dWebServe Submit News Opinions Worldwide

Twitter’s latest robo-nag will flag “harmful” language before you post
Dell patches a 12-year-old privilege escalation vulnerability
IoT is critical to enterprise digital transformation, Omdia says
Google just announced a rare exciting update for Android tablets
Facebook cloned Nextdoor with a new feature called Neighborhoods
Beware: This dangerous new malware can steal your passwords and your cryptocurrency
Data leak makes Peloton’s Horrible, No-Good, Really Bad Day even worse
EA acquires Super Mega Baseball dev Metalhead
Netskope: Lack of collaboration can block digital transformation
Metacore secures $179.9M in credit from Supercell for casual games

Twitter’s latest robo-nag will flag “harmful” language before you post

Posted: 05 May 2021 04:45 PM PDT

Enlarge / Before you tweet, you might be asked if you meant to be so rude. (credit: Getty Images / Sam Machkovech)

Want to know exactly what Twitter’s fleet of text-combing, dictionary-parsing bots defines as “mean”? Starting any day now, you’ll have instant access to that data—at least, whenever a stern auto-moderator says you’re not tweeting politely.

On Wednesday, members of Twitter’s product-design team confirmed that a new automatic prompt will begin rolling out for all Twitter users, regardless of platform and device, that activates when a post’s language crosses Twitter’s threshold of “potentially harmful or offensive language.” This follows a number of limited-user tests of the notices beginning in May of last year. Soon, any robo-moderated tweets will be interrupted with a notice asking, “Want to review this before tweeting?”

Earlier tests of this feature, unsurprisingly, had their share of issues. “The algorithms powering the [warning] prompts struggled to capture the nuance in many conversations and often didn’t differentiate between potentially offensive language, sarcasm, and friendly banter,” Twitter’s announcement states. The news post clarifies that Twitter’s systems now account for, among other things, how often two accounts interact with each other—meaning, I’ll likely get a flag for sending curse words and insults to a celebrity I never talk to on Twitter, but I would likely be in the clear sending those same sentences via Twitter to friends or Ars colleagues.

Read 8 remaining paragraphs | Comments

Follows Twitter’s effort to make you read the news before you share it.Biz & IT, automoderation, moderation, social media, Twitter

Dell patches a 12-year-old privilege escalation vulnerability

Posted: 05 May 2021 04:45 PM PDT

Enlarge / At least three companies have reported the dbutil_2_3.sys security problems to Dell over the past two years. (credit: Blogtrepreneur via Flickr)

Yesterday, infosec research firm SentinelLabs revealed twelve year old flaws in Dell’s firmware updater, DBUtil 2.3. The vulnerable firmware updater has been installed by default on hundreds of millions of Dell systems since 2009.

The five high severity flaws SentinelLabs discovered and reported to Dell lurk in the dbutil_2_3.sys module, and have been rounded up under a single CVE tracking number, CVE-2021-21551. There are two memory corruption issues and two lack of input validation issues, all of which can lead to local privilege escalation, and a code logic issue which could lead to a denial of service.

A hypothetical attacker abusing these vulnerabilities can escalate the privileges of another process, or bypass security controls to write directly to system storage. This offers multiple routes to the ultimate goal of local kernel-level access—a step even higher than Administrator or “root” access—to the entire system.

Read 3 remaining paragraphs | Comments

Dell firmware update driver 2.3 can be exploited to gain kernel-level privilege.Biz & IT, Tech, dell, firmware update, infosec, patch, update

IoT is critical to enterprise digital transformation, Omdia says

Posted: 05 May 2021 04:45 PM PDT

IoT platform growth set to boom, as industry survey discloses uptick in critical IoT deployments.Read MoreIoT platform growth set to boom, as industry survey discloses uptick in critical IoT deployments.Big Data, Cloud, Enterprise, Security, VB Home Page, AWS, category-/Business & Industrial, category-/Computers & Electronics/Enterprise Technology, Google Cloud, Internet of things, Microsoft Azure, Omdia

Google just announced a rare exciting update for Android tablets

Posted: 05 May 2021 04:45 PM PDT

The 2021 iPad Pro delivered a huge blow to Android tablet makers. The iPad Pro hardly had any competition in the market, and the M1-powered iPad Pro puts even more distance between Apple and the flagship Android tablets. The M1 processor offers performance well beyond what's available from the best Android tablets out there, and it's unlikely we'll see a true iPad Pro rival from the Android camp anytime soon. That's on top of the software differences, as Google has largely ignored Android tablets in recent years.

