Latest Gadgets News

NASA has formally retired its Mars InSight lander, the first robotic probe specially designed to study the deep interior of a distant world, four years after it arrived on the surface of the red planet, the US space agency announced on Wednesday. Mission controllers at NASA's Jet Propulsion Laboratory (JPL) near Los Angeles determined the mission was over when two co...

from Gadgets 360 https://ift.tt/b2nOXBT

Ursids Boost the Holiday Meteor Count This Week: How to See the Forgotten Meteor Shower - CNET

Some gifts are best left unwrapped, because they're going to be lit on fire when they crash into our atmosphere.

from CNET https://ift.tt/T2zAM5k

Latest Tech News

Zerobot, a botnet that infects various Internet of Things (IoT) devices and uses them for distributed denial of service (DDoS) attacks, has been updated with new features and new infection mechanisms. 

A report from Microsoft's security team claims that the malware used to integrate IoT devices into the botnet has reached version 1.1.

With this upgrade, Zerobot can now leverage flaws found in Apache and Apache Spark to compromise various endpoints and later use them in the attacks. The flaws used to deploy Zerobot are tracked as CVE-2021-42013 and CVE-2022-33891. 

Abusing Apache flaws

CVE-2021-42013 is actually an upgrade for the previous fix, designed to patch CVE-2021-41773 in Apache HTTP Server 2.4.50. 

As the latter was insufficient, it allowed threat actors to use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives, the cve.mitre.org site explains. “If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier versions.”

Read more

> This is the most powerful botnet ever seen

> A fearsome new botnet is rapidly gaining momentum

> Protect your endpoints with the best endpoint protection software

CVE-2022-33891, on the other hand, affects the Apache Spark UI, and allows attackers to perform impersonation attacks by providing an arbitrary username, and ultimately, allows the attackers to run arbitrary shell commands. This affects Apache Spark versions 3.0.3 and earlier, versions 3.1.1 to 3.1.2, and versions 3.2.0 to 3.2.1, cve.mitre.org explained.

The new version of Zerobot also comes with new DDoS attack capabilities, Microsoft explained. These capabilities allow threat actors to target different resources and render them inaccessible. In almost every attack, the report states, the destination port is customizable, allowing threat actors who purchase the malware to modify the attack as they see fit.

• These are the best firewalls at the moment

from TechRadar - All the latest technology news https://ift.tt/Gx6wjpD

New Retirement Savings Rule Changes: Here's What's Coming for Your 401(k) and IRA - CNET

The omnibus spending bill expected to pass Congress this week includes major changes to the rules for retirement accounts.

from CNET https://ift.tt/EI6CQZY

Latest Tech News

Google has announced that it is set to drop TrustCor Systems as a root certificate authority (CA) for its web browser.

The tech giant cited a “loss of confidence in its ability to uphold these fundamental principles and to protect and safeguard Chrome's users” in a group discussion.

Joel Reardon, a professor and mobile space privacy researcher at the University of Calgary, said that his team had “uncovered and disclosed a spyware SDK embedded in apps that were invasively tracking users”.

TrustCor root certificate authority

In a joint effort with Wall Street Journal investigative journalists, it was found that TrustCor was registered just a month apart from the company behind the SKD, known as Measurement Systems, both in Panama. 

Reardon points out in his notice:  “To be clear, I have found no evidence of TrustCor issuing a bad certificate or otherwise abusing the authority they have in code signing, SMIME, and domain validation… Perhaps the identical ownership of TrustCor and Measurement Systems is a coincidence.”

Beyond this, there are a number of unfortunate, related coincidences that have led companies like Microsoft and Mozilla to drop TrustCor as a root CA, too.

Read more

> These are the best VPN services around

> Google Chrome is reportedly riddled with security issues

> The company that verifies safe websites in your browser works for the US government 

The change is set to take effect with the rollout of Chrome 111, which is set to land on March 7, 2023, following a beta release around one month before. Previous versions of Chrome capable of receiving component updates will also be included in the change.

Just how long we’ll have to wait for the change to make its way to Android devices is uncertain. Unlike Chrome for desktop, which can be tweaked by itself, Android’s root certificate is updated as part of the entire operating system, which is likely to cause a delay.

While some apps, like Firefox for Android, can configure their own set of CAs on top of the operating system’s root store, this isn’t the case with Chrome.

While tech giant Apple is yet to announce any decision that it will make, TrustCor has published a public statement on its website.

