Google's Safety Check feature for Chrome, which, among other things, checks the internet to see if any of your saved passwords have been compromised, will now "run automatically in the background" on desktop, the company said in a blog post on Thursday. From a report: The constant checks could mean that you're alerted about a password that you should change sooner than you would have before. Safety Check also watches for bad extensions or site permissions you need to look at, and you can act on Safety Check alerts from Chrome's three-dot menu. In addition, Google says that Safety Check can revoke a site's permissions if you haven't visited it in a while. Google also announced an upcoming feature for Chrome's tab groups, also on desktop: Chrome will let you save tab groups so that you can use those groups across devices, which might be handy when moving between a PC at home and a laptop when traveling. Google says this feature will roll out "over the next few weeks."

An anonymous reader quotes a report from The Register: It will take 283 years for female representation in IT to make up an equal share of the tech workforce in the UK, according to a report from the British Computer Society, the chartered institute for IT (BCS). BCS has calculated that based on trends from 2005 to 2022, it would take nearly three centuries for the representation of women in the IT workforce -- currently 20 percent -- to reach the average representation across the whole UK workforce, currently at 48 percent. BCS's annual Diversity Report also found that progress towards the gender norm was stalling in IT jobs. Between 2018 and 2021, the proportion of women tech workers rose from 16 percent to 20 percent. But there was no change in 2022, according to BCS analysis of data from the Office for National Statistics.

Julia Adamson, BCS managing director for education and public benefit, said in a statement: "More women and girls need the opportunity to take up great careers in a tech industry that's shaping the world. A massive pool of talent and creativity is being overlooked when it could benefit employers and the economy. There has to be a radical rethink of how we get more women and girls into tech careers, and a more inclusive tech culture is ethically and morally the right thing to do. Having greater diversity means that what is produced is more relevant to, and representative of, society at large. This is crucial when it comes to, for instance, the use of AI in medicine or finance. The fact that 94 percent of girls and 79 percent of boys drop computing at age 14 is a huge alarm bell we must not ignore; the subject should have a broader digital curriculum that is relevant to all young people."

arXiv blog: arXiv's goal is equitable access to scientific research for all -- and to achieve this, we have been working to make research papers more accessible for arXiv users with disabilities. We are happy to announce that as of Monday, December 18th, arXiv is now generating an HTML formatted version of all papers submitted in TeX/LaTeX (as long as papers were submitted on or after December 1st, 2023 and HTML conversion is successful).

HTML is not replacing PDF but will be an additional format available for arXiv users. Submitters will be invited to preview the HTML version of their papers during submission time, the same way they have always done with PDF. When accessing a paper's abstract page, readers will see a link to view the HTML paper right under the PDF link. The request to offer arXiv-hosted papers in HTML format comes directly from scientists with disabilities who face barriers to accessing the research they need. HTML formatted papers are more easily and accurately read by screen readers and other technologies, which can assist researchers with reading disabilities, including blindness, low vision, dyslexia, and more.

Beeper is giving up on its mission to bring iMessage to Android after implementing a series of fixes that Apple has knocked down one by one over the past month. From a report: Although the company has issued a complex workaround, it says it has no plans to roll out another one if this one is knocked down by Apple. "Each time that Beeper Mini goes 'down' or is made to be unreliable due to interference by Apple, Beeper's credibility takes a hit," the company wrote in a blog post. "It's unsustainable. As much as we want to fight for what we believe is a fantastic product that really should exist, the truth is that we can't win a cat-and-mouse game with the largest company on earth. With our latest software release, we believe we've created something that Apple can tolerate existing. We do not have any current plans to respond if this solution is knocked offline"

New submitter ekimminau writes: On the morning of December 20, 2023, thousands of users turned on their Samsung TV to find that the Samsung TV Plus application was missing. Available for free on 2016-2023 Samsung Smart TVs, Galaxy devices, Smart Monitors, Family Hub refrigerators, and the web, for many it is their primary method of TV viewing. The masses began flocking to the Samsung community forums asking ... what was going on.

