attacks
Latest
Microsoft warns Windows users of two security holes already under attack
Today, Microsoft warned billions of Windows users that hackers are actively exploiting two critical zero-day vulnerabilities that could allow bad actors to take complete control of targeted computers. According to a security advisory, the vulnerabilities are being used in "limited targeted attacks," and all supported Windows operating systems could be at risk.
Microsoft’s Defender security software is coming to iOS and Android
Despite Apple and Google's best efforts, malware and malicious apps are still a big concern on iOS and Android. So today, Microsoft announced that it's bringing its Defender Advanced Threat Protection (ATP) to the mobile operating systems. In other words, Microsoft is stepping in to fix a problem that Apple and Google can't seem to resolve.
Deliveroo is giving riders GoPros after a rise in acid attacks
Following the sharp rise of acid attacks, especially in inner city areas, food delivery service Deliveroo has introduced new measures aimed at keeping its riders safe as they navigate the streets. The startup announced today that it's hired 50 new staff members to oversee rider welfare, who will be serve as physical points of contact in each of Deliveroo's main markets.
Twitter blocks US spies from analyzing your tweets
There's more tension between tech firms and the US government, as Twitter has reportedly blocked spy agencies from a service that helps them root out terrorists. According to the WSJ, the social network cut off the government from Dataminr, a company that analyzes every public tweet sent. Though Twitter doesn't own the service (it has a five percent share), it does provide it with unique access to its central data line. Neither Twitter nor Dataminr have confirmed the details publicly, but unnamed intelligence officials have corroborated the story.
Daily iPhone App: Dead Ahead races through a stylish zombieland
Dead Ahead is a game released by Chillingo a few weeks ago, and it's been huge in the App Store charts lately. It's an endless running game where you're actually on a moped (or, later, a motorcycle), racing through a zombie-ridden apocalypse. The game's controls are excellently simple (you move your finger up and down the screen to steer, and then there are two buttons to race forward or shoot backwards), but the biggest draw here is the game's aesthetic, which uses a very stylistic look to add a little bit of whimsy to a pretty spooky zombie setting. The game is relatively gory, as the zombies are you can either be crashed into cars (or shot apart) in very bloody ways. But for all of the gore, the zombies are also cool, and the various types you'll encounter (including big, hulking zombie bosses) mix up the gameplay quite a bit. As you drive along, you'll pick up coins and earn points, which then let you upgrade your bike, your gun, or unlock various powerups and other fun tweaks. Dead Ahead is a great title -- it's an endless runner and doesn't really break open the conventions of the genre, but it does perform its few features very well. You can download the game right now for free, and (not surprisingly) there are plenty of in-app purchases to make if you so choose.
Voyager Mobile shakes off network issues, launches a few days behind schedule
It's tough being the new kid in town -- ask Voyager Mobile, an up and coming MVNO that had its launch delayed by a "malicious network attack" last week. The tenacious firm may have missed its planned May 15th launch, but managed to pull things together in time for the weekend, piggybacking unlimited talk, text and data off of Sprint's CDMA and WiMAX network for $40 a month. A basic unlimited voice plan is also available to the tune of $20, without data allowances, of course. Phones are available too, albeit without subsidies -- Samsung's Epic 4G Touch or Galaxy S II will each set you back $550, though an assortment of more affordable devices can be had from $120 and up. Tempted to jump ship? Check out the source link below and let all your MVNO dreams come true.
Voyager Mobile endures 'malicious network attack,' delays launch to the 'very near future'
Launch aborted. Wireless newbie Voyager Mobile has opted to delay its unveiling today to a "time and date in the very near future." A mysterious "malicious network attack" is to blame for the interruption, though that appears to be the extent of the explanation. The company also reinforced its commitment to bettering our planet, one $19 monthly unlimited plan at a time. [Thanks to everyone who sent this in]
Researchers develop method to measure effects of WiFi attacks
America is built on the principles of life, liberty and WiFi, the latter of which has increasingly become a target for hackers hoping to mess up our chi. To predict what would happen as result of an assault, researchers at North Carolina State University created two models -- one based on a continuous jam of service, and one on an intermittent disruption that would cut off service during specific times. They then measured "order gain," which compares the probability of an attacker having network access to the probability of a legitimate user having access. Basically, the more control a hacker has, the more regular users that will lose service and be shut out -- making it harder to regain control. Researchers hope the new method will help identify the most vulnerable networks, opening the doors to create effective countermeasures to keep our WiFi safe -- something that Starbucks customers will surely be thankful for.