•  These are the best privacy tools and anonymous browsers around

from TechRadar - All the latest technology news https://ift.tt/pGKIXjt

Latest Tech News

Multiple cybersecurity firms have confirmed the existence of Godfather, an Android banking malware that has been found targeting victim's bank and cryptocurrency accounts. 

Experts at Group-IB, ThreatFabric, and Cyble have all recently reported on Godfather, its targets, and methodologies, which sees the malware attempt to steal login data by overlaying legitimate banking and cryptocurrency apps (exchanges, wallets, and similar). 

The group found that Godfather has targeted more than 400 different entities, with most of them being in the US (49), Turkey (31), Spain (30), Canada (22), France (20), Germany (19), and the UK (17). 

Multiple infection vectors

What’s more, the malware analyzes the endpoint it infected, and if it determines that the device language is either Russian, Azerbaijani, Armenian, Belarusian, Kazakh, Kyrgyz, Moldovan, Uzbek, or Tajik, it shuts the whole operation down - leading some of the researchers to believe that the threat actors are of Russian origin.

The exact number of infected devices is impossible to determine, as Play Store is not the only infection vector. In fact, the malware has had a relatively limited distribution through Google’s app repository, and the main distribution channels are yet to be discovered. What we do know, courtesy of Cyble’s research, is that one of the malicious apps has more than 10 million downloads under its belt. 

But when a victim downloads the malware, they first need to give it permissions, which is why in some instances, it imitates “Google Protect” and demands access to the Accessibility Service. If the victim provides, the malware takes over SMS texts and notifications, starts recording the screen, exfiltrates contacts and call lists, and more. 

Read more

> Beware, this new Android banking malware could hijack your phone

> These fake Android antivirus apps install a dangerous banking trojan

> These are the best ID theft protection solutions around

By turning on Accessibility Service, the malware gets even harder to eliminate, too, and allows threat actors to exfiltrate Google Authentication one-time passwords, as well. 

The researchers also said that the malware has additional modules that can be added, giving it extra features such as to launch a VNC server, enable silent mode, establish a WebSocket connection, or dim the screen.

• Here's our list of the best firewalls out there

Via: BleepingComputer

from TechRadar - All the latest technology news https://ift.tt/SzNb5K2

Latest Tech News

Content creators eyeing up the new AMD Radeon RX 7900 XTX could be in for a disappointment. 

Benchmarking the GPU across popular content creation apps, Puget Systems found AMD’s latest offering lagged below the standards set by rival Nvidia.

The results chime with our own tests, where the graphic card remains a great option for gaming PCs, but creative workload performance could best be described as “just ok”. 

AMD Radeon RX 7900 XTX: Benchmarking  

The team over at Puget put the GPU through its paces, running a range of video editing software, VFX software, and 3D modeling software on Team Red’s most powerful graphics card. 

DaVinci Resolve was first up. The free video editing software is well-equipped to take advantage of high-end GPUs, and it’s here where the graphics card shone. 

According to Puget  the 7900 XTX showed more than a 30% overall performance boost compared to the older Radeon 6900 XT. It even edged out the Nvidia GeForce RTX 4090 to hit the top spot. 

It also achieved high marks in the H.264/HEVC and RAW debayering tests, outperforming the 6900 XT and about on par with the RTX 4090. 

Read more

> Creatives will benefit from this top graphics card, if they can find one

> These are the best video editing computers

> Intel Arc GPUs just can’t compete with NVIDIA GeForce for content creation 

Next, the custom PC builder tried out Adobe Premiere Pro, which doesn’t make much use of GPUs as a whole. Overall, it increased performance by 22% over past AMD GPUs. However, it failed to beat the RTX 4090 or 4080, with Puget noting it was “more in line with the RTX 3080 and 3090 models.” 

In Adobe After Effects, the 7900 XTX was found to be a mid-table performer. As in other tests, performance was overall superior to the 6900 XT, but couldn’t keep up with the GeForce 4080, 3090, or 4090. 

Nor did the card perform well in Unreal Engine with mixed results when used alongside the top game development tool. The team found “in rasterized workloads, the 7900 XTX performs quite well, in one test nearly matching the slightly more expensive RTX 4080. But in the other rasterized test, the 7900 XTX had the lowest score of all cards tested.” 

Finally, the 7900 XTX was used for 3D rendering software Blender. And it makes grim reading, with the GPU “unable to match the rendering power of the NVIDIA GeForce RTX series.” While GPU rendering showed a 70% performance increase compared to AMD’s RX 6900 XT, Nvidia’s RTX 4080 proved to be almost three times faster. 

In the final analysis, Puget Systems suggested that while certain content creation workloads would benefit from the AMD Radeon RX 7900 XTX, Nvidia’s line-up remained its top choice for creators. 

