Feed aggregator

Article URL: https://www.404media.co/corpse-point-in-the-arctic-is-melting-disturbing-centuries-old-bodies/

Comments URL: https://news.ycombinator.com/item?id=48291961

Points: 2

# Comments: 0

Article URL: https://www.404media.co/buspatrol-put-ai-cameras-in-tens-of-thousands-of-school-buses-now-they-want-to-give-cops-access/

Comments URL: https://news.ycombinator.com/item?id=48291955

Points: 3

# Comments: 0

Article URL: https://www.sas.upenn.edu/~cavitch/pdf-library/Nagel_Bat.pdf

Comments URL: https://news.ycombinator.com/item?id=48291953

Points: 2

# Comments: 0

A media company and two of its marketing partners have been fined for selling a service which, they said, listened in to people’s conversations through their phones. Actually they did nothing of the sort.

Most people have worried at some point that their phone has been listening to them through the microphone. You know how it goes: One minute you’re speaking to your friend about how you’ve always wanted to go to Fiji, the next minute you’re seeing social media ads for vacations there. However, as yet there hasn’t been much real proof that this is actually happening.

But that didn’t stop Cox Media Group from claiming it could listen in. Between 2023 and 2024, the company publicly promoted a service called “Active Listening” or “Voice Data,” claiming it used AI-powered voice-processing technology to capture conversations from smartphones, along with smart TVs and other devices with embedded microphones. 

The company told potential advertising clients that the system provided a tool to target, retarget, and retain customers.

The scandal came to light when 404 Media published internal pitch decks from Cox that detailed the supposed “Active Listening” capabilities. After the revelations, Cox initially backpedaled and denied listening to conversations, but the marketing materials contradicted these denials. 

The FTC found that the “Active Listening” service was completely fabricated. The service did not listen to consumers’ conversations or use voice data at all, nor did it accurately place ads in customers’ desired geographic locations. Instead, Cox and its partners simply resold email lists obtained from other data brokers at a significant markup.

Worst of all, the companies also falsely claimed that consumers had opted into voice data collection when they had not.

The Federal Trade Commission (FTC) fined the companies a total of $930,000 for falsely claiming they could spy on consumers. Cox Media Group must pay $880,000, while MindSift and 1010 Digital Works will each pay $25,000. The settlement funds will be used to provide refunds to Cox Media Group customers who were deceived by these false claims.

Are your details being used by cybercriminals? 

FIND OUT HERE

How to safekeep your personal data

In this case, the data that was being sold came from data brokers. Keeping your personal data away from them requires a combination of preventive measures and active removal efforts.

• Minimize what you share on social media and elsewhere online. Data brokers use scraping tools to gather information from forum posts and public profiles so avoid sharing sensitive details like your birth date, home address, phone number, and financial information. 
• Before signing up for online services, loyalty programs, or apps, carefully read privacy policies to understand how companies will collect, use, and share your data.
• For active data removal, your options depend largely on where you live. It’s often best to leave that work to a specialized service you can trust.
• Disable advertising IDs on your smartphones, tablets, and computers through your device settings where possible.
• Use a VPN to hide your IP address and encrypt your browsing traffic, install ad and tracking blockers, and consider using more privacy-focused browsers.

Still wondering if your phone is listening to you?

We looked into this very topic on our Lock and Code podcast. Listen to it below, or search for it on your favorite podcast player.

Scammers don’t need to hack you. They just need you to click once. 

Malwarebytes Identity Theft Protection catches suspicious activity before it becomes a problem.

Article URL: https://miniscript.org/MiniMicro/index.html#about

Comments URL: https://news.ycombinator.com/item?id=48291947

Points: 12

# Comments: 0

Article URL: https://old.reddit.com/r/Android/comments/1tno2z3/motorolas_preinstalled_smart_feed_app_hijacks/

