Latest Tech News

Mozilla, the non-profit proprietor of the Firefox browser, has accused Google, Microsoft, and Apple of "self preferencing" and nudging consumers towards using their own browsers.

Examples of consumer harm stemming from this self-preferencing behavior include limited or frustrated choice, lower quality, lower innovation, poor privacy, and unfair contracts, according to Mozilla.

The report lands at a time when "self preferencing" remains a hot topic in the tech regulation space; the UKs competition watchdog has published a final report highlighting "substantial concerns" about the market dominance of Google and Apple.

What does the report allege? 

Mozilla's report accuses the big tech firms of a wide variety of different instances of malpractice.

These include inhibiting independent app discovery, citing how some companies bundle their respective browsers with their operating systems and set them as the operating system default in the prime home screen or dock position. 

"For many people, this placement is sufficient and they will not see or pursue extra steps to discover alternatives," said the report.

Mozilla also called out some big tech firms for prohibiting independent app adoption, citing how Apple lacked settings to switch away from Safari as the default browser until 2020 — meaning that iOS consumers trying to use another browser were locked into continued Safari usage for 13 years. 

The report then highlighted how Safari still cannot be deleted from iOS.

READ MORE:

> WS could be facing antitrust scrutiny

> EU antitrust regulators set their sights on Microsoft’s cloud business

> Our guide to the best VPNs

In addition, the report accused big tech of overriding independent app adoption calling this "even more egregious than prohibiting rival software adoption".

Mozilla alleged that this has been the case on Microsoft Windows computers for a number of years, "saying consumers have faced increasingly aggressive practices, some of which have been aimed at reversing their decisions to use non-Microsoft software, for example, overriding default browser choice and reverting to Edge".

"Consumers should have control over their online experiences and be able to choose which software they wish to use, including something different from what the operating system provider offers," said a Mozilla spokesperson. "People should not have to fight with operating systems that continuously pester, confuse and revert preferences in favor of their own software".

"Browser wars" are nothing new, in the late 1990's Microsoft's Internet Explorer famously pushed Netscape's Navigator out of business. 

Google is an example of one big tech firm that has been responsive to these accusations about it throwing its weight around, and the threat of anti-trust legislation. 

In a blog post, Google’s president of global affairs Kent Walker said that potential antitrust regulations "would impose one set of rules on American companies while giving a pass to foreign companies" and that they "would give the Federal Trade Commission and other government agencies unprecedented power over the design of consumer products".

Walker added: "All of this would be a dramatic reversal of the approach that has made the U.S. a global technology leader, and risks ceding America’s technology leadership and threatening our national security, as bipartisan national security experts have warned".

• We've also featured the best Linux distros for privacy and security

from TechRadar - All the latest technology news https://ift.tt/TMHjgb9

Best Cheap Meal Delivery Services in 2022 - CNET

Think meal delivery has to be expensive? Think again. These tasty treats are as cheap as $5 a serving.

from CNET https://ift.tt/th17PTC

Latest Tech News

Cybercriminals are targeting businesspeople with an elaborate phishing attack aimed at stealing sensitive data, including credit card and other payment information, researchers have found. 

The attack also abuses a premium LinkedIn feature called Smart Link, which allows users of the social media site to send more than a dozen documents via a single link.

Not only is it more convenient, but it also allows the sender to keep track of how many people opened the link and files inside, how much time they spent with each file, etc. What’s more, Smart Link allows users to redirect the recipients elsewhere.

Sharing key data

Researchers from Cofense discovered the attackers would send a phishing email pretending to be from Slovenská pošta, the Slovakian national postal service. The email would state that the recipient needs to pay a little extra to be able to receive a pending parcel. As usual, the email carries a “confirm” button, which is the LinkedIn Smart Link URL, and which redirects victims to the phishing page. 

What makes this attack vector particularly dangerous is the fact that Smart Link is a legitimate feature and does not get flagged by email security products. When the victims click the button, they get sent to a page where they’re asked to pay €2.99 - not a big sum, but money is not the goal here, anyway - data is.

On the page, victims need to share all kinds of sensitive data, including all the credit card details needed to make a payment. Finally, when all is complete, the victim is redirected to an SMS code confirmation page which, as researchers found, is only there to add legitimacy to the whole campaign. 

Read more

> What is phishing and hopw dangerous is it?

> Phishing attackers are now using multiple email accounts to start group conversations with you

> Here's our list of the best firewalls around

LinkedIn has been notified of the malicious campaign abusing its services, and says it’s currently investigating the matter. 

