Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Facebook

Facebook Has a Team That Handles Mark Zuckerberg's Page (cnet.com) 52

theodp writes: Q. How many Facebook employees does it take to produce Mark Zuckerberg's Facebook page? A. More than a dozen! CNET's Ian Sherr offers his take on the news that Facebook has a team that handles Mark Zuckerberg's page: "Ever notice the photos, videos and posts on the profile page for Facebook's CEO are a lot nicer looking or better written than yours? Don't feel bad. Mark Zuckerberg has a team of people who are increasingly managing his public persona, according to a Wednesday report from Bloomberg Businessweek. Not only do they help write speeches and posts, but they also take photographs of his family and his travels, interspersing them with infographics about the company's user growth and sales. There're even people who delete harassing comments and spam for him. A Facebook spokeswoman said the company's service is an easy way for executives to connect with people." Wonder how many people it took to help craft the latest post, in which Zuck fired back at "some misleading stories going around" about "some land" he purchased in Hawaii (which another Zuck post noted also serves as a petting zoo of sorts for his daughter).
Google

Did Google.org Steal the Christmas Spirit? (theregister.co.uk) 103

Google.org gives nonprofits roughly $100 million each year. But now the Register argues that festive giving "has become a 'Googlicious' sales push." Among other things, The Register criticizes the $30 million in grant funding that Google.org gave this Christmas "to nonprofits to bring phones, tablets, hardware and training to communities that can benefit from them most," some of which utilized the crowdfunding site DonorsChoose (which tacks a fee of at least $30 fee onto every donation). "The most critical learning resources that teachers need are often exercise books, pen and paper, but incentives built into the process steer educators to request and receive Google hardware, rather than humble classroom staples," claims the Register. theodp writes: [O]ne can't help but wonder if Google.org's decision to award $18,130 to teachers at Timberland Charter Academy for Chromebooks to help make students "become 'Google'licious" while leaving another humbler $399 request from a teacher at the same school for basic school supplies -- pencils, paper, erasers, etc. -- unfunded is more aligned with Google's interests than the Christmas spirit. Google, The Register reminds readers, lowered its 2015 tax bill by $3.6 billion using the old Dutch Sandwich loophole trick, according to new regulatory filings in the Netherlands.
The article even criticizes the "Santa's Village" site at Google.org, which includes games like Code Boogie, plus a game about airport security at the North Pole. Their complaint is its "Season of Giving" game, which invites children to print out and color ornaments that represent charities -- including DonorsChoose.org. The article ends by quoting Slashdot reader theodp ("who documents the influence of Big Tech in education") as saying "Nothing says Christmas fun more than making ornaments to celebrate Google's pet causes..."
Crime

Hotbed of Cybercrime Activity Tracked Down To ISP In Region Where Russia Is Invading Ukraine (bleepingcomputer.com) 70

An anonymous reader writes: Last week, WordPress security firm WordFence revealed it detected over 1.65 million brute-force attacks originating from an ISP in Ukraine that generated more malicious traffic than GoDaddy, OVH, and Rostelecom, put together. A week later, after news of WordFence's findings came to light, Ukrainian users have tracked down the ISP to a company called SKS-Lugan in the city of Alchevs'k, in an area controlled by pro-Russian forces in eastern Ukraine. All clues point to the fact that the ISP's owners are using the chaos created by the Russian military intervention in Ukraine to host cyber-crime operations on their servers. Some of the criminal activities the ISP hosts, besides servers for launching brute-force attacks, include command-and-control servers for the Locky ransomware, [email, comment, and forum] spam botnets, illegal streaming sites, DDoS stressers, carding sites, several banking trojans (Vawtrack, Tinba), and infostealers (Pony, Neurevt). UPDATE 12/22/16: The headline and summary have been updated to reflect the fact that Ukraine is fighting a Russian invasion, and is not in a "civil war," as mentioned in the source.
AT&T

