Monday, October 31, 2016
Mail.ru Forums Hacked Over 25 Million Users Accounts Gets Compromised
Mail.ru Forums Hacked Over 25 Million Users Accounts Gets Compromised.
Russian Internet company communities cfire.mail.ru (Cross Fire game), parapa.mail.ru (ParaPa Dance City game), and tanks.mail.ru (Ground War: Tank game) forums get hacked. These communities were running on vBulletin forums which are vulnerable to the hack.
Hackers used SQL vulnerabilities found in unpatched vBulletin forum software, which allows accessing to the database including usernames, email addresses, hash passwords, and their birthdays.
The Leaked source which provides data breaches in an index and exposes 27,449,088 user records compromised from all services data of mail.ru on its website.
According to leaked source,
- cfire.mail.ru – 12,881,787 users, 6,226,196 passwords cracked at the time of this post.
- parapa.mail.ru (main game) – 5,029,530 users, 3,329,532 passwords cracked at the time of this post.
- parapa.mail.ru (forums) – 3,986,234 users, 2,907,572 passwords cracked at the time of this post.
- tanks.mail.ru – 3,236,254 users, 0 passwords cracked at the time of this post.cfire.mail.ru contained 12,881,787 user records.
Top 50 Passwords of *.mail.ru communities are as follows:
RankPasswordFrequency
1123456789263,347
212345678201,977
3123456 89,756
4123456789089,497
5qwertyuiop32,584
612312312331,268
71111111130,827
81q2w3e4r5t30,087
91q2w3e4r27,399
1098765432123,387
11qazwsxedc20,748
12qweasdzxc19,039
131234qwer18,434
141234432117,488
15111111 16,372
168888888814,651
171qaz2wsx14,487
18123455432114,262
19qwertyui14,187
20123123 13,892
2178945612313,753
221234567891013,568
230000000013,548
24123456789a12,828
251234567 12,582
268765432112,333
27crossfire12,091
28098765432111,841
29123321 11,609
30asdfghjkl11,395
31qwerty 11,284
321q2w3e4r5t6y11,021
33123qweasdzxc10,757
3414725836910,112
351236547899,542
3612345qwert9,162
37123456789q9,148
38qwer12348,965
39123412348,588
40qwerty1238,563
41q1w2e3r4t58,185
42q1w2e3r48,183
4311111111118,118
44112233448,061
45555555557,919
461qaz2wsx3edc7,652
477418529637,427
48123qweasd7,280
49666666 7,263
5010293847566,875
Account users will have to keep strong password rather than ‘123456789’, which is a weak password.
However, Mail.ru spokesperson says that the leaked password database are no longer valid.
Hackers Group Attack On Official Website of Israel Prime Minister and Bank Of Israel
Cyber Attack On Official Website of Israel Prime Minister and Bank Of Israel
Ghost Squad Hackers Group Takes Down Bank of Israel and Prime Minister of Israel official website using DOS attack.
One of the Hackers group member (S1ege) told Softpedia about this Cyber Attack,
“ We are attacking Israel for the ongoing atrocities they are committing on the Palestinian people. They just recently bombed Gaza again. The genocide needs to end. They are expanding an empire into land/ground that they do not own, over a book. There is a perpetual silence in the mainstream media. We hope our attacks will bring more awareness to this subject and bring more protests to this issue. ”
Yes we have some attacks planned for Israel. We, in [the] past, leaked IDF [Israel Defense Force]’s database. We plan to do similar attacks in the future if there is no word of the ongoing genocide in Israel. The United States mainstream media works as stenographers for the U.S. government and speaks nothing of this its corruption at it’s finest. We will not stand idly by and let it continue. We also plan to attack the Syrian government. ”
This group was already targeted on CNN and Fox news.
How This Trick Can Hijack Your Chrome Browsers
How This Trick Can Hijack Your Chrome Browsers.
Tech support scammers using Social engineering technique and show fake Google UI Toolbar in the form of JPEG.
Malware bytes Labs discovers that, the Fake address bar which looks like Microsoft website link: http://ift.tt/2buuwlq. Here attacker trying to steal user credential through tech support scam and also can say Social Engineering technique.
MalwareBytes notice that the address bar is nothing but a JPEG picture that is placed in the right spot to look like an actual address bar when the page loaded in full-screen mode. To make matters more confusing this particular scam is hosted on Amazon, and that is the correct address bar.
Fake Dialog Box PopUp in Google Chrome is the “Prevent this page from displaying additional dialogs” option particularly useful when certain websites ask you “Are you sure you want to leave this page?” followed by “Are you really, truly sure you want to do it?” and some.