Fifty days of 'lulz' over: LulzSec disbands
The secretive hacking group known as LulzSec has announced that it is formally disbanding with the completion of its planned 50 days of mayhem. Among its many targets that it has hacked, including government sites, LulzSec struck at The Escapist, Bethesda Game Studios, League of Legends, and EVE Online. LulzSec sent out a final statement, which said the group was a band of six hackers who had planned 50 days of attacks from the beginning. Now that the time is up, the group plans to fade into the shadows. The group hopes that others will continue with these illegal activities: "Behind the mask, behind the insanity and mayhem, we truly believe in the AntiSec movement. We hope, wish, even beg, that the movement manifests itself into a revolution that can continue on without us." While a suspected member of LulzSec was arrested a few days ago, the organization denied that he was part of the collective.
Hours after security update, new MacDefender variant evades it
And the cycle continues. Yes, just hours after Apple released a security update designed to smack down the recently-prevalent MacDefender malware, ZDnet's Ed Bott reports that a new variant of the bogus 'security' software has been released into the wild. This version is called "Mdinstall.pkg" and it works exactly as before, installing itself on Safari without any approval needed (as long as the default "Open 'safe' files after downloading" setting is on, which we recommend you disable). The timestamp on the file reportedly shows that it was put together as recently as last night, which means that these hackers are actively working against any defenses Apple put in place yesterday. The security update from Apple -- so far only available for Snow Leopard 10.6.7 users, meaning that 10.5 Leopard users (not to mention 10.4 Tiger) are still vulnerable -- adds a new option in the Security preference pane, seen here. The anti-malware tool apparently checks in with Apple's servers periodically to update its definitions suite, just as you would expect it to. So what's the solution here? Short of Apple simply removing the ability of Safari to open up files like this at all (which would of course hamper that functionality for folks who use it), the only real solution is to do what you've got to do on all computer systems subject to attacks: practice constant vigilance. It'll be interesting to see if Apple steps back up again on this one with another update (which would then incur another variant of the malware), but until then, users have to be educated and careful about what they click on in the browser. If you're already fighting off an installation of the Mac Defender malware, be sure to check out our handy removal guide.
Triple your pleasure with three Dragon Nest updates
Your typical Massively news post centers on an item or two of interest from a current MMORPG. It might be class-related info, it might be a juicy dev quote, or it might be a video. Rarely, though, do we manage to cram all three of those items into a single, value-packed news post quite like this one. And we owe it all to the folks at Nexon who've smothered us with a veritable gob of new information about Dragon Nest. The free-to-play fantasy MMO's website has just updated with our trifecta, and you can pay a visit to link number one to learn about the game's Warriors, Clerics, Archers, and Sorcerers. Behind link number two is a lengthy dev blog from Desmodeus Dragon Nest's lead producer who talks about the title's visuals, action, and story. Not to be outdone is link number three, which boasts a shiny new video detailing various combos and attacks from Dragon Nest's battle system. OK, maybe it is outdone, since you can also watch the video behind the cut without leaving the comfort of your Massively home. Either way, a smorgasbord of new Dragon Nest info awaits.
Will Anonymous attack Apple?
