Tag Archives: Technology

Lenovo Caught Using Rootkit to Secretly Install Unremovable Software

Posted on by

“Two years ago Chinese firm Lenovo got banned from supplying equipment for networks of the intelligence and defense services various countries due to hacking and spying concerns.  Earlier this year, Lenovo was caught red-handed for selling laptops pre-installed with Superfish malware.  One of the most popular Chinese computer manufacturers ‘Lenovo’ has been caught once again using a hidden Windows feature to preinstall unwanted and unremovable rootkit software on certain Lenovo laptop and desktop systems it sells.  The feature is known as ‘Lenovo Service Engine’ (LSE) – a piece of code presents into the firmware on the computer’s motherboard.”

http://thehackernews.com/2015/08/lenovo-rootkit-malware.html

Scan to Donate Bitcoin to Freedomwat.ch Staff
Did you like this?
Tip Freedomwat.ch Staff with Bitcoin
Donate via Installed Wallet

The NSA Playset: Espionage tools for the rest of us

Posted on by

“When Der Spiegel and Jacob Appelbaum published leaked pages of the National Security Agency’s ANT Catalog—the collection of tools and software created for NSA’s Tailored Access Operations (TAO) division—it triggered shock, awe, and a range of other emotions around the world. Among some hardware hackers and security researchers, it triggered something else, too—a desire to replicate the capabilities of TAO’s toolbox to conduct research on how the same approaches might be used by other adversaries.  The NSA Playset project has done just that. The collection boasts over a dozen devices that put the power of the NSA’s TAO into the hands of researchers.”

http://arstechnica.com/information-technology/2015/08/the-nsa-playset-espionage-tools-for-the-rest-of-us/

Scan to Donate Bitcoin to Freedomwat.ch Staff
Did you like this?
Tip Freedomwat.ch Staff with Bitcoin
Donate via Installed Wallet

Corvette’s brakes wirelessly hacked through an insurance dongle

Posted on by

“Researchers at the University of California at San Diego have found a way to wirelessly hack thousands of vehicles by exploiting the on-board diagnostics (or OBD) devices that insurance companies use to monitor speed and location. In a video posted to YouTube (seen above), they were able to activate the windshield wipers and engage or disengage the brakes of a 2013 model Corvette by sending an SMS message to the OBD dongle’s cellular radio. The OBD attack isn’t limited to just Corvettes, or Chevrolets for that matter. The researchers also told Wired that the hack could be modified to grant access to other systems like the locks, steering, and transmission of most modern vehicles.”

http://www.theverge.com/2015/8/11/9130203/wireless-hack-corvette-brakes-insurance-dongle

Scan to Donate Bitcoin to Freedomwat.ch Staff
Did you like this?
Tip Freedomwat.ch Staff with Bitcoin
Donate via Installed Wallet

Stagefright Patch Incomplete Leaving Android Devices Still Exposed

Posted on by

“Google today released to open source a new patch for the infamous Stagefright vulnerability found in 950 million Android devices after researchers at Exodus Intelligence discovered the original patch was incomplete and Android devices remain exposed to attack.  The original four-line code fix for CVE-2015-3824, one of several patches submitted by researcher Joshua Drake of Zimperium Mobile Security’s zLabs who discovered the flaw in Stagefright, still leads to a crash and device takeover.  The vulnerabilities affect Android devices going back to version 2.2; newer versions of Android have built-in mitigations such as ASLR that lessen the effects of Stagefright exploits.”

https://threatpost.com/stagefright-patch-incomplete-leaving-android-devices-still-exposed/114267

Scan to Donate Bitcoin to Freedomwat.ch Staff
Did you like this?
Tip Freedomwat.ch Staff with Bitcoin
Donate via Installed Wallet

Another day, another stunning security flaw in Android

Posted on by

“Fresh from sorting out the Stagefright flaw, Google has another serious security vulnerability in Android on its hands.  A privilege escalation hole allows normal apps to gain superpowers to snoop on a device’s owner, smuggle in malware, and wreak other havoc.  The vulnerability, CVE-2015-3825, affects about 55 per cent of Android handsets – basically version 4.3 and above, as well as the current build of Android M.  Flaws in the OpenSSLX509Certificate class in Android can be exploited by an app to compromise the system_server process – and gain powerful system-level access on the device.”

http://www.theregister.co.uk/2015/08/10/another_android_flaw_hitting_55_percent_handsets/

Scan to Donate Bitcoin to Freedomwat.ch Staff
Did you like this?
Tip Freedomwat.ch Staff with Bitcoin
Donate via Installed Wallet