Users also gets Fake calls from Tech Support Scams like,
Hello, we are calling from Windows and your computer looks like it is infected. Our Microsoft Certified Technician can fix it for you.
Conclusion:
- Be alert from these fake Popups.
- Don’t give personal information via CALL.
VolatilityBot – An Automated Memory Analyzer For Malware Samples And Memory Dumps
VolatilityBot – An Automated Memory Analyzer For Malware Samples And Memory Dumps
VolatilityBot is an automation tool for researchers cuts all the guesswork and manual tasks out of the binary extraction phase, or to help the investigator in the first steps of performing a memory analysis investigation. Not only does it automatically extract the executable (exe), but it also fetches all new processes created in memory, code injections, strings, IP addresses, etc.
Motivation
Part of the work security researchers have to go through when they study new malware or wish to analyse suspicious executables is to extract the binary file and all the different injections and strings decrypted during the malware’s execution.
In the new version of VolatilityBot, a new feature is automated analysis of memory dumps, using heuristics and YARA/Clam AV Scanners (Clam scan coming soon). This feature is useful for memory analysis at scale. Usually, this initial process is done manually, either of a malware sample, or a memory dump and it can be lengthy and tedious.
Current features
Automated analysis of malware samples (Based on diff-ing between clean memory image and infected one )
- Extraction of injected code
- Dump of new processes
- Yara scan, static analysis, string extraction, etc. on all outputs
Automated heuristic analysis of memory dumps
- Detect anomallies using heuristics and dump the relevant code
- Yara scan, static analysis, string extraction, etc. on all outputs.
Prepare the VM (Currently only vmware)
Create a new virtual machine, with Windows XP up to windows 10 x64.
Make sure the machine has windows defender and FW disabled, and has a static IP
Install python 3.5
Create c:\temp folder, or change the destination folder in config
Copy the agent.py from Utils and launch it (you can execute it without the console using pythonw.exe)
Take a snapshot of the VM
repeat steps 1-6 for as many VMs as you want
Configuring the host
Edit the required parameters, as instructed in the conf/conf.py file
Execute db_builder.py – in order to create the database
Execute gi_builder.py – in order to build the golden images for all active VMs
Submit
Analyze a memory dump using heuristics, and dump output to folder
VolatilityBot.py -m –dump -f /Users/Martin/Downloads/stuxnet.vmem
Submit an executable and analyze it using Volatility:
VolatilityBot.py -f <Sample Path>
VolatilityBot.py -D
No limits: can the new guidelines on kids and screens work?
There are big changes for families in the new recommendations to guide children’s use of anything with a screen, such as computers, tablets, mobile phones, televisions and video games.
In a bold move, the authorising body, the American Academy of Paediatrics (AAP), is dropping its most well known suggestion: no screen time before the age of two years.
The AAP guidelines now state that it is now OK for very young children to look at or talk to family members occasionally using a video chat program, such as Skype.
The new recommendations also say it is now OK for children aged 18 months to five years to watch some educational content as long as an adult is there to help them interpret and learn from the program.
A second important change to the guidelines is the removal of the two hour maximum time limit that children should spend on their device.
While the guidelines suggest that children aged 18 months to five years only spend around one hour per day, no suggested time limit has been given for children aged six to 18 years. Instead the responsibility has been passed to parents to decide what fits best with their family lifestyle.
Why the change?
The new screen guidelines will come as a welcome surprise to many parents who have struggled with outdated screen recommendations.
The previous guidelines were developed in the 1990s, well before iPads and apps were even invented, with the aim of guiding children’s viewing of television.
While they may have been relevant then, 30 years later many families have found it near impossible to keep within the limits. Not only have they found it difficult to count the minutes a child is on a device, but it is also difficult to limit that use when technology is threaded through so many parts of their lives.
The guidelines have also changed because they reflect the new understandings we have of the learning benefits that technology can offer children.
For example, recent research shows that quality and selective use of interactive devices can help children develop skills in problem solving and collaboration, that social media use can provide community support for young people with mental illnesses, and that children as young as 18 months of age – most of whom speak only in single word utterances – can use the (few) words they do know to learn new words when using a screen.
Are the new guidelines a good idea?
Many adults may feel that the new guidelines are a cop out.
There is a lot of research to show that kids are glued to their screens. Many parents may consider that guidelines with no time limits will exacerbate that situation, as will allowing children to use a screen from very early on in life.
But the new guidelines are not saying it is OK for kids to use their devices 24/7, or that we should prop babies up against an iPad or other tablet as a pseudo babysitter all day.
Instead they are saying to parents it is their responsibility to guide children.
The AAP acknowledges that the previous guidelines have been causing difficulties for too many families and that one size does not fit all any longer. The new guidelines are an attempt to begin a more individualised approach to managing the ways children use screens.
