Articles

404 ERROR: REQUEST COULD NOT BE FOUND

The page that you have requested could not be found at this time. We have provided you a list of related content below or you can use our site search to find the information that you are looking for.

Google Discovers Vulnerabilities in Chrome and Windows 7

Google just publicized a combination of zero-day exploits for Windows 7 and Chrome that are reportedly being exploited together in the wild. The bug in Chrome allegedly involved the browser's file reader, while the vulnerability in Windows "is a NULL pointer dereference in win32k!MNGetpItemFromIndex when NtUserMNDragOver() system call is called under specific circumstances." Google says they reported the bug on February 27th, and pushed out a patch for Chrome on March 1st, but the Windows 7 vulnerability doesn't appear to be patched yet. Google claims they've only observed the Windows exploit on 32-bit Windows 7 systems so far, but notes that exploit mitigations already protect newer version of Windows, and say that "users should consider upgrading to Windows 10 if they are still running an older version of Windows." Sophos took a look at the Chrome bug earlier this week, and they seems to think that a single bad webpage could give attackers remote access to computers.

When we heard that the vulnerability was connected to FileReader, we assumed that the bug would involve reading from files you weren't supposed to. Ironically, however, it looks as though attackers can take much more general control, allowing them to pull off what's called Remote Code Execution, or RCE. RCE almost always means a crooks can implant malware without any warnings, dialogs or popups. Just tricking you into looking at a booby-trapped web page might be enough for crooks to take over your computer remotely.

Discussion
Posted by alphaatlas March 08, 2019 9:52 AM (CST)

YouTuber Discovers Unreleased NES WCW Wrestling Game

YouTuber "Archon 1981" claims he just bought an unreleased, unannounced NES wrestling game from 1989. The cartridge was supposedly given to a former Nintendo employee simply because he was a wrestling fan, but "UWC" never saw the light of day again. Archon says he's going to release the ROM to the public, but in the meantime, he uploaded some footage of the game, which you can see below:
Thanks to cageymaru for the tip. Garrett Martin, who's apparently a big pro wrestling and retro gaming fan, went to the trouble of trying to identify all the wrestlers in the game:

A handful of them should be immediately recognizable to any wrestling fan. In the top row you can see the Road Warriors-the tag team of Animal and Hawk-as well as Sting, who was quickly becoming the promotion's top face the year this game was copyrighted. The bottom row is a little harder to figure out, as three of them are just a bunch of grimacing or grinning blond guys, but that's unmistakably Ric Flair second from right. Reese's footage helps identify some of the other wrestlers. The bottom left corner is none other than Beautiful Bobby Eaton, one-half of the Midnight Express, perhaps the greatest tag team of all time. The top right slot looks a lot like Jimmy Garvin, and that's because it is, as we see in the very first in-game footage from Reese's video. Garvin's wrestling Barry Windham in that footage, so we can scratch another one of those bottom row guys off.

Discussion
Posted by alphaatlas March 07, 2019 10:30 AM (CST)

Overwatch Team Discovers Female Player Was a Male Imposter

There was a round of articles last week regarding North America’s first female Overwatch Contenders player, "Ellie," who supposedly quit due to toxic harassment. Having been quickly courted by a professional esports team, Second Wind, many claimed she was a male player’s "smurf" (a high-level player posing as an inexperienced one) account. While the media initially framed this as an incident proving rampant sexism in esports and gaming, it turns out that "Ellie" was, in fact, a man: a male player called "Punisher" may have run the "social experiment" as a hasty means of going pro.

It looks like this "social experiment", if it was actually intended as such, was an attempt to make some kind of point about women in esports, but it was heavily criticised. Liz Richardson, boss of Overwatch website Overwatchscore, said it will have "lasting ramifications" for women who already face an uphill challenge in esports. "Now, more than ever, any girl that tries to go pro will get this gigantic amount of scrutiny and will be practically forced to reveal aspects of their personal lives just to prove they're a woman."

