Latest Tech News

Users of popular sports betting platform DraftKings were on the receiving end of a credential-stuffing attack that cost its victims approximately $300,000. 

Issuing a statement via Twitter, the company’s co-founder and president, Paul Liberman said the platform’s systems were not compromised, but rather that the incident was the result of users’ poor cybersecurity practices.

“DraftKings is aware that some customers are experiencing irregular activity with their accounts. We currently believe that the login information of these customers was compromised on other websites and then used to access their DraftKings accounts where they used the same login information,” the statement reads. “We have seen no evidence that DraftKings’ systems were breached to obtain this information.”

Setting up MFA

Liberman further went on to say that despite this being the end users’ mistake, the company will still reimburse the affected customers:

“We have identified less than $300,000 of customer funds that were affected, and we intend to make whole any customer that was impacted.”

During the attack, users found themselves being locked out of their accounts, and in some cases, the attackers were even setting up two-factor authentication using their phone numbers.

Read more

> GM drivers may have had personal details revealed following phishing attack

> Thousands of North Face customers accounts hacked, personal data stolen

> Remove viruses and ransomware with the best malware removal services out there

Credential stuffing is a popular method in the cybercriminal community. Out of sheer convenience, many consumers end up using the same username/password combination for a number of different services.

The problem with this approach is that once one of those services is compromised, the users risk losing a lot more. Cybercriminals are also aware of this fact and often use automated scripts to test out the obtained login credentials on a myriad of services, from social media networks, to retail sites, to betting and banking accounts. 

Users are advised to create strong and unique passwords for all their online accounts, and to use password managers to keep that information secure. 

• Here's our rundown of the best firewalls out there

Via: The Register

from TechRadar - All the latest technology news https://ift.tt/ZEYN9Xm

Best VR Headsets of 2022 - CNET

The PSVR 2 is on the horizon, but the Quest 2 still remains the best for now.

from CNET https://ift.tt/ZDmgfbO

The Best 2022 Hallmark Christmas Movies to Watch - CNET

There are a whopping 40 new holiday movies out this year between two channels: Hallmark and Hallmark Movies & Mysteries.

from CNET https://ift.tt/Ge7BgQP

Latest Tech News

Microsoft has announced the general availability of the Windows Subsystem for Linux (WSL), which is now available in its full form in the Microsoft Store.

Previously available in Preview form, WSL allows developers using their favourite laptop for programming to run a GNU/Linux environment without the overheads of a traditional virtual machine or dualboot setup, according to Microsoft.

"Our goal is to move as many people as we can to use the Store version of WSL, as it gives the best experience with the latest features," Windows Developer Platform Program Manager Craig Loewen wrote in a blog post announcing the news.

WSL for Windows 10

Loewen added that the new version of WSL, which features "hundreds" of bug fixes and improvements, will also be available on Windows 11 as well as Windows 10, meaning it will be available to around 87% of all Windows users.

The Microsoft Store version is what users will receive when they run ‘wsl --install’ or ‘wsl --update’ in the command line, and it also promises to deliver faster and easier updates compared to when it was a Windows component.

If you’re already using a version that was not available on the Microsoft Store, you’ll likely be wanting to upgrade. You can do this by getting the latest backport, which will start being pushed automatically to users by the end of the year, says Loewen.

You’ll also need to be running Windows 10 21H1, 21H2, or 22H2, or Windows 11 21H2 with all of the November updates applied.

READ MORE

> Check out our list of the best Linux laptops right now

> Barely anyone is using Windows 11 still

> WSL 2 distros now supported on Windows Server

The fact that WSL will be available in the Microsoft Store for Windows 10 users will come as good news to many users who have decided not to upgrade to Windows 11. 

The latest StatCounter figures suggest that 71% of Windows users prefer Windows 10. Windows 11 currently occupies 15% of the space, up from less than 3% at the start of 2022.

• Here's our list of the best Linux distros right now

from TechRadar - All the latest technology news https://ift.tt/JuOkcbY

Latest Tech News

iCloud for Windows app users are reporting some fairly bizarre glitches with photo and video content when accessing the platform on a PC.

Numerous complaints on the MacRumours forum detail users' purported experiences of photos and even videos of strangers appearing in their library on the iCloud app for Windows. Also, videos apparently shot with the iPhone 13 Pro and 14 Pro are glitched when synced with the platform, with blank screens and scan lines being all that remain.

The problem appears isolated to Windows machines, and specifically with the iCloud for Windows app, not the recent iCloud Photos integration with Windows 11. It also seems to be an issue related to Apple’s servers rather than a problem on Microsoft’s end.

Under certain conditions

There is plenty of speculation as to what is causing the issue and how. Apparently, incidences of iCloud for Windows running on both Windows 10 and 11 are affected, but only certain devices may be causing the problem, such as those with HDR and HEVC options turned on, pointing towards a rendering issue. 

The complaints mainly stem from users of the latest iPhone 13 Pro and 14 Pro. One of the more bizarre incidents recounted by the original poster on the MacRumors forum was the apparent insertion of other user’s photos into frames of their own video. Only when they downloaded the video onto their PC from the iCloud app did the glitch occur.