How to work with the new screen guidelines
This is a new approach for many families. Parents may feel somewhat daunted with knowing how to manage kids’ screen time, and to be sure they are doing it right.
There are some key messages embedded in the guidelines to support parents in guiding children’s screen use:
Make sure your child has a balanced approach to technology. Technology use should not replace physical activity, sleep or spending time with others.
Parents should take an active role in their children’s screen engagement. This does not mean not allowing your child to do anything independently on their device, but rather to be interested in what they do on there and provide hands on guidance.
Take a planned approach to managing the time your child spends on a screen. Don’t leave it to chance every day.
While there will always be research to show the ills of technology, these guidelines send a good message. They encourage parents and children to engage with screen content together, and they encourage parents to be informed role models for children to use technology in a balanced and healthy way.
These attempts to help families think more strategically about what they want for their children are long overdue and are a move in the right direction.
The next move needs to be to make sure parents are meaningfully supported in their important role of guiding children’s screen use.
Hack QR Code Through QRLJacking Attack
Hack QR Code Through QRLJacking Attack
QRLJacking or Quick Response Code Login Jacking is a simple social engineering attack vector capable of session hijacking affecting all applications that rely on “Login with QR code” feature as a secure way to login into accounts. In a simple way, In a nutshell victim scans the attacker’s QR code results of session hijacking. This tool is launched by Information Security Researcher Mohamed Abdelbasset Elnouby from Seekurity Labs.
What are the requirements to achieve a successful QRLJacking attack?
QRLJacking attack consists of two sides:
- Server Side: A server side script is needed to serve and shape the final look to the victim.
- Client Side: Cloning the QR and pushing it to the phishing page.
Example: WhatsApp Web Application!
Server Setup (Attacker’s hosting):
Upload “qrHandler.php” to your server, this php file is used to convert the base64 qr code string into a valid .JPG file
Now we have a valid generated QR image named “tmp.jpg” residing in the same root folder of your files and will be updated whenever that php file will be called, So we can put it anywhere “for example a fake WhatsApp page, a scam page with an offer related to WhatsApp, etc… depending on your creativity”
Now update the “phishing.html” file your prefered phishing page source code.
Client Side Setup (Attacker’s browser):
- Open your Firefox browser!
- Write “about:config” in the url area, click the “i’ll be careful, i promise” confirmation button.
- Search for a preference named “security.csp.enable” and change it’s value to “false” by double clicking it to allow performing an XHR Request over a different domain (We’re not supporting leaving this preference disabled, you may do that while testing, but after that you should set the preference to its original state).
- Instal Greasemonkey addon (http://ift.tt/1eVu09J) and be sure that the module file “WhatsAppQRJackingModule.js” is loaded and already running!
- Now We’re Ready, Browse to our example “http://ift.tt/1Dt3Tno” on your side, Wait for a WhatsApp session to be loaded, Greasemonkey should now inject our WhatsApp module file to catch and .
- Send the direct link of the final phishing page to a victim “Once the QR scanned, Victim’s session is yours now”
Video:
Attacking WhatsApp Web Application and performing MiTM attack to inject a bogus ad including WhatsApp QR Code Demo Video.
Facebook And Twitter Accounts Can Hack Through target="_blank" Vulnerability
Facebook And Twitter Accounts Can Hack Through target=”_blank” Vulnerability.
The target=”_blank” is using for target attribute specifies where to open the link in new tab. Hackers are using this trick for Phishing Attack. When a user click on the text link, then the malicious link will open in new Tab. This cyber attack could happen on browser based not Web Servers.
How does it work?
According to security researcher Ben Halpern, Facebook and Twitter social networks accounts are vulnerable.
In order to restrict the behavior window.opener access, the original page needs to add a rel=”noopener” attribute to any link that has target=”_blank”. However, Firefox does not support that tag, so you should actually use rel=”noopener noreferrer” for full coverage.
Some amount of prevention can be achieved through scripting, though, as observed with Twitter, this seems to fail on Safari. This issue is not well-known, and is totally underestimated. This has been brought up in a Web Hypertext Application Technology Working Group mailing list, said Halperm.
How to Fix?
Developers should add attribute rel=”noopener” into the website code. Because some browsers does not fully support that attribute, developers should use rel=”noopener noreferrer” instead.
Betabot Trojan Steals Your Passwords And Install Ransomware To Monetize
Betabot Trojan Steals Your Passwords And Install Ransomware To Monetize.
