With help from Google, impersonated Brave.com website pushes malware

Enlarge (credit: Getty Images) Scammers have been caught using a clever sleight of hand to impersonate the website for the Brave browser and using it in Google ads to push malware that takes control of browsers and steals sensitive data. The attack worked by registering the domain xn--brav-yva[.]com, an encoded string that uses what’s known …

The summer Intel fell behind / earnings for Apple, Google, Samsung / Nothing’s Ear 1 earbuds

Nilay Patel, Dieter Bohn, Alex Cranz, and Chaim Gartenberg discuss this week in tech news: quarterly earnings for the big tech companies, the state of Intel, and the Nothing’s Ear 1 earbuds. Further reading: CDC reinstitutes mask recommendations for some vaccinated people Apple will require masks again in most of its US stores Communication around …

Software downloaded 30,000 times from PyPI ransacked developers’ machines

Enlarge Open source packages downloaded an estimated 30,000 times from the PyPI open source repository contained malicious code that surreptitiously stole credit card data and login credentials and injected malicious code on infected machines, researchers said on Thursday. In a post, researchers Andrey Polkovnichenko, Omer Kaspi, and Shachar Menashe of devops software vendor JFrog said …

New bank-fraud malware called Vultur infects thousands of devices

Enlarge (credit: Getty Images) Recently detected Android malware, some spread through the Google Play Store, uses a novel way to supercharge the harvesting of login credentials from more than 100 banking and cryptocurrency applications. The malware, which researchers from Amsterdam-based security firm ThreatFabric are calling Vultur, is among the first Android threats to record a device …

Feds list the top 30 most exploited vulnerabilities. Many are years old

Enlarge (credit: Getty Images) Government officials in the US, UK, and Australia are urging public- and private-sector organizations to secure their networks by ensuring firewalls, VPNs, and other network-perimeter devices are patched against the most widespread exploits. In a joint advisory published Wednesday, the US FBI and CISA (Cybersecurity and Infrastructure Security Agency), the Australian …

Biden warns cyber attacks could lead to a “real shooting war”

Enlarge / US President Joe Biden, NATO Secretary General Jens Stoltenberg and Belgian Prime Minister Alexander De Croo attend a plenary session of a NATO summit at the North Atlantic Treaty Organization (NATO) headquarters in Brussels, on June 14, 2021. (credit: Laurie Dieffembacq | Getty Images) President Joe Biden has warned that cyberattacks could escalate …

Sean Gallagher and an AI expert talk about our crazy machine-learning adventure

Recorded on July 28, 2021. Click here for transcript. We’ve spent the past few weeks burning copious amounts of AWS compute time trying to invent an algorithm to parse Ars’ front-page story headlines to predict which ones will win an A/B test—and we learned a lot. One of the lessons is that we—and by “we,” …

Haron and BlackMatter are the latest groups to crash the ransomware party

Enlarge (credit: Getty Images) July has so far ushered in at least two new ransomware groups. Or maybe they’re old ones undergoing a rebranding. Researchers are in the process of running down several different theories. Both groups say they are aiming for big-game targets, meaning corporations or other large businesses with the pockets to pay …

VPN servers seized by Ukrainian authorities weren’t encrypted

Enlarge (credit: Getty Images) Privacy tools-seller Windscribe said it failed to encrypt company VPN servers that were recently confiscated by authorities in Ukraine, a lapse that made it possible for the authorities to impersonate Windscribe servers and capture and decrypt traffic passing through them. The Ontario, Canada-based company said earlier this month that two servers …

UK worries Starlink and OneWeb may interfere with each other, plans new rules

Enlarge / Artist’s impression of low-Earth-orbit satellites like those launched by SpaceX and OneWeb. (credit: NOIRLab / NSF / AURA / P. Marenfeld) A UK government agency is worried that OneWeb, SpaceX’s Starlink, and similar low Earth orbit (LEO) satellite-broadband systems could block each others’ signals. Ofcom, the UK’s communications regulator, proposed new rules today …