Articles

404 ERROR: REQUEST COULD NOT BE FOUND

The page that you have requested could not be found at this time. We have provided you a list of related content below or you can use our site search to find the information that you are looking for.

Logitech M185 and Other Mice are Vulnerable to Keystroke Injection

According to a recent post on David Sopas' security blog, the very popular, and very cheap, Logitech M185 is vulnerable to a keystroke injection attack. Using a recent version of the "Bettercap" hacking toolkit and a 2.4ghz USB dongle, the security researcher used the mouse to open a script which, in this particular case, simply opened a calculator instance on Windows. While it wasn't on the "affected mouse" list, the M185 is apparently part of a wide variety of mice that are affected by similar exploits. Thanks to cageymaru for the tip, and check out the demonstration below:

Just a simple PoC where I took an Logitech M185 wireless mouse and hijacked it to launch my DuckyScript on the victims machine - in this case just popping up the Windows calculator.

Discussion
Posted by alphaatlas March 18, 2019 12:12 PM (CDT)

Old-School: Half-Life Running on a Quantum3D Mercury Brick

Classic game, classic hardware: [H]ardForum member TheeRaccoon is one of the lucky few to get his hands on a Quantum3D Mercury "brick," which comprises four Quantum3D Obsidian2 200SBi video boards. As The Dodge Garage explains, these were generally used for multi-channel visual simulation and training applications back in the day, but as TheeRaccoon’s video proves, they can also run a certain Valve shooter just fine. Thanks for the share, erek.

After a little over a year of ownership, I finally present to you the legendary Quantum3D Mercury brick up and running! (Don't mind my ghetto homemade passthrough cable.) In this brick configuration, there are 8 Voodoo 2 chipsets in SLI! (Each 200SBi board has two Voodoo 2 chipsets in SLI mode.) These bricks were mostly used for military simulation in the late 90's/early 2000's. The image generated by each 200SBi board is combined into one image, giving you 4 tap rotated grid full scene anti-aliasing.

Discussion
Posted by Megalith March 10, 2019 4:35 PM (CDT)

German Court Upholds Paid Amazon Review Case

Representing another win in the fight against paid reviews, a recent report claims that a German court upheld an Amazon case against undisclosed, paid reviews on their site. The provider supposedly offered 3rd party Amazon sellers positive reviews in exchange for some sort of compensation, such as a discount on the product, but the court banned the company from publishing reviews without advertising their "commercial background."

The ruling is not yet legally binding as the company can still appeal. Amazon's community guidelines prohibit compensation for reviews, but the practice has still proliferated, prompting Amazon to seek to sue sellers who buy reviews. Amazon tightened up its rules in 2016 to only allow reviewers to accept a free or discounted product as long as they disclose that fact, and use the Amazon "Vine" program to post their opinions.

Discussion
Posted by alphaatlas March 05, 2019 11:51 AM (CST)

Activision Blizzard Layoffs May Cause Key Talent to Leave

Activision Blizzard said the recently announced layoffs at the company may have a negative impact on its business. On page 12 of its SEC filing, the company warned investors that the job cuts may not have the desired effect of saving the company money as "there can be no assurance that our business will be more efficient or effective than prior to implementation of the plan, or that additional restructuring plans will not be required or implemented in the future." The document goes on to explain that the consequences of the workforce reduction "may also be costly and disruptive to our business or have other negative consequences, such as attrition beyond our planned reduction in workforce or negative impacts on employee morale and productivity, or on our ability to attract and retain highly skilled employees." The company also announced that it received up to $164 million from Bungie for the rights to Destiny 2 when the developer split with Activision Blizzard.

Activision Blizzard CEO Robert Kotick announced that it was shedding eight per cent of the company's workforce after talking about the publishing giant's "record revenue" for the year. Kotick appeared alongside Electronic Arts boss Andrew Wilson in a list of the Top 100 Most Overpaid CEOs, too.

Discussion
Posted by cageymaru March 04, 2019 1:14 PM (CST)

Samsung Offers to Supply Foldable Displays to Apple and Google

Sharing is caring: Korean IT news site ETNews is reporting Samsung has provided samples of its foldable display to Apple and Google, which will certainly make it easier for these giants to develop Galaxy Fold-type devices of their own, presuming they care to. MacRumors points out the former has been working on its own iteration of foldable-display technology, but if that doesn’t pan out, Apple can simply do business with Samsung.

Samsung has historically been both supplier and competitor to Apple and other smartphone manufacturers and provides the OLED screens for Apple's top of the line iPhones. According to the report, Samsung doesn't intend to keep foldable technology to itself and is instead working to dominate as a supplier for the technology. Samsung is said to be able to produced about 2.4 million units a year at this time but is considering moving up to 10 million units a year depending on demand.