Betabot was delivered by Neutrino Exploit Kit. The IP used for both Betabot and Cerber is 93[.]174.91.49. A virustotal report on this IP provides additional details here. A screenshot below highlights the multiple filenames used between Betabot and Cerber. Invincea described in its blog,
| Server IP used to download Betabot and Cerber malware |
You can see in image Betabot weaponized documents have been found bb.exe (bb denoting betabot), bbcrypt.exe, and diablo.exe.
How this attack work?
Betabot spread through spam emails contained a file attachment, a Word file contain malicious macro scripts. In Microsoft office user activated macro support then scripts automatic download and install Betabot to infect your computer. And then scrapes all passwords stored in all local browsers.
According to report of Invincea, Cyber attacker maximizing the profits from an endpoint compromise, earning much larger payout by using multiple attack techniques.
Conclusion:
- Never open unknown file attachment in Email.
- Beware from Social Engineering attack.
Sunday, October 30, 2016
LuaBot First Botnet Malware To Target Linux Platforms
| View the binary’s ASCII in the last part and you’ll see the first email address | Credit: MalwareMustDie |
Researchers Finds LUA Language ELF Compiled Malware Called As Linux/LuaBot.
Trojan coded in Lua to target linux Platforms to adding into a Botnet explain by security researcher from MalwareMustDie.
The code is interacted with the udp.lua, as per its name suggesting a lua library of User Datagram Protocol function and struct, This is showing the malware has its own lua resolver code for the DNS query, and has ability to form its own UDP packet to be sent to any destination.
There’s also the telnet.lua codes compiled in this ELF, which is after being reversed it seems to be a simple telnet basic communication functions interpreted in lua language (that can be found many references in the internet) that may allow Linux/LuaBot to communicate remotely through this protocol.
What is LUA?
Lua is a powerful, efficient, lightweight, embeddable scripting language. It supports procedural programming, object-oriented programming, functional programming, data-driven programming, and data description.
Lua combines simple procedural syntax with powerful data description constructs based on associative arrays and extensible semantics. Lua is dynamically typed, runs by interpreting bytecode with a register-based virtual machine, and has automatic memory management with incremental garbage collection, making it ideal for configuration, scripting, and rapid prototyping.
According to Softpedia,
At the moment, the LuaBot trojan is packed as an ELF binary that targets ARM platforms, usually found in embedded (IoT) devices. Based on his experience, this seems to be the first Lua-based malware family packed as an ELF binary spreading to Linux platforms.
MalwareMustDie” also found penetrate_sucuri” part, a symbol (suggested a reversed function) traced to be coded in the lua source file: *cough* “checkanus_sucuranus.lua” and “checkanus.lua”, which I took only a peek for it, it forms (http) action to a defined target.
iPhone 7 Launch: Apple Unveils New Wireless Beats Headphones
iPhone 7 Launch: Apple Unveils New Wireless Beats Headphones
Apple has also announced a new set of earbuds, called AirPods that connect wirelessly. “We believe in a wireless future,” cooed Chief Design Officer Jony Ive in a video for the device, which covers the company’s first wireless chip, the W1, plus dual optical sensors, an antenna, two microphones and five-hour battery life. A new line of wireless Beats headphones, titled Beats X that will use the same W1 chip as the AirPods.
Apart from the AirPods, on Wednesday Apple has also announced a new range of Beats wireless headphones to be used with the new iPhone 7 and iPhone 7 Plus. The Beats Solo3, BeatsX, and Powerbeats 3 headphones are all run by the same W1 chip that powers the AirPods, and this permits the new headphones to pair fast and easily with the new iPhones.
On Wednesday the tech giant announced its latest mobile device, the iPhone 7, during its annual product event in San Francisco. As was predictable, the new phone is missing one normal feature: the headphone jack. Instead, owners of the new iPhone will require connecting to the lightning connector, the similar port where the iPhone’s charger plugs in.
“Some people have asked why we would remove the analog headphone jack from the iPhone,” said Phil Schiller, Apple’s svp of worldwide marketing. “It comes down to one word — courage. The courage to move on.” Apple has moved on before — from floppy discs, CDs, to name two technologies the company was among the first to delete from its memory bank. The world was slow to adapt to those hardware pivots, and that will likely be the same here.
Schiller added that there was basically no room for the outdated jack. “Our smartphones are packed with technologies, and we all want more,” he said. “Maintaining an ancient, single-purpose connector doesn’t make sense… that space is at a premium.”
All three new Beats headphones models are Bluetooth-powered, so apart from the new iPhones, they will work with other media sources as well. The BeatsX headset charges using the Lightning cable, while Powerbeats 3 and the Solo 3 charge with a Micro-USB cable. The BeatsX has a battery life of eight hours on a full charge, whereas the Powerbeats 3 and Solo3 claim to run for 12 hours and 40 hours respectively.