But Google does have a software upgrade in mind for Android tablets, having just announced a feature that many people might not even need. But it could also be the kind of feature that many others might appreciate right now. Unfortunately, it's not the big makeover you might have wanted for your Android tablet.

Today’s Top Deal

Shoppers are swarming Amazon to get the Roomba 675 robot vacuum while it’s only $199!

Price: $199.00
You Save: $80.99 (29%)
Buy Now

With I/O 2021 just a few days away, Google chose a peculiar moment to announce Entertainment Space, the new Android feature you'll see on select tablets going forward. For some reason, the announcement isn't worthy of an I/O reveal. And in some ways, it might be perceived as a defeat. Entertainment Space is all about entertainment, and bringing the feature to Android tablets relegates these devices to one duty: Providing entertainment.

Comparatively, iPadOS offers a richer tablet computing experience. iPads can replace traditional computers for entertainment purposes, in addition to serving entertainment. It's not just the iPad Pros that target more demanding consumers. The iPad Air has the same processor as the iPhone 12 series and runs the same software as the iPad Pros.

Google does say that Android tablet use has gone up over the last year, with 30% more people using these devices. The likely reason that happened is the coronavirus pandemic, which forced people to spend more time indoors and compete for screens. Tablets and laptops were used for school and work from home, but also for consuming entertainment.

Google's new Entertainment Space for Android tablets. Image source: Google

The new Entertainment Space will look a lot like the Google TV experience you'd get on the last-gen Google Chromecast. But it's not just access to your favorite streaming apps that Entertainment Space will offer. It also includes recommended apps, games, and books in a single place, which could be the kind of experience some tablet users might enjoy.

Entertainment Space is a one-stop, personalized home for all your favorite movies, shows, videos, games and books. You'll save time and avoid having to hop between apps to try to figure out what to do, whether it's to watch, play or read. Once you sign in to your subscription apps, Entertainment Space will show you your content in one place and tailored for you. And if you want to share your tablet, everyone in the family can have their own personalized profile.

Entertainment Space is also a way for Google to better learn what sort of entertainment you like. Entertainment Space will include three tabs: Watch, Games, and Read. The Watch tab will include a Continue Watching row, personalized and trending recommendations, and Google TV and YouTube support. Signing into streaming apps will bring them all over to the Watch tab.

A similar interface is available for the Games tab, which includes a Continue Playing row. It also supports Instant Play, which lets you play games without downloading the entire app. The Read tab provides access to your favorite boots, including audiobook versions.

Entertainment Space will not be ready to roll out on all Android devices. It starts with Walmart onn tablets this month. It'll then roll out globally on new and select Android tablets from Lenovo, Sharp, and others.

Today’s Top Deal

AirPods Pro are finally back in stock at Amazon… at the lowest price of 2021!

Price: $197.00
You Save: $52.00 (21%)
Buy NowThe 2021 iPad Pro delivered a huge blow to Android tablet makers. The iPad Pro hardly had any competition in the market, and the M1-powered iPad Pro puts even more distance between Apple and the flagship Android tablets. The M1 processor offers performance well beyond what's available from the best Android tablets out there, and it's unlikely we'll see a true iPad Pro rival from the Android camp anytime soon. That's on top of the software differences, as Google has largely ignored Android tablets in recent years.

Google launched Kids Space last year, targeting tablet users under 9. The Entertainment Space might cater to new Android users who might appreciate accessing all their entertainment in one place, without moving back and forth between apps. It’s the kind of feature that could be quite useful to less tech-savvy individuals who are still getting used to managing smartphones and tablets.
Entertainment Space is a one-stop, personalized home for all your favorite movies, shows, videos, games and books. You'll save time and avoid having to hop between apps to try to figure out what to do, whether it's to watch, play or read. Once you sign in to your subscription apps, Entertainment Space will show you your content in one place and tailored for you. And if you want to share your tablet, everyone in the family can have their own personalized profile.
Entertainment Space is also a way for Google to better learn what sort of entertainment you like. Entertainment Space will include three tabs: Watch, Games, and Read. The Watch tab will include a Continue Watching row, personalized and trending recommendations, and Google TV and YouTube support. Signing into streaming apps will bring them all over to the Watch tab.

