouTube wants advertisers to pay, they need to be aware of the content they are allowing," he said. "We tend to forget that these websites exist to make money, not for the betterment of society."
But he noted that YouTube's policies aren't easy to interpret and there may be reasons Kinze's video got flagged, such as the fact that it deals with fireworks.
"The YouTube system, based on reports that I’ve seen in the past, is quite arbitrary and difficult to understand, even as a YouTuber working directly with the company, nothing is as straightforward as it seems," he said.
Dale Ruane, a hacker and penetration tester who runs a YouTube channel called DemmSec, told The Register via email that he believes this policy has always existed in some form. "But recently I've personally noticed a lot more people having issues where videos are being taken down," he said.
Read more here
The security expert Barak Tawily demonstrated that opening an HTML file on Firefox could allow attackers to steal files stored on a victim’s computer due to a 17-year-old known bug in the browser.
The researcher published the details of the attack through TheHackerNews website and demonstrated that his technique works against the latest version of Firefox.
“Barak Tawily, an application security researcher, shared his findings with The Hacker News, wherein he successfully developed a new proof-of-concept attack against the latest version of Firefox by leveraging a 17-year-old known issue in the browser.” reported TheHackerNews.
The expert was analyzing the implementation of the Same Origin Policy in Firefox when discovered that it is vulnerable to local files theft attack.
“Recently, I was performing a research on Same Origin Policy attacks, I managed to realize that the la version of Firefox (currently 67) is vulnerable to local files theft attack (on any supported OS), due to improper implementation of Same Origin Policy for file scheme URIs. Let’s go over the PoC details then I will provide an explanation of why its not patched yet.” wrote the expert.
According to Tawily, Firefox didn’t fix the flawed implementation of the Same Origin Policy (SOP) for File URI Scheme over the years.
The expert also shared details of its PoC and a video PoC of the attack. Tawily explained how an attacker can easily steal secret SSH keys of Linux victims if they save downloaded files in the user-directory that includes SSH keys in its subfolder.
Attacker sends email to victim with attachment file to be downloaded / Victim browse to malicious website and download file
The victim opens the HTML malicious file
The file loading the containing folder in an iframe (so my file path is file:///home/user/-malicious.html, and the iframe source will be file:///home/user/)
The victim thinks he clicks on a button on the malicious HTML, but in fact he is clicking on the malicious file html inside the iframe’s directory listing (using ClickJacking technique, in order to apply the “context switching bug” which allows me access the directory listing of my containing folder)
The malicious iframe now have escalated privileges and is be able to read any file on the folder contains the malicious file, (in most cases downloads folder, in my case is file:///home/user/).
The malicious file is able to read any file on it’s containing folder (file:///home/user/), such as SSH private key by simply fetching the URL file:///home/user/.ssh/ida_rsa and stealing any file by 1 more fetch request to the attacker’s malicious website with the files’ content.
The attacker gains all files in the folder containing the malicious file exploit this vulnerability
An attacker could successfully carry out the attack by tricking victims into downloading and opening a malicious HTML file on the Firefox web browser and into clicking on a fake button to trigger the exploit.
“Tawily told The Hacker News that all the above-mentioned actions could secretly happen in the background within seconds without the knowledge of victims, as soon as they click the button place carefully on the malicious HTML page.” continues The Hacker News
The expert reported the flaw to Mozilla, but the company seems to have no intention to fix the issue soon.
“Our implementation of the Same Origin Policy allows every file:// URL to get access to files in the same folder and subfolders.” reads the reply from Mozilla.