The headphones are priced at $299 for the Solo3, $149 for the BeatsX and $199 for the Powerbeats 3. The Solo3 is already presented to buy on Apple.com, while the other two models will be made accessible later this year.
The Beats brand is retained by Apple and was always likely to be among the first manufacturers to declare support for the new iPhone 7 with its headphones. Other manufacturers are likely to follow suit in declaring wireless headphones and Lightning-powered headphones to use with the new iPhone 7 and iPhone 7 Plus.
WhatsApp is secure and OK for politicians to use, provided simple steps are followed
Australian politicians have been accused of risking national security by using the messaging app WhatsApp. At issue was the fact that the application had not been cleared by the Australian Signals Directorate (ASD) and was not on the list of its “Evaluated Products”.
Australian media then cited security experts suggesting that the app posed a general security risk, mostly because it had not been assessed by the ASD, Australia’s cyber intelligence service.
The irony of this story is that governments generally have complained bitterly in the past about the use of encryption in messaging applications preventing law enforcement and security agencies from tracking and reading messages between terrorists and criminals. So WhatsApp is either too secure or not secure at all depending on what particular point governments or media are trying to make.
Part of the confusion that surrounds the security of a particular product is that security is not just about the app itself but about the device and operating system it is running on, the communication channel and the same factors at the other end of the communication.
Generally speaking however, WhatsApp is a secure product. It employs an encryption mechanism to communicate messages with other WhatsApp users. The Signal Protocol is used in a range of other messaging systems to provide end-to-end encryption including Google’s new messaging app Allo. As an added layer of security, identifying keys can be exchanged between people sending messages to each other to allow them to know that their messages have not been hijacked as part of a man-in-the-middle attack. Messages are not stored on a server and are stored in an encrypted format on the device itself. This means that even if someone was able to get the files that the messages are stored in on the phone, which is only really possible on an Android phone that has been “rooted”, they would still not be able to read the contents because they are encrypted.
To ensure the security of WhatsApp and messages it stores and sends, there are a number of other things users need to be aware of and do. Most importantly, the phone itself needs to be secure and that means protecting it with a password, pin and/or biometric lock like a fingerprint. The operating system needs to be always up-to-date and apps on Android should never be installed from anywhere other than the Google Play store.
If any of these security measures are compromised, it makes the security of WhatsApp and every other app on the device vulnerable.
There are a couple of other things that WhatsApp users must do to ensure security. The first is to switch on the option to “Show Security Notifications”. This will alert the user if any contact’s security code has changed and potentially compromised. The other very important option is to disable cloud backups of messages. This option is designed to allow for messages to be downloaded to other devices but necessarily leaves the messages in an unencrypted form even though the backup itself is encrypted. They are not only then vulnerable to being hacked, but also available to agencies and others who can persuade Apple or Google to give them to them.
The other thing to remember is that messages that are deleted may still leave traces in the files that they are stored in. So if somebody does manage to get theses files, having deleted the messages doesn’t guarantee that they will no longer be there.
it is very important to stress however that when considering the security of messaging apps like WhatsApp, all of the vulnerabilities presented through the device itself are also there for other apps like email. Basically, if a phone is lost or stolen and not locked, anyone with the phone will have access to messages from WhatsApp as well as apps like Mail and Gmail.
Mobile phones that are provided to government employees are “hardened” according to strict guidelines this means that the device configuration, operating system software and apps are tightly controlled. Within this type of environment, using WhatsApp presents very little risk for day-to-day “unprotected” communication with others operating on similar environments. Something that the Australian Signals Directorate had apparently already agreed was the case.
WhatsApp for iPhone Gets Siri Integration And Quick Forward Button
WhatsApp for iPhone Gets Siri Integration, Quick Forward Button
WhatsApp for iPhone has been updated with some new features that contain new features for iOS 10 users such as, option to send messages and make calls using Siri commands, take calls directly from the lock screen and a new widget that displays recent chats and messages.
WhatsApp for iPhone has been refreshed with Siri integration and also with a Quick Forward button in version v2.16.10. Furthermore, the iPhone app of the popular mobile messenger platform brings in new features to improve in-app sharing. Though, the app also takes advantage of Siri’s integration with third parties in iOS 10.
Siri should prompt a user for access, but in case it doesn’t head to Settings > Siri > App Support > WhatsApp. Switch the toggle on, and a user should be able to use Siri to do the above-mentioned WhatsApp functions.