AT&T Is Adding a Spam Filter For Phone Calls (theverge.com) 66

An anonymous reader quotes a report from The Verge: Today, ATT introduced a new service for automated blocking of fraud or spam calls. Dubbed ATT Call Protect, the system identifies specific numbers believed to be sources of fraud, and will either deliver those calls with a warning or block them outright. Users can whitelist specific numbers, although temporary blocks require downloading a separate Call Protect app. The feature is only available on postpaid iOS and Android devices, and can be activated through the MyATT system. Phone companies have allowed for manual number blocking for years, and third-party apps like Whitepages and Privacystar use larger databases of untrustworthy numbers to preemptively block calls from the outside. But ATT's new system would build in those warnings at the network level, and give operators more comprehensive data when assembling suspected numbers. More broadly, marketing calls are subject to the national Do Not Call registry. Specific instances of fraud can still be reported through carriers or directly to police.
Security

Nigerian Man Charged in Hacking of Los Angeles County Emails (theguardian.com) 44

A 'mere' 10.8% phishing success rate has forced Los Angeles County to notify approximately 756,000 individuals that their personal information may have been compromised. The attack occurred on May 13, 2016 when 1,000 County employees received phishing emails. 108 employees were successfully phished. A Nigerian national has been charged in connection with the hack. From a report on The Guardian: Many large organizations would welcome a 10% success rate in their internal anti-phishing training sessions, with 30% and above being common. The 2016 Verizon DBIR suggests that 30% of all phishing emails are opened. The high number of individuals affected from a relatively low number of successes in LA County demonstrates how dangerous phishing attacks can be. The nature of the potentially compromised information is also concerning. "That information may have included first and last names, dates of birth, Social Security numbers, driver's license or state identification numbers, payment card information, bank account information, home addresses, phone numbers, and/or medical information, such as Medi-Cal or insurance carrier identification numbers, diagnosis, treatment history, or medical record numbers," said the County of Los Angeles Chief Executive Office in a statement.
China

Apple Introduces 'Report Junk' Option To Deal With iCloud Calendar Spam Invites (9to5mac.com) 22

Apple is rolling out a fix for the iCloud Calendar spam issue that has plagued users over the past few weeks. On iCloud.com, reports 9to5Mac, the company has added a new Report Junk feature. This lets users remove spammy invites from their calendar and reports the sender to Apple for further investigation. From the report: The feature is currently only available on Apple's iCloud.com Calendar web app but it is likely to roll out to the iOS and Mac native Calendar in a future software update. Since early November, some Apple users were seeing a deluge of calendar invites from unsolicited people (usually with Chinese names) that used the description field of calendar invites to 'advertise' junkware and various physical products.
Google

Google Preparing 'Invisible ReCAPTCHA' System For No User Interaction (bleepingcomputer.com) 57

An anonymous reader quotes a report from BleepingComputer: Google engineers are working on an improved version of the reCAPTCHA system that uses a computer algorithm to distinguish between automated bots and real humans, and requires no user interaction at all. Called "Invisible reCAPTCHA," and spotted by Windows IT Pro, the service is still under development, but the service is open for sign-ups, and any webmaster can help Google test its upcoming technology. Invisible reCAPTCHA comes two years after Google has revolutionized CAPTCHA technologies by releasing the No CAPTCHA reCAPTCHA service that requires users to click on one checkbox instead of solving complex visual puzzles made up of words and numbers. The service helped reduce the time needed to fill in forms, and maintained the same high-level of spam detection we've become accustomed from the reCAPTCHA service. The introduction of the new Invisible reCAPTCHA technology is unlikely to make the situation better for Tor users since CloudFlare will likely force them to solve the same puzzle if they come from IPs seen in the past performing suspicious actions. Nevertheless, CloudFlare started working on an alternative.
Twitter

Reuters Built An Algorithm That Can Identify Real News On Twitter (popsci.com) 122

Reuters has built an algorithm called News Tracer that flags and verifies breaking news on Twitter. The algorithm weeds through all 500 million tweets that are posted on a daily basis to "sort real news from spam, nonsense, ads, and noise," writes Corinne Iozzio via Popular Science: In development since 2014, reports the Columbia Journalism Review, News Tracer's work starts by identifying clusters of tweets that are topically similar. Politics goes with politics; sports with sports; and so on. The system then uses language-processing to produce a coherent summary of each cluster. What differentiates News Tracer from other popular monitoring tools, is that it was built to think like a reporter. That virtual mindset takes 40 factors into account, according to Harvard's NiemanLab. It uses information like the location and status of the original poster (e.g. is she verified?) and how the news is spreading to establish a "credibility" rating for the news item in question. The system also does a kind of cross-check against sources that reporters have identified as reliable, and uses that initial network to identify other potentially reliable sources. News Tracer can also tell the difference between a trending hashtag and real news. The mix of data points News Tracer takes into account means it works best with actual, physical events -- crashes, protests, bombings -- as opposed to the he-said-she-said that can dominate news cycles.
Desktops (Apple)