• Find out where to buy the AMD Radeon RX 7900 XTX 

from TechRadar - All the latest technology news https://ift.tt/2wsHNFz

Best Cash-Back Credit Cards in December 2022 - CNET

Earn cash back on popular spending categories including groceries, restaurants, gas, travel and more.

from CNET https://ift.tt/jDBCTm3

Latest Tech News

Artificial intelligence research lab OpenAI has announced details on its latest technology that will see huge improvements to 3D rendering.

OpenAI is the company behind text-to-image generator, DALL-E, which has now turned its attention to translate text prompts into 3D point clouds, which it will call POINT-E.

According to a paper published by OpenAI, POINT-E “produces 3D models in only 1-2 minutes on a single GPU”, compared with other current solutions which can take hours and require multiple GPUs.

OpenAI POINT-E

An extract from the paper details POINT-E’s current place in the world of 3D model building:

“While our method still falls short of the state-of-the-art in terms of sample quality, it is one to two orders of magnitude faster to sample from, offering a practical trade-off for some use cases.”

It works by generating a single synthetic view with a text-to-image diffusion model. Then, a 3D point cloud is generated, which is easier to synthesize hence the reduced load on GPUs, though it doesn’t capture smaller details hence the trade-off mentioned in the paper.

Read more

 > These are the best laptops for programming

> GitHub launches Copilot for businesses

> OpenAI's new DALL.E model turns your words into pieces of art 

A secondary AI has been trained to alleviate some of this, but the work explains that this can “sometimes miss thin/sparse parts of objects”, such as the stalks of a plant, giving the illusion of floating flowers.

OpenAI promises to have trained the artificial intelligence on several million 3D models and their metadata, though its use cases for now remain fairly limited.

One such example includes rendering real-world objects for 3D printing, though as the technology develops and becomes more refined, it’s likely that we’ll see it being used in more advanced cases such as gaming and even television.

The project’s open-source code is available on GitHub,  

•  Check out the best online collaboration tools around

from TechRadar - All the latest technology news https://ift.tt/NAlrx7e

Latest Tech News

Criminals have been found impersonating a well-known cybersecurity firm in an attempt to steal data from software developers, researchers have found.

Researchers from ReversingLabs recently discovered a malicious Python package on PyPI called “SentinelOne”. Named after a known cybersecurity company from the United States, the package pretends to be a legitimate SDK client allowing easy access to the SentinelOne API from within a separate project. 

However, the package also carries “api.py” files which hold the malicious code, and allow the threat actors to exfiltrate sensitive data from the developers to a third-party IP address (54.254.189.27).

Going after auth tokens and API keys

The data being stolen includes Bash and Zsh histories, SSH keys, .gitconfig files, hosts files, AWS configuration info, Kube configuration info, and others. As per the publication, these folders usually store auth tokens, secrets, and API keys, which would enable threat actors further access to target cloud services and server endpoints. 

The worst part is that the package does offer the functionality the developers expect. In reality, this is a hijacked package, meaning unsuspecting developers might end up using it and becoming victims in ignorance. The good news is that ReversingLabs confirmed the malicious intent of the package, and after reporting it to both SentinelOne and PyPI, had it removed from the repository.

Read more

> These are the best endpoint protection tools right now

> Malicious PyPi packages turn Discord into password-stealing malware

> This random image is spreading a malicious PyPl package using GitHub

In the days and weeks leading up to the removal, the malicious actors were quite active. The package was first uploaded to PyPI on December 11, and has been updated 20 times in less than 10 days. 

One of the issues that were fixed with an update was the inability to exfiltrate data from Linux systems, the researchers found.

It’s difficult to say if anyone fell for the scam, the researchers concluded, as there is no evidence the package got used in an actual attack. Still, all the published versions were downloaded more than 1,000 times. 

• Check out the best firewalls around

Via: BleepingComputer

from TechRadar - All the latest technology news https://ift.tt/umCWvp6

Best Verizon Phone for 2022 - CNET

These are the best phones available on Verizon right now.

from CNET https://ift.tt/VhCU7S6

Why 'Santa Should Phase Out Coal' for Naughty Kids This Christmas - CNET

One pediatrician has a plea.

from CNET https://ift.tt/CAzoypj

Latest Tech News

A vulnerability more serious than EternalBlue was sitting in Windows for some time, before being finally discovered and patched, experts have revealed. 

For those with shorter memory, EternalBlue was an NSA-built zero-day for Windows which gave birth to WannaCry, possibly the most devastating global ransomware threat to ever emerge.

