Asus Zendrive U9M: DVD-Brenner schreibt auf M-Disc und kommt mit Zusatzsoftware

Asus’ USB-Brenner kann sowohl an USB-C, als auch an USB-A angeschlossen werden. Außerdem kann er Daten auf M-Discs schreiben, die wohl bis zu 1.000 Jahre lang haltbar sind. Im Kaufpreis enthalten ist Backup-Software von Cyberlink. (Asus, Speichermedien)

Asus' USB-Brenner kann sowohl an USB-C, als auch an USB-A angeschlossen werden. Außerdem kann er Daten auf M-Discs schreiben, die wohl bis zu 1.000 Jahre lang haltbar sind. Im Kaufpreis enthalten ist Backup-Software von Cyberlink. (Asus, Speichermedien)

Malicious apps with >1 million downloads slip past Google defenses twice

Malware scanners fail to detect 50 apps that charged for fake services.

Enlarge / One of the fee-based services ExpensiveWallpaper apps subscribed users to.

Researchers recently found at least 50 apps in the official Google Play market that made charges for fee-based services without the knowledge or permission of users. The apps were downloaded as many as 4.2 million times. Google quickly removed the apps after the researchers reported them, but within days, apps from the same malicious family were back and infected more than 5,000 devices.

The apps, all from a family of malware that security firm Check Point calls ExpensiveWall, surreptitiously uploaded phone numbers, locations, and unique hardware identifiers to attacker-controlled servers. The apps then used the phone numbers to sign up unwitting users to premium services and to send fraudulent premium text messages, a move that caused users to be billed. Check Point researchers didn't know how much revenue was generated by the apps. Google Play showed the apps had from 1 million to 4.2 million downloads.

Packing heat

ExpensiveWall—named after one of the individual apps called LovelyWall—used a common obfuscation technique known as packing. By compressing or encrypting the executable file before it's uploaded to Play, attackers can hide its maliciousness from Google's malware scanners. A key included in the package then reassembled the executable once the file was safely on the targeted device. Although packing is more than a decade old, Google's failure to catch the apps, even after the first batch was removed, underscores how effective the technique remains.

Read 3 remaining paragraphs | Comments

Dell Visor Mixed Reality headset up for pre-order for $350

Dell’s first virtual reality headset will be available October 17th, but you can pre-order the Dell Visor starting today for $350 and up. That would all probably be a little more exciting if we weren’t expecting a bunch of other headsets with nearly identical specs to hit the streets October 17th as well. That’s when […]

Dell Visor Mixed Reality headset up for pre-order for $350 is a post from: Liliputing

Dell’s first virtual reality headset will be available October 17th, but you can pre-order the Dell Visor starting today for $350 and up. That would all probably be a little more exciting if we weren’t expecting a bunch of other headsets with nearly identical specs to hit the streets October 17th as well. That’s when […]

Dell Visor Mixed Reality headset up for pre-order for $350 is a post from: Liliputing

Statt Gesten: Ford lässt fahrerlose Autos per Lichtzeichen kommunizieren

Wie sollen sich andere Verkehrsteilnehmer künftig mit selbstfahrenden Autos abstimmen? Anstelle von Gesten schlägt der US-Autohersteller Ford ein System von Lichtsignalen vor. (Autonomes Fahren, Technologie)

Wie sollen sich andere Verkehrsteilnehmer künftig mit selbstfahrenden Autos abstimmen? Anstelle von Gesten schlägt der US-Autohersteller Ford ein System von Lichtsignalen vor. (Autonomes Fahren, Technologie)

Google’s next-gen Pixel announcement coming Oct 4th

After months of leaks about Google’s follow-up to last year’s Pixel and Pixel XL smartphones, the wait is almost over. On October 4th, Google will announce… something. That’s about all the company is saying for now, but all signs point to a new phone or two at the very least. Here’s the evidence: You can […]

Google’s next-gen Pixel announcement coming Oct 4th is a post from: Liliputing

After months of leaks about Google’s follow-up to last year’s Pixel and Pixel XL smartphones, the wait is almost over. On October 4th, Google will announce… something. That’s about all the company is saying for now, but all signs point to a new phone or two at the very least. Here’s the evidence: You can […]

Google’s next-gen Pixel announcement coming Oct 4th is a post from: Liliputing

Aeromobil: Das Auto hebt ab

Das Auto der Zukunft fährt nicht nur, es soll auch fliegen können. Das slowakische Unternehmen Aeromobil präsentiert auf der IAA sein serienreifes Flugauto. (Flugauto, Technologie)

Das Auto der Zukunft fährt nicht nur, es soll auch fliegen können. Das slowakische Unternehmen Aeromobil präsentiert auf der IAA sein serienreifes Flugauto. (Flugauto, Technologie)

Apache Struts: Monate alte Sicherheitslücke führte zu Equifax-Hack

Die Kundendaten von Equifax haben durch eine mehrere Monate ungepatchte Sicherheitslücke gehackt werden können. Auch sonst macht das Unternehmen beim Thema Sicherheit wenig richtig – wie die Zugangskombination “admin/admin” auf einer Mitarbeiterseite zeigt. (Security, Server)

Die Kundendaten von Equifax haben durch eine mehrere Monate ungepatchte Sicherheitslücke gehackt werden können. Auch sonst macht das Unternehmen beim Thema Sicherheit wenig richtig - wie die Zugangskombination "admin/admin" auf einer Mitarbeiterseite zeigt. (Security, Server)

Trump blocks Chinese purchase of US chipmaker over national security

Sale of Lattice Semiconductors is seen as a threat to national security.

Enlarge / Treasury Secretary Steven Mnuchin, left, chairs the Committee on Foreign Investment in the United States. Defense Secretary James Mattis, right, serves on the committee, which recommended that Trump block the Lattice deal. (credit: Joint Chiefs of Staff)

President Trump has blocked an investment firm owned by the Chinese government from acquiring Lattice Semiconductor, a maker of field-programmable gate arrays and other programmable logic devices. The decision follows a recommendation by the Committee on Foreign Investment in the United States (CFIUS), a US government body that reviews deals for potential national security problems.

Chinese investors have been plowing money into American technology companies in recent years, and this has raised concerns that Chinese control could undermine American national security. That could happen because Chinese firms gain the knowhow to develop high-end technologies with military applications. Or deals could pose a more direct threat if they enable the Chinese government to infiltrate the supply chain for products purchased by the US government—thereby creating opportunities for surveillance or sabotage.

Lattice, a Portland-based company with around 1,000 employees, argued that the Trump administration had nothing to worry about. Lattice said it outsourced chip manufacturing to other companies, so there wasn't a risk of manufacturing facilities being infiltrated. Lattice also offered to transfer key intellectual property to the US government to ensure that it didn't fall into Chinese hands.

Read 2 remaining paragraphs | Comments