More Than 3,000 Flights Canceled on Christmas Morning - CNET

Southwest Airlines has had more canceled and delayed flights over the holiday than any other US carrier.

from CNET https://ift.tt/Fu4G6fY

Eagles vs. Cowboys Livestream: How to Watch NFL Week 16 Online Today - CNET

Want to watch the Philadelphia Eagles take on the Dallas Cowboys? Here's everything you need to stream Saturday's afternoon game on Fox.

from CNET https://ift.tt/rmwfJ81

Got a new MacBook? You Need to Change This Setting ASAP - CNET

Apple has tap-to-click turned off by default, but you should turn it on.

from CNET https://ift.tt/ylRkaAH

Comparing Night Mode on the iPhone 14 Pro, Pixel 7 Pro and Galaxy S22 Ultra - CNET

We compared the best flagship models from Apple, Google and Samsung in a nighttime photo shoot field test.

from CNET https://ift.tt/1pvF28e

Best TV for PS5 and Xbox Series X, Series S for 2022: LG OLED, Samsung QLED, Vizio - CNET

If you want to take full advantage of features like 4K 120Hz and variable refresh rate, you'll probably need to upgrade your TV.

from CNET https://ift.tt/Mcg9A4l

The Top 100 Channels on Live TV Streaming Services - CNET

Hulu Live TV, Sling TV and YouTube TV are just some of the services we assess in this channel breakdown.

from CNET https://ift.tt/Q0LNM2q

Congress Approves Big Changes to 401(k) and IRA Accounts: Everything You Need to Know - CNET

The omnibus spending bill for 2023 now includes many changes to the rules on retirement accounts.

from CNET https://ift.tt/qYhDR0H

'Nepo Babies' Explained: What They Are, and Why Everyone's Talking About Them - CNET

A new generation is discovering an old truth: Kids of celebrities have an easier path to fame than nobodies.

from CNET https://ift.tt/KtFMQJX

Three-Legged Deer Tangled in Christmas Lights Gets Help From Humans - CNET

This is a timely reminder to secure your holiday decorations to protect wildlife.

from CNET https://ift.tt/1l6mZTv

Latest Tech News

As we enter the festive season, its peak trading time for online scammers - but luckily the FBI has waded in, recommending the use of ad blockers to keep safe. 

In recent public service announcement, the agency warned that fake ads can be put at the top of search results, indistinguishable from the results themselves, and can be very convincing when impersonating legitimate brands. 

The FBI mentioned that ads could be pretending to be from cryptocurrency exchanges, and clicking on them can result in malware being installed on your system, stealing sensitive data and ultimately your money. 

Staying safe

Other recommendations from the agency include checking the URL before clicking on a link to make sure it is legitimate by looking out for spelling errors, and typing the web address directly into your browser of the business you are looking for rather than searching for it.

read more

> Google Chrome ad blockers live on after API changes postponed

> FBI says Apple's new encryption launch is "deeply concerning"

> FBI cyberthreat sharing portal has member data stolen

In its advice to business, the FBI recommended using domain protection services to be notified when similar domain names are registered and to inform customers of any imposter websites. 

Ad blockers do what they say - they prevent adverts from appearing on your browser. There chief benefit is to stop intrusive and long-loading ads such as videos getting in your way and slowing you down.

However, they also prevent these ads from tracking you, stopping big data harvesters such as Google and Facebook from discovering your browsing habits while online, either on desktop or on mobile devices.

For this reason, the agency's announcement is unlikely to please big tech, who seem to walking a tightrope between trying to nullify their use without upsetting the large user base of such extensions.

Recently, popular ad blocker uBlock Origin complained about the upcoming API changes in Chrome, which look set to prevent it and other ad blocking extensions in chromium browsers from working. Browsers built on chromium include Microsoft Edge and Opera.

Google also confirmed in the summer that VPN apps on Android devices that block advertisements will no longer be available on the Play store. 

• Our pick of the best antivirus software around

from TechRadar - All the latest technology news https://ift.tt/xiDYgR4

Save Up to 72% on Body Massagers and Get Relief From Sore Muscles - CNET

Renpho massage guns, leg massagers, foot massagers and more have major discounts right now at Amazon.

from CNET https://ift.tt/Xua9oR4

Latest Tech News

Someone found a way to bypass the two-factor authentication (2FA) security measure at Comcast Xfinity and compromise countless accounts, reports have claimed. 