These new features are possible because of Apple’s conclusion to open up Siri to third-party apps. WhatsApp is one the first to roll out these Siri-centric features on its iPhone app. In future, we can expect more apps to ship with Siri integration.other iOS 10 special feature is the ability to place a Widget on the lock screen and home screen, which allow the user easily see recent chats and unread messages. The update also lets the user pick up WhatsApp calls from the lock screen just like normal calls. Earlier, iPhone users had to swipe right, unlock the phone, and then pick up the call after the WhatsApp app was opened on screen.
In addition, WhatsApp for iPhone also announced a new feature that permits the camera to switch from front to rear and vice versa just by double tapping on the screen. WhatsApp newly launched a voicemail feature to iPhone and Android permitting users to leave a voice message if a WhatsApp call is not answered. Previous, the iPhone app also established bigger emojis, the ability to mark as read/ delete/ archive multiple chats at once, share and forward multiple chats, and the choice to zoom in while recording a video.
WhatsApp for iPhone v2.16.10 also comes with an enhanced feature to easily make in-app forwarding and file sharing. Assume, if we receive a photo to video on WhatsApp and would like to forward or share it with friends. We can simply tap on the arrow button near the appropriate photo or video. Hence, we can share the media resources quickly and easily. It is also possible to share photos and videos in many chats.
Sony Announces Two New Colours For Playstation Vita Slim 2000
Sony Announces Two New Colours For PS Vita Slim 2000
Sony has declared two brand new colors for the PlayStation Vita at their pre-Tokyo Game Show PlayStation Japan conference. The two new colors contain the sexy new metallic red, as well as a new shade of grayish white, and both are amongst the best looking PS Vita colors on the market.
Silver and Metallic Red join the likes of Neon Orange, Aqua Blue, and Glacier White in Japan. While Aqua Blue ended up making it stateside entirely via GameStop, the others did not. The new Vita colors will be presented for JPY 18,980.
As for other regions, rumors of it being stopped have been rumbling for a while as quantities have been small, to begin with. As per to sources at retail here in India, Sony’s last shipment of the PS Vita was almost a year ago.
“They brought in around 1,500 last year and nothing else,” a game store owner told Gadgets 360. “It might not be end-of-life but it’s not selling much anyway.”
This should come as no surprise in view of that local retail interest to the PS Vita has been tepid at best. The high price doesn’t help either.
The only sad bit here is that neither of these colors is likely to make it over to the west- after all, in Japan, the Vita is an actual healthy platform, which sells a good amount and has a fair amount of support, versus over here in the west, where the handheld is all but dead. Both the new colors go on sale in Japan on December 1.
“The installed base is much smaller compared to any other console,” said the erstwhile PlayStation India head Atindriya Bose in an interview with Gadgets 360 last year. “While it’s nice to say it’s a handheld console, it strikes the price point of the PS3, so which one should you have between the two?”
Microsoft Brings Google Drive and Facebook Support to Outlook on Web
Microsoft Brings Google Drive and Facebook Support to Outlook on The Web
Today Microsoft is building three changes to Outlook.com, with Google Drive support the big addition. The Android and iOS version of Outlook already permitted users to receive and edit the files from Google Drive from inside the app. Though, users will now be able to edit their Google Drive documents from the Web version of the Outlook email client as well. The new changes mean Outlook users can attach documents from Google Drive and receive and edit files within Outlook. We will even be able to fully edit a Google Drive file side-by-side with an email on Outlook.com.
The company has also added the support for Facebook and made it easier to search for attachment in long conversations with its update to Outlook.
We will not just be able to attach files in Outlook —we will also be able to edit files from Google Drive straight from Outlook, which is a nice addition for those that often get sent files hosted by Google Drive. To add a Google Drive file, all we need to do is click on the attachment icon, then select Google Drive as the service we want to use. Once we attach it, it will include a link to the source file. When someone receives that file, they will be able to edit it straight from Outlook.
Now, you can also open the Google Doc, Slide or Sheet files within Outlook instead of open another window. “Just like photos and Office file types, the Google files open in Outlook next to your message window so your workflow is not disrupted. And, as with Google Drive links, if you have edit permissions, you’ll be able to edit using the full functionality available on Google Drive,” Microsoft said in its official blog.
Likewise, after connecting our Facebook account with Outlook, we can browse and attach our Facebook photos from within Outlook.
There isn’t much else to Facebook, though – this is all we can do with Facebook. This feature can be very useful for those who have friends and family outside of Facebook – something not as uncommon as we might think.
The third and final addition are an enhancement to attachments in long conversations. Microsoft is improving how attachments are listed in big group conversations, permitting us to search through a central list of attached documents rather than having to jump into each thread in a conversation. All of these new features will need the new Outlook web version that’s currently rolling out, so if Microsoft still hasn’t updated our account then the features should arrive by the end of the summer.
