News & Updates

Enlarge (credit: Daniel Spiess)

Verizon and the National Football League are in talks to sign another streaming rights deal. According to a Bloomberg report, the wireless provider and the NFL are close to finalizing a new deal that would let Verizon stream games to Internet-connected TVs, tablets, and phones. Verizon’s previous deal only allowed it to stream games to devices with screens that are 7-inches or smaller, so the new deal would open up NFL games to Verizon customers who primarily consume TV content on smart TVs, tablets, and other large devices.

According to people familiar with the matter, Verizon would also lose exclusive rights to air games on mobile devices as part of the deal. That means that while Verizon customers would have more device options for watching football, it may not be the only one to stream NFL games. Other wireless providers or streaming TV providers, such as Sling TV or DirecTV Now, may be able to strike their own deals with the NFL and provide streamed games to their subscribers through their own apps.

Verizon will have rights to deliver the NFL’s Thursday night games, “among others.” The NFL has divided up broadcasting rights among several companies, including Verizon and DirecTV. Amazon outbid Twitter for the rights to stream 10 Thursday Night Football games for the 2017 season, but only Prime members can watch them online.

Read 1 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/

Enlarge / Sixty-one-year-old US citizen Shirley Wilford hops the border to buy prescription drugs in a pharmacy in Hemmingford, Canada. (credit: Getty | Darren McCollester)

Late last month, the Food and Drug Administration raided nine stores in Central Florida that help customers illegally order affordable prescription drugs from verified pharmacies overseas, particularly those in Canada, according to a report by Kaiser Health News.

The agency sent in criminal investigation agents with search warrants for computer files and any paperwork related to sales of foreign drugs. The agents also took files on customers and the stores’ financial records. They left behind a letter for store owners to sign, acknowledging that the practice of importing foreign medicines is illegal.

Although none of the stores has closed due to the activity, the owners are spooked by the turn of events—and puzzled by the timing.

Read 7 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/

Even after so many efforts by Google for making its Play Store away from malware, shady apps somehow managed to fool its anti-malware protections and infect people with malicious software.

A team of researchers from several security firms has uncovered two new malware campaigns targeting Google Play Store users, of which one spreads a new version of BankBot, a persistent family of banking


Source: http://feeds.feedburner.com/TheHackersNews

Enlarge (credit: Uber)

Uber has signed a deal with Volvo for 24,000 XC90 sport-utility vehicles for delivery between 2019 and 2021. With this deal—worth about $1 billion—Uber is essentially betting the company on a self-driving future.

It’s a big, risky bet for Uber, which lost $2.8 billion in 2016 and is locked in a legal battle with Waymo over self-driving technology that could cost it more than $1 billion.

When Recode’s Johana Bhuiyan talked to company insiders about Uber’s self-driving car project in March, she found that “many think it is at a technological standstill and plagued by significant internal tension.” Around the same time, Uber temporarily suspended public testing of its driverless cars after one of its cars collided with another car and flipped over on its side. The company says another driver was at fault in the incident, and it has since resumed testing.

Read 9 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/

(credit: Valentina Palladino)

Jawbone may have switched gears to medical devices, but there are some Up fitness trackers still out there. Those who use the Up4, Jawbone’s most advanced tracker and one of the last it debuted before pulling out of the consumer-wearable market, won’t be able to use its NFC payment feature for much longer. American Express customers who paired a card with their device are receiving notices that the partnership will end on January 31, 2018; the Up4 will no longer be able to make payments using American Express cards after that date.

The notice states that American Express will automatically disconnect the paired American Express card from the Up4 device on February 1, 2018, if not done by the user beforehand. To disconnect your American Express card before the cutoff date, go to the Amex Payments section of the Up4 app, tap “Manage,” and then tap “Disconnect.” American Express will be issuing a $10 credit to these accounts once the partnership officially ends.

