Slashdot security articles

Syndicate content Slashdot: Generated for TarPitt (217247)
News for nerds, stuff that matters: Generated for TarPitt (217247)
Updated: 18 hours 42 min ago

Zuckerberg is Sitting on More Data About What People Want To Do Online Than Anyone Else in the World, Former Facebook Chief Security Officer Says

Thu, 03/28/2019 - 12:50
Former Facebook executive Alex Stamos explained how Facebook's Mark Zuckerberg is able to consistently make decisions that only make sense with the benefit of hindsight. From a report: "Mark Zuckerberg is sitting on more data about what people want to do online than anyone else in the world," said Stamos, who was speaking at the Washington Post's technology and policy conference on Wednesday evening. He cited the acquisitions of private messaging WhatsApp in 2014 for $19 billion, and photo-sharing service Instagram in 2012 for $1 billion, as examples of bets "that people think are insane but turn out to be prophetic because he knows the direction the world is going," Stamos said. Further reading: Facebook Used Its VPN App To Track Competitors, Documents Reveal.

Huawei's Equipment Poses 'Significant' Security Risks, UK Says

Thu, 03/28/2019 - 08:10
The U.K. government warned on Thursday Huawei's telecommunications equipment raises "significant" security issues, posing a possible setback to the Chinese tech firm as it looks to build out 5G networks. From a report: In 46-page report evaluating Huawei's security risks, British officials stopped short of calling for a ban of Huawei's 5G telecommunications equipment. But the assessment cited "underlying defects" in the company's software engineering and cybersecurity processes, citing "significantly increased risk to U.K. operators." The findings give weight to warnings from U.S. officials who have argued Huawei's networking equipment could be used for espionage by the Chinese government. Huawei has repeatedly said it does not pose any risk and insists it would not share customer data with Beijing. In a statement Thursday, Huawei said it takes the U.K. government's findings "very seriously."

Office Depot and Support.com To Pay $35 Million To Settle FTC Allegations That They Charged Users Millions in 'Fake' Malware Cleanup Fees

Thu, 03/28/2019 - 06:50
Office Depot and Support.com have coughed up $35 million after they were accused of lying to people that their PCs were infected with malware in order to charge them cleanup fees. From a report: Late Wednesday, the pair of businesses settled a lawsuit brought against them by the US Federal Trade Commission, which alleged staff at the tech duo falsely claimed software nasties were lingering on customers' computers to make a fast buck. The lawsuit, filed in southern Florida, claimed the two companies, including Office Depot subsidiary OfficeMax, from 2009 until November 2016 misrepresented the state of consumers' computers by using a sales tool designed to convince people to pay for diagnostic and repair services. "In numerous instances throughout this time period, Defendants used the PC Health Check Program to report to Office Depot Companies customers that the scan had found or identified 'Malware Symptoms' when it had not done so," the complaint stated. "Additionally, in numerous instances, the PC Health Check Program falsely reported to consumers that the program had found 'infections' on the consumer's computer." According to the watchdog's complaint, the PC Health Check Program was incapable of finding malware. Support.com allegedly programmed the software so that whenever an Office Depot Company employee checked any one of four checkboxes describing a generic concern, like slowness, before the scan started, the scan would automatically report the detection of malware symptoms, and for a time, infections.