Following the bypass, the attackers are able to use the compromised accounts to try and take over cryptocurrency exchange accounts and cloud storage services.

On December 19 Xfinity email users started getting notified of changes to their account information, but their passwords were already changed so they couldn’t enter. Those that managed to get back into the account found that a secondary email address was added to the account, from a disposable domain yopmail.com.

Bypassing 2FA

The secondary email address is a security measure used by some email providers that help with password resets, account notifications, and similar. 

Many of the victims took to Twitter, Reddit, and Xfinity forums to discuss what had happened, and said that they had 2FA enabled. So, whoever was behind the attack, managed to guess the password with credential stuffing, and then managed to bypass the two-factor authentication security measure. BleepingComputer’s report states the attackers used a “privately circulated OTP (one-time password) bypass” which allowed them to generate working 2FA verification codes.

Read more

> Comcast publishes 200,000 'unlisted' phone numbers online

> What is 2FA and MFA?

> These are the best firewalls right now

That gave them access to the account, and adding the secondary, disposable email account, allowed them to perform the password reset process.

After gaining complete control over the compromised email accounts, the threat actors then proceeded to breach further online services, assuming people's identities to request email resets. Dropbox, Evernote, Coinbase, and Gemini, are just some of the services that the threat actors tried to breach.

Xfinity is keeping silent on the matter for the time being, but a customer said on Reddit that the firm is aware of the incident and is currently investigating. The same source also said that according to a customer support employee they spoke to, the issue seems to be quite widespread.

• Here's our rundown of the best endpoint protection services right now

Via: BleepingComputer

from TechRadar - All the latest technology news https://ift.tt/rFvVnJg

Latest Tech News

If your fancy new Corsair keyboard has started typing full sentences you first typed in days or even weeks ago, seemingly at random, don't worry - it isn't possessed. 

It is also not infected with any form of malware, keyloggers, or infostealers. Instead, it’s just an ugly bug that Corsair wasn’t even aware of, and is currently investigating the matter further.

The news, which first broke on Ars Technica, came from Corsair’s users, with multiple reports posted to the company’s forum about how their K100 keyboard suddenly started typing in full sentences that they had typed in the past. The keyboard was repeating the user’s keystrokes verbatim - if the user made a typo and backtracked - the keyboard did the same thing.

No foul play

Obviously, this left users fearing that an infostealer might be at play. After all, the keyboard was capable of typing out passwords or repeating sensitive text messages that were sent to other people in confidentiality. 

However, after analyzing the keyboard’s behavior in safe mode, it was determined that it didn’t have malware installed - it was just buggy.

As it turns out, the K100 has a macro recording function that sometimes turns itself on and begins recording keystrokes and mouse activity. The macros get saved and replayed at random, at a later date. 

A company’s spokesperson told Ars Technica, “Corsair keyboards unequivocally do not log user input in any way and do not have the ability to log individual keystrokes”.  

Read more

> This weird hack might help keep your PC safe from Russian hackers

> Your mechanical keyboard isn't just annoying, it's also a security risk

> Check out these best productivity tools around

While the company managed to determine how the bug happens, the why is still a mystery.

Corsair is currently investigating the matter and the first thing it determined is that factory resetting the device won’t help much. Still, those that wish to stop the keyboard while typing out their passwords during a company presentation, need to unplug it and hold down the ESC button for five seconds, while plugging the peripheral back in. 

• Here's our list of the best endpoint protection services around

Via: Ars Technica

from TechRadar - All the latest technology news https://ift.tt/wtYeXlE

Wear This 'Snack Scarf' to Smuggle Food Out of Holiday Parties - CNET

The scarves from Hefty come with hidden slider storage bags. Sounds like Homer Simpson's dream scarf.

from CNET https://ift.tt/a4d6Wso

Latest Gadgets News

NASA has formally retired its Mars InSight lander, the first robotic probe specially designed to study the deep interior of a distant world, four years after it arrived on the surface of the red planet, the US space agency announced on Wednesday. Mission controllers at NASA's Jet Propulsion Laboratory (JPL) near Los Angeles determined the mission was over when two co...

from Gadgets 360 https://ift.tt/b2nOXBT