Phishing attack disguises itself as DocuSign document

A new wave of phishing attacks, disguised as an email from DocuSign, aimed at obtaining user credentials from all major email providers has been discovered by the Cofense Phishing Defense Center.

DocuSign is an electronic signature technology that is used by businesses and individuals to exchange contracts, tax documents and legal materials. The threat actors behind this new wave of phishing attacks are using this legitimate application to trick users into handing over their credentials.

The attack begins when a user receives an email that appears to be from DocuSign as it includes its actual logo and the content of the message is similar to real emails sent from the company. However, the first line of the message does not contain the recipient’s name and simply says “Good day”.

From the email header, Cofense was able to determine that the threat source originates from the [...]  read more

Glow raises $2.3M to help podcasters make money

Glow is a new startup that says it wants to help podcasters build media business.

That’s something co-founder and CEO Amira Valliani said she tried to do herself. After a career that included working in the Obama White House and getting an MBA from Wharton, she launched a podcast covering local elections in Cambridge, Mass., and she said that after the initial six episodes, she struggled to find a sustainable business model.

Valliani (pictured above with her co-founder and chief product officer Brian Elieson) recalled thinking, “Well, I got this one grant and I’d love to do more, but I need to figure out a way to pay for it.” She realized that advertising didn’t make sense, but when a listener expressed interest in paying her directly, none of the existing platforms made it easy.

“I just couldn’t figure it out,” she said. “I felt an acute need, and I thought, ‘Are there other people out there who haven’t been able to figure out how to do it, because the lift is just [...]  read more

Apple Gives Hackers a Special iPhone—And a Bigger Bug Bounty

For more than a decade, Apple has built a fortress around the iPhone, making iOS devices arguably the most locked-down computers accessible to hundreds of millions of people. So locked down, in fact, that even well-intentioned security researchers have trouble getting the access necessary to dig into their internals. Now Apple is taking an unprecedented step: distributing a more hacker-friendly iPhone to its favorite researchers, letting them hack the phone on “easy mode” in the interests of making it harder for everyone else.

It’s also offering bigger rewards than ever before for hackers who who can find and report those vulnerabilities. Its iOS bug bounty will pay out up to $1.5 million for a single attack technique that a researcher discovers and shares discreetly with the company.

An iPhone for Hackers

At the Black Hat security conference Thursday, Apple’s head of security engineering and architecture Ivan Krstić announced a broad revamping of the company’s [...]  read more

Wirecutter’s best deals: Save $300 on a Google Pixel 3

Google Pixel 3 (64GB)

google

Street price: $800; deal price: $500

The Google Pixel 3 (64GB), our upgrade Android phone pick, has dropped to a new low of $500 in all three available finishes. If you’re looking for more memory, the 128GB version of the Pixel 3 is also discounted down to $600 from a street price of $900.

As our upgrade Android pick in our guide to the best smartphones, the Pixel 3 is one of the fastest Android phones we’ve ever tested. Wirecutter Editor Andrew Cunningham wrote, “The Google Pixel 3 and Pixel 3 XL—two sizes of the same phone with 5.5-inch and 6.3-inch screens, respectively—have the newest, fastest version of Android, the best camera performance regardless of lighting conditions, and excellent displays. Google guarantees monthly updates on these phones until October 2021, which is much better than what you can expect from Samsung, LG, OnePlus, or even Android One phones like some of our budget picks.”

Incase Nylon Accessory Organizer

Incase

Street price: $46; deal price: $35

Discounted to $35 [...]  read more

AMD Epyc processors for servers are here – with up to 64-cores

Back at Computex 2019 when AMD CEO Lisa Su took the stage to unveil all the Zen 2 processors Team Red would be releasing over the next year, we knew that server processors were on the way – and now they’re here. 

AMD has unveiled its Epyc processors, and they’re featuring some pretty serious specs. With these server processors, you’ll be able to get up to 64-cores provided you’re willing to drop the $6,950 (about £5,580, AU$9,890) it calls for. 

Now, AMD Epyc processors are for servers, which means you won’t exactly find them in the best gaming PCs, but they also serve as an example of where AMD’s 7nm (nanometer) Zen 2 architecture can go when it’s pushed to the extreme. And, because these processors feature the same 15% IPC (instructions per clock) uplift as their Ryzen 3rd Generation counterparts, they feature up to 80% faster performance over last generation products, according to Tom’s Hardware.

Couple the raw performance [...]  read more

Centrato da una trave, operaio cade nel vano dell’ascensore: è in coma

Drammatico incidente, giovedì mattina, in un cantiere di via Giovanni Battista Soresina, a pochi passi da corso Vercelli. In fin di vita un operaio di 28 anni: il giovane è stato colpito alla testa da una trave ed è precipitato nel vano dell’ascensore di un parcheggio in cui stava lavorando. Immediato l’intervento degli operatori del 118, accorsi sul posto con vigili del fuoco e carabinieri. Il giovane è stato trasportato d’urgenza all’ospedale Niguarda, ma le sue condizioni sono disperate: all’arrivo dei soccorsi il 28enne era già in coma.

8 agosto 2019 | 13:21

© RIPRODUZIONE RISERVATA

social experiment by Livio Acerbo #greengroundit #corriereit https://milano.corriere.it/notizie/cronaca/19_agosto_08/centrato-una-trave-operaio-cade-vano-ascensore-coma-93d3fef6-b9cb-11e9-8fe8-844ac90f9596.shtml

Hidden Algorithm Flaws Expose Websites to DoS Attacks

This week, the notorious forum 8chan went down after its infrastructure provider Cloudflare withdrew its services over the forum’s radical, violence-promoting content. Cloudflare didn’t shut the site down directly, but by removing its protection against distributed denial of service attacks, it could all but guarantee that the forum would crash. But while the classic types of DDoS attack, which overwhelm a site with junk traffic, have persisted and evolved across the web, researchers are warning about a new spinoff: subtle attacks that target not server capacity, but algorithms.

Many websites and services rely on algorithms to transform data inputs into actions and results. But new research detailed at the Black Hat cybersecurity conference Thursday shows how a small, seemingly innocuous input for an algorithm can cause it to do a huge amount of work—slowing a service down or crashing it entirely in the process, all with just a few bytes.

Lily Hay Newman covers information security, digital privacy, and hacking for WIRED.

Nathan Hauke and [...]  read more