French Gas Stations Robbed After Forgetting To Change Gas Pump PINs

Wed, 03/27/2019 - 19:30
An anonymous reader quotes a report from ZDNet: French authorities have arrested five men who stole over 120,000 liters (26,400 gallons) of fuel from gas stations around Paris by unlocking gas pumps using a special remote. The five-man team operated with the help of a special remote they bought online and which could unlock a particular brand of gas pumps installed at Total gas stations. The hack was possible because some gas station managers didn't change the gas pump's default lock code from the standard 0000. Hackers would use this simple PIN code to reset fuel prices and remove any fill-up limits. Crooks would operate in small teams of two to three individuals who visited gas stations at night using two vehicles. A man in a first car would use the remote to unlock the gas station, and then a second car, usually a van, would come along seconds later to fill a giant tanker installed in the back of the vehicle with as much as 2,000 or 3,000 liters in one go. The group advertised the fuel they stole on social media, providing a time and place where customers could come and refuel their vehicles or pick up orders for gasoline and diesel at smaller prices. Police uncovered the scheme in April 2018, when they arrested a suspect in possession of a remote used in the hack. "Five men, part of the same gang, were arrested on Monday, according to Le Parisien, who first reported the scheme last November," the report adds.

Microsoft Takes Control of 99 Domains Operated By Iranian State Hackers

Wed, 03/27/2019 - 16:10
An anonymous reader quotes a report from ZDNet: Court documents unsealed today revealed that Microsoft has been waging a secret battle against a group of Iranian government-sponsored hackers. The OS maker sued and won a restraining order that allowed it to take control of 99 web domains that had been previously owned and operated by a group of Iranian hackers known in cyber-security circles as APT35, Phosphorus, Charming Kitten, and the Ajax Security Team. The domains had been used as part of spear-phishing campaigns aimed at users in the US and across the world. APT35 hackers had registered these domains to incorporate the names of well-known brands, such as Microsoft, Yahoo, and others. The domains were then used to collect login credentials for users the group had tricked into accessing their sites. The tactic is decades old but is still extremely successful at tricking users into unwittingly disclosing usernames and passwords, even today. Some of the domains Microsoft has confiscated include the likes of outlook-verify.net, yahoo-verify.net, verification-live.com, and myaccount-services.net. Microsoft said it received substantial support from the domain registrars, which transferred the domains over to Microsoft as soon as the company obtained a court order.

Senators Demand To Know Why Election Vendors Still Sell Voting Machines With 'Known Vulnerabilities'

Wed, 03/27/2019 - 13:30
An anonymous reader quotes a report from TechCrunch: Four senior senators have called on the largest U.S. voting machine makers to explain why they continue to sell devices with "known vulnerabilities," ahead of upcoming critical elections. The letter, sent Wednesday, calls on election equipment makers ES&S, Dominion Voting and Hart InterCivic to explain why they continue to sell decades-old machines, which the senators say contain security flaws that could undermine the results of elections if exploited. "The integrity of our elections is directly tied to the machines we vote on," said the letter sent by Sens. Amy Klobuchar (D-MN), Mark Warner (D-VA), Jack Reed (D-RI) and Gary Peters (D-MI), the most senior Democrats on the Rules, Intelligence, Armed Services and Homeland Security committees, respectively. "Despite shouldering such a massive responsibility, there has been a lack of meaningful innovation in the election vendor industry and our democracy is paying the price," the letter adds. Their primary concern is that the three companies have more than 90 percent of the U.S. election equipment market share but their voting machines lack paper ballots or auditability, making it impossible to know if a vote was accurately counted in the event of a bug. Yet, these are the same devices tens of millions of voters will use in the upcoming 2020 presidential election. ES&S spokesperson Katina Granger said it will respond to the letter it received. The ranking Democrats say paper ballots are "basic necessities" for a reliable voting system, but the companies still produce machines that don't produce paper results.

FTC Fines Four Operations Responsible For Billions of Illegal Robocalls

Wed, 03/27/2019 - 11:36
Four companies that made billions of illegal robocalls have been caught and fined. From a report: The Federal Trade Commission on Tuesday said the agency reached settlements with four operations responsible for billions of illegal robocalls pitching debt-relief services, home security systems, fake charities, auto warranties and Google search results services. The companies were charged with violating the FTC Act, as well as the agency's Telemarketing Sales Rule and its Do Not Call provisions. "We have brought dozens of cases targeting illegal robocalls, and fighting unwanted calls remains one of our highest priorities," said Andrew Smith, director of the Bureau of Consumer Protection at the FTC, in a release. "We also have great advice on call-blocking services and how to reduce unwanted calls at [our website.]" The settlements come as the agency focuses on combating illegal robocalls. The four companies, NetDotSolutions, Higher Goals Marketing, Veterans of America and Pointbreak Media, are banned by court orders from robocalling and most telemarketing activities, according to the FTC's release. Further reading: FTC Tells ISPs To Disclose Exactly What Information They Collect On Users and What It's For.