Read more

> iCloud Photos is coming to Windows 11

> How to use iCloud storage on Windows PCs and access all your essential files

> OneDrive vs iCloud Drive: Which is best?

The user claims they were able to reproduce this issue on three different machines, one using Windows 10 Pro and the other two using Windows 11 Pro. The video in question was filmed on an iPhone Pro 14 Max with HDR and HEVC enabled, but they reported no issues with videos from an iPhone 13 Pro Max. However, other users did have the same bug with this model. 

The issue has yet to be officially confirmed, although many users have reported the problem to Apple already.

• Here are our best cloud storage picks

from TechRadar - All the latest technology news https://ift.tt/E1Je0dQ

Massive Amazon Early Black Friday Deals on Echo, Kindle, Fire Tablets and More - CNET

Black Friday is quickly approaching, but you don't have to wait for deals on some of Amazon's most popular devices.

from CNET https://ift.tt/u3STR5f

Latest Tech News

Microsoft have announced that a new SKU for its cloud computing platform Azure's DDoS Protection offering, which it says is specifically designed with SMBs in mind, is now available in public preview.

Dubbed "IP Protection" the latest SKU is built to defend against L3/L4 DDoS attacks via "always-on monitoring and adaptive tuning".

According to Microsoft, IP Protection integrates with other Azure services such as Azure Firewall Manager, Microsoft Sentinel, and Microsoft Defender for Cloud to provide real-time alerts and metrics to enable protection for a single public IP.

Azure's new DDoS SKU

Prices will vary by region, but IP Protection will work out significantly cheaper than Microsoft's enterprise-focused "Network Protection" tier if you have less than 15 public IP resources to protect.

For users in the Central US region, IP Protection is set to cost around $199/£172 per month per public IP resource protected.

By contrast, enterprises will need to pay a staggering $2,944/£2,542 a month for each DDoS protection plan they sign up for, a potential roadblock to cutting cloud costs. 

IP Protection is currently available for preview in select regions of America, Europe, the Middle East, Africa, and Asia Pacific including west and central India.

You can check the new solution out by heading to the Azure Preview Portal, while Microsoft claims a release to the mainline Azure Portal won't be too far behind.

READ MORE:

> Our guide to the best endpoint protection right now

> Minecraft server hit with record-breaking DDoS attack

> US airports are being hit by DDoS attacks from Russia

The news comes as DDoS attacks, where would-be hackers look to flood the targeted machine's website with countless superfluous requests to try and overload it, making it inaccessible for users, remain enormously common.

TechRadar Pro previously reported in October that, according to research from StormWall, there has been a 90% increase in DDoS attacks since Q3 2021.

Out of all the sectors looked at telecommunications was by far the hardest hit, accounting for almost 43.2% of all incidents, a sevenfold year-on-year increase. 

• Here's our guide to the best firewalls right now

from TechRadar - All the latest technology news https://ift.tt/ASpsyRD

2023 Honda Pilot Starts Around $40,000 - CNET

All-wheel drive is a $2,100 option on every trim where it isn't offered as standard equipment.

from CNET https://ift.tt/dt3OsVp

Latest Tech News

A particularly nasty crypto-stealing malware has gotten a facelift to make it even more dangerous, researchers have claimed.

Cybersecurity experts from Avast have warned the ViperSoftX Windows malware, a JavaScript-based RAT that’s been around for more than two years, has been upgraded to also install a Chrome browser add-on.

Usually, ViperSoftX would monitor the clipboard contents of the infected endpoint, and if it spots the victim copying and pasting a cryptocurrency wallet address, it would replace the one from the clipboard, with the one belonging to the attackers. That way, when the victim sends their funds, they end up at the hands of the attackers.

Fake Google Sheets add-on

Cryptocurrency addresses are a long line of seemingly random characters, which makes this type of hijacking relatively successful. The add-on does basically the same thing, but somewhat more efficiently. It’s named Google Sheets 2.1, to remove any suspicion of its good intentions for the victims. 

"VenomSoftX mainly does this (steals crypto) by hooking API requests on a few very popular crypto exchanges victims visits/have an account with," the researchers said. "When a certain API is called, for example, to send money, VenomSoftX tampers with the request before it is sent to redirect the money to the attacker instead."

Avast says the trojan targets multiple major crypto players, such as Coinbase, Binance, Kucoin, Gate.io, and Blockchain.com. However, it doesn’t stop there - it also keeps an eye on the clipboard for any other wallets being pasted. 

Read more

> Criminals stole over $1bn in cryptocurrency in just three months this year

> Crypto scammers are fighting amongst themselves over stolen funds

> Keep your devices safe with the best antivirus programs out there

There are two frightening details about VenomSoftX, one that the extension can modify HTML on websites, to display the victim’s cryptocurrency wallet address. In other words, even a visual inspection of the address, after pasting, won’t help. What’s more, the malware will intercept all API requests to the services, and set the transaction amount to the maximum. That way, even if the victim first goes with a test transaction (a small transaction of, say, $10), they will still lose all of their funds. 

And finally, for Blockchain, it will try to steal the password, if the victim enters it on the site.

