Think Twice Before Using Google To Download Software, Researchers Warn

Searching Google for downloads of popular software has always come with risks, but over the past few months, it has been downright dangerous, according to researchers and a pseudorandom collection of queries. Ars Technica reports: “Threat researchers are used to seeing a moderate flow of malvertising via Google Ads,” volunteers at Spamhaus wrote on Thursday. “However, over the past few days, researchers have witnessed a massive spike affecting numerous famous brands, with multiple malware being utilized. This is not “the norm.'”

The surge is coming from numerous malware families, including AuroraStealer, IcedID, Meta Stealer, RedLine Stealer, Vidar, Formbook, and XLoader. In the past, these families typically relied on phishing and malicious spam that attached Microsoft Word documents with booby-trapped macros. Over the past month, Google Ads has become the go-to place for criminals to spread their malicious wares that are disguised as legitimate downloads by impersonating brands such as Adobe Reader, Gimp, Microsoft Teams, OBS, Slack, Tor, and Thunderbird.

On the same day that Spamhaus published its report, researchers from security firm Sentinel One documented an advanced Google malvertising campaign pushing multiple malicious loaders implemented in .NET. Sentinel One has dubbed these loaders MalVirt. At the moment, the MalVirt loaders are being used to distribute malware most commonly known as XLoader, available for both Windows and macOS. XLoader is a successor to malware also known as Formbook. Threat actors use XLoader to steal contacts’ data and other sensitive information from infected devices. The MalVirt loaders use obfuscated virtualization to evade end-point protection and analysis. To disguise real C2 traffic and evade network detections, MalVirt beacons to decoy command and control servers hosted at providers including Azure, Tucows, Choopa, and Namecheap. “Until Google devises new defenses, the decoy domains and other obfuscation techniques remain an effective way to conceal the true control servers used in the rampant MalVirt and other malvertising campaigns,” concludes Ars. “It’s clear at the moment that malvertisers have gained the upper hand over Google’s considerable might.”

Read more of this story at Slashdot.

Dashlane Publishes Its Source Code To GitHub In Transparency Push

Password management company Dashlane has made its mobile app code available on GitHub for public perusal, a first step it says in a broader push to make its platform more transparent. TechCrunch reports: The Dashlane Android app code is available now alongside the iOS incarnation, though it also appears to include the codebase for its Apple Watch and Mac apps even though Dashlane hasn’t specifically announced that. The company said that it eventually plans to make the code for its web extension available on GitHub too. Initially, Dashlane said that it was planning to make its codebase “fully open source,” but in response to a handful of questions posed by TechCrunch, it appears that won’t in fact be the case.

At first, the code will be open for auditing purposes only, but in the future it may start accepting contributions too –” however, there is no suggestion that it will go all-in and allow the public to fork or otherwise re-use the code in their own applications. Dashlane has released the code under a Creative Commons Attribution-NonCommercial 4.0 license, which technically means that users are allowed to copy, share and build upon the codebase so long as it’s for non-commercial purposes. However, the company said that it has stripped out some key elements from its release, effectively hamstringing what third-party developers are able to do with the code. […]

“The main benefit of making this code public is that anyone can audit the code and understand how we build the Dashlane mobile application,” the company wrote. “Customers and the curious can also explore the algorithms and logic behind password management software in general. In addition, business customers, or those who may be interested, can better meet compliance requirements by being able to review our code.” On top of that, the company says that a benefit of releasing its code is to perhaps draw-in technical talent, who can inspect the code prior to an interview and perhaps share some ideas on how things could be improved. Moreover, so-called “white-hat hackers” will now be better equipped to earn bug bounties. “Transparency and trust are part of our company values, and we strive to reflect those values in everything we do,” Dashlane continued. “We hope that being transparent about our code base will increase the trust customers have in our product.”

Read more of this story at Slashdot.

Startups Capture CO2 and Store It In Concrete

A California startup using rocks to soak up carbon dioxide from the air has teamed up with a Canadian company to mineralize the gas in concrete, a technological tie-up that is a first and they say could provide a model for fighting climate change globally. Reuters reports: Heirloom Carbon Technologies delivered about 30 kg (66 lb) of CO2 collected from the air around its San Francisco Bay Area headquarters to neighboring Central Concrete, a Vulcan Materials’ (VMC.N) subsidiary that on Wednesday incorporated the gas into new concrete. That’s equivalent to tailpipe emissions of driving about 75 miles (120 km) in a car. The joint effort was the first time that carbon dioxide absorbed from the atmosphere using such Direct Air Capture (DAC) technology had been secured in concrete, where the CO2 will stay put for centuries, several scientists said.