Microsoft: Windows 10 Devices Open To 'Full Compromise' From Huawei PC Driver

Tue, 03/26/2019 - 17:00
According to ZDNet, researchers at Microsoft have discovered a buggy Huawei utility that could have given attackers a cheap way to undermine the security of the Windows kernel. From the report: Microsoft has now detailed how it found a severe local privilege escalation flaw in the Huawei PCManager driver software for its MateBook line of Windows 10 laptops. Thanks to Microsoft's work, the Chinese tech giant patched the flaw in January. As Microsoft researchers explain, third-party kernel drivers are becoming more attractive to attackers as a side-door to attacking the kernel without having to overcome its protections using an expensive zero-day kernel exploit in Windows. The flaw in Huawei's software was detected by new kernel sensors that were implemented in the Windows 10 October 2018 Update, aka version 1809. The kernel sensors are meant to address the difficulty of detecting malicious code running in the kernel and are designed to detect user-space asynchronous procedure call (APC) code injection from the kernel. Microsoft Defender ATP anti-malware uses these sensors to detect actions caused by kernel code that may inject code into user-mode. Huawei's PCManager triggered Defender ATP alerts on multiple Windows 10 devices, prompting Microsoft to launch an investigation. [...] The investigation led the researcher to the executable MateBookService.exe. Due to a flaw in Huawei's 'watchdog' mechanism for HwOs2Ec10x64.sys, an attacker is able to create a malicious instance of MateBookService.exe to gain elevated privileges. The flaw can be used to make code running with low privileges read and write to other processes or to kernel space, leading to a "full machine compromise." Long-time Slashdot reader shanen writes: Though the story features Huawei, there doesn't seem to be anything specific to that company there. Just innuendo that you can't trust Chinese companies, eh? "Don't throw your computer into that Chinese briar patch!" Anyway, the sordid reality is that Microsoft is the root of all evils in the Windows platform. If increasing security had been half as important as maximizing profits, then we'd be in a much better world today. All complicated software is buggy, but adding complexity for no good reason is just begging for more problems. Here's a crazy solution approach: Any OS feature that isn't used by a LARGE majority of the users should be REMOVED from the OS. Maybe that isn't strong enough. Maybe the OS should be strictly limited to what absolutely needs to be there. Guard those eggs carefully!

ASUS Releases Fix For ShadowHammer Malware Attack

Tue, 03/26/2019 - 13:30
Iwastheone shares a report from Engadget: ASUS may have inadvertently pushed malware to some of its computers through its update tool, but it at least it has a fix ready to go. The PC maker has released a new version of its Live Update software for laptops that addresses the ShadowHammer backdoor attack. It also promised "multiple security verification mechanisms" to reduce the chances of further attacks, and started using an "enhanced end-to-end encryption mechanism." There are upgrades to the behind-the-scenes server system to prevent future attacks, ASUS added. The company simultaneously reiterated the narrow scope of ShadowHammer, noting that the malware targeted a "very small and specific user group." It's believed to be an Advanced Persistent Threat -- that is, a state-backed assault against organizations rather than everyday users. Other ASUS devices weren't affected, according to a notice. While the fix is reassuring, it also raises questions as to why the systems weren't locked down earlier. Update tools are prime targets for hackers precisely because they're both trusted and have deep access to the operating system -- tight security is necessary to prevent an intruder from hijacking the process.