Discussion
Posted by Megalith March 03, 2019 10:40 AM (CST)

Old BioWare Has Become "A Distant Memory"

Despite lead producer Michael Gamble’s claim the studio isn’t shutting down and continues to get "great support," concerns about BioWare’s future appear to be growing following Anthem’s negative reception. USgamer and PC Gamer have both published articles reminiscing over the developer’s legendary past and how it could recapture its former glory, but while both agree the studio should simply return to the basics (i.e., making single-player RPGs), their current obligations to huge blockbusters means they may never get that chance. Anthem's physical sales were only half of Mass Effect Andromeda's, according to UK charts.

...the success of Mass Effect feels more and more like a poisoned chalice. It propelled BioWare to undreamed of success, but it also robbed it of its soul. It's hard to imagine it ever returning to the heights of Baldur's Gate 2, when BioWare was an independent PC developer catering to a limited but ferociously loyal audience. Anthem is the natural endpoint of a process that began more than a decade ago, when BioWare decided its traditional approach was incompatible with large-scale success.

Discussion
Posted by Megalith March 02, 2019 4:05 PM (CST)

Mysterious Bethesda Placeholder Appears on Amazon with Fallout Countdown Timer

Bethesda may already be readying a new post-apocalyptic title to wash the bad taste of Fallout 76 away: PC, Xbox One, and PS4 listings accompanied by a vintage film countdown timer, which alludes to the franchise, have been listed on Amazon. Fans say it could be a remaster of Fallout 3 and/or New Vegas.

It’s the theory that makes the most sense, especially when you consider the number of re-releases we’ve seen for Skyrim in the past several years. Fallout 3 is a few years older than Bethesda’s last big single-player Elder Scrolls game, and it could probably do with a fresh coat of paint – that is, if you haven’t already tried modding it yourself.

Discussion
Posted by Megalith February 24, 2019 11:35 AM (CST)

Huawei Announces the $2,600 Foldable Mate X Smartphone: It Folds Outwards!

Samsung, hold my beer: Huawei has unveiled its own vision for the foldable smartphone, the Mate X. Unlike the Galaxy Fold, Huawei’s contraption folds out on itself: "its display wraps around the outer sides of the handset when it is in a folded state." Keeping the 8-inch, 2480 x 2200 AMOLED panel and pieces together is a patented hinge with over 100 components, the "Falcon Hinge." It also supports 5G and incorporates a 4,500mAh battery.

When unfolded, it's not one uniform slab -- it's a 5.4 mm (0.21 in) thick tablet with an 11 mm (0.43 in) bulging strip located in the rightmost part of its back. It works sort of like a handle, giving you more meat to hold on to, and also houses the phone's triple camera sensor. When it folds, the "back" display meets with the bulge to make for a uniform shape all around, giving you an 11 mm (0.43 in) thick handset.

Discussion
Posted by Megalith February 24, 2019 10:30 AM (CST)

Researchers Find a 19 Year Old Bug In WinRAR

Security researchers from Checkpoint have reportedly discovered a bug in WinRAR that just might be older than you. According to their bug report, recent version of WinRAR shipped with an ancient "unacev2.dll" file designed to decompress the equally ancient ACE archive format. A bug in the .dll lets malicious archives extract files to any location on the user's system, including the user's startup folder, which would allow an attacker to remotely execute arbitrary code during the next startup. WinRAR has removed the vulnerable .dll file in the program's latest release, as no one unpacks ACE archives anymore, and it seems that the security researchers may have claimed a substantial bug bounty in the process. Thanks to The Register for spotting the exploit.

A few months ago, our team built a multi-processor fuzzing lab and started to fuzz binaries for Windows environments using the WinAFL fuzzer. After the good results we got from our Adobe Research, we decided to expand our fuzzing efforts and started to fuzz WinRAR too. One of the crashes produced by the fuzzer led us to an old, dated dynamic link library (dll) that was compiled back in 2006 without a protection mechanism (like ASLR, DEP, etc.) and is used by WinRAR. We turned our focus and fuzzer to this "low hanging fruit" dll, and looked for a memory corruption bug that would hopefully lead to Remote Code Execution. However, the fuzzer produced a test case with "weird" behavior. After researching this behavior, we found a logical bug: Absolute Path Traversal. From this point on it was simple to leverage this vulnerability to a remote code execution. Perhaps it's also worth mentioning that a substantial amount of money in various bug bounty programs is offered for these types of vulnerabilities.