Heirloom heats crushed limestone to release naturally absorbed CO2, then puts the CO2-starved rock on columns of huge trays, where they act like sponges, soaking up close to half their weight in the gas over three days. The rock is then heated to release the collected ambient carbon dioxide, and the cycle repeats. Canada’s CarbonCure, the concrete technology company, mixes CO2 with concrete ingredients, turning it into a mineral that strengthens the concrete, cutting the need for cement — the part of concrete with the biggest carbon footprint.

Read more of this story at Slashdot.

Pentagon Elects Not To Shoot Down Chinese Spy Balloon Traveling Over Montana

“A Chinese spy balloon is floating over the continental United States,” writes Slashdot reader q4Fry. “As it headed over Montana, ‘civilian flights in the area were halted and U.S. military aircraft, including advanced F-22 fighter jets, were put in the air.'” The Washington Post reports: The balloon’s flight path takes it over “a number of sensitive sites,” the senior [Pentagon] official said, but it appears it does not have the ability collect information that is “over and above” other tools at China’s disposal, like low-orbit satellites. Nevertheless, the Pentagon is taking undisclosed “mitigation steps” to prevent Beijing from gathering additional intelligence.
“We put some things on station in the event that a decision was made to bring this down,” the official said. “So we wanted to make sure we were coordinating with civil authorities to empty out the airspace around that potential area. But even with those protective measures taken, it was the judgment of our military commanders that we didn’t drive the risk down low enough. So we didn’t take the shot.” “The US believes Chinese spy satellites in low Earth orbit are capable of offering similar or better intelligence, limiting the value of whatever Beijing can glean from the high-altitude balloon, which is the size of three buses,” reports CNN, citing a defense official.

“It does not create significant value added over and above what the PRC is likely able to collect through things like satellites in low Earth orbit,” the senior defense official said. Nevertheless, House Speaker Kevin McCarthy called for a briefing of the “Gang of Eight” — the group of lawmakers charged with reviewing the nation’s most sensitive intelligence information.

Read more of this story at Slashdot.

How a Tiny Radioactive Capsule Was Found In Western Australia

A radioactive capsule that was reported lost in Western Australia on January 25 has been found. The BBC reports: On 25 January, when mining company Rio Tinto reported that one of their Caesium-137 radioactive capsules had gone missing, Western Australian authorities faced a seemingly impossible task. They had to locate a pea-sized capsule anywhere along a 1,400km (870 mile) route stretching from the Gudai-Darri mine in the north of the state to a depot just north of Perth’s city centre. Authorities sprung into action, mobilizing specialist search crews to look for the capsule, with firefighters among those asked to foray from their usual summer tasks. […] Before notifying the public to the threat, on 26 January, authorities began searching in Perth and around the mine site in Newman.

On January 27, an urgent health warning was issued to notify the public about the risk posed by the radioactive capsule. Health authorities had a simple message to anyone who may come across it: Stay away. “It emits both beta rays and gamma rays so if you have it close to you, you could either end up with skin damage including skin burns,” the state’s Chief Health Officer Andy Robertson warned. By January 27, search parties were in full force looking for the tiny capsule. But they were not scouting for it using their eyes – they were using portable radiation survey meters. The survey meters are designed to detect radioactivity within a 20m radius. Police focused their efforts on the GPS route the truck had taken, and on sites close to Perth’s metropolitan and high-density areas. One site along the Great Northern Highway was prioritized by police on 28 January after unusual activity on a Geiger counter – a device used for measuring radioactivity – was reported by a member of public. But that search did not uncover the capsule.

The next day, additional resources requested from Australia’s federal government had been approved and those overseeing the search began planning its next phase. With the new equipment in Western Australia and ready for use by 30 January, the search ramped up. An incident controller at the state’s emergency services department, Darryl Ray, described the new tools provided by the government only as “specialized radiation detection equipment.” Local media reported that radiation portal monitors and a gamma-ray spectrometer were among the new items being used by search crews. But by the end of 31 January, the capsule continued to evade search crews.

So the next morning, when the government revealed the capsule had been found just two meters off the side of the highway at 11:13 local time Wednesday, it seemed the all-but-impossible had been achieved. “You can only imagine it’s a pretty lonely stretch of road from Newman down to Perth,” Fire and Emergency Services Commissioner Darren Klemm said at a press conference on Wednesday. “You can’t help but imagine there was an element of surprise from the people in the car when the equipment did spike up.” While hesitant to give the exact location the radioactive capsule was found, Mr Klemm described it as “the best possible outcome.” Local media reports suggest it was found some 74km from Newman – so around 200km from the mine site. No one appeared to have been injured by the capsule, according to authorities, and it did not seem to have moved from where it fell. Mr Klemm said the additional resources from the federal government proved key to finding the capsule.

