Security Leftovers
-
Short Topix: New Free, Open Source AI Tool Can Fix Most Old Photos In Seconds
Apple iOS users didn't escape the past month unscathed. According to an article on Lifehacker, security researcher Alex Kleber discovered seven malware apps hiding in plain sight. While initially appearing to be by separate publishers, Kleber discovered that the malware apps were all created by a single group of hackers in China.
Here's a BIG oops! With the Google Pixel 6a hitting stores, reports have emerged about ANYONE'S fingerprint being able to unlock the phone … not just the user who registered their fingerprint, according to an article on 9 to 5 Google.
Still think all of those so-called "smart devices" are worth the trouble or a great idea? Well, here's an excellent exposé from Lifehacker about how all of these "smart devices" and IoT (which I've always called I(di)oT) devices sacrifice your privacy all in the name of convenience. This is what I've been saying all along. Remember that there is a literal GOLDMINE available in the reselling of your data, so it's going to be difficult (without legal or legislative restraints) to limit ANY company from profiting off of your data by selling and reselling your data to other "interested" parties … whose only interest is in serving up advertising and other tracking information. Even metadata or anonymized data, given enough of it, can paint a pretty accurate picture of a user from bits of innocent-looking data. In aggregate, it's not so innocent. THIS article deserves your attention, since the markets are now inundated by smart appliances, smart bulbs, smart thermostats, smart speakers, etc. (when I recently purchased a new thermostat for my house, the "non-smart" thermostats were buried on the retailer's website, and harder to find than they should have been). Scary, scary times ahead concerning privacy!
According to an article on BleepingComputer, another batch of 35 malware apps has been found in the Google Play Store. This latest batch of malware has been installed more than 2,000,000 times.
Research from cybersecurity provider Kaspersky found nearly 7 million users being affected by unwanted software disguised as browser add-ons, with many being found on Google Chrome. As reported, 4.3 million unique users were attacked by adware sneaking their way onto systems, while over 2.6 million users were affected by malware, according to an article from Laptop Mag.
"Bad actors" have been discovered creating false Google Ads in an effort to deliver malware to your computer, according to an article from Lifehacker. The "malvertising" disguises itself as a bona fide Google Ad to lure unsuspecting/less savvy users to a fake version of the site that's being searched for. We all knew ads were bad, but now they are even worse.
If you haven't changed to Bitwarden to help manage your online passwords, you may want to after hearing this. LastPass, one of the world's largest password managers, has confirmed on a blog post that it has been hacked, according to an article on Forbes. LastPass, which recently switched from a free service to a fee-based subscription service, has about 25 million users. While user data was never compromised, the hackers did gain access to some proprietary LastPass technical information, and gained access to some portions of source code.
-
Microsoft Defender falsely detects Win32/Hive.ZY in Google Chrome, Electron apps [Ed: If Microsoft Defender actually worked, it would flag Windows as malware. This is spin from Microsoft's devoted booster Lawrence Abrams.]
A bad Microsoft Defender signature update mistakenly detects Google Chrome, Microsoft Edge, Discord, and other Electron apps as 'Win32/Hive.ZY' each time the apps are opened in Windows.
-
Illinois electric company, ComEd, changes to Microsoft Azure hosting, and now I can't pay my power bill in SeaMonkey. Lots of Microsoft corruption in Illinois state government. | BaronHK’s Rants
The Illinois electric company, ComEd, changed to Microsoft Azure hosting, and now I can’t pay my power bill in SeaMonkey.
In Firefox, I had to whitelist a bunch of Microsoft domains to run JavaScript to pay my power bill, but in SeaMonkey, it won’t even load. Just a permanent spinny beachball of death.
The old site worked fine.
That’s on top of something that Roy Schestowitz mentioned for me in passing the other day on Techrights, that is the Illinois state court system leans on people to use Microsoft garbage. In that case, they implied that you need Microsoft Edge to view/edit PDFs and if you edit them with anything but Microsoft Edge, an unnamed (but presumably bad) type of thing could happen to your case.
In reality, you could view, edit, save, and “flatten” (print to a non-fillable form) when you were done with other PDF editors. I tried it out in Okular (KDE but runs fine in GNOME via Flatpak), GNOME’s Evince document viewer, and Firefox, at the least. So the court is simply putting up Microsoft spam.
The United States Customs and Immigration “Services” makes you fill out an insane number of confusing forms, but I managed to file a case with them using only KDE’s Okular in 2021, and it was approved.