A Georgia state agency confirmed that a cyberattack has brought offline some court websites. According to local media, hackers infected the systems of the Georgia Administrative Office of the Courts with ransomware, “News outlets report hackers demanding a ransom infected computers with malware at the Georgia Administrative Office of the Courts.” reported the Associated Press. “Agency spokesman Bruce Shaw said Monday that officials have “quarantined our servers and shut off our network to the outside.” The Georgia Administrative Office of the Courts provides services to some local probate and municipal courts. The website of the agency (www.georgiacourts.org) was offline earlier this week, while the websites for the Georgia Supreme Court and court clerks in the larger counties of the state were up and running. “Hackers have infected computers at a Georgia courts agency, demanding a ransom payment and causing officials to shut down court websites.” reported the AJC website. “The Administrative Office of the Courts was offline Monday as the state government tried to contain the hack.” At the time of writing, it wasn’t clear the extent of the attack in term of impacted Georgia courts and interference with ordinary operations. Agency spokesman Bruce Shaw pointed out that users’ data were not exposed because the Georgia Administrative Office of the Courts doesn’t users details apart from information in public court documents. “Personal information wasn’t compromised because the agency doesn’t keep that information, said Michelle Barclay, a division director for the Administrative Office of the Courts.” concludes the AJC website. “Everything is shut down until they tell us to turn it on,” Barclay said. “We’re definitely inconveniencing folks who rely on our applications.” The attack was discovered during the weekend, experts believe it was launched from a foreign country. The attackers sent an email to the agency with instructions to contact them, the message didn’t specify a ransom amount. This incident follows other similar attacks on government systems, such as the one that hit the city of Atlanta and the Georgia Department of Agriculture. County and state courts were operational, but they were unable to access information provided by the Administrative Office of the Courts, Allen said. He didn’t know how long it will take to recover from the attack.
The government of Singapore has announced its third bug bounty program aimed at assessing the level of security implemented for government systems exposed online. The bug bounty program sees the involvement of the Cyber Security Agency of Singapore (CSA) and the Government Technology Agency of Singapore (GovTech). Like previous programs, this bug bounty initiative program will be operated through the HackerOne platform. The bug bounty program will run from July to August and will see the participation of 200 international hackers and 100 local hackers. The organization will offer payouts between $250 and $10,000 for each vulnerability reported by the experts. The Government will present the results of the program in September. “The Singapore Government’s latest bug bounty program is part of a strategic initiative and commitment to build a secure and resilient Smart Nation by strengthening collaboration with the cybersecurity industry and community.” reads the press release. “GovTech’s bug bounty program will run from July to August 2019 and will cover nine Internet-facing government digital services and information and communication technology systems with high user interaction.” In December 2017, Singapore’s Ministry of Defence (MINDEF) invited roughly 300 white hat hackers from around the world to participate its first bug bounty program. The hackers found 35 vulnerabilities that were paid a total of $15,000. The second program run earlier in 2019 and resulted in the discovery of 26 security flaws that were paid a total of $12,000.
Government officials from Germany and the Netherlands signed an agreement for the building of the first-ever joint military Internet, so-called TEN (Tactical Edge Networking). The agreement was signed this week in Brussels, during a meeting of NATO defense ministers. “The accord was signed on Wednesday in Brussels, Belgium, where NATO defense ministers met this week.” reads the post of ZDnet that first reported the news. “The name of this new Dutch-German military internet is the Tactical Edge Networking, or TEN, for short.” The Tactical Edge Networking (TEN), is the first-ever project that allows states to merge their military networks. Military and defense analysts believe that in the future, the NATO alliance will create for all its members a unique military network. The TEN will be located in Koblenz, Germany, while a design and prototype center will be located at the Bernard Barracks in Amersfoort, the Netherlands. In the first phase of the project, TEN will unify communications between the German army’s (Bundeswehr) land-based operations (D-LBO) and the Dutch Ministry of Defence’s ‘FOXTROT’ tactical communications program. Under the TEN project, soldiers from both governments will use the same equipment (i.e. Computers, radios, tablets, and telephones). The cost for the overall project will be very high, analysts believe it will reach millions of euros. TEN’s deployment is expected to cost the two countries millions of euros in costs to re-equip tens of thousands of soldiers and vehicles with new compatible equipment. According to German newspaper Handelsblatt, both governments aim at a full integration of the defense netwotks. “The digitization of their land forces will tackle the Netherlands and Germany together. The goal: At the latest in the 2030s, the armies of both countries should be networked at all levels and communicate with each other electronically without any restrictions.” reported the Handelsblatt “It’s a really big step, we’ve never done so before,” said Dutch Defense Minister Ank Bijleveld-Schouten on Tuesday to Handelsblatt on the sidelines of the meeting of the Nordic NATO defense ministers in Berlin.” Even if Dutch and German army have already conducted joint foreign missions, they have never exchanged information across national borders. “Today we cannot even communicate across borders with our radios,” said Bijleveld-Schouten.
