News & Updates

A person's hand holding an iPhone X with a Facebook logo on the screen.

Enlarge (credit: Getty Images | NurPhoto)

Facebook may have to pay a multi-billion dollar fine for violating its users’ privacy—or face a lawsuit from the Federal Trade Commission.

The FTC has been investigating Facebook and is negotiating with the company “over a multi-billion dollar fine that would settle the agency’s investigation,” The Washington Post reported yesterday, citing “people familiar with the probe.” New York Times sources also confirmed that the current negotiations “could amount to a record, multibillion-dollar fine.”

The investigation focuses on whether Facebook violated the terms of a 2011 settlement with the FTC. In the 2011 case, the FTC said that Facebook “deceived consumers by telling them they could keep their information on Facebook private, and then repeatedly allowing it to be shared and made public.”

Read 9 remaining paragraphs | Comments


The Soyuz MS-10 spacecraft is seen in this false-color infrared image as it launched with Expedition 57 Flight Engineer Nick Hague of NASA and Flight Engineer Alexey Ovchinin of Roscosmos, on Thursday, October 11, 2018.

Enlarge / The Soyuz MS-10 spacecraft is seen in this false-color infrared image as it launched with Expedition 57 Flight Engineer Nick Hague of NASA and Flight Engineer Alexey Ovchinin of Roscosmos, on Thursday, October 11, 2018. (credit: NASA)

While NASA’s commercial crew program continues to demonstrate progress—the first test flight of SpaceX’s Crew Dragon may occur as soon as March 2—there are no guarantees the vehicles will be ready for operational flights to the International Space Station by early 2020.

NASA’s last contracted flight with Russia is for a mission set to launch in July. The Soyuz MS-13 vehicle will carry cosmonaut Aleksandr Skvortsov, NASA astronaut Andrew Morgan, and Italian astronaut Luca Parmitano for a six- or seven-month stay on the International Space Station. After this, NASA would be at risk of having no more of its people on the orbiting laboratory.

The agency’s Aerospace Safety Advisory Panel warned the agency last year that due to potential delays in the commercial crew program, NASA should look into buying more Soyuz seats from Russia. “Senior NASA leadership should work with the Administration and the Congress to guarantee continuing access to ISS for US crew members until such time that US capability to deliver crew to ISS is established,” the safety panel recommended.

Read 5 remaining paragraphs | Comments


Microsoft shaking up how Windows feature updates are rolled out—again

Enlarge (credit: Microsoft)

Customers using Windows Update for Business will lose some ability to delay the deployment of each new Windows feature release once version 1903 goes live.

When Microsoft first started delivering Windows 10 “as a Service” with a regular flow of feature updates, the company planned to have two release tracks: a “Current Branch” (CB) that was consumer-oriented and “Current Branch for Business” (CBB) aimed at enterprises. The CBB track would trail the CB one by a few months, with consumers acting as guinea pigs to iron out bugs before the quality of each release was deemed good enough for corporate customers.

That naming, though not the underlying concept, was changed in 2017 when Microsoft formalized the Windows 10 release schedule and settled on two feature updates per year, one in April and the other in October. The CB track became the “Semi-Annual Channel (Targeted)” (SAC-T), and when this was proven in the real world, it would be pushed to the “Semi-Annual Channel” (SAC), the replacement for CBB. Pro and Enterprise versions of Windows could be set to follow one track or the other, depending on how aggressively an organization wanted to adopt the feature updates. Machines that were set to SAC would automatically wait a few months after each SAC-T release, waiting for the SAC-T version to be blessed as SAC. Typically the gap has been about three months, even for the troubled version 1809 release.

Read 4 remaining paragraphs | Comments


Jason Momoa hit the big time with his portrayal of Khal Drogo in HBO's <em>Game of Thrones</em> and had a global box office smash hit with <em>Aquaman</em>. Now he's set to play Duncan Idaho in new film adaptation of <em>Dune</em>.

Enlarge / Jason Momoa hit the big time with his portrayal of Khal Drogo in HBO’s Game of Thrones and had a global box office smash hit with Aquaman. Now he’s set to play Duncan Idaho in new film adaptation of Dune. (credit: HBO)

Deadline Hollywood reports that Aquaman star Jason Momoa—who immortalized Dothraki warlord Khal Drogo in the first season of Game of Thrones—is in negotiations to portray another science-fiction warrior, Duncan Idaho from Dune, Frank Herbert’s beloved 1965 science fiction novel. Directed by Denis Villeneuve, this new film adaptation is expected to begin shooting this year.

(Mild spoilers for original novel below.)