Facebook cloned Nextdoor with a new feature called Neighborhoods

Posted: 05 May 2021 04:45 PM PDT

Facebook will not be content until it has cloned every app, website, and service on the planet, and the latest victim of the social network's cloning spree is Nextdoor. On Wednesday, Facebook announced that it has begun testing a new feature called Neighborhoods, which is a dedicated space where local groups can gather online.

As the company explains, your Neighborhoods profile is separate from your main Facebook profile, and you have to be at least 18 to join a neighborhood. In addition to being able to join the neighborhood that you live in, you will also have the ability to join Nearby Neighborhoods to see posts from those slightly farther from you.

Today’s Top Deal

The biggest Amazon device sale of 2021 is here — you won’t believe these crazy deals!

Price: $14.99-$279.00
Buy Now

When you create a Neighborhoods profile, you'll be given the opportunity to add your interests, favorite places, and a bio so that your neighbors will be able to get to know you through the Neighborhood Directory. You can introduce yourself in a post, comment on your neighbors' posts, and answer Neighborhood Questions. You can also choose to take on a role within your Facebook Neighborhood, such as socializer.

Within every Neighborhood is a Recommendations feature that where you can get suggestions from your neighbors about the best local restaurants, bars, or businesses, and a Favorite Polls feature that gives neighbors the chance to vote on their favorite places and businesses in the surrounding area.

Nextdoor has something of a spotty reputation when it comes to the way that "neighbors" interact with each other on the app, but Facebook says that Neighborhoods will be "safe and inclusive, with Neighborhoods Guidelines to help keep interactions among neighbors relevant and kind." Each Neighborhood will have moderators that review posts and comments, and if they see any posts that break the rules, they can hide them, at which point they will be reviewed by Facebook. If the team finds that the post violates its guidelines, it will be removed from the Neighborhood. You can also report posts you find objectionable and block neighbors without notifying them.

Also, it's worth noting that Neighborhoods is an optional experience on Facebook. You don't have to join if you don't want to, and you can keep using your main Facebook account without ever seeing the feature.

"You can find vibrant local Facebook groups about your area, or you can create your own Neighborhoods-bounded groups based on your interests," Facebook says on its blog. "Admins of local Facebook Groups can add their Group into Neighborhoods to make it easy for people living nearby to find it, and people using Neighborhoods can create or join Neighborhoods-bounded groups that are accessible within the Neighborhoods experience."

Facebook Neighborhoods is now available in Canada, and will begin rolling out soon in the United States. According to CNET, Charlotte, North Carolina; San Diego, California; Baton Rouge, Louisiana; and Newark, New Jersey are the first cities that will have Neighborhoods in the US in the coming months.

Today’s Top Deal

Shoppers are swarming Amazon to get the Roomba 675 robot vacuum while it’s only $199!

Price: $199.00
You Save: $80.99 (29%)
Buy NowFacebook will not be content until it has cloned every app, website, and service on the planet, and the latest victim of the social network’s cloning spree is Nextdoor. On Wednesday, Facebook announced that it has begun testing a new feature called Neighborhoods, which is a dedicated space where local groups can gather online.

When you create a Neighborhoods profile, you’ll be given the opportunity to add your interests, favorite places, and a bio so that your neighbors will be able to get to know you through the Neighborhood Directory. You can introduce yourself in a post, comment on your neighbors’ posts, and answer Neighborhood Questions. You can also choose to take on a role within your Facebook Neighborhood, such as socializer.

Nextdoor has something of a spotty reputation when it comes to the way that “neighbors” interact with each other on the app, but Facebook says that Neighborhoods will be “safe and inclusive, with Neighborhoods Guidelines to help keep interactions among neighbors relevant and kind.” Each Neighborhood will have moderators that review posts and comments, and if they see any posts that break the rules, they can hide them, at which point they will be reviewed by Facebook. If the team finds that the post violates its guidelines, it will be removed from the Neighborhood. You can also report posts you find objectionable and block neighbors without notifying them.