In a statement to BleepingComputer, the company said: “Our internal teams work to take action against those who attempt to harm LinkedIn members through phishing. We encourage members to report suspicious messages and help them learn more about what they can do to protect themselves, including turning on two-step verification.”

• Check out our list of the best antivirus tools right now

Via: BleepingComputer

from TechRadar - All the latest technology news https://ift.tt/MU5Ta2O

Latest Tech News

The next iPad is rumored to launch at an event in October, and we’ve been hoping for a major redesign. One of the key changes was the expected removal of the home button, bringing the base model iPad in line with the iPad Air, iPad Pro, and just about every fancy iPhone Apple sells besides the bargain-basement iPhone SE. 

New rumors suggest the iPad 2022 model, the tenth generation of iPad tablet, will get a new look but will keep the familiar old button. This leak comes from a newsletter sent by Twitter leaker LeaksApplePro, available only by subscription. Presumably, this means the bezel around the screen won’t shrink too much. We’ve also heard that the sides of the device will get flattened, making it look more like the iPad Air in profile. 

Our leaker also expects the next iPad will, like the more powerful iPad Pro, use USB-C. This comes from the same leak that suggested the next iPhone 15 family could use USB-C for every model. It’s entirely possible we’re at the beginning of the end of Apple Lighting on mobile devices. 

The next iPad may also get support for Apple’s fanciest writing utensil, the Apple Pencil 2. Currently, the Pencil 2 only works with the iPad mini, iPad Air, and iPad Pro, but not the regular old iPad. The next iPad could change that. We’ve recently seen a slip-up from Apple Crayon maker Logitech showing support for iPad Pro models to come, but nothing indicating base model iPad support. The Logitech Crayon Digital Pencil uses the same technology as Apple’s own Pencil stylus. 

Finally, after some delay, we will see the launch of iPad OS 16. The phone version of Apple’s mobile OS, iOS 16, arrived a few days after the iPhone 14 family was announced. We have been following the beta progress for iPad OS 16, but have not heard official news of when it would be available to the mainstream. Now it seems like iPad day will be the big day for software and hardware alike. If you want to familiarize yourself with the whole iPad family before the big launch, you can check out our best iPad roundup. 

---

Analysis: An older-looking iPad should have an older-looking price tag

We won’t be hasty to dismiss this iPad just because it keeps a feature that Apple has been slowly killing on every other device it makes. Clearly, the home button has no long-term future with Apple, but that doesn’t mean this won’t be a great tablet to buy. After all, the iPhone SE represents a powerful bargain in the iPhone family lineup, and its aging exterior belies hardy tech within. We consider it one of the best iPhones you can buy. 

If anything, this could mean we won’t see a huge price increase for the new iPad 2022. A major redesign that completely changes the face of the device offers more justification for Apple to jack up prices. If the new iPad looks like an evolutionary upgrade of the last model, but not a whole new beast, it may start at the same price. In this year of a huge cost of living crisis, that may be considered the most welcome feature. 

from TechRadar - All the latest technology news https://ift.tt/NiWQXMg

Latest Tech News

A rather old unpatched Python security vulnerability has resurfaced, causing researchers to warn that hundreds of thousands of projects might be vulnerable to code execution. 

Cybersecurity researchers from Trellix have recently spotted CVE-2007-4559, a flaw in the Python tarfile package, first discovered back in 2007. 

However, back then, the flaw never received a patch, but rather just a warning published in a security bulletin.

Identifying vulnerable projects

The vulnerability is in code that uses un-sanitized tarfile.extract() function, or the built-in defaults of tarfileextractall(). “It’s a path traversal bug that enables an attacker to overwrite arbitrary files,” the publication wrote. 

Now, researchers are saying, the flaw gives a bad actor access to the file system. Python’s bug tracker was updated with an announcement of a closed issue, with a further addition that “it might be dangerous to extract archives from untrusted sources.” The flaw is abusable both on Windows, and on Linux, it was said.

Fifteen years is a long time, and apparently, some 350,000 projects might be vulnerable. Trellix’s researchers first took a sample of 257 repositories(61%) were vulnerable. An automated analysis came back with a 65% positive rate. 

Read more

> Check out the best endpoint protection tools right now

> Python is about to solve one of its most frustrating issues

> Python programming libraries found hiding security threats

Then, together with GitHub, Trellix’s researchers found 588,840 unique repositories that include “import tarfile” in its Python code, which drew them to the conclusion that 350,000 (or roughly 61%), might be vulnerable. 