All Android operating systems infringe Java API packages, Oracle says

Posted on by

“The ongoing legal saga known as the Oracle-Google copyright battle took a huge leap Wednesday when Oracle claimed the last six Android operating systems are ‘infringing Oracle’s copyrights in the Java platform.’  That’s according to the latest paperwork (PDF) Oracle filed in the five-year-old closely watched case that so far has resulted in the determination that Application Programming Interfaces (APIs) are, indeed, copyrightable. Its suit, which had been mired in litigation and appeals, now names Android operating systems Gingerbread, Honeycomb, Ice Cream Sandwich, Jelly Bean, KitKat, and Lollipop. These are the operating systems that came after Froyo, when the suit was filed in 2010.”

http://arstechnica.com/tech-policy/2015/08/all-android-operating-systems-infringe-java-api-packages-oracle-says/

Scan to Donate Bitcoin to Freedomwat.ch Staff
Did you like this?
Tip Freedomwat.ch Staff with Bitcoin
Donate via Installed Wallet

Oracle security chief to customers: Stop checking our code for vulnerabilities

Posted on by

“Oracle’s chief security officer is tired of customers performing their own security tests on Oracle software, and she’s not going to take it anymore. That was the message of a post she made to her corporate blog on August 10—a post that has since been taken down.  Perhaps thinking that all the security researchers in the world were busy recovering from Black Hat and DEF CON and would be somehow more pliant to her earnest message, Mary Ann Davidson wrote a stern message to customers entitled ‘No, You Really Can’t‘.  Davidson scolded customers who performed their own security analyses of code, calling it reverse engineering and a violation of Oracle’s software licensing.”

http://arstechnica.com/information-technology/2015/08/oracle-security-chief-to-customers-stop-checking-our-code-for-vulnerabilities/

Scan to Donate Bitcoin to Freedomwat.ch Staff
Did you like this?
Tip Freedomwat.ch Staff with Bitcoin
Donate via Installed Wallet

Gone in Less Than a Second

Posted on by

“Do not let Samy Kamkar near your car.  Kamkar has built a new device that is about the size of a wallet and can intercept the codes used to unlock most cars and many garage doors. The device can be hidden underneath a vehicle and when the owner approaches and hits the unlock button on her key or remote, the device grabs the unique code sent by the remote and stores it for later use.  The device is built from about $30 in hardware, Kamkar said, and he plans to reveal more details about it at DEF CON here Friday. The attack he developed also works on garage door openers that use rolling codes.”

https://threatpost.com/gone-in-less-than-a-second/114154

Scan to Donate Bitcoin to Freedomwat.ch Staff
Did you like this?
Tip Freedomwat.ch Staff with Bitcoin
Donate via Installed Wallet

Yahoo Files for Alibaba Spinoff, Though Tax Issues Linger

Posted on by

“In the filing with the Securities and Exchange Commission, the Internet company warned shareholders that it might cancel the spinoff if federal tax authorities failed to provide written assurance in advance that the transaction will be tax-free to shareholders.  Yahoo’s 384 million shares of Alibaba are currently worth about $32 billion. The spinoff, announced in January, is intended to transfer the value of that stock to Yahoo’s shareholders without incurring the capital gains tax of more than $10 billion that would be due if Yahoo simply sold the stock and returned the cash to its shareholders.  The company’s stock has fallen as Wall Street worried that the deal might not pass muster with the I.R.S.

http://www.nytimes.com/2015/07/18/business/dealbook/yahoo-files-for-alibaba-spinoff-though-tax-issues-linger.html

Scan to Donate Bitcoin to Freedomwat.ch Staff
Did you like this?
Tip Freedomwat.ch Staff with Bitcoin
Donate via Installed Wallet

Alibaba Revenue Misses Expectations; $4 Billion Stock Buyback Planned

Posted on by

http://freedomwat.ch/wp-content/uploads/2015/08/ALIBABA-web-master675.jpg

“A year ago, executives of the Chinese e-commerce company Alibaba were preparing a roadshow that paved the way for one of the biggest initial public offerings of stock in history.  Since then, the company’s situation has changed drastically. Alibaba is now grappling with an economic slowdown in China, which has been made more volatile by the devaluation this week of the country’s currency.  Investors who bought into Alibaba’s growth promise during the roadshow are also more skeptical — and less forgiving of any stumbles, especially as turbulence in China’s stock market spreads to Chinese companies listed in the United States.”

http://www.nytimes.com/2015/08/13/business/international/alibaba-q1-earnings-stock-buyback.html?_r=0

Scan to Donate Bitcoin to Freedomwat.ch Staff
Did you like this?
Tip Freedomwat.ch Staff with Bitcoin
Donate via Installed Wallet