Payment card skimmers have hit four online merchants with help from Heroku, a cloud provider owned by Salesforce, a researcher has found.
Heroku is a cloud platform designed to make things easier for users to build, maintain, and deliver online services. It turns out that the service also makes things easier for crooks to run skimmers that target third-party sites.
On Wednesday, Jérôme Segura, director of threat intelligence at security provider Malwarebytes, said he found a rash of skimmers hosted on Heroku. The hackers behind the scheme not only used the service to host their skimmer infrastructure and deliver it to targeted sites. They also used Heroku to store stolen credit-card data. Heroku administrators suspended the accounts and removed the skimmers within an hour of being notified, Segura told Ars.
Police say the gadget can restrain people without force, amid scrutiny of law enforcement tactics.
There are people who object to newfangled technologies that address our reliance on dirty energy. For them, claims like this are irresistible catnip: electric vehicles aren't actually cleaner than their gas-burning counterparts. What a delicious I-told-you-so to those naïve environmentalists! The only problem with these claims is that they aren't true.
This particular assertion is based on the idea that the manufacturing of big batteries for these cars generates so much emissions that all later savings are canceled out. Sometimes, this argument requires unfair assumptions, like expecting an internal combustion vehicle to last far longer than an EV. But it always requires cherry-picking a high estimate for battery manufacturing emissions.
One of those estimates came from a 2017 study from the IVL Swedish Environmental Research Institute. Based on the data that it had to work with, the institute's study put the emissions at 150-200 kilograms of CO2 per kilowatt-hour of lithium-ion battery capacity—one of the highest estimates that has been published.
A Christmas ad for the exercise bike firm has been mocked on social media as being "out of touch".
Amazon Studios has announced four new cast members for The Wheel of Time, the long-awaited TV adaptation of the late Robert Jordan's bestselling 14-book series of epic fantasy novels, Deadline Hollywood reports. Clearly, Amazon has joined the hunt for the next Game of Thrones, since within the fantasy genre, Jordan's series is as popular as George R.R. Martin's A Song of Ice and Fire. The first season of the TV adaptation started shooting on September 16—coincidentally, the 12th anniversary of Jordan's death in 2007.
The TV series will center on Moiraine (played by Oscar-nominee Rosamund Pike), a member of a powerful, all-woman organization called the Aes Sedai. (In this world, magic exists, but only certain women can use it—i.e., the members of the Aes Sedai.) She identifies four young people, one of whom could be the reincarnation of a person who, prophecies say, will save or destroy humanity. Together, the youngsters embark on a journey across the world.
As Ars reported earlier this year, the first round of casting included Josha Stradowski as Rand al'Thor, aka The Dragon Reborn, He Who Comes With the Dawn, the Coramoor, Shadowkiller, and who knows how many other monikers. Marcus Rutherford was cast as apprentice blacksmith and dream-walker Perrin Aybara. Zoe Robins plays healer Nynaeve al'Meara, and Madeleine Madden plays the powerful channeler Egwene al'Vere. Finally, Barney Harris was cast as series comic relief Matrim Cauthon.
IBM X-Force, the company's security unit, has published a report of a new form of "wiper" malware connected to threat groups in Iran and used in a destructive attack against companies in the Middle East. The sample was discovered in a response to an attack on what an IBM spokesperson described as "a new environment in the [Middle East]—not in Saudi Arabia, but another regional rival of Iran."
Dubbed ZeroCleare, the malware is "a likely collaboration between Iranian state-sponsored groups," according to a report by IBM X-Force researchers. The attacks were targeted against specific organizations and used brute-force password attacks to gain access to network resources. The initial phase of the attacks was launched from Amsterdam IP addresses owned by a group tied to what IBM refers to as the "ITG13 Group"—also known as "Oilrig" and APT34. Another Iranian threat group may have used the same addresses to access accounts prior to the wiper campaign.
"While X-Force IRIS cannot attribute the activity observed during the destructive phase of the ZeroCleare campaign," the researchers noted, "we assess that high-level similarities with other Iranian threat actors, including the reliance on ASPX web shells and compromised VPN accounts, the link to ITG13 activity, and the attack aligning with Iranian objectives in the region, make it likely this attack was executed by one or more Iranian threat groups."