Dune is set in the distant future (where else?), and follows the fortunes of various noble houses in what amounts to a feudal interstellar society. Much of the action takes place on the planet Arrakis, where the economy is driven largely by a rare life-extending drug called melange (“the spice”) that also conveys a kind of prescience. There’s faster-than-light space travel, a prophecy concerning a messianic figure, giant sandworms, and lots of battles, as protagonist Paul Atreides (a duke’s son) strives to defeat the forces of Shaddam IV, Emperor of the known universe.

Read 4 remaining paragraphs | Comments


Of the millions of copies of <em>Super Mario Bros.</em> ever sold, this is the rarest and most valuable known to exist.

Enlarge / Of the millions of copies of Super Mario Bros. ever sold, this is the rarest and most valuable known to exist. (credit: Wata Games)

A sealed copy of Super Mario Bros. for the NES has sold for $100,150, setting a new record for the video game-collecting market and perhaps ushering in a new era for the valuation of gaming rarities.

Before you go searching to see if that old cartridge in your attic might be your gateway to riches, note that this copy of the game is so valuable primarily because it’s one of the earliest known copies of the game, and in near-perfect condition. The box in question comes from Nintendo’s extremely limited “test market launch” for the NES in New York City and Los Angeles starting in late 1985 (no one actually knows the exact date). These copies didn’t come in the usual shrink wrap but were instead sealed with a small matte or glossy sticker (this handy guide outlines the many different Super Mario Bros. box variants released between 1985 and 1994).

Deniz Kahn—CEO and cofounder of game-grading service Wata Games, which evaluated this specimen—estimates that only 2,000 to 10,000 copies of each of the 27 test market games were ever made in this sticker-sealed style. That makes finding even an opened box decades later rare enough. Finding one with the sticker seal intact is even rarer; Kahn estimates only a few dozen exist across the whole test-market line.

Read 20 remaining paragraphs | Comments


Symantec discovered eight potentially unwanted applications (PUAs) into the Microsoft Store that were dropping cryptojacking Coinhive miners.

Security experts at Symantec have discovered eight potentially unwanted applications (PUAs) into the Microsoft Store that were dropping cryptojacking Coinhive miners.

The removed apps are Fast-search Lite, Battery Optimizer (Tutorials), VPN Browsers+, Downloader for YouTube Videos, Clean Master+ (Tutorials), FastTube, Findoo Browser 2019, and Findoo Mobile & Desktop Search.

Cryptojacking apps

The malicious Monero (XMR) Coinhive cryptomining scripts were delivered leveraging the Google’s legitimate Google Tag Manager (GTM) library.

The GTM tag management system allows developers to inject JavaScript and HTML content within their apps for tracking and analytics purposes.

“Users may get introduced to these apps through the top free apps lists on the Microsoft Store or through keyword search. The samples we found run on Windows 10, including Windows 10 S Mode.” reads the analysis published by Symantec.

“As soon as the apps are downloaded and launched, they fetch a coin-mining JavaScript library by triggering Google Tag Manager (GTM) in their domain servers. The mining script then gets activated and begins using the majority of the computer’s CPU cycles to mine Monero for the operators.”

The malicious apps were added to the Microsoft Store between April and December 2018.

Unlike Google Play, Microsoft Store doesn’t share information on the number of downloads installed on numerous devices, but experts pointed out that the apps have a large number of fake ratings, there were almost 1,900 ratings posted for these applications.

Once one of the apps is downloaded and launched, it fetches a cryptojacking JavaScript library by triggering Google Tag Manager (GTM) in their domain servers. Then the mining script is activated and starts abusing devices resources to mine Monero cryptocurrency.

After snooping on the network traffic between the apps and their command-and-control servers, Symantec was able to find out that they were using a variant of the JavaScript-based Coinhive miner script, a well-known tool used by threat actors as part of cryptojacking campaigns since September 2017 when it was launched.

The analysis of the network traffic associated with the apps allowed the researchers to find the hosting server for each app. All the servers have the same origin, the apps were likely published by the same developers under different names.

Symantec provided the following recommendations to mitigate the threat:

  • Keep your software up to date.
  • Do not download apps from unfamiliar sites.
  • Only install apps from trusted sources.
  • Pay close attention to the permissions requested by apps.
  • Pay close attention to CPU and memory usage of your computer or device.
  • Install a suitable security app, such as Norton or Symantec Endpoint Protection, to protect your device and data.
  • Make frequent backups of important data.

window._mNHandle = window._mNHandle || {};
window._mNHandle.queue = window._mNHandle.queue || [];
medianet_versionId = “3121199”;

try {
window._mNHandle.queue.push(function () {
window._mNDetails.loadTag(“762221962”, “300×250”, “762221962”);
catch (error) {}

Pierluigi Paganini

(SecurityAffairs – cryptojacking Coinhive miners, malware)

The post Cryptojacking Coinhive Miners for the first time found on the Microsoft Store appeared first on Security Affairs.