Jawbone had a partnership with American Express that allowed Up4 users to pair an Amex account with the device to use with contactless payment readers. It worked well when the Up4 first debuted back in 2015, but it was relatively limited because users could only pair an American Express card to the device. Other contactless payment systems, including the new Fitbit Pay on the $300 Ionic smartwatch, allow for more than one connected credit card or bank per account.

Read 3 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/

Experts from the firm Sucuri observed a new wave of wp-vcd malware attacks that is targeting WordPress sites leveraging flaws in outdated plugins and themes

A new malware campaign is threatening WordPress installs, the malicious code tracked as wp-vcd hides in legitimate WordPress files and is used by attackers to add a secret admin user and gain full control over infected websites.

The malware was first spotted in July by the Italian security expert Manuel D’Orso who noticed that the malicious code was loaded via an include call for the wp-vcd.php file and injected malicious code into WordPress core files such as functions.php and class.wp.php.

The wp-vcd malware attacks continued, evolving across the months. Recently researchers from Sucuri firm discovered a new strain of this malware that injected malicious code in the legitimate files of the two the default themes “twentyfifteen” and “twentysixteen”included in the WordPress CMS in 2015 and 2016.

This is an old tactics that leverage themes files (active or not) files to hide malicious code, in the specific case the malware creates a new “100010010” admin user with the intent to establish a backdoor into the target installation.

wp-vcd malware

Hackers triggered vulnerabilities in outdated plugins and themes to upload the wp-cvd malware.

“The injection, on most of the cases we found, was related to outdated software (plugins or themes). Which a simple update or using a WAF would prevent.” reads the blog post published by Sucuri.

“Code is pretty straightforward and doesn’t hide its malicious intentions by encoding or obfuscation of functions…”

Outdated and vulnerable plugins represents a privileged entry point for hackers, last week the researcher Jouko Pynnönen from Finland-based company Klikki Oy discovered several vulnerabilities in the Formidable Forms plugin the exposes websites to attacks.

The Formidable Forms plugin allows users to easily create contact pages, polls and surveys, and many other kinds of forms, it has more than 200,000 active installs.

Pynnönen discovered that the dangerous flaws affect both the free and as a paid version.

The most severe issue discovered by the expert is a blind SQL injection that can be exploited by attackers to enumerate a website’s databases and access their content, including user credentials and data submitted to a website via Formidable forms.

WordPress

medianet_width=’300′; medianet_height= ‘250’; medianet_crid=’762221962′;

Criteo.DisplayAd({
“zoneid”: 1082811,
“async”: false});

Pierluigi Paganini

(Security Affairs – WordPress,Wp-Vcd Malware)

Criteo.DisplayAd({
“zoneid”: 1063289,
“async”: false});

Criteo.DisplayAd({
“zoneid”: 321967,
“async”: false});

The post Experts observed a new wave of wp-vcd malware attacks targeting WordPress sites appeared first on Security Affairs.

Source: Security affairs

Ford

Drop the word “exoskeleton” into conversation, and you typically conjure up images from Aliens, or Iron Man foiling whomever he’s supposed to foil with augmented power. Fanciful as that may seem, exoskeletons are finding their way into everyday manufacturing.

But they’re not being used to perform “feats of strength”. Reality is more mundane—and much more repetitive.

Read 18 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/

ULA

The Delta II rocket first launched in 1989, making it the oldest US orbital launch system still flying today. However, the heritage of this launch system is much older still. The Delta II rocket’s first stage is derivative of the Thor intermediate range ballistic missile—the first operational ballistic missile used by the United States Air Force in the 1950s. Thus, the Delta II rocket can trace its roots to the beginning of US rocketry.

But now the end is near for the Delta II rocket. For United Launch Alliance, it is costly to keep supply lines open for the medium-lift rocket (three to six tons to low-Earth orbit) that has flown just three times since 2012. On Saturday morning, the Delta II made its penultimate launch by carrying the first Joint Polar Satellite System spacecraft into orbit for NASA and NOAA. The flight occurred from Vandenberg Air Force Base in California.

Read 6 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/