Archive

Archive for January 13, 2020

Oyo Scales Back as SoftBank-Funded Companies Retreat by VINDU GOEL, KARAN DEEP SINGH and ERIN GRIFFITH

January 13, 2020 Leave a comment


By VINDU GOEL, KARAN DEEP SINGH and ERIN GRIFFITH

The Indian hospitality start-up is losing hotel rooms and has stepped back from more than 200 cities as part of a broader pullback by firms financed by SoftBank.

Published: January 12, 2020 at 06:00PM

from NYT Technology https://ift.tt/35W5Atq
via IFTTT

Categories: Internet Tags: ,

Welcome to India, Mr. Bezos. Here’s an Antitrust Complaint. by VINDU GOEL

January 13, 2020 Leave a comment


By VINDU GOEL

India opened a formal investigation into Jeff Bezos’ Amazon and its leading rival, Flipkart, just before his first visit in five years.

Published: January 12, 2020 at 06:00PM

from NYT Technology https://ift.tt/2sl8qdw
via IFTTT

Categories: Internet Tags: ,

Microsoft CEO Nadella Says Saddened by India’s Citizenship Law: BuzzFeed by REUTERS

January 13, 2020 Leave a comment


By REUTERS

Microsoft Corp’s India-born Chief Executive Officer Satya Nadella said he was saddened by a new citizenship law based on religion that was recently implemented in his home country, BuzzFeed News reported on Monday.

Published: January 12, 2020 at 06:00PM

from NYT Technology https://ift.tt/3a9zL3i
via IFTTT

Categories: Internet Tags: ,

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

January 13, 2020 Leave a comment

Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows. Those sources say Microsoft has quietly shipped a patch for the bug to branches of the U.S. military and to other high-value customers/targets that manage key Internet infrastructure, and that those organizations have been asked to sign agreements preventing them from disclosing details of the flaw prior to Jan. 14, the first Patch Tuesday of 2020.

According to sources, the vulnerability in question resides in a Windows component known as crypt32.dll, a Windows module that Microsoft says handles “certificate and cryptographic messaging functions in the CryptoAPI.” The Microsoft CryptoAPI provides services that enables developers to secure Windows-based applications using cryptography, and includes functionality for encrypting and decrypting data using digital certificates.

A critical vulnerability in this Windows component could have wide-ranging security implications for a number of important Windows functions, including authentication on Windows desktops and servers, the protection of sensitive data handled by Microsoft’s Internet Explorer/Edge browsers, as well as a number of third-party applications and tools.

Equally concerning, a flaw in crypt32.dll might also be abused to spoof the digital signature tied to a specific piece of software. Such a weakness could be exploited by attackers to make malware appear to be a benign program that was produced and signed by a legitimate software company.

This component was introduced into Windows more than 20 years ago — back in Windows NT 4.0. Consequently, all versions of Windows are likely affected (including Windows XP, which is no longer being supported with patches from Microsoft).

Microsoft has not yet responded to requests for comment. However, KrebsOnSecurity has heard rumblings from several sources over the past 48 hours that this Patch Tuesday (tomorrow) will include a doozy of an update that will need to be addressed immediately by all organizations running Windows.

Will Dormann, a security researcher who authors many of the vulnerability reports for the CERT Coordination Center (CERT-CC), tweeted today that “people should perhaps pay very close attention to installing tomorrow’s Microsoft Patch Tuesday updates in a timely manner. Even more so than others. I don’t know…just call it a hunch?” Dormann declined to elaborate on that teaser.

It could be that the timing and topic here (cryptography) is nothing more than a coincidence, but KrebsOnSecurity today received a heads up from the U.S. National Security Agency (NSA) stating that NSA’s Director of Cybersecurity Anne Neuberger is slated to host a call on Jan. 14 with the news media that “will provide advanced notification of a current NSA cybersecurity issue.”

The NSA’s public affairs folks did not respond to requests for more information on the nature or purpose of the discussion. The invitation from the agency said only that the call “reflects NSA’s efforts to enhance dialogue with industry partners regarding its work in the cybersecurity domain.”

Stay tuned for tomorrow’s coverage of Patch Tuesday and possibly more information on this particular vulnerability.

from Krebs on Security https://ift.tt/2t5z9vd
via IFTTT

Fraudulento y muy escurridizo: conócelo todo sobre ‘Joker’, uno de los malwares más agresivos de Android, de la mano de Google

January 13, 2020 Leave a comment

El malware es el gran problema de cualquier plataforma informática, y siendo Android una de las plataformas móviles más utilizadas del mundo es lógico que sea también una de las más afectadas por el software malicioso. No en vano, Google eliminó hace poco 104 apps con más de 4 millones de descargas que contenían malware, e incluso hemos visto felicitaciones de Navidad que no querían sólo alegrarnos las fiestas. Hay

Entra en Andro4all para leer el artículo completo

Puedes unirte a nosotros en Twitter, Facebook o en Google+

¡Suscríbete a nuestro canal de YouTube!

Publicado recientemente en Andro4all

La entrada Fraudulento y muy escurridizo: conócelo todo sobre ‘Joker’, uno de los malwares más agresivos de Android, de la mano de Google se publicó primero en Andro4all.

from Andro4all https://ift.tt/37YVSYk
via IFTTT

Categories: Internet Tags: , ,

Website Collecting Australian Fire Donations Hit by Magecart

January 13, 2020 Leave a comment

The attack may have compromised donors’ payment information.

from Dark Reading: https://ift.tt/2FMDxC4
via IFTTT

Exploits Released for As-Yet Unpatched Critical Citrix Flaw

January 13, 2020 Leave a comment

Organizations need to apply mitigations for vulnerability in Citrix Application Delivery Controller and Citrix Gateway ASAP, security researchers say.

from Dark Reading: https://ift.tt/2tUA9SU
via IFTTT