Thumbnail for 172057

Google+ adds auto enhancement feature for videos

Google Plus’s Auto Awesome feature has been improving its users’ images for a while now, and we’ve seen different updates related to it roll out over the months. Back in December of last year, Google added its year-in-review videos, for example, and it now it has added an auto-enhancement feature that improves uploaded videos (if the user wants). The enhancements …

Via:: SlashGear

Attack code exploiting critical bugs in net time sync puts servers at risk

Several critical vulnerabilities in the protocol used to synchronize clock settings over the Internet are putting countless servers at risk of remote hijacks until they install a security patch, an advisory issued by the federal government warned.

The remote-code execution bugs reside in versions of the network time protocol prior to 4.2.8, according to an advisory issued Friday by the Industrial Control Systems Cyber Emergency Response Team. In many cases, the vulnerabilities can be exploited remotely by hackers with only a low level of skill.

“Exploitation of these vulnerabilities could allow an attacker to execute arbitrary code with the privileges of the [network time protocol daemon] process,” the advisory warned. Exploit code that targets the vulnerabilities is publicly available. It’s not clear exactly what privileges NTP processes get on the typical server, but a handful of knowledgeable people said they believed it usually involved unfettered root access. Even if the rights are limited, it’s not uncommon for hackers to combine exploits with privilege elevation attacks, which increase the system resources a targeted app has the ability to control.

Read 2 remaining paragraphs | Comments

Via:: Ars Technica

Thumbnail for 172066

Google+ Can Now Automatically Make Your Videos Look Better

For almost two years now, Google has been automatically enhancing the photos you upload to Google+; starting today it will do (almost) the same with videos, too. It won’t do this automatically, though. Instead, whenever Google now thinks it can improve a video you upload, a banner will appear in the Google+ web app that asks you if you want to preview the potential changes. You can also… Read More

Via:: TechCrunch

Hollywood v. Goliath: Inside the aggressive studio effort to bring Google to heel

Tensions between Google and Mississippi Attorney General Jim Hood exploded into public view this week, as Google filed court papers seeking to halt a broad subpoena Hood sent to the company.

The Hood subpoena, delivered in late October, didn’t come out of nowhere. Hood’s investigation got revved up after at least a year of intense lobbying by the Motion Picture Association of America (MPAA). E-mails that hackers acquired from Sony Pictures executives and then dumped publicly now show the inner workings of how that lobbying advanced—and just how extensive it was. Attorneys at Sony were on a short list of top Hollywood lawyers frequently updated about the MPAA’s “Attorney General Project,” along with those at Disney, Warner Brothers, 21st Century Fox, NBC Universal, and Paramount.

The e-mails show a staggering level of access to, and influence over, elected officials. The MPAA’s single-minded obsession: altering search results and other products (such as “autocompleted” search queries) from Google, a company the movie studios began referring to as “Goliath” in around February 2014. The studios’ goal was to quickly get pirated content off the Web; unhappy about the state of Google’s voluntary compliance with their demands and frustrated in their efforts at passing new federal law such as SOPA and PIPA, the MPAA has turned instead to state law enforcement.

Read 39 remaining paragraphs | Comments

Via:: Ars Technica

Thumbnail for 171975

After Sony, Every Startup Should Prepare For War

The battle between Sony and what the FBI believes are North Korean hackers may be at its end, but the war for the security of the enterprise is just getting started. Companies have been rapidly transitioning their legacy systems to modern IT technology like cloud services, hoping to save money and improve performance in an increasingly competitive world. And while security has always been one… Read More

Via:: TechCrunch

EFF: Feds can’t get around Fourth Amendment via automated data capture

OAKLAND, Calif.—A federal judge spent over four hours on Friday questioning lawyers from the Electronic Frontier Foundation (EFF) and from the Department of Justice in an ongoing digital surveillance-related lawsuit that has dragged on for more than six years.

During the hearing, US District Judge Jeffrey White heard arguments from both sides in his attempt to wrestle with the plaintiffs’ July 2014 motion for partial summary judgment. He went back and forth between the two sides, hearing answers to his list of 12 questions that were published earlier this week in a court filing.

That July 2014 motion asks the court to find that the government is “violating the Fourth Amendment by their ongoing seizures and searches of plaintiffs’ Internet communications.” The motion specifically doesn’t deal with allegations of past government wrongdoing, nor other issues in the broader case.

Read 17 remaining paragraphs | Comments

Via:: Ars Technica

Malware believed to hit Sony studio contained a cocktail of badness

The highly destructive malware believed to have hit the networks of Sony Pictures Entertainment contained a cocktail of malicious components designed to wreak havoc on infected networks, according to new technical details released by federal officials who work with private sector security professionals.

An advisory published Friday by the US Computer Emergency Readiness Team said the central malware component was a worm that propagated through the Server Message Block protocol running on Microsoft Windows networks. The worm contained brute-force cracking capabilities designed to infect password-protected storage systems. It acted as a “dropper” that then unleashed five components. The advisory, which also provided “indicators of compromise” that can help other companies detect similar attacks, didn’t mention Sony by name. Instead, it said only that the potent malware cocktail had targeted a “major entertainment company.” The FBI and White House have pinned the attack directly on North Korea, but so far have provided little proof.

“This worm uses a brute force authentication attack to propagate via Windows SMB shares,” Friday’s advisory stated. “It connects home every five minutes to send log data back to command and control (C2) infrastructure if it has successfully spread to other Windows hosts via SMB port 445. The tool also accepts new scan tasking when it connects to C2.”

Read 3 remaining paragraphs | Comments

Via:: Ars Technica

Thumbnail for 171985

Carnival’s Mobile Marketing Platform Gets More Automated

When someone tells me that they’re introducing “trigger messaging” to their product, well, it’s not the most thrilling start to a conversation. But hey, mention automated FaceTime calls from One Direction, and suddenly I’m onboard.
(Not that I’m a huge One Direction fan or anything. It’s not weird that I think this sounds cool, right? Please tell me… Read More

Via:: TechCrunch

All your gadget news and reviews in one place