404 ERROR: REQUEST COULD NOT BE FOUND

The "This is Not a Sushi Bar" restaurant in Milan, Italy is offering Instagram users with 100,000+ followers free food if they post a picture of their meal and tag the restaurant on social media. "Owner Matteo Pittarello said he hoped the offer would attract millennials as patrons and create '2.0 word-of-mouth that could make our brand strong and viral.'"

Italian fashion blogger Clizia Incorvaia had a free sushi lunch on Tuesday courtesy of her 200,000 Instagram followers. Incorvaia said: "We tasted everything from gunkan to tartare, and I have to say it is all really good."

Discussion
Posted by cageymaru October 16, 2018 4:23 PM (CDT)

Following an independent investigation by security experts, and an FDA review, Medtronic disabled software updates for the Medtronic CareLink and CareLink Encore Programmer models 2090 and 29901, which are used in pacemakers, implantable defibrillators, cardiac resynchronization devices, and insertable cardiac monitors. The vulnerability would theoretically allow an attacker to update a medical device with non-Medtronic code, which is obviously a serious concern in a pacemaker. Fortunately, the company claims it hasn't received any reports of attacks or compromised patients. Users will have to manually update their medical devices via USB, and the company claims that its working on getting the online update system back up and running.

The FDA has reviewed information about potential cybersecurity vulnerabilities associated with the internet connection of Medtronic's programmers, and has confirmed that these vulnerabilities could allow an unauthorized user (that is,someone other than the patient's physician) to change the programmer's functionality or the implanted device during the device implantation procedure or during follow-up visits. Specifically, this cybersecurity vulnerability is associated with using an internet connection to update software between the CareLink and CareLink Encore programmers and the SDN. Software updates normally include new software for the programmer's functionality as well as updates to implanted device firmware. Although the programmer uses a virtual private network (VPN) to establish an internet connection with the Medtronic SDN, the vulnerability identified with this connection is that the programmers do not verify that they are still connected to the VPN prior to downloading updates. To address this cybersecurity vulnerability and improve patient safety, on October 5, 2018, the FDA approved Medtronic's update to the Medtronic network that will intentionally block the currently existing programmer from accessing the Medtronic SDN.

Discussion
Posted by alphaatlas October 16, 2018 12:12 PM (CDT)

Websites such as Western Union, Tinder, Shopify, Yelp, Imgur, and more have been exposing their customers to XSS attacks due to a flaw in the Branch.io service used by major corporations around the world. "The Branch.io company provides the leading mobile linking platform, with solutions that unify user experience and measurement across different devices, platforms, and channels." The vpnMentor blog explains that the DOM-based XSS vulnerability would have worked on many different browsers and show how it could have been easily exploited. It is recommended that users change their passwords.

The fact that the vulnerability is DPM based and branch.io still isn't using CSP made these vulnerabilities easy to exploit in any browser we like. This meant that by modifying redirect strategy to a specially crafted payload to manipulate the DOM. go.tinder.com is an alias for custom.bnc.lt, a Branch.io resource. And many other companies have their alias pointing to it. Thanks to the fast response we got from Branch's security team, this vulnerability has now been fixed for everyone's domains.

Discussion
Posted by cageymaru October 15, 2018 4:22 PM (CDT)

For Honor is getting a big, free update alongside the Marching Fire expansion. Among other things, Ubisoft's fantasy brawler is getting a "major" global illumination upgrade, a revamped skybox, better textures, and new post processing effects. The free update will also include major balance changes, fixes, and new features like the PvP castle breach siege mode. Players who drop $30 for the full expansion will get a whole new faction to play with, as well as a ton of new features. The patch and expansion will be available on if October 16th if your preorder, and the characters will be available for purchase with in-game currency on October 30. You can read the full patch notes here. Check out the expansion's trailer below:

For Honor Marching Fire is a major expansion encompassing a brand-new faction with instant and early access to four new heroes, a new PvP mode, unlimited PvE content, and far-reaching graphical enhancements. This content is split into two categories: Free (available on Oct 16 for all current For Honor game owners) and Paid (available only with purchase of the For Honor Marching Fire Expansion or Edition).

Discussion
Posted by alphaatlas October 15, 2018 7:42 AM (CDT)

It was revealed last month that Red Dead Redemption II would require a 105GB install on PlayStation 4, and now, the Microsoft Store is showing the title will require approximately 88.57GB on Xbox One. It isn’t clear why there is a 16GB disparity, but Red Dead fans who are tight on storage, regardless of which console they own, may now prepare accordingly.

While that may be smaller than PS4's listed size, there could be reasons for this. For one, it's not clear if "Approximate Size" is listing the download size (the size of all the files users download from the servers, which are often compressed) or the install size (the files as they actually are, after the installer has uncompressed them). A size difference of about 16GB would be in line with the average difference between download and install sizes.

Discussion
Posted by Megalith October 14, 2018 1:35 PM (CDT)

Researchers with Caltech and Quebec’s INRS University have developed a camera that can capture even the quickest, briefest details and present them in extremely slow motion. Described as the "world’s fastest camera," the "T-CUP" photography system is reportedly capable of capturing 10 trillion frames per second, which is fast enough to freeze light and other dynamic phenomena.

"We knew that by using only a femtosecond streak camera, the image quality would be limited," says Professor Lihong Wang, the director of Caltech Optical Imaging Laboratory (COIL). "So to improve this, we added another camera that acquires a static image. Combined with the image acquired by the femtosecond streak camera, we can use what is called a Radon transformation to obtain high-quality images while recording ten trillion frames per second."