Paying a heavy price for loving the Neanderthals
One of the biggest surprises about our evolution revealed over just the last decade is the extent to which our ancestors engaged in amorous congress with the evolutionary cousins.
Bonking the Neanderthals, it seems, was a bit of a pastime for the distant relatives. It happened many times in Siberia, East Asia, the Middle East and Europe, and across a long period between 100,000 and 40,000 years ago.
In reality, we have no idea of course exactly how many times it occurred, nor the circumstances in which it happened. Who instigated it, us or them? Was it consensual? Did they pair for life? Or was it a casual fling?
Now, the consequences of interbreeding for us today are becoming all too clear from studies of the genome – theirs and ours – ancient and modern.
Somewhere between 1.5% and 2.1% of your genome was inherited from the Neanderthals, assuming your ancestry was non-African of course.
East Asians typically have more Neanderthal DNA because their ancestors partook in a little more afternoon delight than the rest of ours did.
For Indigenous people living around eastern Indonesia, and in New Guinea and Australia, their ancestors also took a shine to the ‘Denisovans’. In their genomes we find n extra 4% to 6% inherited from this mysterious species.
So far, archaeologists have found just two finger bones and a tooth from the Denisovans, thousands of kilometres away from New Guinea in southern Siberia, of all places.
Yet, the fact that the earliest New Guineans mated with the Denisovans only 44,000 years ago – as revealed by their DNA – suggests that all the action happened in the tropical climes of Oceania, not icy Siberia.
Don’t fret if you’re ancestry is African though, you’re ancestors found another human species or two to bonk.
Surprisingly, the genomes of the West African Biaka and Baka (so-called ‘pygmy’) people have revealed DNA from a completely unknown species, which found its way into the human genome only 9,000 years ago.
Other studies have found much wider evidence for interbreeding across Africa, occurring sometime around 35,000 years ago.
It’s fun to think about our surprisingly mixed-up heritage as a species. And may be even poke fun at a friend or two for their seemingly excessive amounts of Neanderthal DNA.
But there’s a serious side to all of this as well. The legacy of interbreeding is very real and seems to explain quite a few modern ailments, and some rather nasty diseases as well.
Neanderthal DNA is associated with an increased risk of developing skin corns and callosities, mood disorders and depression, overweight and obesity, upper respiratory and urinary tract infections, incontinence, hardening of the arteries and even smoking.
Then there’s those immediate risks that come with casual sex with your own, or in this case, another species.
Like catching a parasite such as body lice, or worse still, contracting a sexually transmitted infection.
Body lice are parasites that evolve in tandem with their hosts. Other mammals have them, but human lice species are unique to us, and spread through close contact such a sex.
A person can be infested with thousands of these blood suckers, each insect biting five times a day.
But worse, they also carry deadly bacteria. Diseases like endemic typhus are carried and spread by body lice and are said to have caused more deaths than all the wars in history put together.
Genetic studies of body lice suggest that one of the two species that infects us today evolved more than a million years ago, in association with another human-like species.
What’s the implication here? Yet again, we probably got body lice because our ancestors engaged in the pants-off dance off with an evolutionary cousin.
Now a new study has found that a particular human papillomavirus (HPV16), one of the most common sexually transmitted infections with 14 million new cases each year in the US alone, was also inherited from the Neanderthals.
The amazing diversity of HPV16 variants across Asia and Europe – compared with low diversity in Africa – has long puzzled researchers.
You’d expect the opposite situation because we evolved in Africa and presumably carried HPV16 out with us when we left there 100,000 years ago or more.
This new study solves the mystery by showing that modern humans brought only a small subset of HPV16 variants out of Africa, picking up most of the other strains after they (ah, we) bonked the Neanderthals.
Technically, this is known as a host-shift, where sexual contact with archaic populations led to the transmission of new variants of HPV16 to us.
With time, even more diversity was generated as modern humans spread across the rest of the Old and New Worlds.
High risk human papillomaviruses are a serious global health issue. They’re associated with around 5 percent of all cancers worldwide.
The choice our ancestors made to interbreed with the Neanderthals, Deniosvans and probably numerous other archaic cousins have left us with profound legacies that we’re only beginning to learn about.
What else might they have done that had profound consequences for us today?
Makes me wonder just how the decisions we make today – the changes we’re wreaking on the planet – will shape the evolution of Homo sapiens in 1,000, or even 10,000, years from now? One thing’s for certain, they will.
Google Safe Browsing API Now Available to All Android App Developers
Google Safe Browsing API Now Available to All Android App Developers
Safe Browsing is a Google service that lets client applications check URLs in contrast to Google’s constantly updated lists of unsafe web resources. Examples of unsafe web resources are sites that host malware or unwanted software and social engineering sites.
