News & Updates

As most other racing series have either ended their seasons or are headed to their respective finales, Formula E is getting ready to kick off its third season this coming weekend in Hong Kong. Although the electric racing series was met with a fair degree of skepticism in its first year, it’s starting to develop quite a buzz. Now that there’s a degree of technical freedom allowed in the regulations, more and more car companies are getting involved, eager to use the series as a platform to develop new electric motor-generator units, inverters, and electric powertrain control software and electronics.

We’ve known for quite a while that Jaguar planned to compete in Formula E, and it will finally become a reality this weekend. Drivers Adam Carroll and Mitch Evans will take to the track in the first factory-supported racing program from the company in more than a decade. (Jaguar had an ill-fated run in Formula 1 when it bought the Stewart Grand Prix team in 1999 and then ran it into the ground before selling the operation to Red Bull, which went on to win multiple championships.)

But in recent weeks, the leaping cat has been joined by several of its rivals. BMW has partnered with Andretti Formula E, with an eye on entering a full works program in season five (2018/2019). BMW is supplying one of its factory racing drivers, Antonio Felix Da Costa, and the partnership also includes engineering support.

Read 8 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/

Users are still dealing with the Yahoo’s massive data breach that exposed over 1 Billion Yahoo accounts and there’s another shocking news about the company that, I bet, will blow your mind.

Yahoo might have provided your personal data to United States intelligence agency when required.

Yahoo reportedly built a custom software programmed to secretly scan all of its users’ emails for specific


Source: http://feeds.feedburner.com/TheHackersNews

(credit: Elliott Brown)

T-Mobile USA has begun throttling mobile hotspot data when its network is congested while giving priority to smartphones and other devices that connect directly to the cellular network.

T-Mobile has been notifying customers of the change yesterday and today with a message that says, “We just made your network better again” and that “T-Mobile device data comes first.”

“We’ve primed the network for on-device use,” the carrier says on its website. “So now when there’s congestion, you may notice higher speeds for data on your T-Mobile devices versus Smartphone Mobile Hotspot (tethering).” Prioritization of on-device data is triggered “at times and at locations where there are competing customer demands for network resources, which may result in slower tethering speeds,” T-Mobile also says.

Read 9 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/

Do you trust your messaging app even though it uses end-to-end encryption?

As I previously said end-to-end encryption doesn’t mean that your messages are secure enough to hide your trace.

It’s because most of the messaging apps still record and store a lot of metadata on your calls and messages that could reveal some of your personal information including dates and durations of communication


Source: http://feeds.feedburner.com/TheHackersNews

(credit: David Ramos/Bloomberg via Getty Images)

According to a new report by Reuters citing anonymous former employees, in 2015, Yahoo covertly built a secret “custom software program to search all of its customers’ incoming emails for specific information.”

Reuters noted that Yahoo “complied with a classified US government directive, scanning hundreds of millions of Yahoo Mail accounts at the behest of the National Security Agency or FBI, said two former employees and a third person apprised of the events.” It is not clear what data, if any, was handed over.

Presuming that the report is correct, it would represent essentially the digital equivalent of a general warrant—which is forbidden by the Fourth Amendment, as Electronic Frontier Foundation lawyer Andrew Crocker noted on Twitter.

Read 10 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/

Late last year, we got news that General Motors would work with the US Army to develop a hydrogen-fuel-cell-powered pickup truck. On Monday at an annual US Army association meeting, GM took the wraps off the beast, which the Army will test in Michigan over the next year.

The US Army’s tank research center collaborated with GM to build the Chevy Colorado ZH2, which has a reinforced body that’s six-and-a-half feet tall and seven feet wide. The truck will chew up terrain with 37-inch tires and a special suspension built for off-road handling.

The ZH2 has a single motor that’s powered by a hydrogen fuel cell and a battery. The advantage of that hydrogen fuel cell is that the only byproduct is water, and the electricity-powered engine is quieter than a traditional combustion engine. It also gives off less heat, which GM said would help the car in stealth situations, where the Army would want to reduce acoustic and thermal signatures. According to Wired, the ZH2’s hydrogen fuel cell produces two gallons of water an hour.