Gmail App Changes Will Cause Most IFTTT Features To Stop Working

Mon, 03/25/2019 - 16:45
Almost all of Gmail's IFTTT routines and actions will stop working at the end of the month as Google alters the Gmail API to make it more secure. The only functionality of IFTTT-Gmail integration will be sending yourself an email and sending an email to someone else. TechSpot reports: The roots of this problem reach back to a breathless report in the Wall Street Journal in the summer of 2018 that claimed Gmail app developers have been reading your email. What it actually meant was that Gmail's OAuth account access was too simple -- if you allowed an application to access to Gmail, it had access to all of it. Even apps that didn't need the full text of emails for their intended function would have access to that after you signed in. Google began tightening access to Gmail content for third-party apps, and that's where IFTTT comes in. As of March 31, Google is placing new restrictions on Gmail apps. Apps can no longer read, create, or modify message bodies. None of IFTTT's seven Gmail triggers will work anymore after the new API rules go into effect. In conversations with Google, IFTTT was able to keep two of the Gmail actions: sending yourself an email and sending an email to someone else. However, the trigger needs to be from another service. You can log into your IFTTT account to see which of your Applets are affected by the change. The new API rules only affect Gmail. Other G Suite services like Google Drive and Assistant will remain operating normally.

Android Users' Security and Privacy At Risk From Shadowy Ecosystem of Pre-Installed Software, Study Warns

Mon, 03/25/2019 - 14:20
Researchers behind a large-scale independent study of pre-installed Android apps "unearthed a complex ecosystem of players with a primary focus on advertising and 'data-driven services' -- which they argue the average Android user is likely to be unaware of (while also likely lacking the ability to uninstall/evade the baked in software's privileged access to data and resources themselves)," reports TechCrunch. From the report: The study, which was carried out by researchers at the Universidad Carlos III de Madrid (UC3M) and the IMDEA Networks Institute, in collaboration with the International Computer Science Institute (ICSI) at Berkeley (USA) and Stony Brook University of New York (US), encompassed more than 82,000 pre-installed Android apps across more than 1,700 devices manufactured by 214 brands, according to the IMDEA institute. "The study shows, on the one hand, that the permission model on the Android operating system and its apps allow a large number of actors to track and obtain personal user information," it writes. "At the same time, it reveals that the end user is not aware of these actors in the Android terminals or of the implications that this practice could have on their privacy. Furthermore, the presence of this privileged software in the system makes it difficult to eliminate it if one is not an expert user." In all 1,200 developers were identified behind the pre-installed software they found in the data-set they examined, as well as more than 11,000 third party libraries (SDKs). Many of the preloaded apps were found to display what the researchers dub potentially dangerous or undesired behavior. The data-set underpinning their analysis was collected via crowd-sourcing methods -- using a purpose-built app (called Firmware Scanner), and pulling data from the Lumen Privacy Monitor app. The latter provided the researchers with visibility on mobile traffic flow -- via anonymized network flow metadata obtained from its users. They also crawled the Google Play Store to compare their findings on pre-installed apps with publicly available apps -- and found that just 9% of the package names in their dataset were publicly indexed on Play. Another concerning finding relates to permissions. In addition to standard permissions defined in Android (i.e. which can be controlled by the user) the researchers say they identified more than 4,845 owner or "personalized" permissions by different actors in the manufacture and distribution of devices. So that means they found systematic user permissions workarounds being enabled by scores of commercial deals cut in a non-transparency data-driven background Android software ecosystem. The researchers address the lack of transparency and accountability in the Android ecosystem by suggesting the introduction and use of certificates signed by globally-trusted certificate authorities, or a certificate transparency repository "dedicated to providing details and attribution for certificates used to sign various Android apps, including pre-installed apps, even if self-signed." They also suggest Android devices should be required to document all pre-installed apps, plus their purpose, and name the entity responsible for each piece of software -- and do so in a manner that is "accessible and understandable to users."