Read more of this story at Slashdot.

The Galaxy Book3 Ultra Is Samsung’s Shot At the MacBook Pro

At the Samsung Galaxy Unpacked 2023 event today, Samsung announced the Galaxy Book3 Ultra, a 16-inch workstation laptop with a 120Hz OLED screen, an H-Series Core i7 or Core i9, and an RTX 4050 or 4070 GPU. “Samsung makes a number of Galaxy Book models, but this is the first one of the past few years that has really targeted the deep-pocketed professional user — that is, the core audience for Apple’s high-powered and wildly expensive MacBook Pro 16,” reports The Verge. “It’ll start at $2,399.99 ($100 cheaper than the base MacBook Pro 16), with a release date still to be announced.” From the report: Like its siblings in the Galaxy Book3 line, a big draw of this workstation will be its screen. It’s got a 2880 x 1800 120Hz 16:10 OLED display (a welcome change from the 16:9 panels that adorned last year’s Galaxy Book2) rated for 400 nits of brightness […]. Elsewhere, using the device felt pretty similar to using any number of other Samsung Galaxy Books, with a satisfyingly clicky keyboard, a smooth finish, a high-quality build, and a compact chassis. The Ultra is 0.65 inches thick and 3.9 pounds, which is slightly thinner and close to a pound lighter than the 16-inch MacBook Pro that Apple just released […].

I was able to use a number of Samsung’s continuity features, including Second Screen (which allows you to easily use a Galaxy Tab as a second monitor) and Quick Share (which allows you to quickly transfer images and other files between Samsung devices). For Samsung enthusiasts, those seem like handy features that aren’t too much of a hassle to set up. The one feature I had issues with was the touchpad — it registered some of my two-finger clicks as one-finger clicks and wasn’t quite picking up all of my scrolls. The units in Samsung’s demo area were preproduction devices, so I hope this is a kink Samsung can iron out before the final release.

Unfortunately, we don’t yet know how it will stack up when it comes to battery life. The M2 generation of MacBooks is very strong on that front — and given that the Galaxy Book3 Ultra is running a high-resolution screen, a power-hungry H-series processor, and a very power-hungry RTX GPU, I’m a little bit nervous about that. If Samsung can pull off a device that lasts nearly as long as Apple’s do, given those factors, hats off to them. Further reading:
The Samsung Galaxy S23 Ultra Is a Minor Update To a Spec Monster
Samsung, Google and Qualcomm Team Up To Build a New Mixed-Reality Platform

Read more of this story at Slashdot.

Snap Hints At Future AR Glasses Powered By Generative AI

On Tuesday’s fourth-quarter earnings call, Snapchat maker Snap revealed that its future AR glasses will be powered by generative AI technology. TechCrunch reports: Social media company and Snapchat maker Snap has for years defined itself as a “camera company,” despite its failures to turn its photo-and-video recording glasses known as Spectacles into a mass-market product and, more recently, its decision to kill off its camera-equipped drone. […] Snap CEO Evan Spiegel agreed that, in the near term, there were a lot of opportunities to use generative AI to make Snap’s camera more powerful. However, he noted that further down the road, AI would be critical to the growth of augmented reality, including AR glasses.

The exec said that, initially, generative AI could be used to do things like improve the resolution and clarity of a Snap after the user captures it, or could even be used for “more extreme transformations,” editing images or creating Snaps based on text input. (We should note that generative AI, at least in the way the term is being thrown around today, is not necessarily required to improve photo resolution.) Spiegel didn’t pin any time frames to these types of developments or announce specific products Snap had in the works, but said the company was thinking about how to integrate AI tools into its existing Lens Studio technology for AR developers. “We saw a lot of success integrating Snap ML tools into Lens Studio, and it’s really enabled creators to build some incredible things. We now have 300,000 creators who built more than 3 million lenses in Lens Studio,” Spiegel told investors. “So, the democratization of these tools, I think, will also be very powerful,” he added, in reference to the future integrations of AI tech.

What’s most interesting, perhaps, was the brief insight Spiegel offered about how Snap foresees the potential for AI when used in AR glasses. Though Snap’s Spectacles have not broken any sales records, the company continues to develop the product. The most recent version, the Spectacles 3, expands beyond recording standard photos and video with the addition of new tools like 3D filters and AR graphics. Spiegel suggested that AI could have an impact on this product as well, thanks to its ability to improve the process of building for AR. “We can use generative AI to help build more of these 3D models very quickly, which can really unlock the full potential of AR and help people make their imagination real in the world,” Spiegel added.

Read more of this story at Slashdot.