Comments URL: https://news.ycombinator.com/item?id=48291933

Points: 1

# Comments: 1

Article URL: https://victoriaaremo.substack.com/p/the-confession-nobody-expected

Comments URL: https://news.ycombinator.com/item?id=48291898

Points: 2

# Comments: 0

Article URL: https://www.bbc.co.uk/news/articles/c39228nxyr4o

Comments URL: https://news.ycombinator.com/item?id=48291892

Points: 2

# Comments: 0

Article URL: https://zozo123.github.io/intel-story/

Comments URL: https://news.ycombinator.com/item?id=48291889

Points: 3

# Comments: 0

Article URL: https://bugs.kde.org/show_bug.cgi?id=464386

Comments URL: https://news.ycombinator.com/item?id=48291887

Points: 2

# Comments: 0

Article URL: https://scottaaronson.blog/?p=9758

Comments URL: https://news.ycombinator.com/item?id=48291881

Points: 4

# Comments: 1

Article URL: https://thesmartteleprompter.com

Comments URL: https://news.ycombinator.com/item?id=48291851

Points: 1

# Comments: 1

Article URL: https://imgur.com/a/CJfEaIr

Comments URL: https://news.ycombinator.com/item?id=48291850

Points: 3

# Comments: 0

Article URL: https://ugly.cash/

Comments URL: https://news.ycombinator.com/item?id=48291843

Points: 1

# Comments: 1

Article URL: https://blog.phnx.im/openmls-independent-security-audit/

Comments URL: https://news.ycombinator.com/item?id=48291825

Points: 4

# Comments: 0

The attack was claimed by a hacktivist group, but evidence showed it used infrastructure linked to Iranian government threat actors.

The post LA Metro Cyberattack Linked to Iranian State-Sponsored Hackers appeared first on SecurityWeek.

Cybercriminals are abusing Adobe infrastructure in a LinkedIn phishing campaign that steals passwords and redirects victims to the legitimate LinkedIn site afterward.

The phishing email masquerades as a business inquiry designed to look like it’s come via LinkedIn and includes a fake “contract” attachment. But it contains a number of red flags:

• The sender name, email address, and email signature don’t match
• The sender company exists, but not in the US
• The sender name exists, but not at that company
• The attachment has a double file extension: pdf.html

“I would like to do business with you via LinkedIn. I’m a buyer.

Please find attached the signed contract No. #33110:12000pcs.

I look forward to hearing from you. “

Scam or legit? Scam Guard knows.

TRY IT NOW

Double file extensions are often used to mislead recipients into thinking a file is something other than what it really is. The attached HTML file is highly obfuscated. Basically, it’s a one-line JavaScript.

The script uses two common obfuscation methods: URL encoding and Base64 . The script is divided into two Base64-encoded sections.

When you open the attachment, you’ll find a simple login form.

The target’s email address is hardcoded, and you’re unable to change or remove it. Possibly because some researchers have no qualms about flooding the receiving channel with false credentials.

But figuring out the receiving channel is where it gets interesting. Network analysis reveals this URL:

https://lnkd.tt.omtrdc.net/rest/v1/delivery

This domain belongs to Adobe and is associated with the Adobe Target A/B testing platform. But the campaign isn’t using Adobe Target to receive the phished credentials. Instead, attackers are abusing Adobe Target as a redirect/abuse point in the phishing flow. Most likely to track victims who fell for the phishing email.

In the end, it redirects the target to the legitimate business.linkedin.com site to reduce any suspicion the target may still have.

After deobfuscating the scripts, we found the destination for the submitted credentials:

All in all, even with the level of obfuscation, the method is very raw and simple:

POST to: http://a1263367.xsph.ru/taam/Ln.php

With data:

• AA = hardcoded email address
• BB = whatever password the user entered

The PHP file hosted on a .ru domain handles the redirect to LinkedIn, making the victim think they just logged in successfully.

How to stay safe

The good news: Once you know what to look for, these attacks are much easier to spot and block. The bad news: They’re cheap, scalable, and likely to keep circulating.

So, the next time a “PDF” asks for your password in a browser, pause and think about what might be hiding underneath.

Beyond avoiding unsolicited attachments, here are a few ways to stay safe:

• Only access your accounts through official apps or by typing the official website directly into your browser.
• Check file extensions carefully. Even if a file looks like a PDF, it may not be.
• Enable multi-factor authentication for your critical accounts.
• Use an up-to-date, real-time anti-malware solution with a web protection module.

Pro tip: Malwarebytes Scam Guard recognized this email as a scam.

Scammers don’t need to hack you. They just need you to click once. 

Malwarebytes Identity Theft Protection catches suspicious activity before it becomes a problem.

Article URL: https://domainalot.substack.com/p/why-selling-a-domain-is-so-expensive

Comments URL: https://news.ycombinator.com/item?id=48291678

Points: 1

# Comments: 0

Article URL: https://bluebottleware.itch.io/the-labyrinth

Comments URL: https://news.ycombinator.com/item?id=48291673

Points: 1

# Comments: 0

Article URL: https://techropa.com

Comments URL: https://news.ycombinator.com/item?id=48291656

Points: 1

# Comments: 0