Ousted COO sues Pinterest, alleges rampant gender discrimination

A smartphone against a colorful but blurry background.

Enlarge / A Pinterest emblem seen displayed on a smartphone. (credit score: Mateusz Slodkowski | SOPA Photographs | LightRocket | Getty Photographs)

The previous chief working officer of Pinterest is suing her ex-employer, claiming that the platform’s woman-friendly public face is just not matched internally and as a substitute “displays a sample of discrimination and exclusion.”

Pinterest employed Francoise Brougher as chief working officer in March 2018, then fired her in April of this yr. In a lawsuit (PDF) Tuesday in California, Brougher claims that her dismissal was unrelated to her efficiency and was as a substitute in retaliation for complaining about sexism.

Brougher discovered in 2019, whereas reviewing filings that Pinterest was required to make as a part of its IPO, that she had been intentionally misled about government compensation. She was subsequently being paid much less effectively than different C-suite executives, the go well with alleges. After she introduced the discrepancy to the eye of Chief Govt Officer Ben Silbermann, she started being squeezed out of government and board conferences, Brougher alleged, which prevented her from with the ability to do her job.

Learn 10 remaining paragraphs | Feedback

Tagged : / / / / / / / / / /

Chinese language hackers have pillaged Taiwan’s semiconductor trade

Chinese hackers have pillaged Taiwan’s semiconductor industry

Enlarge (credit score: Getty Photos)

Taiwan has confronted existential battle with China for its total existence and has been focused by China’s state-sponsored hackers for years. However an investigation by one Taiwanese safety agency has revealed simply how deeply a single group of Chinese language hackers was capable of penetrate an trade on the core of the Taiwanese financial system, pillaging virtually its total semiconductor trade.

On the Black Hat safety convention as we speak, researchers from the Taiwanese cybersecurity agency CyCraft plan to current new particulars of a hacking marketing campaign that compromised at the very least seven Taiwanese chip corporations over the previous two years. The sequence of deep intrusions—known as Operation Skeleton Key because of the attackers’ use of a “skeleton key injector” method—appeared geared toward stealing as a lot mental property as attainable, together with supply code, software program improvement kits, and chip designs. And whereas CyCraft has beforehand given this group of hackers the title Chimera, the corporate’s new findings embody proof that ties them to mainland China and loosely hyperlinks them to the infamous Chinese language state-sponsored hacker group Winnti, additionally generally generally known as Barium, or Axiom.

Learn 13 remaining paragraphs | Feedback

Tagged : / / / /

The hunt to liberate $300,000 of bitcoin from an outdated ZIP file

The quest to liberate $300,000 of bitcoin from an old ZIP file

Enlarge (credit score: Getty Photos)

In October, Michael Keep acquired a bizarre message on LinkedIn. A complete stranger had misplaced entry to his bitcoin personal keys—and needed Keep’s assist getting his $300,000 again.

It wasn’t a complete shock that The Man, as Keep calls him, had discovered the previous Google safety engineer. Nineteen years in the past, Keep revealed a paper detailing a way for breaking into encrypted zip recordsdata. The Man had purchased round $10,000 price of bitcoin in January 2016, nicely earlier than the growth. He had encrypted the personal keys in a zipper file and had forgotten the password. He hoped Keep may assist him break in.

In a chat on the Defcon safety convention this week, Keep particulars the epic try that ensued.

Learn 18 remaining paragraphs | Feedback

Tagged : / /

Snapdragon chip flaws put >1 billion Android telephones susceptible to information theft

Stylized promotional image of a Qualcomm computer chip.

Enlarge (credit score: Qualcomm)

A billion or extra Android gadgets are susceptible to hacks that may flip them into spying instruments by exploiting greater than 400 vulnerabilities in Qualcomm’s Snapdragon chip, researchers reported this week.

The vulnerabilities might be exploited when a goal downloads a video or different content material that’s rendered by the chip. Targets may also be attacked by putting in malicious apps that require no permissions in any respect.

From there, attackers can monitor places and take heed to close by audio in actual time and exfiltrate photographs and movies. Exploits additionally make it doable to render the telephone fully unresponsive. Infections might be hidden from the working system in a manner that makes disinfecting tough.

Learn 7 remaining paragraphs | Feedback

Tagged : / / / / /

Garden chairs and kitchen tables: Ergonomics within the involuntary work-from-home period

This is your skeleton. This is your skeleton working from home. Any questions?

Enlarge / That is your skeleton. That is your skeleton working from dwelling. Any questions? (credit score: Aurich Lawson / Getty Photographs)

With places of work shuttered all over the world, many individuals are experiencing working from dwelling for the primary time—or experiencing it in for much longer doses than they have been used to. Many corporations are planning to maintain workers working remotely a minimum of a part of the time nicely into 2021. And a few are contemplating making it everlasting.

Numerous folks have needed to improvise their work-at-home workspaces. However now that we’re a number of months in, a few of that improvisation could also be sporting skinny. And one of many issues that usually will get pushed to the again burner in all this improvisation is ergonomics. If you have not labored from dwelling often prior to now, and also you’re now sitting on the kitchen desk on daily basis working from a corporate-issued laptop computer, you are most likely feeling the bodily strains of this never-going-to-be-normal actuality.

As somebody who has labored primarily from dwelling for 1 / 4 of a century, I’ve had a number of time to determine what does and doesn’t work in a house workplace. The adjustments which have include COVID-19—together with having my spouse and daughter in lockdown with me, each working from dwelling themselves—have required some changes and a few re-equipping. We would have liked our dwelling workspaces to assist the brand new world of labor whereas sustaining consolation and an inexpensive degree of sanity mid-pandemic.