Discussion
Posted by Megalith January 06, 2019 12:40 PM (CST)

Spider-Man "Raimi" Suit Drama: Insomniac Speaks against Gamer Entitlement

Spider-Man developer Insomniac Games was allegedly harassed for months by Sam Raimi fans who demanded the suit from the original movies be added to the PS4 exclusive. While the outfit was ultimately released this week, Community Manager James Stevenson called gamers out for being "jerks," as the studio "listened all throughout development" and "done lots of things fans asked for." Insomniac claims the harassment had nothing to do with the suit’s availability, as it was in the works for "months and months." GameSpot and VG247 thought this was all overblown; the former called it "the worst version of the character."

We are not required to do everything. Nor should we be harassed. Passionate is not an excuse for harassment. Having paid for a piece of software or a service does not entitle you to be a jerk. You are not always right. And again, we have nothing else we can say on that -- as has been the case for a while. Our position has always been we don’t comment on future possible suits (besides ruling a couple out). We know there are many desires, and we’ve heard them. Just know things take a LONG time sometimes (months and months!) and even then go down to the literal wire. We obviously never stopped listening.

Discussion
Posted by Megalith December 23, 2018 1:05 PM (CST)

How the Dropbox Offensive Testing Security Team Discovers Zero-Day Vulnerabilities

Dropbox has multiple security teams to make sure that your data is secure and safe. They also conduct red team training exercises where the red team takes on the role of an attacker, and the other teams have to respond to the threat. During a recent offensive training exercise with Syndis; a third-party partner, multiple zero-day vulnerabilities in Apple macOS and Safari were discovered. Just visiting a web page with malware installed on it could trigger the exploit. Apple was able to issue a security update within a month to protect Dropbox and macOS users.

This engagement was a win for us, for Apple, and for internet users on various levels. Not only did we get to test our defensive posture, we also made the internet safer by identifying and reporting vulnerabilities in macOS. Syndis went above and beyond in finding this exploit chain during our engagement, and using it during our attack simulation exercise allowed us to test our readiness against attacks using zero-day vulnerabilities. This is an excellent example of the security community becoming stronger because of good actors doing the right thing.

Discussion
Posted by cageymaru November 21, 2018 10:52 AM (CST)

AdoredTV Covers the History of Intel Cheating on Benchmarks

AdoredTV tackles the history of Intel cheating on benchmarks. There are a few references to someone that we all know.

Unprincipled Benchmarketing 101.

Discussion
Posted by cageymaru October 10, 2018 4:23 PM (CDT)

Gamer Asks Insomniac to Add Marriage Proposal to "Spider-Man," Gets Dumped

YouTube vlogger and Twitch streamer Tyler Schultz had formulated a novel idea for proposing to his girlfriend with an Easter egg in Insomniac Games’ upcoming open-world "Spider-Man" game. The developer obliged, setting up a movie-theater marquee with, "Maddie, Will You Marry Me?" Sadly, the event didn’t turn out to be heartwarming: Schultz’s girlfriend ended up dumping him for his brother just before the game was released. Art Director Jacinda Chew is taking suggestions on what her team should change the text to.

"The thing that sucks about this Easter egg is the date that I'm making this video now, three, four weeks ago, my girlfriend dumped me to go with my brother. Basically throwing away the five years that we had together and spitting in my face basically, saying this isn't even the way she wanted to be proposed to, and left me. This might go down in history as the saddest Easter egg. Maybe, I don't know."

Discussion
Posted by Megalith September 09, 2018 1:30 PM (CDT)

Google Discovers That Old Keys Are Better Than New Keys for Security

Google has discovered that the key to eliminating successful phishing attempts at the company is to give employees physical security keys. The new USB devices make security easy as they use the open source Universal 2nd Factor (U2F) and only require a simple press of a button to authenticate a supported website. In the future the Web Authentication API will eliminate the need for users to type in a password. Here are some of the devices for sale at Yubico.