Google’s Safe Browsing enterprise has been around for a long time now, and it has been extending its database actively to keep malware and phishers at bay. Now, Google has declared that it is releasing an API as well for Android apps to take advantage of the long list of blacklisted websites too.
Google says that the API is simple and straightforward to use, with the same SafetyNet technology in use that has worked hundreds of millions of warnings to millions of mobile users.
The Safe Browsing API uses the newest version of the Safe Browsing Network Protocol, meaning it’s designed to be as quick as possible. Apps that use this API can identify what threats they want to avoid, either malware or phishing sites. The API is part of Google Play Services, meaning it’s available to applications all the way back to Android 2.3.
Google Safe Browsing is a database used by Firefox, Chrome, and even Safari as a checklist for all malevolent sites on the Internet vortex. It blocks websites that hold malware and conduct phishing activities. It came into reality in 2007 and has been actively updated ever since. The Safe Browsing database was first only presented on the desktop, but Google last year announced it first in Android for Chrome users. Now, the API will let all Android developers to take advantage.
“Since our initial launch we’ve shown hundreds of millions of warnings, actively warning many millions of mobile users about badness before they’re exposed to it,” Google employees wrote in a blog post. “We look forward to all Android developers extending this same protection to their users, too.”
Google has confirmed that they have now introduced the ability for third-party app developers to take account of the Safe Browsing technology into their apps. That means that third-party apps will be able to provide a similar level of protection to its users and help them to avoid visiting annoying or harmful websites and URLs, by drawing on Safe Browsing’s vast database.
“Since we introduced client-side Safe Browsing on Android, updated our documentation for Safe Browsing Protocol Version 4 (pver4), and also released our reference pver4 implementation in Go, we’ve been able to see how much protection this new technology provides to all our users. Since our initial launch we’ve shown hundreds of millions of warnings, actively warning many millions of mobile users about badness before they’re exposed to it,” the company said in its blog) post.
The API uses the newest version of Safe Browsing, and Google has detailed the procedure for developers to get the API here. A current website that has been blacklisted is The Pirate Bay torrent site. Firefox and Chrome are popping warnings on the site appealing that ‘it contains harmful programs’. Apparently, Safari users aren’t seeing this warning, permitting its users to freely download potentially dangerous content from the website.
WADA Confirms They Got Hacked By Russian Hackers Group Fancy Bear
WADA Confirms They Got Hacked By Russian Hackers Group Fancy Bear.
- World Anti Doping Agency (WADA) Got Hacked.
- US Athletes Database Files Leaked online.
- Hackers Group Claim to be a part of Anonymous.
According to report,
Wada Confirms Cyber attack by Russian Hackers name Tsar Team also known as Fancy Bear. Which gained to access Anti-Doping Administration and Management System (ADAMS) database via an International Olympic Committee (IOC)-created account for the Rio 2016 Games.
“WADA deeply regrets this situation and is very conscious of the threat that it represents to athletes whose confidential information has been divulged through this criminal act,” said Olivier Niggli, Director General, WADA. “We are reaching out to stakeholders, such as the IOC, IFs and NADOs, regarding the specific athletes impacted,” he continued.
“WADA condemns these ongoing cyber-attacks that are being carried out in an attempt to undermine WADA and the global anti-doping system,” said Niggli. “WADA has been informed by law enforcement authorities that these attacks are originating out of Russia,” he continued. “Let it be known that these criminal acts are greatly compromising the effort by the global anti-doping community to re-establish trust in Russia further to the outcomes of the Agency’s independent McLaren Investigation Report,” Niggli continued.
| Fancy Bear Cyber Espionage Group Start #OpOlympics- Photo by Fancy Bear |
Cyber-Espionage Group released leaks files of high ranking US athletes including the tennis stars Serena Williams and Venus Williams and the gymnast Simone Biles, also promised that it would soon publish “sensational proof” of famous athletes taking doping substances.
| Photo by Fancy Bear |
Simone Tweeted after the report,
Having ADHD, and taking medicine for it is nothing to be ashamed of nothing that I’m afraid to let people know.
— Simone Biles (@Simone_Biles) September 13, 2016
Wada admitted that hackers access the database via Phishing attack using an account for RIO 2016.
Popular Posts
-
Malaysia’s interim leader Mahathir Mohamad has said parliament will pick a new prime minister next week following the collapse of the ruling...
-
David Devore Jr is just like any other 18-year-old. On Instagram, he posts pictures with his prom date and of his college acceptance letter....
-
Steven Aquino Contributor Steven Aquino is a freelance tech writer and iOS accessibility expert. More posts by this contributor At this mont...