Read 7 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/

Enlarge / Moxie Marlinspike is the founder of Open Whisper Systems. (credit: Knight Foundation)

The American Civil Liberties Union announced Tuesday that Open Whisper Systems (OWS), the company behind popular encrypted messaging app Signal, was subpoenaed earlier this year by a federal grand jury in the Eastern District of Virginia to hand over a slew of information—”subscriber name, addresses, telephone numbers, email addresses, method of payment”—on two of its users.

Further, OWS was prevented for at least several months from publicly disclosing that it had received such an order until the ACLU successfully challenged it.

While details of the case remain sealed, the ACLU published a number of partially redacted court documents, including its initial response to the FBI.

Read 8 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/

You don’t need to pay in order to receive the full dump from the DropBox data breach, security researcher leaked it online.

In August, a data dump containing more than 68 Million account credentials for online cloud storage platform Dropbox was leaked online. Dropbox forced password resets for a number of accounts after discovering the data dump online linked to a 2012 breach.

“The next time you visit dropbox.com, you may be asked to create a new password. We proactively initiated this password update prompt for Dropbox users who meet certain criteria. Specifically, we’re prompting the update for users who:

  • Signed up to use Dropbox before mid-2012, and
  • Have not changed their password since mid-2012″

stated the announcement published by DropBox that confirmed the data breach occurred in 2012:

“We’ve confirmed that the proactive password reset we completed last week covered all potentially impacted users,” said Patrick Heim, Head of Trust and Security for Dropbox. “We initiated this reset as a precautionary measure so that the old passwords from prior to mid-2012 can’t be used to improperly access Dropbox accounts. We still encourage users to reset passwords on other services if they suspect they may have reused their Dropbox password.”

In September, a hacker with the moniker “DoubleFlag” was offering for sale on the notorious black market TheRealDeal the DropBox data dump for BTC 02.000 (roughly 1200 US Dollar).
According to hackread.com, the dump includes 68,679,804 records containing users’ emails and encrypted passwords. 36,814,524 passwords that are encrypted with Secure Hash Algorithm 1 (SHA-1), while around 32 Million passwords are protected using strong hashing function BCrypt.
dropbox-data-breach
News of the day is that you don’t need to pay in order to receive the DropBox data dump because of the security researcher Thomas White, also known as The Cthulhu, who has leaked online the full archive.

The researcher published a post titled “END OF AN ERA”

“While I make no apologies for my politics or modus operandi, I do concede the model might need shaking up. I still serve as an effective deterrent to some of the companies who have dealt with me before as somebody who can’t be silenced by legal threats or by requesting law enforcement intimidates me, but my reach does, unfortunately, have limits, and would fall should my reputation take a hit. This ultimately has lead me to explore additional options and find other ways to continue as a deterrent, but take it away from my personal brand and to also put more time into remediation efforts for the average PC user to not get pwned if possible. ” explains the TheCthulhu.

The expert leaked the full DropBox dump via both magnet or torrent.

“The following dump was allegedly taken from Dropbox sometime in 2012 following a breach. More information is available here on the story.
I have assisted to keep this breach public for those who are struggling to find a reliable source for research.” 

Dropbox confirmed that its threat monitoring service hasn’t detected any suspicious activity related to the affected customers.

“Based on our threat monitoring and the way we secure passwords, we don’t believe that any accounts have been improperly accessed. Still, as one of many precautions, we’re requiring anyone who hasn’t changed their password since mid-2012 to update it the next time they sign in.”

Dropbox is only one of the numerous massive data breaches suffered by many IT firms including YahooLinkedIn, MySpace, and VK.com.

medianet_width=’300′; medianet_height= ‘250’; medianet_crid=’762221962′;

Pierluigi Paganini

(Security Affairs –DropBox Data Breach, data breach)

 

The post Download for free 68 Million account details from Dropbox Data Breach appeared first on Security Affairs.

Source: Security affairs