Google Fixes Chrome 'Evil Cursor' Bug Abused by Tech Support Scam Sites

Mon, 03/25/2019 - 14:20
Google has patched a Chrome bug that was being abused in the wild by tech support scammers to create artificial mouse cursors and lock users inside browser pages by preventing them from closing and leaving browser tabs. From a report: The trick was first spotted in September 2018 by Malwarebytes analyst Jerome Segura. Called an "evil cursor," it relied on using a custom image to replace the operating system's standard mouse cursor graphic. A criminal group that Malwarebytes called Partnerstroka operated by switching the standard OS 32-by-32 pixels mouse cursor with one of 128 or 256 pixels in size. A normal cursor would still appear on screen, but in the corner of a bigger transparent bounding box. [...] The "evil cursor" fix is currently live for Google Canary users, and is scheduled to land in the Chrome 75 stable branch, to be released later this spring.

Hacking Lawyers or Journalists Is Totally Fine, Says Notorious Cyberweapons Firm

Mon, 03/25/2019 - 08:50
The founder and CEO of NSO Group, the notorious Israeli hacking company with customers around the world, appeared on CBS's 60 Minutes Sunday night to defend the use of his company's tools in hacking and spying on lawyers, journalists, and minors when the country's customers determine the ends justify the means. From a report: NSO Group has reportedly sold hacking tools to dictators including those in Saudi Arabia, the United Arab Emirates, and across Central Asia -- a group of decision-makers whose track record includes numerous examples of human rights abuses and oppression of dissent. NSO's tools have been directly involved in the arrest of human rights activists and, in Mexico at least, spying on lawyers and journalists in an effort to catch the drug lord Joaquin "El Chapo" Guzman. "In order to catch El Chapo, for example, they had to intercept a journalist, an actress, and a lawyer," NSO Group founder Shalev Hulio told 60 minutes. "Now, by themselves, they are not criminals, right? But if they are in touch with a drug lord and in order to catch them, you need to intercept them, that's a decision an intelligence agency should get."

China Says it Cloned a Police Dog To Speed Up Training

Mon, 03/25/2019 - 06:45
A cloned dog, believed to be the first of the kind in China, has started training in Yunnan Province in a program to reduce the cost and time needed for training police dogs. From a report: Kunxun, a female of the Kunming wolfdog breed, was born on Dec. 19 last year in Beijing and arrived on March 5 for training at the Kunming Police Dog Base of the Ministry of Public Security. She was cloned from a 7-year-old female dog, known as Huahuangma, that has been in service in the city of Pu'er, Yunnan, by Sinogene, a Beijing-based biotechnology firm. The cloning is part of the ministry's research program. Huahuangma played important roles in helping detectives with dozens of murder investigations, and was accredited the first-level merit in 2016, said Wan Jiusheng, an officer who is responsible for training Kunxun. Huahuangma's outstanding abilities as a police dog made her an eligible donor of genes, Wan said. "It takes four to five years to train a meritorious dog such as Huahuangma, and costs hundreds of thousands of yuan," he said. Police dogs serving in real tasks are not usually used for breeding. The cloning program helps researchers copy their excellent genes and reduces the time and costs needed for training, researchers familiar with the program said.

Hackers Hijacked ASUS Software Updates To Install Backdoors on Thousands of Computers