Researchers from IBM, which discovered the flaw, said that it was even more potent as it resided in a wider range of network protocols, giving threat actors more flexibility when conducting their attacks.

Three-month headway

The flaw, tracked as CVE-2022-37958, isn’t exactly new, as it was discovered - and patched - three months ago. 

The news is that no one - not the researchers, not Microsoft issuing the patch - knew exactly how dangerous it really was. In reality, it allows threat actors to run malicious code without the need for authentication. Furthermore, it’s wormable, allowing threat actors to trigger a chain reaction of self-multiplying exploits on other vulnerable endpoints. In other words, the malware abusing the flaw could spread across devices like wildfire. 

Discussing the findings with Ars Technica, Valentina Palmiotti, the IBM security researcher who discovered the code-execution vulnerability, said an attacker could trigger the vulnerability via “any Windows application protocol that authenticates.”

“For example, the vulnerability can be triggered by trying to connect to an SMB share or via Remote Desktop. Some other examples include Internet exposed Microsoft IIS servers and SMTP servers that have Windows Authentication enabled. Of course, they can also be exploited on internal networks if left unpatched.”

Read more

> NotPetya attack - three years on, what have we learned?

> Ethical hackers show that Windows 10 isn’t immune to WannaCry

> These are the best malware removal tools around

When Microsoft first patched it three months ago, it believed the flaw could only allow threat actors to grab some sensitive information from the device, and as such, labeled it as “important”. Now, the company amended the rating, labeling it as “critical”, with a severity score of 8.1.

Unlike EternalBlue, which was a zero-day and left security experts and software makers scrambling to build a fix, the patch for this flaw has been available for three months now, so its effects should be somewhat limited. 

• Here's our rundown of the best firewalls on the market today

Via: Ars Technica

from TechRadar - All the latest technology news https://ift.tt/SyeJmqP

Wyze Outdoor Cam v2 Review: Few but Impactful Improvements - CNET

It isn't much different or much more expensive than the previous outdoor camera from Wyze, but it's a noticeable upgrade nonetheless.

from CNET https://ift.tt/1Ay0TgF

Latest Tech News

Password sharing on streaming services is nothing new, and Netflix’s attempts to limit the practice in recent months are well-documented. Now, though, new piracy guidance issued by the British government suggests anyone sharing passwords in the UK could be in breach of copyright law – and even face criminal charges for fraud. 

As first reported by TorrentFreak, Britain’s Intellectual Property Office (IPO) has updated its piracy guidance to assert that “password sharing on streaming services” – which includes the likes of Netflix, Prime Video and Disney Plus – can legally be deemed an act that “break[s] copyright law.” 

TorrentFreak reached out to the IPO for clarification on the legalities of password sharing, and the agency replied as follows: “There are a range of provisions in criminal and civil law which may be applicable in the case of password sharing where the intent is to allow a user to access copyright protected works without payment.”

“These provisions may include breach of contractual terms, fraud or secondary copyright infringement depending on the circumstances," the IPO continued. 

In other words, those sharing streaming service passwords in the UK could legally be prosecuted for fraud and/or breaches of copyright law – though it’s worth noting that the likelihood, in our opinion, is very slim. 

(Image credit: Shutterstock / Elliott Cowand Jr)

For starters, the bar for what constitutes an act of fraud in the UK is low. The country’s 2006 Fraud Act notes that using the “services of a members’ club without paying and without being a member” is deemed fraud, as is posting “chargeable data or software over the internet without paying.” Both offences are commonplace – how many times have you reposted someone else’s work on social media? – and although the practice of password sharing could fall into either category, it’s highly unlikely that the Crown Prosecution Service would pursue anyone for wanting to share Stranger Things with their friends.

Publicly aligning with such draconian action would also spell reputational disaster for streaming services that have actively encouraged password sharing in the past (as recently as 2017, Netflix tweeted “love is sharing a password").

However, while password sharing isn’t likely to put you behind bars in the UK or anywhere else any time soon, the British government’s official line on the legalities of such behavior will give Netflix the confidence – and the legal mandate – to follow through with its ambitious plans to introduce account sharing surcharges in 2023. 

It wouldn’t be a surprise to see the likes of Prime Video and Disney Plus follow suit, too, if Netflix’s drastic action reaps a significant revenue boost in the months following its rollout. 

For more Netflix-related content, check out our breakdown of Netflix's cheaper, ad-supported tier, as well as its new remote logout feature. 

from TechRadar - All the latest technology news https://ift.tt/6Z825PR