The Federal Trade Commission is warning a dozen developers about some code they’ve included in their apps that can surreptitiously listen to unique audio signals from TVs in the background and build detailed profiles of what consumers are watching. The technology, produced by a company called SilverPush, is used to track users across devices and the FTC warned the developers that if they don’t disclose the use of the code to consumers, they could be violating the FTC Act.
DRIDEX’s continued prevalence could be attributed to two main factors: the botnet’s efficient delivery mechanism, which leads to more affected users; and its resilient peer-to-peer infrastructure that allows it to continue its operation. We also surmise that DRIDEX is being peddled in cybercriminal underground markets, allowing other cybercriminals and attackers to use botnet for their malicious activities.
Ransomware is malicious software that is designed to hold users' files (such as photos, documents, and music) for ransom by encrypting their contents and demanding the user pay a fee to decrypt their files. Typically, users are exposed to ransomware via email phishing campaigns and exploit kits. TeslaCrypt is one well-known ransomware variant, infecting many victims worldwide. It is in the top 5 of ransomware we see most often in our analysis systems. The core functionality of TeslaCrypt 3 remains the same as it continues to encrypt users’ files and then presents a message demanding the user to pay a ransom.
Physical weaknesses in memory chips that make computers and servers susceptible to hack attacks dubbed "Rowhammer" are more exploitable than previously thought and extend to DDR4 modules, not just DDR3, according to a recently published research paper.
The tests showed many of the DIMMs were vulnerable to a phenomenon known as "bitflipping," in which 0s were converted to 1s and vice versa. The report was published by Third I/O, an Austin, Texas-based provider of high-speed bandwidth and super computing technologies. The findings were presented over the weekend at the Semicon China conference.