Could the Internet-driven Anonymous movement possibly bring its DDOS attacks to bear on our favorite Cupertino company? Apple did remove the WikiLeaks application, after all. Not that you can't still access WikiLeaks on the web, but Apple has got to be one juicy target for the Anonymous group. They've gone after not just companies like Visa and Mastercard, but have attacked Sarah Palin and the Swedish government as well. They have said (as much as the loosely-knit organization can speak as a group) it would be "in bad taste" to ruin holiday shopping, however, so maybe Apple will spare the group's wrath, at least until after the season. What do you think? Christmas weekend would appear to be an ideal time, in order to monopolize the attention span of the media on an otherwise slow news day. Imagine Anonymous moving to take the iTunes store down on the day everyone is getting a new Mac, iPod, iPhone, iPad or an iTunes gift card. That would make for some major issues (for both Apple and app developers alike), without question. But again, Anonymous doesn't appear to want to frighten the average consumer, so maybe the iTunes store would be a little too close to home. We'll have to wait and see what, if any, the response will be to Apple's removal of the app. Feel free to chime in and share your opinions on the issue in the comments below.
Why You Should Be Playing Aion: Chain combat
"Why you should be playing ..." is a freeform column from Massively.com intended to inform you about our favorite parts of our favorite games. We want you to know why we're playing them, so you can know what to play. I didn't give Aion the world's most glowing set of remarks last time I visited it, so I thought I should at least stop by and spend some time on a part of the game that I do actually like -- chain attacks. Chain attacks do many things to help Aion's combat move smoothly and efficiently. They clean up the UI, they offer flexible choices, they keep the combat looking fluid, and they're a lot of fun to pull off.
Dojo update: Giga Bowser and Smash Attacks
Continuing the focus on Bowser, the Dojo has updated, showing off Bowser's Final Smash. Unlike Link's and Pikachu's, Bowser's Final Smash sees him transforming into the monstrosity you see above. In this form, Bowser hands out beatings like the Santa at the mall hands out candy canes during Christmas.The other update over at the Dojo sees the explanation of attacks, and how they're performed using each of the available control schemes. There, each attack, from standard to Smash, are now dictated by how strongly you press the analog stick. This should allow players to control their attacks and fight more effectively.As usual, we've included images of the attack breakdown and Giga Bowser in the gallery below.%Gallery-3347%Read - Giga BowserRead - Attack breakdown[Thanks to everyone that sent this in!]
Estonia networks slammed by possible Russian cyber attacks
We certainly hope you dig the flavor of Russia and Estonia blended together in the morning, as your News Brews is probably cranking the mixture out en masse after reports that Russia has been waging a "cyber war" on Estonia for the past few weeks. Reportedly, Estonia's well-regarded networks have been "under heavy attack," saying that Russians are behind the mass outages of its state and commercial websites. Currently, Nato and EU officials are attempting to track down the culprits, and while Moscow has reportedly "denied any involvement in the internet attacks on its neighbor," relations between the two haven't exactly been rosy of late. Don't fret Estonia, if things get too bad, there's always Sealand.[Via Guardian]
Norton AV for OS X makes a Mac less secure
Ah the beautiful irony: last Tuesday, as many of us were getting ready for family and the holidays, Symantec admitted that a serious security flaw has affected about 40 of their products, including all versions of Norton Anti-Virus (NAV) for OS X. Symantec calls this a 'high risk' vulnerability that could allow a remote user to gain control of a computer, even a Mac, that's running any of their affected software. I haven't seen anything about a solution for either side of the fence yet, so if you're crazy for security I don't envy the dilemma a situation like this might put you in. An up-to-date and patched copy of OS X is widely hailed to be pretty secure these days (so run Software Update - regularly!), but the ZDNet Australia article that we found this in poses the important security question pretty well: "As the owner of a Powerbook I am faced with a dilemma. Do I pay AU$118.15 for a flawed 'security' application that is designed to protect me from threats that do not seem to exist; or do I take sensible precautions like keeping my computer behind a firewall and staying up to date with OS X patches?"No matter which side of the OS X security/virus/malware debate you stand on, a situation like this undeniably brings these topics back into light with a new perspective. Feel free to discuss in the comments, but keep it clean; don't make me come in there and separate you.