It's Not Just You, iCloud Calendar Spam is On the Rise (techcrunch.com) 28

New submitter petersike writes: If you're using iCloud to sync your calendar across your devices, chances are you just received a bunch of spammy invites over the last few days. Many users are reporting fake events about Black Friday 'deals' coming from Chinese users. If you're looking for cheap Ray-Ban or Louis Vuitton knockoffs, you might find these invites useful. Otherwise, you might be wondering: why is this a thing? If you use your calendar for work, you already rely on calendar invites to invite other people to meetings and events. All major calendar backends support this feature -- Google Calendar, Microsoft Exchange and Apple's iCloud. And it's quite a convenient feature as you only need to enter an email address to send these invitations. You don't need to be in the same company or even in your recipient's address book. But it's also yet another inbox -- and like every inbox out there, it can get abused.
Facebook

Locky Ransomware Uses Decoy Image Files To Ambush Facebook, LinkedIn Accounts (arstechnica.com) 36

An anonymous reader quotes a report from Ars Technica: A low-tech but cunning malware program is worrying security researchers after it started spreading rapidly in the past week through a new attack vector: by forcibly exploiting vulnerabilities in Facebook and LinkedIn. According to the Israeli security firm Check Point, security flaws in the two social networks allow a maliciously coded image file to download itself to a user's computer. Users who notice the download, and who then access the file, cause malicious code to install "Locky" ransomware onto their computers. Locky has been around since early this year, and works by encrypting victims' files and demands a payment of around half a bitcoin for the key. Previously, it had relied on a malicious macro in Word documents and spam e-mails, but Check Point says that in the past week there has been a "massive spread of the Locky ransomware via social media, particularly in its Facebook-based campaign." Users are advised not to open any file that has automatically downloaded, especially any image file with an unusual extension such as SVG, JS, or HTA -- though benign-looking images could exploit the way Windows hides file extensions by default.
Twitter

Spammers Compromised Popular Twitter Accounts Including Viacom And Microsoft Xbox (engadget.com) 23

"A number of popular Twitter accounts suddenly wanted to help you add more followers," joked Engadget. An anonymous reader writes: Early Saturday morning, due to a breach of the Twitter Counter analytics service, the compromised Twitter accounts started posting images touting services that sell Twitter followers. The affected accounts include @PlayStation, @Viacom, @XboxSupport, @TheNewYorker, @TheNextWeb, and @Money (Time's finance magazine) as well as @NTSB (the National Transportation Safety Board) and @ICRC (the Red Cross), and the Twitter accounts of famous individuals include astronaut Leland Melvin, Minnesota Governor Mark Dayton, and actor Charlie Sheen. "We can confirm that our service has been hacked; allowing posts on behalf of our user," Twitter Counter posted Saturday, announcing minutes later that "hackers CANNOT post on our users' behalf anymore."
"Apologies for the spam, everyone," tweeted the account for Xbox support, adding "We're cleaning things up now."
Facebook

Facebook Disputes Gizmodo Report, Says It Never Built and Withheld Any News Feed Changes Based on Their Political Impact (slate.com) 68

Tech news site Gizmodo reported Monday that Facebook planned a News Feed update that would have identified fake or hoax news stories, but "disproportionately impacted right-wing news sites by downgrading or removing that content from people's feeds" so it chose to never release the update. Facebook has denied the claims in the report. A spokesperson told Slate: "The article's allegation is not true. We did not build and withhold any News Feed changes based on their potential impact on any one political party. We always work to make News Feed more meaningful and informative, and that includes examining the quality and accuracy of items shared, such as clickbait, spam, and hoaxes. Mark himself said, "I want to do everything I can to make sure our teams uphold the integrity of our products." This includes continuously review updates (sic) to make sure we are not exhibiting unconscious bias.
Yahoo!