Source: Security affairs

Samsung’s tablets have a lot going for them as enlarged Android devices, but the models really worth considering are quite expensive. Samsung announced the new Galaxy Tab S5e today, a mid-range tablet that the company is hoping will capture people’s attention with select premium features and a more accessible $399 price tag.

The high-end nature of the Tab S5e comes in its design. The all-metal unibody is the thinnest and lightest of any Samsung tablet, weighing about 14 ounces and measuring 5.5mm thick. Samsung didn’t skimp too much on the display, either, sticking a 10.5-inch, 2560×1600 AMOLED panel with a 16:10 aspect ratio on the tablet. It’s also the first Samsung tablet with Bixby built in, allowing users to call on the voice assistant to answer questions, control connected SmartThings devices, and more.

Samsung highlights the multitasking capabilities of the tablet, including a new continuity feature and Dex support. The former lets users make and receive calls and texts from the tablet (it will be available in Wi-Fi and LTE versions) while the latter is Samsung’s experimental desktop version of Android. Users can connect a keyboard, mouse, and even an external monitor to the tablet and use Dex to expand Android into a desktop-like software that makes it easier to do many things at once.

Read 4 remaining paragraphs | Comments


Hmm, those don't seem to be the same thing.

Enlarge / Hmm, those don’t seem to be the same thing. (credit: Google Maps)

Last week, it appeared Defense Distributed’s battle against the State of New Jersey over a recently enacted “ghost gun” law had new life. This week, a filing from the New Jersey Attorney General’s office puts one of the new lawsuit’s inciting incidents into question.

In a February 12 letter (PDF) to District of New Jersey Judge Anne Thompson, NJ Assistant AG Glenn J. Moramarco writes that a recent takedown notice submitted to Cloudflare and aimed at the website CodeIsFreeSpeech was faked.

“A key document supporting Plaintiff’s TRO application—a ‘takedown notice’ purportedly sent by [New Jersey AG’s Division of Criminal Justice] to CloudFlare, Inc., which hosts one of the plaintiff’s websites,—was not in fact issued by DCJ,” the NJ AG’s office writes in the filing. “[It] appears to have been issued by some entity impersonating the Attorney General’s Office.”

Read 17 remaining paragraphs | Comments


Moscow police department operatives, with the participation of Group-IB experts, took down a group of phone scammers who for several years have been extorting money from the elderly.

Phone scammers typically managed to steal between 450 and 4500 USD per victim, promising substantial compensation for their purchases of medicines, medical devices or dietary supplements. According to the investigation, in just 7 situations of fraudulent events in the investigation, the damage is estimated to be 150 000 USD, and the police believe that the number of victims is much higher.

At the end of 2018, employees of the Moscow Department of Internal Affairs came across the trail of a group of telephone scammers who had long been involved in fraud, extracting large sums of money from Russian elderly people. The money was used to purchase real estate, cars, collectors’ coins, jewellery and securities. According to the investigation, the scheme was invented and conducted by a 35-year-old resident of Domodedovo originally from the Republic of Azerbaijan. In addition to the leader, the group was made up of “callers” who communicated with pensioners over the phone, “cashiers” who controlled transactions, “money mules” who withdrew cash from ATMs, and even a dedicated person responsible for the relevance and security of the database of phone numbers of potential victims.

Where did the phone scammers get
this data from? They profited from a scam, popular some time before, which sold
“magic pills” — counterfeit drugs and dietary supplements purported
to cure even serious chronic diseases. This scam’s elderly victims spent
hundreds and thousands of dollars on the products, borrowing from friends and
taking loans. The database of these names, phone numbers and the cost of the
“drugs” ordered was in the hands of phone scammers. According to Group-IB
experts, the list held the names of about 1,500 pensioners, their phone
numbers, and the names and prices of the medicines they trustingly purchased.
Judging by the database, these potential victims were between the ages of 70
and 84, and were from Moscow, Rostov, Tomsk, Nizhny Novgorod, Leningrad,
Chelyabinsk, Orenburg and other regions. They had at different times bought
expensive drugs, including: “Weian capsules” (2287 USD), “Flollrode aqueous”
(1600 USD), “Miracle patches” (313 USD), applicators (170 USD), “Lun
Jiang” (157 USD), and “Black nut” (388 USD). 

