MI5 Warns of Spies Using LinkedIn To Trick Staff Into Spilling Secrets

According to the United Kingdom's Security Service, known as MI5, hostile states are creating fake LinkedIn profiles to trick users into spilling secrets. The BBC reports: At least 10,000 UK nationals have been approached by fake profiles linked to hostile states, on the professional social network LinkedIn, over the past five years, according to MI5. "Malicious profiles" are being used on "an industrial scale," the security agency's chief, Ken McCallum, said. A campaign has been launched to educate government workers about the threat. The effort -- Think Before You Link -- warns foreign spies are targeting those with access to sensitive information. One concern is the victims' colleagues, in turn, become more willing to accept follow-up requests - because it looks as if they share a mutual acquaintance. MI5 did not specifically name LinkedIn but BBC News has learned the Microsoft-owned service is indeed the platform involved. The 10,000-plus figure includes staff in virtually every government departments as well as key industries, who might be offered speaking or business and travel opportunities that could lead to attempts to recruit them to provide confidential information. And it is thought a large number of those approached engaged initially with the profiles that contacted them online. Read more of this story at Slashdot.
2021-04-20 21:00:01 preview's
Apple Announces New Apple TV 4K With Redesigned Siri Remote

The new Apple TV sports a more powerful A12 Bionic chip that lets it play HDR video at higher frame rates. It also comes equipped with a redesigned Siri remote. The Verge reports: The new Siri remote has an iPod-style scroll wheel, a five-way click pad, touch controls, a mute button, and a power button that can turn your TV on and off. Meanwhile, the Siri button is now on the side of the remote, and Apple says that the voice assistant now works on Apple TV in Austria, Ireland, and New Zealand, in addition to the 13 countries where it was already supported. Finally, the new Siri remote's enclosure is made out of 100 percent recycled aluminum. You'll get the new remote with the new $179 4K set-top box, or it's available separately for $59. As well as being compatible with the new Apple TV 4K, it also works with the 2017 model and Apple TV HD. Apple will also sell the remote bundled with the Apple TV HD for $149. Other features of the Apple TV 4K include support for 60fps Dolby Vision playback over AirPlay from a compatible iPhone, and the ability to optimize the colors of your TV screen using the light sensor on an iPhone. Read more of this story at Slashdot.
2021-04-20 20:30:05 preview's
YouTube CEO Susan Wojcicki Gets 'Freedom Expression' Award Sponsored By YouTube

An anonymous reader quotes a report from Newsweek: YouTube CEO Susan Wojcicki received a "Free Expression" award from the Freedom Forum Institute in a virtual ceremony sponsored by YouTube, an online video platform owned by Google. On Thursday, YouTube creator Molly Burke presented Wojcicki with the accolade in a video shared to the platform. "I'm so excited to be here tonight to present Susan Wojcicki with the Free Expression award. As the CEO of YouTube, Susan is facing some of the most critical issues around free expression today," Burke said. Following the ceremony, some Twitter users mocked Wojcicki for receiving an award that was sponsored by her own platform. "YouTube CEO won a Free Speech award...sponsored by YouTube. Hahahahhhaahhhahhahahahaaaaaaa," one user wrote. Another wrote, "Lol, youtube receiving an award for free expression/pro first amendment is Orwellian s***. What's next, Facebook getting an award for respecting privacy?" Read more of this story at Slashdot.
2021-04-20 20:15:02 preview's
Venmo to Allow Customers to Buy, Sell and Hold Cryptocurrencies

PayPal on Tuesday will begin allowing select customers of its Venmo app to buy, sell, and hold cryptocurrencies as consumers increasingly look for ways to pile into the digital assets. Bloomberg reports: The firm will make it available to all the app's users, who number more than 70 million, within the next few weeks. For now, Venmo is allowing customers to trade in just four types of cryptocurrency: Bitcoin, Ethereum, Litecoin and Bitcoin Cash. Users will also have the ability to share their cryptocurrency purchases on the Venmo feed. "We do think some customers will certainly want to share this fun experience," Darrell Esch, senior vice president and general manager of the Venmo app at PayPal, said in an interview. "They can share with their friends and community that they've taken the step into this space." Read more of this story at Slashdot.
2021-04-20 19:30:02 preview's
Pause of J&J vaccine was the right call, say 88% of polled Americans

Poll results contradict concerns that the pause added to hesitancy.
2021-04-20 18:45:02 preview's
Hackers Are Exploiting a Pulse Secure 0-Day To Breach Orgs Around the World

An anonymous reader quotes a report from Ars Technica: Hackers backed by nation-states are exploiting critical vulnerabilities in the Pulse Secure VPN to bypass two-factor authentication protections and gain stealthy access to networks belonging to a raft of organizations in the US Defense industry and elsewhere, researchers said. At least one of the security flaws is a zero-day, meaning it was unknown to Pulse Secure developers and most of the research world when hackers began actively exploiting it, security firm Mandiant said in a blog post published Tuesday. Besides CVE-2021-22893, as the zero-day is tracked, multiple hacking groups -- at least one of which likely works on behalf of the Chinese government -- are also exploiting several Pulse Secure vulnerabilities fixed in 2019 and 2020. Used alone or in concert, the security flaws allow the hackers to bypass both single-factor and multifactor authentication protecting the VPN devices. From there, the hackers can install malware that persists across software upgrades and maintain access through webshells, which are browser-based interfaces that allow hackers to remotely control infected devices. Multiple intrusions over the past six months have hit defense, government, and financial organizations around the world, Tuesday's post reported. Separately, the US Cybersecurity and Infrastructure Security Agency said that targets also include US government agencies, critical infrastructure entities, and other private sector organizations." Mandiant said that it has uncovered "limited evidence" that tied one of the hacker groups to the Chinese government. Dubbed UNC2630, this previously unknown team is one of at least two hacking groups known to be actively exploiting the vulnerabilities. Tuesday's blog post also referred to another previously unseen group that Mandiant is calling UNC2717. In March, the group used malware Mandiant identifies as RADIALPULSE, PULSEJUMP, and HARDPULSE against Pulse Secure systems at a European organization. Pulse Secure on Tuesday published an advisory instructing users how to mitigate the currently unpatched security bug. Read more of this story at Slashdot.
2021-04-20 18:45:01 preview's
Everybody hates “FLoC,” Google’s tracking plan for Chrome ads

The EFF, Mozilla, Brave, Vivaldi, and DuckDuckGo, say "no way" to FLoC.
2021-04-20 18:15:03 preview's
What if Starship Didn’t Do a Landing Burn at All?

Another 3D graphic artist has a proposal for Musk: to "catch" the Starship using a special launch tower, kind of like they want to do with the Super Heavy. The post What if Starship Didn’t Do a Landing Burn at All? appeared first on Universe Today.
2021-04-20 17:30:05 preview's
What if Starship Didn’t Do a Landing Burn at All?

Another 3D graphic artist has a proposal for Musk: to "catch" the Starship using a special launch tower, kind of like they want to do with the Super Heavy. The post What if Starship Didn’t Do a Landing Burn at All? appeared first on Universe Today.
2021-04-20 17:15:03 preview's
Grab a pair of recommended Anker noise-canceling headphones for $68

Dealmaster also has deals on Fitbit trackers, great wireless mice, and more.
2021-04-20 16:15:03