As Contradictions Mount, Experts Call For Declassification of Yahoo's Email-Scanning Order (onthewire.io) 50

An anonymous Slashdot reader writes: Look at this contradiction in the government's story about their secret scans on hundreds of millions of Yahoo emails. "Intelligence officials told Reuters that all Yahoo had to do was modify existing systems for stopping child pornography from being sent through its email or filtering spam messages." But three former Yahoo employee have now said that actually the court-ordered search "was done by a module attached to the Linux kernel -- in other words, it was deeply buried near the core of the email server operating system, far below where mail sorting was handled... They said that made it hard to detect and also made it hard to figure out what the program was doing."
Slashdot reader Trailrunner7 writes: Now, experts at the EFF and Sen. Ron Wyden say that the order served on Yahoo should be made public according to the text of a law passed last year. The USA Freedom Act is meant to declassify certain kinds of government orders, and the EFF says the Yahoo order fits neatly into the terms of the law. "If the reports about the Yahoo order are accurate -- including requiring the company to custom build new software to accomplish the scanning -- it's hard to imagine a better candidate for declassification and disclosure under Section 402," Aaron Mackey of the EFF said.
Security

Yahoo's Government Email Scanner Was Not A Modified Spam Filter, But a Secret Hacking Tool: Motherboard (vice.com) 45

The spy tool that the US government ordered Yahoo to install on its systems last year at the behest of the NSA or the FBI was a "poorly designed" and "buggy" piece of malware, according to two sources closely familiar with the matter, reports Motherboard. From the article: Last year, the US government served Yahoo with a secret order, asking the company to search within its users' emails for some targeted information, as first reported by Reuters this week. It's still unclear what was the information sought, but The New York Times, citing an anonymous official source, later reported that the government was looking for a specific digital "signature" of a "communications method used by a state-sponsored, foreign terrorist organization." Anonymous sources told The Times that the tool was nothing more than a modified version of Yahoo's existing scanning system, which searches all email for malware, spam and images of child pornography. But two sources familiar with the matter told Motherboard that this description is wrong, and that the tool was actually more like a "rootkit," a powerful type of malware that lives deep inside an infected system and gives hackers essentially unfettered access.
Spam

Amazon Marketplace Shoppers Slam the Spam (fortune.com) 120

Spammy follow-up email messages are turning off Amazon Marketplace shoppers. Shoppers who buy from Amazon's Marketplace typically like the convenience and prices. But many are also unhappy about the barrage of emails that sellers send them after the purchase, notes Fortune. It adds: Sellers deluge often inboxes with requests for product reviews, inquiries about how the process went, and sales pitches for more stuff. Considering the comments on social media, feedback from friends and family, and in posts in Amazon.com's customer service forum over the past two years, this problem is not getting any better. There appears to be no way to opt out of this email flood, which is odd, given Amazon's self-professed zeal for great customer service. One shopper in Amazon's customer forum thread posted a response from an Amazon service representative that apologized for the notifications and noted that the feedback had been forwarded to the company's "investigations team."
Botnet

Spam Hits Its Highest Level Since 2010 (networkworld.com) 47

Long-time Slashdot reader coondoggie quotes Network World: Spam is back in a big way -- levels that have not been seen since 2010 in fact. That's according to a blog post from Cisco Talos that stated the main culprit of the increase is largely the handiwork of the Necurs botnet... "Many of the host IPs sending Necurs' spam have been infected for more than two years.

"To help keep the full scope of the botnet hidden, Necurs will only send spam from a subset of its minions... This greatly complicates the job of security personnel who respond to spam attacks, because while they may believe the offending host was subsequently found and cleaned up, the reality is that the miscreants behind Necurs are just biding their time, and suddenly the spam starts all over again."