Mon, 03/25/2019 - 06:05
ASUS is believed to have pushed malware to hundreds of thousands of customers through its trusted automatic software update tool after attackers compromised the company's server and used it to push the malware to machines. From a report: Researchers at cybersecurity firm Kaspersky Lab say that ASUS, one of the world's largest computer makers, was used to unwittingly to install a malicious backdoor on thousands of its customers' computers last year after attackers compromised a server for the company's live software update tool. The malicious file was signed with legitimate ASUS digital certificates to make it appear to be an authentic software update from the company, Kaspersky Lab says. ASUS, a multi-billion dollar computer hardware company based in Taiwan that manufactures desktop computers, laptops, mobile phones, smart home systems, and other electronics, was pushing the backdoor to customers for at least five months last year before it was discovered, according to new research from the Moscow-based security firm. The researchers estimate half a million Windows machines received the malicious backdoor through the ASUS update server, although the attackers appear to have been targeting only about 600 of those systems. The malware searched for targeted systems through their unique MAC addresses. Once on a system, if it found one of these targeted addresses, the malware reached out to a command-and-control server the attackers operated, which then installed additional malware on those machines. Kaspersky Lab said it uncovered the attack in January after adding a new supply-chain detection technology to its scanning tool to catch anomalous code fragments hidden in legitimate code or catch code that is hijacking normal operations on a machine. The company plans to release a full technical paper and presentation about the ASUS attack, which it has dubbed ShadowHammer, next month at its Security Analyst Summit in Singapore.

Which Programming Language Has The Most Security Vulnerabilities?

Sun, 03/24/2019 - 19:39
A new report from the open source security company WhiteSource asks the question, "Is one programming language more secure than the rest?" An anonymous reader quotes TechRepublic: To answer this question, the report compiled information from WhiteSource's database, which aggregates information on open source vulnerabilities from sources including the National Vulnerability Database, security advisories, GitHub issue trackers, and popular open source projects issue trackers. Researchers focused in on open source security vulnerabilities in the seven most widely-used languages of the past 10 years to learn which are most secure, and which vulnerability types are most common in each... The most common vulnerabilities across most of these languages are Cross-SiteScripting (XSS); Input Validation; Permissions, Privileges, and Access Control; and Information Leak / Disclosure, according to the report. Across the seven most widely-used programming languages, here's how the vulnerabilities were distributed: C (47%) PHP (17%) Java (11%) JavaScript (10%) Python (5%) C++ (5%) Ruby (4%) But the results are full of disclaimers -- for example, that C tops the list because it's the oldest language with "the highest volume of written code" and "is also one of the languages behind major infrastructure like Open SSL and the Linux kernel." The report also notes a "substantial rise" across all languages for known open source security vulnerabilities over the last two years, attributing this to more awareness about vulnerable components -- thanks to more research, automated security tools, and "the growing investment in bug bounty programs" -- as well as the increasing popularity of open source software. And it also reports a drop in the percentage of critical vulnerabilities for most languages -- except JavaScript and PHP. The report then concludes that "the Winner Of Most Secure Programming Language is...no one and everyone...! It is not about the language itself that makes it any more or less secure, but how you use it. If you are mitigating your vulnerabilities throughout the software development lifecycle with the proper management approach, then you are far more likely to stay secure." Coincidentally, WhiteSource sells software which monitors open source components throughout the software development lifecycle to provide alerts about security (and licensing) issues.

Which Programming Language Has The Most Security Vulnerabilties?

Sun, 03/24/2019 - 19:39
A new report from the open source security company WhiteSource asks the question, "Is one programming language more secure than the rest?" An anonymous reader quotes TechRepublic: To answer this question, the report compiled information from WhiteSource's database, which aggregates information on open source vulnerabilities from sources including the National Vulnerability Database, security advisories, GitHub issue trackers, and popular open source projects issue trackers. Researchers focused in on open source security vulnerabilities in the seven most widely-used languages of the past 10 years to learn which are most secure, and which vulnerability types are most common in each... The most common vulnerabilities across most of these languages are Cross-SiteScripting (XSS); Input Validation; Permissions, Privileges, and Access Control; and Information Leak / Disclosure, according to the report. Across the seven most widely-used programming languages, here's how the vulnerabilties were distributed: C (47%) PHP (17%) Java (11%) JavaScript (10%) Python (5%) C++ (5%) Ruby (4%) But the results are full of disclaimers -- for example, that C tops the list because it's the oldest language with "the highest volume of written code" and "is also one of the languages behind major infrastructure like Open SSL and the Linux kernel." The report also notes a "substantial rise" across all languages for known open source security vulnerabilities over the last two years, attributing this to more awareness about vulnerable components -- thanks to more research, automated security tools, and "the growing investment in bug bounty programs" -- as well as the increasing popularity of open source software. And it also reports a drop in the percentage of critical vulnerabilities for most languages -- except JavaScript and PHP. The report then concludes that "the Winner Of Most Secure Programming Language is...no one and everyone...! It is not about the language itself that makes it any more or less secure, but how you use it. If you are mitigating your vulnerabilities throughout the software development lifecycle with the proper management approach, then you are far more likely to stay secure." Coincidentally, WhiteSource sells software which monitors open source components throughout the software development lifecycle to provide alerts about security (and licensing) issues.