For those who were suspicious of
the compensation process, the “prosecutor of Moscow” offered to clarify the
information from the “head of the financial department of a bank” clarify the
information. After that, the victim was contacted by another person — “a
representative of a credit and financial organization” — who confirmed his
willingness to transfer compensation to the pensioner’s account or to transfer
the money in cash. When the victim agreed, “tax officers” entered
into negotiations and reported that the victim needed to make an advance
payment of 15% of the compensation as a tax. In addition, the scammers were
able to collect an “insurance premium” or “lawyer’s tax”.

For example, one of the pensioners, who was promised a compensation of 8660 USD,
was required to pay a tax of 747 USD. In another case, a request for
compensation of 448 USD was made for the receipt of 4480 USD. One of the
victims was a famous opera singer who paid the scammers about 4480 USD. The elderly
people transferred the money to the cards of cashiers — “drops” or
“money mules” — indicated by the attackers, who then withdrew the
money from ATMs. 

“Despite the fact that vishing (voice phishing) is a rather old type of phone fraud, it maintains popular to the fact that attackers come up with new methods of deception, targeted at the most vulnerable segments of the population — pensioners, — highlights Sergey  Lupanin, Head of the Group-IB Investigation Department. For years, deceived elderly people have repeatedly complained about telephone scams to the Russian Central Bank, the Ministry of Finance and the Prosecutor’s Office, and regulatory and law enforcement agencies have periodically issued warnings about these dangerous and very cynical fraudulent schemes, but the number of victims did not decrease. The scammers not only maintained secrecy but also improved their methods of social engineering: they quickly gained their victims’ trust, showed themselves to be intelligent and educated, and were persistent and aggressive. It’s rare for one of their victims to escape unscathed.”

phone scammers
Source: The Express

However, as the result of a large-scale police operation, the organized criminal group was defeated: on 5 February, several detentions and searches were carried out at the criminals’ place of residence. A police search of the apartment of the scheme’s organizer turned up large sums of money in roubles and other currencies, bank cards, a traumatic gun, a hunting rifle and collectible coins. The scammer invested the money received in shares of Russian companies. In his stash inside a toilet, field investigators found database printouts with names of pensioners as well as extracts with phone numbers and names of victims that the criminal’s girlfriend had tried to flush. In a private house belonging to another detainee — the leader of the money mules — a police search turned up bank cards, databases of pensioners, accounting of criminal activity, money, and jewellery.

A total of seven people were detained. According to the investigation, the damages from 7 episodes of fraud are estimated at 150 000 USD, but operatives believe that the number of victims is much higher — at least 30 people. An investigation is underway.

About the author: Group-IB Group-IB is one of the leading providers of solutions aimed at detection and prevention of cyberattacks, online fraud, and IP protection.

window._mNHandle = window._mNHandle || {};
window._mNHandle.queue = window._mNHandle.queue || [];
medianet_versionId = “3121199”;

try {
window._mNHandle.queue.push(function () {
window._mNDetails.loadTag(“762221962”, “300×250”, “762221962”);
catch (error) {}

Pierluigi Paganini

(SecurityAffairs – phone scammers, cybercrime)

The post Group-IB helped to arrest phone scammers profiting off the backs of the Russian elderly appeared first on Security Affairs.

Source: Security affairs

A Falcon 9 rocket launches from Vandenberg Air Force Base.

Enlarge / A Falcon 9 rocket launches from Vandenberg Air Force Base. (credit: Aurich Lawson/SpaceX)

Welcome to Edition 1.36 of the Rocket Report! Lots of news this week on smaller rockets and the spaceports around the world that aspire to launch them. There’s also an interesting report that may explain, at least in part, why recent Iranian attempts to launch rockets have ended in failure. And so much more…

As always, we welcome reader submissions, and if you don’t want to miss an issue, please subscribe using the box below (the form will not appear on AMP-enabled versions of the site). Each report will include information on small-, medium-, and heavy-lift rockets as well as a quick look ahead at the next three launches on the calendar.

Firefly targeting late 2019 launch. As part of a feature, Ars explores the factors that led to the dissolution of Firefly in 2016 and the investments by Max Polyakov that brought the company back in 2017. The company’s first attempt at its Alpha rocket strove for idealism (with aspects such as an aerospike engine design) that might ultimately have cut costs but required more time and development funds to realize. Eventually, both of those resources ran out.

Read 28 remaining paragraphs | Comments