Before this year, the SpamCop Block List was under 200,000 IP addresses, but surged to over 450,000 addresses by the end of August. Interestingly, Proofpoint reported that between June and July, Donald Trump's name appeared in 169 times more spam emails than Hillary Clinton's.
Security

Microsoft Deprecating 'Obsolete' SmartScreen Spam Filters In Outlook and Exchange (winbeta.org) 29

An anonymous reader quotes a report from WinBeta: Microsoft is making changes to SmartScreen, a spam content filter, available in Windows 10. These changes will affect Outlook and Exchange users. In Outlook and Exchange, SmartScreen analyzes each email message and rates the email according to SmartScreen's Spam Confidence Level (SCL). These emails are then sent to Outlook's junk folder. Here's a look at the changes to SmartScreen, according to Microsoft: 1. "On November 1, 2016, Microsoft will stop generating updates for the SmartScreen spam filters in Exchange Server 2016 and earlier (2013, 2010, 2007), Outlook 2016 for Windows and earlier (2013, 2010, 2007) and Outlook 2011 for Mac. The SmartScreen spam filter will be removed from future versions of Exchange Server and Outlook for Windows. (SmartScreen is not available in any other version of Outlook). This announcement does not affect the SmartScreen Filter online protection features built into Windows, Microsoft Edge and Internet Explorer browsers. While branded similarly, those features are technically distinct. These SmartScreen Filters to help people to stay protected from malicious websites and downloads." After November 1, 2016, Microsoft will no longer release spam definition updates to SmartScreen filters in Outlook and Exchange. Your existing SmartScreen spam filters will remain in place; Microsoft will simply no longer provide updates for them.
Security

New Linux Trojan Is A DDoS Tool, a Bitcoin Miner, and Web Ransomware (softpedia.com) 63

An anonymous reader writes: A trojan that targeted Drupal sites on Linux servers last May that was incredibly simplistic and laughable in its attempt to install (and fail) web ransomware on compromised websites, has now received a major update and has become a top threat on the malware scene. That trojan, named Rex, has evolved in only three months into an all-around threat that can: (1) compromise servers and devices running platforms like Drupal, WordPress, Magento, Jetspeed, Exarid, AirOS; (2) install cryptocurrency mining in the background; (3) send spam; (4) use a complex P2P structure to manage its botnet; and (5) install a DDoS agent which crooks use to launch DDoS attacks.

Worse is that they use their DDoS capabilities to extort companies. The crooks send emails to server owners announcing them of 15-minute DDoS tests, as a forewarning of future attacks unless they pay a ransom. To scare victims, they pose as a known hacking group named Armada Collective. Other groups have used the same tactic, posing as Armada Collective, and extorting companies, according to CloudFlare.

Piracy

Scammers Use Harvard Education Platform to Promote Pirated Movies (torrentfreak.com) 27

TorrentFreak reports: Spammers are using Harvard's educational sharing tool H2O to promote pirated movies. Thousands of links to scammy sites have appeared on the site in recent weeks. Copyright holders are not happy with this unintended use and are targeting the pages with various takedown notices. H2O is a tool that allows professors and students to share learning material in a more affordable way. It is a welcome system that's actively used by many renowned scholars. However, in recent weeks the platform was also discovered by scammers. As a result, it quickly filled up with many links to pirated content. Instead of course instructions and other educational material, the H2O playlists of these scammers advertise pirated movies. The scammers in question are operating from various user accounts and operate much like traditional spam bots, offering pages with movie links and related keywords such as putlocker, megashare, viooz, torrent and YIFY.
Censorship

Facebook Admits Blocking WikiLeaks' DNC Email Links, But Won't Say Why (thenextweb.com) 270

An anonymous reader writes: Facebook has admitted it blocked links to WikiLeaks' DNC email dump, but the company has yet to explain why. WikiLeaks has responded to the censorship via Twitter, writing: "For those facing censorship on Facebook etc when trying to post links directly to WikiLeaks #DNCLeak try using archive.is." When SwiftOnSecurity tweeted, "Facebook has an automated system for detecting spam/malicious links, that sometimes have false positives. /cc," Facebook's Chief Security Officer Alex Stamos replied with, "It's been fixed." As for why there was a problem in the first place, we don't know. Nate Swanner from The Next Web writes, "It's possible its algorithm incorrectly identified them as malicious, but it's another negative mark on the company's record nonetheless. WikiLeaks is a known entity, not some torrent dumping ground. The WikiLeaks link issue has reportedly been fixed, which is great -- but also not really the point. The fact links to the archive was blocked at all suggests there's a very tight reign on what's allowed on Facebook across the board, and that's a problem." A Facebook representative provided a statement to Gizmodo: "Like other services, our anti-spam systems briefly flagged links to these documents as unsafe. We quickly corrected this error on Saturday evening."

Slashdot Top Deals