Airline Passenger Walked Past Security With a Loaded Gun Magazine

Sun, 03/24/2019 - 05:34
An airline passenger "passed a security checkpoint with a loaded gun magazine," reports the Associated Press, citing information from an airport duty manager: Bob Rotiski said the passenger who apparently had visited a shooting range packed a loaded magazine in his carry-on bag. He said an officer identified the magazine during security screening, but the wrong bag was pulled from the line. By that time, the passenger had already left the checkpoint with the bag containing the magazine.... Security lines were closed and flights were temporarily grounded at a San Francisco International Airport terminal...for nearly an hour, and United Airline flights out of Terminal 3 were grounded Saturday morning as TSA officers looked for the passenger. "Rotiski said the lines reopened after officers located the passenger and brought him back for re-screening."

Pwn2Own Competitors Crack Tesla, Firefox, Safari, Microsoft Edge, and Windows 10

Sat, 03/23/2019 - 17:34
A research duo who hacked a Tesla were the big winners at the annual Pwn2Own white hat security contest, reports ZDNet. "The duo earned $375,000 in prize money, of the total of $545,000 awarded during the whole three-day competition... They also get to keep the car." Team Fluoroacetate -- made up of Amat Cama and Richard Zhu -- hacked the Tesla car via its browser. They used a JIT bug in the browser renderer process to execute code on the car's firmware and show a message on its entertainment system... Besides keeping the car, they also received a $35,000 reward. "In the coming days we will release a software update that addresses this research," a Tesla spokesperson told ZDNet today in regards to the Pwn2Own vulnerability. Not coincidentally, Team Fluoroacetate also won the three-day contest after earning 36 "Master of Pwn" points for successful exploits in Apple Safari, Firefox, Microsoft Edge, VMware Workstation, and Windows 10... [R]esearchers also exploited vulnerabilities in Apple Safari, Microsoft Edge, VMware Workstation, Oracle Virtualbox, and Windows 10.

Lithuanian Pleads Guilty To Stealing $100 Million From Google, Facebook

Fri, 03/22/2019 - 18:10
schwit1 writes: Evaldas Rimasauskas, a Lithuanian citizen, concocted a brazen scheme that allowed him to bilk Facebook and Google out of more than $100 million. The crime defrauded Google of $23 million and Facebook of $99 million. Rimasauskas committed the crimes between 2013 to 2015, an indictment was issued in 2017, and he was formally indicted Wednesday in New York after he pleaded guilty to wire fraud, aggravated identity theft, and three counts of money laundering. "As Evaldas Rimasauskas admitted today, he devised a blatant scheme to fleece U.S. companies out of over $100 million, and then siphoned those funds to bank accounts around the globe," said U.S. Attorney Geoffrey S. Berman in a DoJ press release. How did he do it? The indictment reveals that he simply billed the companies for the amounts and they paid the bills. Rimasauskas was able to trick company employees into wiring the money to multiple bank accounts that he controlled and had set up in institutions in Cyprus, Lithuania, Hungary, Slovakia, and Latvia.