The problem is present in a “vast number” of industries, the researchers further found. The development sector is, unsurprisingly, the most impacted one, followed by web and machine learning technology. 

Trellix’s researchers issued fixes for some 11,000 projects, available as a fork of the affected repository. These patches will be added to the main project via pull request at a later date, it was added. Another 70,000 projects should get their fixes within a couple of weeks, but for all to be remedied, it’s going to take a little while.

• Here's our rundown of the best firewalls around

from TechRadar - All the latest technology news https://ift.tt/t8ATE6x

Best Webcams From 1080p to 4K for 2022 - CNET

The low-res 720p webcam in your laptop doesn't always cut it for Microsoft Teams, Zoom or Google Meet. Here are a handful of premium webcams to come to your rescue.

from CNET https://ift.tt/dHZ7QBt

Stephen King Names the Best Miniseries He's Seen This Year - CNET

When King tweets, we listen.

from CNET https://ift.tt/WXScfsg

Logitech Cloud-Gaming-Only Handheld Console Ships in October for $350 - CNET

The Switch-like Logitech G Cloud Gaming Handheld, co-developed with Nvidia and Microsoft, launches with Xbox Cloud Gaming and GeForce Now support.

from CNET https://ift.tt/QxEpzv3

This Weighted Clothing Is Like a Weighted Blanket You Can Wear All Day Long - CNET

Pyvot's weighted clothes deliver a calming effect, and they're easier on the eyes than you'd think.

from CNET https://ift.tt/VGwgOra

Windows 11 Update 2022: How to Download the New Upgrade - CNET

Ready to download the new Windows 11 update? We'll walk you through it.

from CNET https://ift.tt/rzI2Cim

Go On, Treat Yourself to a Certified Preowned Bugatti - CNET

Can't afford a brand-new multimillion-dollar hypercar? Here's the next best thing.

from CNET https://ift.tt/78FJSvA

PS5 Restock Tracker: Where to Finally Score a Console in September - CNET

If you missed the big PS5 restock this week, you've still got options.

from CNET https://ift.tt/lYsq1CX

iOS 16 Cheat Sheet: Your Complete Guide to the iPhone Update - CNET

Have iOS 16 questions? CNET has answers, from compatibility to best features.

from CNET https://ift.tt/3ELNsn0

iPhone 14 Cheat Sheet: Your Complete Guide to the Latest iPhone - CNET

Apple's iPhone 14 is out. Here's what's new, how to use the new features and whether you should get an iPhone 14 or not.

from CNET https://ift.tt/scBxLYA

Latest Tech News

The helpdesk platform of popular publisher 2K Games has been hacked in an attempt to spread malware among gamers, the company has confirmed. 

In a tweet, 2K Games said it recently discovered that hackers managed to “illegally access” the credentials of one of its vendors to the helpdesk platform. 

"The unauthorized party sent a communication to certain players containing a malicious link. Please do not open any emails or click on any links that you receive from the 2K Games support account," the company warned.

Setting up MFA

The attackers would first open up a fake support ticket, and soon after, reply to it. In the reply message, they’d share a file named “2K Launcher.zip”, inviting the players to run it on their endpoints. The file turned out to be RedLine Stealer, a known infostealer that’s capable of, among other things, grabbing passwords stored in the browser, stealing banking data, as well as cryptocurrency wallets. Furthermore, RedLine can grab VPN credentials, web browser history, and cookies. 

Knowing the type of malware the threat actor set out to distribute, 2K advised potential victims to reset all passwords stored in the browser, enable multi-factor authentication wherever possible (with an app, rather than via SMS), install an antivirus program, and check the email accounts for any forwarding rules.

Read more

> GTA 6 leak confirmed by Rockstar Games, 'early development footage' is real

> GTA 6: here's everything we know so far

> Check out the best antivirus tools right now

In the meantime, 2K took its support portal offline as it thoroughly investigates the incident. 

"We will issue a notice when you can resume interacting with official 2K help desk emails, and we will also follow-up with additional information as to how you can best protect yourself against any malicious activity," 2K said.

At the moment, it is not known who the threat actors behind the attack are, but BleepingComputer speculates it could be the same group that recently broke into Rockstar Games - Lapsus$.  

“Both companies are subsidiaries of Take-Two Interactive, one of the largest video game publishers across the Americas and Europe,” it said.

• These are the best firewalls right now

Via: BleepingComputer

from TechRadar - All the latest technology news https://ift.tt/Z8yemgG