The most common forms of 2FA require the user to supplement a password with a one-time code sent to their mobile device via text message or an app. Indeed, prior to 2017 Google employees also relied on one-time codes generated by a mobile app — Google Authenticator. In contrast, a Security Key implements a form of multi-factor authentication known as Universal 2nd Factor (U2F), which allows the user to complete the login process simply by inserting the USB device and pressing a button on the device. The key works without the need for any special software drivers.

Discussion
Posted by cageymaru July 23, 2018 2:20 PM (CDT)

Amazon Stops Selling Hair Dryer after Woman Discovers It Shoots Fire

A woman from South Carolina bought a hair dryer from Amazon that was actually a blowtorch in disguise: smoke and flames, rather than hot air, burst out of the nozzle when she switched it on. The "Salon Grade Hair Dryer" by OraCrop has since been pulled.

"Talk about a bad hair day! My new hair dryer (more like hair frier) from OraCorp on Amazon.com became a blow torch on its first use this morning. A small burn on my hand and an enormous smell to my master bath - the company has yet to respond to my complaint or videos," she wrote in the post.

Discussion
Posted by Megalith February 03, 2018 11:00 AM (CST)

Threadripper Delidding Uncovers EPYC in Disguise: 32-Core Desktop CPU in the Works?

Overclocker Roman Hartung (der8auer) discusses his delidding of a Threadripper CPU in a new video: he confirms that AMD is, in fact, using four functional Ryzen dies to create a single Threadripper chip. Being that AMD’s EPYC server processors are made the exact same way, der8auer speculates that the company has plans for a 32-core desktop processor (the choice of using four dies was intentional).
Discussion
Posted by Megalith September 16, 2017 9:55 AM (CDT)

Marvel's Spider-Man for PS4

For all you Spidey fans, earlier in the week Sony demonstrated a storyline mission in the upcoming Marvel's Spider-Man title. Developed by Insomniac Games, Sony, and Marvel, the game appears to be another open-world action game. Only a planned release date of 2018 was announced. The last Spider-Man game to garner lots of praise and my own interest was Spider-Man 2 over 10 years ago. However, that previous title was based on the movie, this current one is based on an entirely new Spider-Man in its own universe with familiar characters. Although it graphically looks mighty impressive for a console game, there is environmental interaction in the combat, you can throw bricks at enemies-Yah! It remains to be seen if there's enough variety in the combat mechanics from keeping it fresh.. Check out the video.
One last thing, avoid the old Spider-Man 2 game for the PC, it's a travesty besides Bruce Campbell being a delight.

This isn't the Spider-Man you've met before, or seen in a movie. This is an experienced Peter Parker who's more masterful at fighting big crime in New York City. At the same time, he's struggling to balance his chaotic personal life and career while the fate of millions of New Yorkers rest upon his shoulders.

Discussion
Posted by seth June 16, 2017 1:49 AM (CDT)

Uncharted Movie Casts Spider-Man Star Tom Holland as Nathan Drake

What the heck? My thoughts for the Uncharted movie involved an adult Drake, played by Nathan Fillion, but Sony has a completely different idea: the film version of Naughty Dog’s adventure series will actually be a prequel that involves a young Nathan meeting Victor Sullivan for the first time. Can they get Greg Edmonson to score it, at least?

Sony Pictures is bullish enough on its upcoming Spider-Man Homecoming star Tom Holland that the studio is doubling down on the young actor by building a second major franchise around him. Holland is attaching to star in Uncharted, in what will be redrafted as a prequel to the treasure hunting action story line in the Naughty Dog video game for PlayStation. Shawn Levy is directing a film that will take its inspiration from a sequence in the third iteration of the video game that focused on the young thief Drake, and his first encounter with the professional rogue, Sullivan.

Discussion
Posted by Megalith May 22, 2017 10:49 AM (CDT)