Discussion
Posted by Megalith October 13, 2018 2:15 PM (CDT)

According to scattered reports collected by Windows Latest, a patch released by Microsoft on Tuesday is crashing some HP systems. KB4464330 reportedly conflicts with a specific HP keyboard driver, and IT staff on social media claim that the update is affecting many of their clients. Microsoft is still dealing with file deletion issues following the Windows 10 October 2018 Update, but KB4464330 "addresses an issue where an incorrect timing calculation may prematurely delete user profiles on devices subject to the 'Delete user profiles older than a specified number of day' group policy." Windows Central posted a guide to fix the issue here.

"We are having the same issue on HP prodesk 400 G3 Windows 10 machines today. It is definitely related to KB4462919 and/or the HP keyboard driver at the top of your screenshot. We do NOT push out any driver updates, and we are not using HP keyboards with these PCs," Reddit user R1PLEY explains.

Discussion
Posted by alphaatlas October 12, 2018 9:38 AM (CDT)

Fake Adobe Flash installers are infecting computers with malicious programs such as the XMRig cryptocurrency miner. It fools users into thinking the program is legitimate by using genuine Adobe graphics and pop-up screens from the official Adobe installer. It even properly updates Adobe Flash to the latest version on the victim's PC. But it downloads the legitimate Flash update from a compromised server along with cryptocurrency miners that forces the victim's PC to mine Monero.

While searching for these particular fake Flash updates, we noticed Windows executables file names starting with AdobeFlashPlayer__ from non-Adobe, cloud-based web servers. These downloads always contained the string flashplayer_down.php?clickid= in the URL. We found 113 examples of malware meeting these criteria since March 2018 in AutoFocus. 77 of these malware samples are identified with a CoinMiner tag in AutoFocus. The remaining 36 samples share other tags with those 77 CoinMiner-related executables. See Appendix A for the full list of the file hashes. Appendix B lists 473 file names and URLs for these fake Flash updates from March 25th, 2018 through September 10th, 2018.

Discussion
Posted by cageymaru October 11, 2018 10:45 PM (CDT)

AMD Radeon Software Adrenalin Edition 18.10.1 drivers have been released and they offer support for the Windows 10 October 2018 Update. The drivers are optimized for Call of Duty: Black Ops 4. They have fixed issues such as the HDMI Audio Drivers not upgrading during Radeon Software installation, Fortnite experiencing lighting corruption on high or epic, 16 core systems randomly restarting during driver installation and the flickering textures in Sea of Thieves under mGPU configurations. New Vulkan extension support was also added.

Known Issues: When using Radeon Overlay on system configurations with the latest Windows10 October 2018 Update some users may experience intermittent instability or game crashes. Microsoft Office applications may experience lag or stutter when dragging applications. Radeon RX Vega Series graphics products may experience elevated memory clocks during system idle.

Discussion
Posted by cageymaru October 11, 2018 6:35 PM (CDT)

Another day, another massive user data leak, this time from FitMetrix. The fitness company, which makes software for institutions like Crossfit and SoulCycle, reportedly hosted user data on AWS instances, but forgot to use a password to secure that data. Security researcher Bob Diachenko claims the database contained 113.5 million records, with each record containing some combination of a "user's name, gender, email address, phone numbers, profile photos, their primary workout location, emergency contacts and more." The server was still open and vulnerable when Bob and TechCrunch posted their articles.

"We recently became aware that certain data associated with FitMetrix technology stored online may have been publicly exposed," said Jason Loomis, Mindbody's chief information security officer. "We took immediate steps to close this vulnerability," he added. "Current indications are that this data included a subset of the consumers managed by FitMetrix, which was acquired by Mindbody in February 2018, and did not include any login credentials, passwords, credit card information or personal health information," he said. Diachenko rebuffed Mindbody’s claim, saying that there was "some" health information in the data, based on his analysis of the data. TechCrunch also found several records including height, weight and shoe sizes. When asked to clarify, Mindbody spokesperson Jennifer Saxon would not comment further.

Discussion
Posted by alphaatlas October 11, 2018 12:04 PM (CDT)

Roberts Space Industries launched the Star Citizen Alpha 3.3 update. Among other things, the update features long awaited performance improvements, AI controlled enemies, in game chat that can map your facial features with a camera, and as always, new ships to buy. The company showed off some footage of the new alpha at CitizenCon 2018. Meanwhile, RSI also uploaded a new trailer for Squadron 42, featuring Mark Hamill, Henry Cavill, and other high profile stars. Squadron 42, a spinoff of the main game, is supposed to get an official roadmap in December. Check it out in the trailer below:

Join the brave men and women of the 2nd Fleet as they stand strong against the greatest threats the UEE has ever faced. Will you answer the call?

Discussion
Posted by alphaatlas October 11, 2018 8:03 AM (CDT)

After pulling the release due to a bug that deletes user data, Microsoft is rolling out a patched version of the Windows 10 October Update to Windows Insiders. Interestingly, Microsoft notes that "one one-hundredth of one percent of version 1809 installs" reported any data loss, which could still be a significant number of people given the size of the Windows 10 user base. Microsoft claims they've fixed "all known" issues related to the bug, and gives a detailed, technical explanation of the issue. The company says affected users can call 1-800-MICROSOFT for support, free of charge. In response to the issue, Microsoft also updated the Windows Insider Feedback Hub, allowing users to rate the severity of their issue.

We will continue to closely monitor the update and all related feedback and diagnostic data from our Windows Insider community with the utmost vigilance. Once we have confirmation that there is no further impact we will move towards an official re-release of the Windows 10 October 2018 Update. We apologize for any impact these issues may have had on any of our customers. We are committed to learning from this experience and improving our processes and notification systems to help ensure our customers have a positive experience with our update process.

Discussion
Posted by alphaatlas October 10, 2018 8:56 AM (CDT)