Also, it’s worth noting that Neighborhoods is an optional experience on Facebook. You don’t have to join if you don’t want to, and you can keep using your main Facebook account without ever seeing the feature.

“You can find vibrant local Facebook groups about your area, or you can create your own Neighborhoods-bounded groups based on your interests,” Facebook says on its blog. “Admins of local Facebook Groups can add their Group into Neighborhoods to make it easy for people living nearby to find it, and people using Neighborhoods can create or join Neighborhoods-bounded groups that are accessible within the Neighborhoods experience.”

Facebook Neighborhoods is now available in Canada, and will begin rolling out soon in the United States. According to CNET, Charlotte, North Carolina; San Diego, California; Baton Rouge, Louisiana; and Newark, New Jersey are the first cities that will have Neighborhoods in the US in the coming months.facebook, Nextdoor

Beware: This dangerous new malware can steal your passwords and your cryptocurrency

Posted: 05 May 2021 03:39 PM PDT

Phishing attacks have spawned a slew of new malware threats in recent days, according to researchers who've identified a serious threat actor behind three new connected malware families — which have been labeled as Doubledrag, Doubledrop, and Doubleback — and another unrelated threat called Panda Stealer, which is a variant of a cryptocurrency stealer and is mostly being spread via global email spam.

Here's a rundown on these new malware discoveries, including what researchers have found and the implications herein: Let's start with a report from FireEye's Mandiant cybersecurity team, which revealed malware strains that have never been seen before, with "professionally coded sophistication," and that came in two waves of phishing attacks globally. These attacks hit some 50 organizations at the end of 2020, with the first wave reported on December 2 and the second wave coming between December 11 and December 18.

Today’s Top Deal

The biggest Amazon device sale of 2021 is here — you won’t believe these crazy deals!

Price: $14.99-$279.00
Buy Now

In both waves, the US was the main target. "In December 2020, Mandiant observed a widespread, global phishing campaign targeting numerous organizations across an array of industries," the report notes. "Mandiant tracks this threat actor as UNC2529. Based on the considerable infrastructure employed, tailored phishing lures and the professionally coded sophistication of the malware, this threat actor appears experienced and well resourced." These phishing campaigns were built around tricking recipients into opening emails containing inline links to malicious URLs and subsequently tricking the victim into downloading dangerous files.

Because of this, it's worth reiterating that there's never a bad time to brush up on the best practices governing how to protect yourself from phishing attacks and emails that, more than ever, can look like they're the real thing — a package delivery update, or an alert from your bank or credit card company, for example. Here's a helpful rundown of some strategies to follow to stay safe from phishing attacks.

Meantime, the Panda Stealer malware we mentioned above was revealed, thanks to researchers from Trend Micro, to be targeting people around the world, including in the US, Japan, Australia, and Germany. "Panda Stealer is deployed through spam emails posing as business quote requests to lure unwary victims into opening malicious Excel files," the researchers explain.

This one sounds particularly nasty. "Once installed," the researchers continue, "Panda Stealer can collect details like private keys and records of past transactions from its victim's various digital currency wallets, including Dash, Bytecoin, Litecoin, and Ethereum. Not only does it target cryptocurrency wallets, it can steal credentials from other applications such as NordVPN, Telegram, Discord, and Steam."

Furthermore, Panda Stealer is also able to take screenshots of the infected computer and to exfiltrate data from browsers like cookies, passwords, and cards. The full Trend Micro report is definitely worth a read.

Phishing attacks have spawned a slew of new malware threats in recent days, according to researchers who’ve identified a serious threat actor behind three new connected malware families — which have been labeled as Doubledrag, Doubledrop, and Doubleback — and another unrelated threat called Panda Stealer, which is a variant of a cryptocurrency stealer and is mostly being spread via global email spam.

Here’s a rundown on these new malware discoveries, including what researchers have found and the implications herein: Let’s start with a report from FireEye's Mandiant cybersecurity team, which revealed malware strains that have never been seen before, with “professionally coded sophistication,” and that came in two waves of phishing attacks globally. These attacks hit some 50 organizations at the end of 2020, with the first wave reported on December 2 and the second wave coming between December 11 and December 18.

