Technology

Windows 11 is getting out of hand with its push for advertisments, frankly - remember the recent full-screen pop-up to persuade users to install Edge or other Microsoft services? Then another advertisment was placed in the Start menu, and now Microsoft has finally worn my temper thin - with a new Game Pass ad coming to the Settings app.

This will likely arrive in the July update for Windows 11, or at least it’s almost certain to do so. It was present in the latest preview update Microsoft just released for the OS (and quickly paused due to a bug, but that’s another story). It’s also worth noting that the ad has been present in earlier test versions of Windows 11.

Archived

Here is a thread on it: https://infosec.exchange/@jtig/112689665815283809

• So far "there is no evidence to suggest that the product environment or customer data is affected," the company says on its website.
• TeamViewer's internal IT environment is completely independent from its product environment, the firm adds.

[Edit typo.]

Earlier this year, Microsoft revealed that a Russia-based cybercriminal group labeled as Midnight Blizzard got access to the email accounts of its top executives in late 2023. Today, the company has confirmed that it is informing more of its customers that emails sent to those executives were seen by that hacker group.

The Russian security breach, combined with an earlier one in 2023 by Chinese hackers who accessed Outlook-based government email accounts in the US and Europe, has been a major embarrassment to Microsoft.

cross-posted from: https://feddit.org/post/259710

• The University Hospital Centre Zagreb (KBC Zagreb) is under cyberattack that started on Wednesday (June 26) night. All services are working, but the processing of patients is slower than usual, Milivoj Novak, Assistant Director at the hospital, has said.

• The attacks have been claimed by the pro-Russian NoName057(16) hacker group and have resulted in a temporary unavailability of the institutions’ websites and online portals. The sites are back online now.

• It is currently unknown whether the cyberattack against the hospital involved the deployment of ransomware, and whether it’s connected to yesterday’s DDoS attacks on the websites of several Croatian government and financial institutions: the Ministry of Finance, the Tax Administration, the Croatian National Bank (HNB), the Economic Bank of Zagreb (PBZ), and the Zagreb Stock Exchange (ZSE).

cross-posted from: https://feddit.org/post/258478

• At the Public Spaces conference in the Netherlands on June 6th, Alexis Kauffmann from the French Ministry of Education and co-founder of the non-profit software platform FraMaSoft, discussed France’s move towards a comprehensive open source-based education strategy, 2023-2027. The aim is to achieve digital sovereignty and reduce dependence on big tech companies like Microsoft and Google, which are widely used in education systems in other countries.
• “One of the key actions is to offer authoring tools to our teacher and tools based on open source software. No Google Classrooms. Not Microsoft Teams. We have chosen Moodle Elea as a learning management system,” explained Alexis Kauffmann who also pointed to other tools to learn to code and mathematics like Jupyter.
• France uses an app platform with open-source tools like Nextcloud, Big Blue Botton, and Collaboration. They even have their own ‘github’ (owned by Microsoft) called La Forge, where teachers share code.
• “To support this, we have public funds for digital commons, we organise workshops and finance the software, and therefore we can do without Microsoft and Google,” Alexis Kauffmann explained.

“I am not saying it is easy. The biggest obstacle is political courage to resist the lobbyists both at a national and European level,” he said and pointed to other risks like the quality of big tech’s products, being isolated in Europa, and artificial intelligence.

He hopes other European countries will follow suit and quoted The European Council Recommendation on education:

Louis Rossman discuses many design flaws made by Apple over the years throughout their entire catalog.

This video also came out a few days after I praise the Macbook Pro series for being higher quality then their competition as well. 😂 🫣

On Wednesday, June 26, 2024, TeamViewer, a leading provider of remote access software, announced that attackers had compromised its internal corporate IT environment.

The company’s security team detected an “irregularity” in their internal systems, prompting an immediate response.

TeamViewer activated its incident response procedures and brought in external cybersecurity experts to investigate and implement remediation measures.

In a statement, TeamViewer emphasized that its corporate IT environment is “completely independent” from its product environment.

The company stated there is no evidence that the breach affected customer data or the TeamViewer product itself. However, investigations are still ongoing.

Galaxy S25 Ultra leaks hint at a design overhaul, camera upgrades with new sensors, and possibly a MediaTek chip option.

If this thread is to be believed their statement about TeamViewers products being unaffected is likely not true.

cross-posted from: https://infosec.pub/post/14206569

Hi all,

First off: Can't switch to Linux, Windows is a work requirement. Please spare me.

With that out of the way, here's my problem:

Since 2-3 days I've been seeing ads disguised as a minimized video player popup on my Windows 10 Login Screen .

Initially I thought I might have been watching something on youtube and forgot to close the tab and it autoplayed in the background until reaching this stuff by chance; but that turned out not to be the case (I'm also using Firefox exclusively, which I thought wouldn't integrate with Windows, but I wasn't 100% sure on that end).

I tried to research this a bit, but the only similar case I found was in an old reddit thread saying that some Windows update installed the LinkedIn App for them, which is not the case here.

Antivirus (Bit Defender) and Malwarebytes both give me a clean report.

So I did some more digging and right click that thing with my firewall set to deny all to figure out where this is taking me, and surprise...

There's a total of 100 connection attempts from Windows Search to around 10 different IP addresses, all of which belong to Microsoft.

I have not installed any updates in the last 14 days, no new software, and have not changed any system settings.

What did change is that I am currently not in China, where I normally live, but am on a business trip to Malaysia, where a bunch of services that are blocked in China might be accessible, and are now splicing in those (somewhat disguised) ads.

Does this happen to anyone else, and if so, do you have an idea how to get rid of it?

Thanks a lot in advance!

Mac malware that steals passwords, cryptocurrency wallets, and other sensitive data has been spotted circulating through Google ads, making it at least the second time in as many months the widely used ad platform has been abused to infect web surfers.

Like most other large advertising networks, Google Ads regularly serves malicious content that isn’t taken down until third parties have notified the company. Google Ads takes no responsibility for any damage that may result from these oversights. The company said in an email it removes malicious ads once it learns of them and suspends the advertiser and has done so in this case.

People who want to install software advertised online should seek out the official download site rather than relying on the site linked in the ad. They should also be wary of any instructions that direct Mac users to install apps through the right-click method mentioned earlier. The Malwarebytes post provides indicators of compromise people can use to determine if they’ve been targeted.

Netflix, once a pioneer of ad-free viewing that offered a break from traditional TV norms, is now contemplating launching free ad-supported versions of its service in markets like Europe and Asia, Bloomberg reported.

The plans to offer a free ad-supported tier, albeit in select markets, suggests that pivot towards monetizing user data, in other words — making users and not the extensive library of award-winning shows a product, might be well in the pipeline.

• Time removed its paywall in June 2023, resulting in a rise in advertising revenue but a loss of digital subscribers, with traffic remaining relatively flat.
• The decision was influenced by broader industry trends and the publisher's focus on working with advertisers and leveraging its brand equity in other ventures.
• Time aims to achieve profitability by expanding its direct advertising and sponsorship business, growing its global events slate, and exploring new ventures like connected television.

Very interesting news. I haven't tried it out personally; But if it works, I imagine that'd be huge.

An ID verification company that works on behalf of TikTok, X and Uber, among others, has left a set of administrative credentials exposed for more than a year, as reported by 404 Media.

The Israel-based AU10TIX verifies the identity of users by using pictures of their faces and drivers’ licenses, potentially opening up both to hackers.

If you are curious whether Ubiquiti ditched the fan on the new U7 Pro Max, well, I have some bad news for you. I opened the device and this is the teardown video.