From Cord Cutters: At this time, Samsung has not posted any updates about the outage. Customer service has been telling customers they are aware of the outage and are working on fixing it. This news comes as Samsung recently added seven local FOX news channels for community stories, sports updates, weather forecasts and more. The new markets are Austin, Detroit, Milwaukee, Orlando, Phoenix, Seattle and Tampa Bay. Right now, this outage seems to only be affecting the app on Smart TVs as the website is still working letting anyone stream Samsung TV Plus for free streaming online through the website.

A worrying number of UK authorities are still unaware of the impending switch-off of 2G and 3G mobile networks, according to Local Government Association (LGA) figures. From a report: While 38 percent of respondents were fully aware, 27 percent were only partially aware, and 7 percent had no idea at all that the axe would be falling by 2033 at the latest. The numbers worsened when the researchers spoke to respondents in senior management. Almost half (48 percent) were "partially aware" the UK's 2G and 3G mobile networks were due to be switched off and 14 percent were not at all aware.

The actual switch-off will happen over the next few years. UK mobile operators have told government they do not intend to offer 2G and 3G mobile networks past 2033 at the latest, and there is a high likelihood that some networks will be shut down earlier. The UK government said it welcomes plans to end services ahead of time. Vodafone, for example, intends to pull the plug on 3G once and for all from January 2024. Although most consumers, with their 4G and 5G devices, will likely be unaware of the end when it comes, the same cannot be said of local authorities. According to the survey, almost two-thirds of respondents (63 percent) reported that their authority was still using devices or services reliant on 2G and 3G networks.

jd writes: Ars Technica is reporting a newly-discovered man-in-the-middle attack against SSH. This only works if you are using "ChaCha20-Poly1305" or "CBC with Encrypt-then-MAC", so it isn't a universal flaw. The CVE numbers for this vulnerability are CVE-2023-48795, CVE-2023-46445, and CVE-2023-46446.

From TFA:

At its core, Terrapin works by altering or corrupting information transmitted in the SSH data stream during the handshake -- the earliest stage of a connection, when the two parties negotiate the encryption parameters they will use to establish a secure connection. The attack targets the BPP, short for Binary Packet Protocol, which is designed to ensure that adversaries with an active position can't add or drop messages exchanged during the handshake. Terrapin relies on prefix truncation, a class of attack that removes specific messages at the very beginning of a data stream.

The Terrapin attack is a novel cryptographic attack targeting the integrity of the SSH protocol, the first-ever practical attack of its kind, and one of the very few attacks against SSH at all. The attack exploits weaknesses in the specification of SSH paired with widespread algorithms, namely ChaCha20-Poly1305 and CBC-EtM, to remove an arbitrary number of protected messages at the beginning of the secure channel, thus breaking integrity. In practice, the attack can be used to impede the negotiation of certain security-relevant protocol extensions. Moreover, Terrapin enables more advanced exploitation techniques when combined with particular implementation flaws, leading to a total loss of confidentiality and integrity in the worst case.

Longtime Slashdot reader UnknowingFool writes: Microsoft has released a new software tool to remove printer software from HP that was installed without user permission or system need. A few weeks ago, users noticed that Windows Update installed HP printer software even if they did not have HP printers or printers at all. Affecting Windows 10 and 11, consumers reported that this update sometimes caused problems as it could rename their non-HP printers as HP printers causing some printing features to be inaccessible. Microsoft has not disclosed the root cause of the issue. The fix released by Microsoft requires users to download and run a dedicated troubleshooting tool available from Microsoft's support site. "There are four different versions of the troubleshooter, depending on whether you have the 32- or 64-bit version of an Arm or x86 version of Windows," notes Ars Technica. "Microsoft will also release an additional recommended troubleshooting tool 'in the coming weeks' that will fix the problem in Windows 11 upon a user's request without requiring the download of a separate tool."

In a notice on Monday, Xfinity notified customers of a "data security incident" that resulted in the theft of customer information, including usernames, passwords, contact information, and more. The Verge reports: Xfinity traces the breach to a security vulnerability disclosed by cloud computing company Citrix, which began alerting customers of a flaw in software Xfinity and other companies use on October 10th. While Xfinity says it patched the security hole, it later uncovered suspicious activity on its internal systems "that was concluded to be a result of this vulnerability."

The hack resulted in the theft of customer usernames and hashed passwords, according to Xfinity's notice. Meanwhile, "some customers" may have had their names, contact information, last four digits of their social security numbers, dates of birth, and / or secret questions and answers exposed. Xfinity has notified federal law enforcement about the incident and says "data analysis is continuing."