In both waves, the US was the main target. “In December 2020, Mandiant observed a widespread, global phishing campaign targeting numerous organizations across an array of industries,” the report notes. “Mandiant tracks this threat actor as UNC2529. Based on the considerable infrastructure employed, tailored phishing lures and the professionally coded sophistication of the malware, this threat actor appears experienced and well resourced.” These phishing campaigns were built around tricking recipients into opening emails containing inline links to malicious URLs and subsequently tricking the victim into downloading dangerous files.

Because of this, it’s worth reiterating that there’s never a bad time to brush up on the best practices governing how to protect yourself from phishing attacks and emails that, more than ever, can look like they’re the real thing — a package delivery update, or an alert from your bank or credit card company, for example. Here’s a helpful rundown of some strategies to follow to stay safe from phishing attacks.

Meantime, the Panda Stealer malware we mentioned above was revealed, thanks to researchers from Trend Micro, to be targeting people around the world, including in the US, Japan, Australia, and Germany. “Panda Stealer is deployed through spam emails posing as business quote requests to lure unwary victims into opening malicious Excel files,” the researchers explain.

This one sounds particularly nasty. “Once installed,” the researchers continue, “Panda Stealer can collect details like private keys and records of past transactions from its victim's various digital currency wallets, including Dash, Bytecoin, Litecoin, and Ethereum. Not only does it target cryptocurrency wallets, it can steal credentials from other applications such as NordVPN, Telegram, Discord, and Steam.”

Data leak makes Peloton’s Horrible, No-Good, Really Bad Day even worse

Posted: 05 May 2021 02:40 PM PDT

Enlarge (credit: Peloton)

Peloton is having a rough day. First, the company recalled two treadmill models following the death of a 6-year-old child who was pulled under one of the devices. Now comes word Peloton exposed sensitive user data, even after the company knew about the leak. No wonder the company's stock price closed down 15 percent on Wednesday.

Peloton provides a line of network-connected stationary bikes and treadmills. The company also offers an online service that allows users to join classes, work with trainers, or do workouts with other users. In October, Peloton told investors it had a community of 3 million members. Members can set accounts to be public so friends can view details such as classes attended and workout stats, or users can choose for profiles to be private.

I know where you worked out last summer

Researchers at security consultancy Pen Test Partners on Wednesday reported that a flaw in Peloton's online service was making data for all of its users available to anyone anywhere in the world, even when a profile was set to private. All that was required was a little knowledge of the faulty programming interfaces that Peloton uses to transmit data between devices and the company's servers.

Read 9 remaining paragraphs | Comments

Faulty API let anyone grab users' private data, including weight and gender.Biz & IT, Tech, data leaks, Peloton, personal information

EA acquires Super Mega Baseball dev Metalhead

Posted: 05 May 2021 02:40 PM PDT

Electronic Arts announced today that it has acquired Metalhead Software, the studio behind the Super Mega Baseball series.Read MoreElectronic Arts announced today that it has acquired Metalhead Software, the studio behind the Super Mega Baseball series.GamesBeat, category-/Games/Computer & Video Games/Sports Games, category-/Sports/Team Sports/Baseball, console gaming, Electronic Arts, Metalhead Software, PC gaming, Super Mega Baseball

Netskope: Lack of collaboration can block digital transformation

Posted: 05 May 2021 02:40 PM PDT

When security and network teams don’t work well together, digital transformation efforts suffer, Netskope said in its survey on collaboration.Read MoreWhen security and network teams don’t work well together, digital transformation efforts suffer, Netskope said in its survey on collaboration.Cloud, Enterprise, VB Home Page, category-/News, cloud security, digital transformation, reports, SASE

Metacore secures $179.9M in credit from Supercell for casual games

Posted: 05 May 2021 02:40 PM PDT

Mobile game studio Metacore has raised $179.9 million in funding from Supercell to continue developing its casual mobile games.Read MoreMobile game studio Metacore has raised $179.9 million in funding from Supercell to continue developing its casual mobile games.GamesBeat, Mobile, category-/Business & Industrial, category-/Games/Computer & Video Games, DeanBeat Mobile and Social, Merge Mansion, Metacore, mobile games, Supercell