Month: March 2021

Enlarge (credit: Gab.com)

Beleaguered social networking site Gab was breached on Monday, marking the second time in as many weeks that hackers have gained unauthorized access to a platform that caters to users pushing hate speech and pro-Trump conspiracy theories.

The compromise came to light after someone hijacked the account of Gab founder and CEO Andrew Torba and left a post criticizing him for not paying an 8 bitcoin ransom for the safe return of documents used to verify the identity of some users. The unknown hacker also accused Torba of failing to disclose the full extent of the earlier breach.

(credit: https://archive.md/mSYxk)

Gab quickly took the site offline and removed the post, but not before it was archived here. When the service was restored a few hours later, a statement Torba posted said that Monday’s breach was the result of site administrators failing to revoke OAuth2 bearer tokens, which browsers and mobile apps store after a user has successfully logged in to a site.

Enlarge (credit: Getty Images)

By now, most people know that hackers tied to the Russian government compromised the SolarWinds software build system and used it to push a malicious update to some 18,000 of the company’s customers. On Monday, researchers published evidence that hackers from China also targeted SolarWinds customers in what security analysts have said was a distinctly different operation.

The parallel hack campaigns have been public knowledge since December, when researchers revealed that, in addition to the supply chain attack, hackers exploited a vulnerability in SolarWinds software called Orion. Hackers in the latter campaign used the exploit to install a malicious web shell dubbed Supernova on the network of a customer who used the network management tool. Researchers, however, had few if any clues as to who carried out that attack.

On Monday, researchers said the attack was likely carried out by a China-based hacking group they’ve dubbed “Spiral.” The finding, laid out in a report published on Monday by Secureworks’ Counter Threat Unit, is based on techniques, tactics, and procedures in the hack that were either identical or very similar to an earlier compromise the researchers discovered in the same network.

Enlarge / Sunset, over the Google empire. (credit: 400tmax | Getty Images)

A new report alleges that Google employees who report experiencing gender or racial harassment or discrimination routinely get told to take "medical leave" and seek mental health treatment—only to be shoved aside when they try to come back.

Nearly a dozen current and former Google employees told NBC News that company HR told instructed to seek mental health treatment or take medical leave "after colleagues made comments about their skin color or Black hairstyles, or asked if they were sexually interested in their teammates." Another dozen current and former Google employees told NBC the practice is common within the company.

"I can think of 10 people that I know of in the last year that have gone on mental health leave because of the way they were treated," one former Google employee told NBC News. He himself had taken medical leave "after he said he had numerous unproductive conversations with human resources about how his colleagues discussed race."

• 

  The pair of Lucid Lyte we received as a review sample are unassuming, mildly reflective Wayfarer-style sunglasses. [credit: Jim Salter ]

Lucyd Lyte is a pair of $150 sunglasses which includes speakers and a mic, suitable for making phone calls or listening to podcasts. This isn't a category of device I was aware of at all before a PR rep reached out to offer a review unit—but once I knew it was a thing, I very much wanted to test it.

The Wayfarer style that I tested is a neutral, unremarkable style unlikely to get much attention whether negative or positive. They look nicer than gas station sunglasses but without any particular style cue to lead a viewer into thinking they're an expensive designer brand. There's no visual clue about the onboard audio, either—the frames are a touch on the thick side, but unlike Bose Frames, there's no telltale shape to give the extra functionality away.

Lucyd Lyte paired with my Pixel 2XL phone quickly and easily. The instructions recommend a two-hour initial charging period; when factory-new and after the initial charging period, the phones are both on and in pairing mode—all you need to do is open the pairing menu on your phone and select "Lucyd Lyte."