We still don't know how many users were affected by the breach. Xfinity will automatically ask customers to change their passwords the next time they log in to their accounts, and it's also encouraging users to turn on two-factor authentication. You can find the full notice, including contact information for the company's incident response team, on Xfinity's website (PDF). UPDATE 12/19/23: According to TechCrunch, almost 36 million Xfinity customers had their sensitive information accessed by hackers via a vulnerability known as "CitrixBleed." The vulnerability is "found in Citrix networking devices often used by big corporations and has been under mass-exploitation by hackers since late August," the report says. "Citrix made patches available in early October, but many organizations did not patch in time. Hackers have used the CitrixBleed vulnerability to hack into big-name victims, including aerospace giant Boeing, the Industrial and Commercial Bank of China and international law firm Allen & Overy."

"In a filing with Maine's attorney general, Comcast confirmed that almost 35.8 million customers are affected by the breach. Comcast's latest earnings report shows the company has more than 32 million broadband customers, suggesting this breach has impacted most, if not all Xfinity customers."

A ransomware group that claimed to have successfully hacked Insomniac Games has now leaked the vast majority of its stolen files. From a report: Last week ransomware group Rhysida threatened to expose sensitive data about the company, its employees and its upcoming games, if it wasn't paid for the data. It then published data online which appeared to corroborate its claim that it had successfully hacked the Sony-owned studio, including an annotated screenshot from Insomniac's upcoming Wolverine game.

The group then threatened to publish the stolen data within seven days, but first offered it for auction with a starting price of 50 Bitcoins (approximately $2 million). Now, according to Cyber Daily, Rhysida has followed through with its threat and posted more than 1.3 million files totalling 1.67 terabytes to its darknet leak site. Around 98% of the hacked data has been leaked, with Rhysida stating that "not sold data was uploaded," implying that the remaining 2% may have been sold to someone.

An international group of law enforcement agencies have seized the dark web leak site of the notorious ransomware gang known as ALPHV, or BlackCat. From a report: "The Federal Bureau of Investigation seized this site as part of a coordinated law enforcement action taken against ALPHV Blackcat Ransomware," a message on the gang's dark web leak site now reads, seen by TechCrunch. According to the splash, the takedown operation also involved law enforcement agencies from the United Kingdom, Denmark, Germany, Spain and Australia.

In a later announcement confirming the disruption, the U.S. Department of Justice said that the international takedown effort, led by the FBI, enabled U.S. authorities to gain visibility into the ransomware group's computer to seize "several websites" that ALPHV operated. The FBI also released a decryption tool that has already enabled more than 500 ALPHV ransomware victims to restore their systems. (The government's search warrant puts the number at 400 victims.) The FBI said it worked with dozens of victims in the United States, saving them from paying ransom demands totaling approximately $68 million.

Hackers stole the sensitive personal information of more than 14.6 million Mr. Cooper customers, the mortgage and loan giant has confirmed. From a report: In a filing with Maine's attorney general's office, Mr. Cooper said the hackers stole customer names, addresses, dates of birth and phone numbers, as well as customer Social Security numbers and bank account numbers. Mr. Cooper previously said that customer banking information was stored by a third-party company and believed to be unaffected. Mr. Cooper said in a separate filing with federal regulators on Friday that hackers obtained personal data on "substantially all of our current and former customers."

The number of affected victims is significantly higher than the four million existing customers that Mr. Cooper claims on its website, likely because of the historical data that the company stores on mortgage holders. Mr. Cooper said in its data breach notification letter to affected victims that the stolen data includes personal information on those whose mortgage was previously acquired or serviced by the company when it was known as Nationstar Mortgage, prior to its rebranding as Mr. Cooper. The company said affected customers may include those whose mortgages were serviced by a sister brand.

Delta Dental of California announced that they've suffered a data breach that exposed the personal data of almost seven million patients. BleepingComputer reports: Delta Dental of California is a dental insurance provider that covers 45 million people across 15 states and is part of the Delta Dental Plans Association. According to a Delta Dental of California data breach notification (PDF), the company suffered unauthorized access by threat actors through the MOVEit file transfer software application.