Discussion
Posted by alphaatlas February 21, 2019 12:05 PM (CST)

Samsung Unveils a Folding Smartphone

What's old is new again. While smaller manufacturers have already "launched" a new generation folding phones, and bigger ones like Xiaomi have teased folding prototypes, Samsung officially unveiled the aptly names "Galaxy Fold" at the Samsung Unpacked event yesterday. Unlike your old flip-phone, the Galaxy Fold features a flexible 7.3 inch display that takes up the phone's entire unfolded face, and it's powered by a "7nm, 64-bit processor" that has more cores and just as much RAM as the desktop I'm typing on. Some sources claim the unspecified processor is a Qualcomm Snapdragon 855, but Samsung could also follow in the footsteps of the conventional Galaxy lineup and use their home-brewed Exynos 9820 outside the U.S.

The internal screen does not merely bend. It folds. Folding is a more intuitive motion, and a more difficult innovation to deliver. Samsung invented a new polymer layer and created a display around 50 percent thinner than the typical smartphone display. The new material makes Galaxy Fold flexible and tough, built to last...No matter which way you hold-or fold-the device, a camera will be ready to capture the scene, so you never miss the moment. With six lenses-three in the back, two on the inside and one on the cover-the Galaxy Fold camera system has flexibility built in. Galaxy Fold introduces a new level of multitasking, allowing you to use other apps during a video call.

Discussion
Posted by alphaatlas February 21, 2019 8:47 AM (CST)

Rice Researchers Reveal Silicon Based Security Keys

Integrated circuit designers from Rice University claim they've developed a digital fingerprint technology that is "10 times more reliable than current methods" used in IoT devices. Their "physically unclonable function," or PUF, supposedly uses physical imperfections in the security device's silicon itself to generate unique keys that are nearly impossible to spoof. The researchers say their test chip "measures just a few millimeters in size" and generates keys using an array of hundreds of transistors, and does so with a minimal amount of power. The PUF concept itself isn't new, but as you probably know, transistors are sensitive to environmental changes, and previous implementations weren't reliable or small enough to be of practical use. But this particular design was tested at abnormal voltages and at "temperatures ranging from 125 degrees Celsius to minus 55 degrees Celsius." The researcher are scheduled to present their findings at the 2019 International Solid-State Circuits Conference today, but just how far away the tech is from commercialization isn't clear yet.

"Basically each PUF unit can work in two modes," said Yang, assistant professor of electrical and computer engineering. "In the first mode, it creates one fingerprint, and in the other mode it gives a second fingerprint. Each one is a unique identifier, and dual keys are much better for reliability. On the off chance the device fails in the first mode, it can use the second key. The probability that it will fail in both modes is extremely small." As a means of authentication, PUF fingerprints have several of the same advantages as human fingerprints, he said. "First, they are unique," Yang said. "You don't have to worry about two people having the same fingerprint. Second, they are bonded to the individual. You cannot change your fingerprint or copy it to someone else's finger. And finally, a fingerprint is unclonable. There's no way to create a new person who has the same fingerprint as someone else."

Discussion
Posted by alphaatlas February 20, 2019 8:55 AM (CST)

NATO Experiment Manipulated Soldiers Through Facebook

The NATO Strategic Communications Centre of Excellence published a report (PDF warning) on the challenges governments face with online security, and Wired managed to spot a particular interesting experiment within the multi-section report. As part of an experiment, the independent NATO organization used Facebook to to try to manipulate soldiers during a military exercise. Over several weeks, the researchers posted fake webpages and groups, promoted them with targeted advertising, and gradually lured members of the military exercise into them. Eventually, the researcher were able to identify "a significant amount of people taking part in the exercise and managed to identify all members of certain units, pinpoint the exact locations of several battalions, gain knowledge of troop movements to and from the exercises, and discover the dates and active phases of the exercises." The researchers note that several of Facebook's existing countermeasures were effective, but they weren't enough to stop the researchers from effectively infiltrating the exercise.

The researchers also tracked down service members' Instagram and Twitter accounts and searched for other information available online, some of which a bad actor might be able to exploit. "We managed to find quite a lot of data on individual people, which would include sensitive information," Biteniece says. "Like a serviceman having a wife and also being on dating apps" "Every person has a button. For somebody there's a financial issue, for somebody it's a very appealing date, for somebody it's a family thing," Sarts says. "It's varied, but everybody has a button. The point is, what's openly available online is sufficient to know what that is."

Discussion
Posted by alphaatlas February 19, 2019 8:30 AM (CST)