Maps just got a lot more useful for commuters. The company today announced a pair of updates for its mapping application — one that will offer live traffic delays for buses in the cities where it didn’t already provide real-time updates, and another that will tell you how crowded your bus, train, or subway car will be. The latter is perhaps the more interesting of the two, as it represents a new prediction technique Google has been perfecting for over half a year. Starting in October, the company began to ask Google Maps users to rate their journey if they had traveled during peak commuting hours of 6 am to 10 am. Google asked about how many seats were available or if it was standing room only, in order to identify which lines had the highest number of crowdedness reports. Over time, it was able to model this data into a new prediction capability designed to tell transit riders how packed their bus or train would be. It also used this data to create rankings of the most crowded routes and stops around the world. Buenos Aires and Sao Paulo dominated the rankings for the most-crowded transit lines, as each city had 3 lines in the top 10. Meanwhile, New York’s L train is the only one in the U.S. to rank in the top 10. This isn’t the first time Google has used its massive Maps footprint to make predictions about crowds. The company had already introduced similar features for predicting the size of the crowd at restaurants and other retail locations. In addition, Google today expanded its ability to alert bus riders to delays. In December 2017, the company began offering real-time information provided by local transit agencies to transit riders. But this data wasn’t available in all cities. To address the problem, Google is launching live traffic delays in those markets where the information has been lacking — like Atlanta, GA. To make its predictions, Google is combining the bus route details with the data it’s collecting from users who have consented to anonymized data sharing. This is the same data collection mechanism it uses to predict the crowds at local businesses today. Essentially, the company is turning Google Maps into a powerful tool to understand the movement of people in the world. But many users may not know they’ve been opted into this data-sharing by default. In fact, they probably will think the transit data is coming from the city — not from the app installed on their phone and millions of others. In any event, users will now be able to see the bus delays, how long the delay will be, and adjusted travel times based on these live conditions. Google says the new features are rolling out on Google Maps in nearly 200 cities worldwide on both Android and iOS today.
Twitter didn’t name any names with today’s new feature news, but one extremely online user loomed large over the announcement. The company took to its Safety blog to announce the addition of a new “abusive behavior” label that users will have to click through to access content. This isn’t just any content warning, though. It applies to a pretty exclusive club of users whose writing breaks the company’s anti-abuse rules, but whose comments are still deemed part of “the public conversation.” In order to apply, they must, Granted, the state of public discourse in 2019 and in the lead up to next year’s election will almost certainly ensure that a number of people fall squarely in the center of that Venn diagram, but Twitter probably could have saved a few paragraphs by just calling this one “Trump’s Law.” Jack Dorsey and other execs have clearly been extremely uncomfortable with the position the President has placed them in by regularly saber rattling and name calling on the site. The new feature will look like other sensitive material notices on the platform, with the option to click through to read the content. It will show up in safe search, Top Tweets, push notifications and a few other places. Tweets sent before today will not be subject to the new feature. The move is sure to stir up feelings amongst politicians already crying foul against perceived social media bias, and Twitter says it will “continue to evaluate how our rules and enforcement actions can be clearer and keep working to make our decision-making easier to understand.” Republican politicians have regularly called out Twitter, Facebook and other sites for “shadow banning” and other instances and what they believe to be a liberal Silicon Valley bias.