The software was vulnerable to a zero-day SQL injection flaw leading to remote code execution, tracked as CVE-2023-34362, which the Clop ransomware gang leveraged to breach thousands of organizations worldwide. Delta Dental of California learned about the compromise on June 1, 2023, and five days later, following an internal investigation, it confirmed that unauthorized actors had accessed and stolen data from its systems between May 27 and May 30, 2023. The second, more lengthy investigation to determine the exact impact of the security incident was completed on November 27, 2023.

Based on this, the data breach has so far impacted 6,928,932 customers of Delta Dental of California, who had their names, financial account numbers, and credit/debit card numbers, including security codes, exposed. Delta Dental of California provides 24 months of free credit monitoring and identity theft protection services to impacted patients to mitigate the risk of their exposed data. Details on enrolling in the program are enclosed in the personal notices.

A marketing team within media giant Cox Media Group (CMG) claims it has the capability to listen to ambient conversations of consumers through embedded microphones in smartphones, smart TVs, and other devices to gather data and use it to target ads, according to a review of CMG marketing materials by 404 Media and details from a pitch given to an outside marketing professional. From a report: Called "Active Listening," CMG claims the capability can identify potential customers "based on casual conversations in real time." The news signals that what a huge swath of the public has believed for years -- that smartphones are listening to people in order to deliver ads -- may finally be a reality in certain situations. Until now, there was no evidence that such a capability actually existed, but its myth permeated due to how sophisticated other ad tracking methods have become.

It is not immediately clear if the capability CMG is advertising and claims works is being used on devices in the market today, but the company notes it is "a marketing technique fit for the future. Available today." 404 Media also found a representative of the company on LinkedIn explicitly asking interested parties to contact them about the product. One marketing professional pitched by CMG on the tech said a CMG representative explained the prices of the service to them. "What would it mean for your business if you could target potential clients who are actively discussing their need for your services in their day-to-day conversations? No, it's not a Black Mirror episode -- it's Voice Data, and CMG has the capabilities to use it to your business advantage," CMG's website reads.

China on Friday proposed a four-tier classification to help it respond to data security incidents, highlighting Beijing's concern with large-scale data leaks and hacking within its borders. From a report: The plan, which is currently soliciting opinions from the public, proposes a four-tier, colour-coded system depending on the degree of harm inflicted upon national security, a company's online and information network, or the running of the economy.

According to the plan, incidents that involve losses surpassing 1 billion yuan ($141 million) and affect the personal information of over 100 million people, or the "sensitive" information of over 10 million people, will be classed as "especially grave," to which a red warning must be issued. The plan demands that in response to red and orange warnings, the involved companies and relevant local regulatory authorities must establish a 24-hour work rota to address the incident and MIIT must be notified of the data breach within ten minutes of the incident happening, among other measures.

Government researchers in the U.S. are studying methods to help identify hackers based on the code they use to carry out cyberattacks. From a report: The Intelligence Advanced Research Projects Activity, the lead federal research agency for the intelligence community, plans to develop technologies that could speed up investigations for identifying perpetrators of cyberattacks. "The number of attacks is increasing far more than the number of forensic experts that are available to go after these attacks," said Kristopher Reese, who is managing the research program at IARPA and holds a doctorate in computer science and engineering. The lack of forensic resources means hackers who target small organizations or companies that don't fall under critical infrastructure sectors often escape identification, he said.

Tools that are developed as part of the planned 30-month research project won't replace human analysts, who are crucial for identifying social and political dynamics that might explain why a particular hacking group targeted a victim, Reese said. But using artificial intelligence to analyze code used in cyberattacks will make investigations more efficient, he said. IARPA is accepting pitches from researchers until next month and plans to begin research next summer. [...] There hasn't been enough research into how analyzing code can reveal a hacker's identity, Reese said. Behavioral traits evident in code can reveal specific countries where hackers might be from or even the university where they were trained, he said. Some companies also have style guides outlining how employees should program, which could leave traces that indicate a person worked there, he said.

Amrita Khalid reports via The Verge: Proton has released a desktop version of its Proton Mail app that will give users full access to both Proton Mail and Proton Calendar and (eventually) the ability to view your emails offline. The desktop app is available in beta is optimized for both Windows and macOS, and encrypts sent emails end-to-end just like with the browser version, according to the Swiss company, while offline access to emails will be available "soon." [...] It's important to note that you'll still need internet access to both send and encrypt your emails on Proton. But the offline feature will let you view and draft emails while traveling, during a power outage, or any other situation where you don't have access to the internet.