Learn 21 remaining paragraphs | Feedback

Tagged : / / / / / /

Greater than 20GB of Intel supply code and proprietary knowledge dumped on-line

An Intel promotional has been modified to include the words

Enlarge (credit score: Tillie Kottman)

Intel is investigating the purported leak of greater than 20 gigabytes of its proprietary knowledge and supply code {that a} safety researcher stated got here from a knowledge breach earlier this yr.

The info—which on the time this put up went reside was publicly accessible on BitTorrent feeds—accommodates knowledge Intel makes accessible to companions and prospects beneath NDA, an organization spokeswoman stated. Talking on background, she stated Intel officers don’t consider the information got here from a community breach. She additionally stated the corporate continues to be attempting to find out how present the fabric is and that, to date, there isn’t any indicators the information consists of any buyer or private data.

“We’re investigating this example,” firm officers stated in an announcement. “The knowledge seems to return from the Intel Useful resource and Design Middle, which hosts data to be used by our prospects, companions and different exterior events who’ve registered for entry. We consider a person with entry downloaded and shared this knowledge.”

Learn 14 remaining paragraphs | Feedback

Tagged : / / / /

Insecure satellite tv for pc Web is threatening ship and aircraft security

A stylized globe is orbited by an oversized communications satellite.

Enlarge (credit score: Aurich Lawson / Getty Photographs)

Greater than a decade has handed since researchers demonstrated severe privateness and and safety holes in satellite-based Web providers. The weaknesses allowed attackers to listen in on and generally tamper with information acquired by hundreds of thousands of customers 1000’s of miles away. You may anticipate that in 2020—as satellite tv for pc Web has grown extra common—suppliers would have mounted these shortcomings, however you’d be unsuitable.

In a briefing delivered on Wednesday on the Black Hat safety convention on-line, researcher and Oxford Ph.D. candidate James Pavur offered findings that present that satellite-based Web is placing hundreds of thousands of individuals in danger, regardless of suppliers adopting new applied sciences which are imagined to be extra superior.

Over the course of a number of years, he has used his vantage level in mainland Europe to intercept the alerts of 18 satellites beaming Web information to folks, ships, and planes in a 100 million-square-kilometer swath that stretches from the US, Caribbean, China, and India. What he discovered is regarding. A small sampling of the issues he noticed embody:

Learn 20 remaining paragraphs | Feedback

Tagged : / / / / / /

What’s this? A bipartisan plan for AI and nationwide safety

A military drone is faceless and menacing against a mostly blue sky.

Enlarge / Closeup of a Predator MQ-9 uncrewed aerial automobile. (credit score: Tobias Schwarz | Getty Photos)

US Reps. Will Hurd and Robin Kelly are from reverse sides of the ever-widening aisle, however they share a priority that america might lose its grip on synthetic intelligence, threatening the American financial system and the stability of world energy.

On Thursday, Hurd (R-Tex.) and Kelly (D-In poor health.) supplied solutions to forestall the US from falling behind China, particularly, on functions of AI to protection and nationwide safety. They need to reduce off China’s entry to AI-specific silicon chips and push Congress and federal companies to commit extra assets to advancing and safely deploying AI expertise.

Though Capitol Hill is more and more divided, the bipartisan duo claims to see an rising consensus that China poses a critical menace and that supporting US tech growth is a crucial treatment.

Learn 14 remaining paragraphs | Feedback

Tagged : / / / /

Florida teen arrested, charged with being “mastermind” of Twitter hack

Extreme close-up image of the Twitter logo on the screen of a smartphone.

Enlarge (credit score: Tom Raftery / Flickr)

A Florida teen has been arrested and charged with 30 felony counts associated to the high-profile hijacking of greater than 100 Twitter accounts earlier this month.

Federal regulation enforcement arrested Graham Ivan Clark, 17, in Tampa earlier at present, the Workplace of Hillsborough State Legal professional Andrew Warren mentioned. The arrest adopted an investigation spearheaded by the Federal Bureau of Investigation and the Justice Division.

“These crimes have been perpetrated utilizing the names of well-known folks and celebrities, however they are not the first victims right here,” mentioned Warren. “This ‘Bit-Con’ was designed to steal cash from common People from all around the nation, together with right here in Florida. This huge fraud was orchestrated proper right here in our yard, and we won’t stand for that.”

Learn four remaining paragraphs | Feedback

Tagged : / / / / /

Crimson Hat and CentOS programs aren’t booting because of BootHole patches

A cartoon worm erupts from a computer chip.

Enlarge / Safety updates meant to patch the BootHole UEFI vulnerability are rendering some Linux programs unable in addition in any respect. (credit score: Aurich Lawson)

Early this morning, an pressing bug confirmed up at Crimson Hat’s bugzilla bug tracker—a person found that the RHSA_2020:3216 grub2 safety replace and RHSA-2020:3218 kernel safety replace rendered an RHEL 8.2 system unbootable. The bug was reported as reproducible on any clear minimal set up of Crimson Hat Enterprise Linux 8.2.

The patches have been meant to shut a newly found vulnerability within the GRUB2 boot supervisor known as BootHole. The vulnerability itself left a technique for system attackers to doubtlessly set up “bootkit” malware on a Linux system regardless of that system being protected with UEFI Safe Boot.

RHEL and CentOS

Sadly, Crimson Hat’s patch to GRUB2 and the kernel, as soon as utilized, are leaving patched programs unbootable. The problem is confirmed to have an effect on RHEL 7.Eight and RHEL 8.2, and it could have an effect on RHEL 8.1 and seven.9 as effectively. RHEL-derivative distribution CentOS can be affected.

Learn 6 remaining paragraphs | Feedback

Tagged : / /