Google today announced a slew of improvements to the way video recommendations are presented on YouTube. Acknowledging that no one knows a user's tastes better than the user, YouTube is implementing some changes that give users more control over what videos are shown in the Homepage and the Up Next section in video pages. The most interesting of these enhancements is the ability to remove specific channels from the recommendations altogether. This way, if you're interested in a certain topic, but don't care for a particular channel about that topic, you won't have to see it anymore. This capability is available starting today on iOS and Android, and it's coming to the desktop experience later. When you get video suggestions from a new channel, YouTube will also now tell you why that video is being recommended. For example, a channel may be recommended to you because other users who follow the channels you follow also follow that one. This feature is now available on iOS, with Android and desktop support coming soon. Finally, you can now tailor the recommended videos page by showing only specific topics that YouTube has determined you're interested in. At the top of the Homepage and the Next Up section under a video, you'll see a list of topics based on your interests, and you can individually select one of those topics so that the recommended videos are only directly related to that topic. This feature will debut on the YouTube app for Android for English users, and support for iOS, desktop, and other languages is coming soon.
A week ago, Microsoft finally launched its Chromium-based Edge browser for older versions of Windows, including Windows 7, 8, and 8.1. It was only available from the Canary branch though, which is updated daily. Today, Edge Dev is now available for the older operating systems. Edge Dev is updated weekly, and that means that it's less likely to break. There's also an Edge Beta branch that's coming soon; that will be updated every six weeks like the stable channel will be. Of course, the stable channel is still a long way off. You'll get the same builds as users do on Windows 10 and macOS, and they come out on Tuesdays. One feature that you'll find is missing is dark mode, as that automatically matches your system settings. Obviously, there's no native dark mode on Windows 7 or 8.1. Luckily, the Edge team mentioned on the Windows Insider podcast today that it may be adding manual controls. If you want to check out Edge Dev for older versions of Windows, you can find it here. Just pick the platform you're looking for at the bottom.
A few days ago, Riviera Beach City agreed to pay $600,000 in ransom, now less than a week later, another city in Florida opted to do the same to recover its data after a ransomware attack. The victim is Lake City, Florida, that during an emergency meeting of the city council held on Monday, voted to pay a ransom demand of 42 bitcoins, worth nearly $500,000. Lake City is a small city in Florida with a population of 65,000 that was hit by ransomware earlier on June 10. “On Monday June 10th, 2019, the City of Lake City was targeted by a malware attack known as ‘Triple Threat.'” states the press release published by the city. “This ransomware program combines three different methods of attack to target network systems. As a result of this attack, many City systems are currently out of order. City personnel are working diligently to establish alternate methods of providing city services.” The systems were hit by so-called Triple-threat attack, a ransomware attack that involves three different malware. In the past Triple Threat attacks involved the QUERVAR ransomware, the SIREFEF, and ZACCESS. At the time of writing, all City of Lake City email systems are out of order, such as most land-linephones. Other City networks are currently disabled as precautionary measure and the IT staff as isolated the Public Safety networks. In a few minutes after the initial infection, the ransomware compromised almost all the City computer systems, except the systems operated by the police and fire departments that are hosted on a separate network. Most City departments are operating using Emergency Operations cell phones. The activities of the small city have been blocked for nearly two weeks because of the ransomware attack. Crooks made a request of a ransom a week after the initial infection, they contacted the Lake City’s insurance provider, the League of Cities, which negotiated a payment of 42 bitcoins. The city’s IT staff is now working to restore operations after receiving the key to decrypt its data. In July 2018, another Palm Beach suburb, Palm Springs, decided to pay a ransom, but it was not able to completely recover all its data. In March 2019, computers of Jackson County, Georgia, were infected with ransomware that paralyzed the government activity until officials decided to pay a $400,000 ransom to decrypt the files.