The Intercept has released yet another new document leaked by Edward Snowden detailing even more methods that the NSA planned on using to hack the Android Market in order to deliver spyware using the official Market (now Google Play) to infect targets with spyware, in combination with other active programs. It is not mentioned in the article if the NSA actually used the methods uncovered in practice.

The NSA had planned to use XKEYSCORE, the program designed to watch international backbone traffic, to identify specific users, and other programs in combination to not only take control of app update servers to deliver malicious software, but also to harvest those systems for data about their users.

Read more...

In a somewhat surprising ruling, the US Second Circuit Court of Appeals has ruled against the Office of the Director of National Intelligence in a case filed by the American Civil Liberties Union right after the enormous dump of NSA and GCHQ documents by Edward Snowden in 2013. The ODNI has argued that the bulk collection of American metadata was authorized by Congress under Section 215 of the PATRIOT Act, but the Court of Appeals apparently disagrees.

Read more...

If you have some extra time this summer, spend it on United Airlines' site - even if you don't plan on a vacation. If you look in the right places, United may reward your diligence.

That's the plan for the Chicago-based airline, which intends to crowdsource its security testing to patch any holes, bugs, or potential exploits which could be present in its web platforms before they are exploited.

United calls it the "Bug Bounty Program," which will award good web Samaritans who find bugs on customer-facing websites and apps with up to 1 million miles. The airline will offer miles to the first researcher who reports the exploit (provided they are a MileagePlus member) based on a tiered system, with more serious exploits earning higher mileage rewards.

Read more...

Cybercriminals deployed an Adobe Flash Player zero-day exploit embedded in online ads for close to two months in an attack that targeted US users with a ransomware payload, researchers said here today.

The use-after-free vulnerability, CVE 2015-0313, was patched by Adobe on Feb. 2, and the day after, the attack campaign came to a screeching halt, according to researchers at Malwarebytes, which traced the zero-day's lifecycle after their systems detected the attacks in December of last year.

Read more...

Eyeo, the creator of AdBlock Plus, had previously been rumored to be creating a web browser for iOS, but nothing ever came to fruition. The company had promised to bring better ad blocking to mobile devices and have achieved this with the AdBlock Plus apps that are available for mobile devices, and are extremely popular with millions of downloads.

Now if a report is to be believed, AdBlock Plus is going all out with its own web browser on Android for release on Wednesday May 20th, and as with most custom web browsers today, the browser is expected to use the chromium rendering engine.

Read more...

Microsoft made a lot of noise in the developer community this week with its announcement that you can now port Android and iOS apps to Windows with new tools. While these tools, for ethical developers, will save time and allow them to leverage assets on other platforms, it does also raise security concerns too.

It's no secret that malicious apps have found their way into the Google Play store and Microsoft wants to make sure those apps are not brought over to the Windows ecosystem.

Read more...

Harry Shearer, the voice of Ned Flanders, Mr. Burns, Principal Skinner, Otto, Smithers, and many more on The Simpsons, has apparently left the show. Shearer used Twitter to indicate that he wouldn't be returning in upcoming seasons of the long, long-running cartoon, suggesting that his desire to work on other projects was the reason for the decision. The actor quoted Simpsons writer and producer James L. Brooks' lawyer, who reportedly said that while the "show will go on, Harry will not be part of it."

Read more...

Disney’s ESPN has filed a breach-of-contract lawsuit against Verizon Communications, alleging the telco’s new FiOS Custom TV violates the terms of the sports programmer’s existing contracts.

“ESPN is at the forefront of embracing innovative ways to deliver high-quality content and value to consumers on multiple platforms, but that must be done in compliance with our agreements,” the programmer said in a statement. “We simply ask that Verizon abide by the terms of our contracts.”

Read more...

Verizon has announced that it is buying AOL in a deal worth $4.4 billion. Under the acquisition, AOL will become a wholly-owned subsidiary of the communications giant, which is paying $50 a share for the company.

AOL has a portfolio of well-known brands, including many web publications such as Engadget, TechCrunch and The Huffington Post, all of which will come under Verizon ownership once the deal is complete.

But AOL has also developed digital content and advertising platforms;

Read more...

Taking a more granular look, we see a number of Microsoft’s businesses showing some steep declines compared to the previous quarter, including the Surface division which went from over a billion dollars in revenue to around $750 million last quarter, the Xbox division which saw faltering sales and margins and the handset division which also followed the same trend. Not only that but Windows continues to be an ailing division and even Office is down, though that’s partially blamed on the currency fluctuations.

And yet Microsoft’s stock has rallied more than 10% since the report was published and the gains seem to be holding, even after the company warned of possible future write-offs.

Read more...