So far, the researchers are saying, the attackers managed to steal some $130,000 worth of various cryptos. We don’t know how many people were infected, but we do know that most victims are located in the US, Italy, Brazil, and India. 

There is no such thing as Google Sheets 2.1, so in case you see this add-on installed, make sure to remove it immediately.

• These are the best firewalls right now

Via: BleepingComputer

from TechRadar - All the latest technology news https://ift.tt/Q4XfV5x

10 Best Thanksgiving Movies and Where to Stream Them - CNET

There's not a turkey in the batch.

from CNET https://ift.tt/SYIapDT

Latest Tech News

In an effort to better protect underaged users, Meta is adjusting the default privacy settings on Facebook and Instagram to limit contact by “suspicious adults.”

Now, whenever a teenager joins Facebook, their account will automatically have more stringent privacy protections. This includes, but is not limited to, deciding who can see their friends list, what pages they follow, and who is allowed to comment on their posts. For accounts created before this update, Meta states it will begin pushing those users to adopt those same settings, but won’t force it. If all this sounds familiar, that’s because Instagram implemented very similar changes back in 2021 to protect young people there.

Power to the user

Meta goes on to say it’s working on new ways to stop blocked and reported accounts from contacting underaged users. 

One way it'll do this on Instagram is by, as part of a test, removing the message button, making it impossible for predatory adults to use Instagram messaging to contact teen users directly.

Plus, the People You May Know recommendations feed on Facebook will also no longer display these flagged accounts.

Coming to both Messenger and Instagram is a new notification encouraging teenagers to use safety tools anytime they feel “uncomfortable” during a conversation. One notification will ask users if they know the person who just messaged them. If ‘No’ is chosen, both apps will bring up a series of actions they can take, like blocking the account or reporting them.

According to the announcement, the new Facebook default privacy settings are rolling out today (Nov. 21); presumably, so are the other changes. We reached out to Meta for clarification. This story will be updated if we hear back.

In addition to the update, Meta announced it’s partnering up with the National Center for Missing and Exploited Children (NCMEC) to create a new platform to “prevent [teenagers’] intimate images from being posted online” and spreading across the internet. It aims to help underaged users “regain control” of these leaked images while also discouraging those acts in the first place.

Mixed messaging

While it’s great to see more security features being added, Meta’s recent track record on privacy has been confusing. On one hand, the company improved Instagram’s blocking system to stop trolls from harassing you further back in October. But at the same time, the platform implemented a new precise location feature that can make users vulnerable to stalkers or theft.

It’s a rather mixed message that could lead to privacy problems for all users; especially teenagers. Because of that, be sure to check out TechRadar’s best parental control app for 2022.

from TechRadar - All the latest technology news https://ift.tt/jvH5r3i

Target's Black Friday Deals Won't Last Forever: Don't Miss Out - CNET

These deals come and go -- act fast to see huge sales on products from Samsung, LG, Gourmia and more.

from CNET https://ift.tt/atr6OXB

Latest Tech News

The latest build of Windows 11 is set to get a VPN indicator in its notification area, making it easier for users to check their connection status or connect more easily.

According to multiple reports highlighted by Neowin, upcoming builds of Windows 11 will feature the new icon as Microsoft addresses the growing popularity of VPN services across the world.

Apple fans will already be familiar with the feature, with VPN indicators available in the macOS taskbar along with a status bar icon for iOS devices. In fact, even Android devices have had an icon appear in their status bars, leaving Windows machines somewhat left out when it comes to using VPNs.

Windows 11 VPN icon

There are some caveats, though, as pointed out by Neowin. Firstly, the icon only appears to be working with a wired connection, so users with a Wi-Fi connection won’t be able to check their connection so easily.

Read more

> These are the best business VPNs

> Barely anyone is using Windows 11 still

> Taskbar updates and File Explorer tabs finally arrive in Windows 11

Also, it seems that the operating system will not recognize third-party VPN apps, which will leave a large portion of VPN users uncatered for. The VPN connection will need to be set up from the system settings in order to function as described.

Then, of course, there is the fact that these are just rumours and speculations derived from those with early access, who have been fortunate enough to have a dig around build 25247. It’s likely that Microsoft will continue to fine-tune the VPN status icon to include Wi-Fi connections, and possibly third-party apps, maybe before its full release. That’s if it makes the cut, and isn’t delayed until the next build.

Also forming part of the latest update to the OS, users will be able to quickly toggle between video and mic effects from Quick Settings and select from energy saving options to improve efficiency. Details on these updates can be read on the Microsoft blog.

• These are the best Windows laptops around right now

from TechRadar - All the latest technology news https://ift.tt/UNVCQmH

Shop Huge Savings on Over 1,500 Items at Wellbot's Black Friday Sale - CNET

Save hundreds on vacuums, scooters, headphones, fitness trackers and tons more this week at Wellbots.

from CNET https://ift.tt/5K67wyb

AI Drew This Stunning Comic Series. You'd Never Know It - CNET

The Bestiary Chronicles is both a modern fable on the rise of artificial intelligence and a testament to how shockingly fast AI is evolving.

from CNET https://ift.tt/t06Gd7Q