Software

Facebook Introduces Tools for Reporting Messenger Conversations

Facebook Introduces Tools for Reporting Messenger Conversations

In response to criticisms of its Messenger app, Facebook unveiled new tools which will allow users to report conversations that are in violation of its Community Standards. Users can now flag messages that may fall under categories such as harassment, hate speech, or suicide which will be escalated to the Facebook review team. It is said that the new reporting tools had been prompted by complaints from Myanmar that Facebook was not doing enough to address hate speech. It was reported that chain messages threatening attacks on opposing Buddhist and Muslim sides had significantly raised tensions in the country and […]

New Malware Harvests Saved Credentials on Firefox, Chrome

New Malware Harvests Saved Credentials on Firefox, Chrome

Researchers from Proofpoint recently uncovered a malware being used in a phishing campaign called Vega Stealer which is being used to steal credentials and financial data from Chrome and Firefox browsers. A variant of August Stealer, the new malware is said to have upgraded capabilities which includes a new network communication protocol and Firefox stealing functionality which nabs password and key files –  “key3.db” “key4.db”, “logins.json”, and “cookies.sqlite”. Vega Stealer also able to take screenshots, scan the infected computer and swipe .doc, .docx, .txt, .rtf, .xls, .xlsx, or .pdf files. Source: ZDNet

EFF Warns Against PGP, Reveals Vulnerabilities

EFF Warns Against PGP, Reveals Vulnerabilities

The Electronic Frontier Foundation (EFF) recently advised users to immediately disable or uninstall PGP upon discovering a number of vulnerabilities that could reveal the contents of email previously thought to be encrypted. EFF’s claims were supported by researchers who also said that there are currently no known fixes for the flaws and told users to instead consider using end-to-end secure channels, such as Signal. The foundation has also created guides for disabling PGP in Outlook using Thunderbird and Enigmail, Gpg4win, and Apple Mail with GPGTools. GnuPG however, tweeted that the EFF merely found mail clients which do not properly check […]

Android P to Fight Smartphone Addiction with “Digital Wellness” Function

Android P to Fight Smartphone Addiction with “Digital Wellness” Function

Google revealed at its developer conference last Tuesday that it will be including a number of tools that will help users fight smartphone addiction in its next version of Android. Included in the upcoming Android P are four new functions. The Do Not Disturb mode takes out all visual indicators even when the user uses the phone while the App Dashboard provides a quick overview of the user’s usage of the device. The App Timer can be used to set a daily time limit for app usage, and Wind Down feature blocks out blue light and gradually turns the screen […]

Tech Giants Still Rely on Flawed Software Used by Equifax

Tech Giants Still Rely on Flawed Software Used by Equifax

It was reported this week that at least seven large tech companies are still using vulnerable versions of Apache Struts, a web server software used to provide web applications in Java. The flaw in the software was exploited by hackers to steal sensitive information such as names, addresses, social security numbers from credit reporting firm Equifax. Patches for the bug had already been issued, but it was recently revealed by open-source automation firm Sonatype that least 10,800 companies and over half of the Fortune Global 100 are still using vulnerable versions of the software. However, even after the widely publicized […]

Russia Blocks VPNs and Proxy Services Used for Telegram

Russia Blocks VPNs and Proxy Services Used for Telegram

Russian telecoms watchdog Roskomnadzor moved to block around 50 VPN and proxy services for providing access to Telegram which had also been blocked around last month. The list of banned services had not been officially revealed as the ban on Telegram itself is said to not be going according to plan. The government initially blocked Telegram’s known IP addresses, but the service then switched to new IPs. After this, Roskomnadzor attempted to ban nearly 20 million IP addresses belonging to Amazon and Google Cloud, but abandoned the plan after a number of unrelated services had suffered outages for almost 12 […]

Security Patches Overwhelm Singapore Firms

Security Patches Overwhelm Singapore Firms

A recent global survey conducted by the Ponemon Institute showed that Singaporean companies are currently struggling with the influx of security patches, with as much as 78% admitting to the lack adequate resources to keep pace and 74% saying that they are unable to take critical systems offline for patching. In the study which polled around 3000 respondents, with 165 from Singapore, it was revealed that the companies spend on the average around 154 hours a week just to roll out patches. Additionally, 79% said that they did not have enough personnel to apply the patches in a timely manner. […]

Amazon Threatens to Shut Down Signal’s Account for Evading Censorship

Amazon Threatens to Shut Down Signal’s Account for Evading Censorship

Amazon recently announced a change to its Amazon Web Services which will end the practice of domain fronting. In relation to this, the ecommerce giant also sent a warning letter to encrypted messaging app Signal, threatening to cut its CloudFront account if it continues to use Amazon’s sites to avoid censorship. Domain fronting uses a content delivery network’s architecture to hide the actual destination of encrypted Internet traffic. Signal had previously used Google’s services, but switched to Amazon after the search giant got rid of the domain fronting scheme from its network. Signal had reportedly used Google’s App Engine, and […]

Iran Blocks Telegram, Promotes Own Messaging App

Iran Blocks Telegram, Promotes Own Messaging App

Iran’s state media reported this week that the country’s judiciary court has decided to block popular encrypted messaging app Telegram, effective last Monday. The Iranian government says that Telegram had been used to coordinate illicit activities, as well as anti-government protests during the period of unrest earlier this year. The government is instead endorsing a homegrown messaging service called Soroush which reportedly features emojis depicting veiled women calling for “death to America”. The decision was shortly made after Russia’s own ban on Telegram which citizens protested at a march in Moscow last Monday. Source: CNBC

Singapore Airport to Use Facial Recognition to Identify Late Travelers

Singapore Airport to Use Facial Recognition to Identify Late Travelers

Changi Airport Group’s chief information officer Steve Lee revealed this week that the Singaporean airport is planning to use facial recognition to find lost passengers or late boarders who may be delaying flights. Rated as the world’s best for six straight years, Changi Airport is currently exploring ways to leverage the newest technologies to solve problems and improve efficiency. Lee further revealed that they have already tested the technology and are currently working with a few firms, and the capability may be put to work as early as next year. A Chinese firm called Yitu, which recently set up shop […]