Proton is also bringing encrypted auto-forwarding to paid users, both on its desktop and browser versions, though the encryption for forwards will only apply when the forwarded emails go to other Proton users. The company says it has made improvements to Proton Calendar, too, including a fully searchable web version. Not everyone will be able to access Proton's desktop app right away. Proton is restricting access to its paid "Visionary" tier for legacy users at first (though the company is reopening subscriptions to that tier through January 3rd, 2024). The plan is to make the desktop app available to all users in early 2024.

An anonymous reader quotes a report from TechCrunch: Hackers compromised the code behind a crypto protocol used by multiple web3 applications and services, the software maker Ledger said on Thursday. Ledger, a company that makes a widely used and popular crypto hardware and software wallet, among other products, announced on X (previously Twitter) that someone had pushed out a "malicious version" of its Ledger Connect Kit, a library that decentralized apps (dApps) made by other companies and projects use to connect to the Ledger wallet service.

"A genuine version is being pushed to replace the malicious file now. Do not interact with any dApps for the moment. We will keep you informed as the situation evolves," Ledger wrote. Soon after, Ledger posted an update saying that the hackers had replaced the genuine version of its software some six hours earlier, and that the company was investigating the incident and would "provide a comprehensive report as soon as it's ready." After this story was published, Ledger spokesperson Phillip Costigan shared more details about the hack with TechCrunch and on X.

Costigan said that a former Ledger employee was victim of a phishing attack on Thursday, which gave the hackers access to their former employee's NPMJS account, which is a software registry that was acquired by GitHub. From there, the hackers published a malicious version of the Ledger Connect Kit. "The malicious code used a rogue WalletConnect project to reroute funds to a hacker wallet," Costigan said. Then, Ledger deployed a fix within 40 minutes of the company becoming aware of the hack. The malicious file, however, was live for round 5 hours, but "the window where funds were drained was limited to a period of less than two hours," according to Costigan. Ledger also "coordinated" with WalletConnect which "quickly disabled the the rogue project," essentially stopping the attack, according to Costigan. Costigan also said Ledger pushed out a genuine software update that is "safe to use." "We are actively talking with customers whose funds might have been affected, and working proactively to help those individuals at this time," the Ledger spokeperson said, adding that the company believes it has identified the hackers' wallet.

Google is about to launch its grand plan to block third-party cookies in Chrome that many websites use to track your activity across the web for profit. From a report: Starting on January 4th, Google will start testing its new Tracking Protection feature that will eventually restrict website access to third-party cookies by default. It will come to a very small subset of Chrome users at the start, specifically to one percent of users globally. Afterward, Google plans to phase out the use of third-party cookies for all users in the second half of 2024.

If you're randomly selected to try Tracking Protection, Google will notify you when opening Chrome on desktop or Android. If there are issues detected by Chrome while you're browsing, a prompt will appear asking if you'd like to temporarily re-enable third-party cookies for the site.

According to the Wall Street Journal, Apple is including new Stolen Device Protection in iOS 17.3 that requires authentication through Face ID or Touch ID to perform certain actions. The Verge reports: The new feature appears to come in response to the concerns raised in previous reports by The Wall Street Journal describing how thieves watch their victims type in their iPhone passcodes and then steal their devices. This gives thieves access to a trove of personal and financial information stored on the device, allowing them to lock victims out of their iCloud accounts and spend thousands of dollars using saved payment information.

If you opt in to the feature, you would have to verify your identity with face or fingerprint biometrics when doing things like viewing your saved passwords in iCloud Keychain, applying for a new Apple Card, factory resetting your device, using saved payment methods in Safari, and turning off Lost Mode. This way, thieves wouldn't be able to steal your information even if they have your phone and the passcode.

For even more sensitive actions, like changing your Apple ID password, changing your iPhone passcode, or turning off Find My, the new Stolen Device Protection feature adds an additional hurdle if the device is somewhere other than locations you often frequent, like at home or in the office. It requires you to not only verify your identity with Face ID or Touch ID but also wait one hour and then repeat the authentication process again.