In-screen fingerprint readers were the standard form of Android biometrics on 2019 flagships, and in 2020 we'll start seeing the second-generation versions of this technology. Qualcomm is hosting its big tech show this week, and one of the first announcements is the new version of its "3D Sonic Max" ultrasonic in-screen fingerprint sensor. The second-gen sensor is absolutely huge. Qualcomm says it's 17 times larger than the previous version.
In-screen fingerprint readers offer the benefit of being invisible and under the screen, and they can go on the front of the device while still allowing for an all-screen smartphone design. Being on the front lets you activate the fingerprint reader while the phone is on a desk, without picking it up. The downside is that there's not tactile guidance for where your finger should go. There's just a big, smooth pane of glass, and if you miss the fingerprint sensor, you're going to fail to unlock your phone. For in-screen fingerprint readers, bigger is better, since a wider target area means less of a chance you miss the invisible reader.
Qualcomm's first in-screen fingerprint reader, available on the Samsung Galaxy S10, was basically as small as it could possibly be: 9mm×4mm. This is much smaller than a fingertip, which is somewhere around 14mm×14mm—you were only scanning a tiny sliver of your fingertip. Qualcomm's second-gen reader is huge: 30mm×20mm. Qualcomm says this is big enough to scan two fingers at once, and—while I'm not sure why you would ever want to do this—"simultaneous two-finger sensing" is actually supported. You can be extra-secure at the cost of one-handed usage.
About a third of the food that we grow, along with all of the effort and energy and labor and resources put into growing it, goes to waste. Much of it is thrown out by consumers or rots on shelves. But a substantial fraction of it is attacked by pests while still in the field.
Bacterial wilt infects a number of crops throughout the world, including tomatoes, potatoes, peanuts, and tobacco. It is caused by Gram-negative bacteria. As with human antibiotics, treating agricultural pathogens suffers from problems with destructive, broad-spectrum, and increasingly ineffective pesticides. And just as in humans, people have suggested using viruses to attack the bacterial pests.
Phages are viruses that infect bacteria. They are highly selective, disabling only the bacterial species they specifically target and leaving neighboring bacteria alone. Since undesirable pathogens are often mired within a diverse bacterial community containing species that we want·(both in our guts or in the soil), this specificity is usually preferable to antibiotics and pesticides that indiscriminately kill every microbe they encounter.
AT&T thinks its TV-customer losses have peaked, but that isn't saying much, as the company has lost 5 million subscribers since 2016 and more than 1.3 million in the most recent quarter alone.
"It's tough and we'll go through it for the rest of this year. But we're optimistic we've hit the peak of losses in the third quarter," AT&T CFO John Stephens said at a Wells Fargo conference for investors yesterday, according to the Hollywood Reporter.
In Q3, AT&T reported a net loss of 1,163,000 customers in the premium TV category, which includes DirecTV satellite and U-verse wireline TV services. AT&T also reported a net loss of 195,000 customers of AT&T TV Now, the online streaming video service formerly known as DirecTV Now, bringing the total TV-customer loss to 1.36 million.
Ground-penetrating radar could help archaeologists spot otherwise invisible ancient footprints, suggests a recent experiment at White Sands National Monument, New Mexico.
Tracks left behind in layers of hardened mud and sand at the site record where humans crossed paths with giant sloths and mammoths during the last Ice Age. But some of the tracks appear only when conditions are just right—usually after a rain—which makes them difficult to study. Archaeologist Thomas Urban of Cornell University and his colleagues used ground-penetrating radar to spot these so-called ghost tracks. The radar images also revealed layers of compressed sediment beneath mammoth tracks, which could reveal information about how the now-extinct woolly giants strode across the Pleistocene world.Invisible ink
To test the method, Urban and his colleagues pulled a radar antenna across the pale gypsum sands of the former lakeshore, pacing out a grid pattern over a site where, 12,000 years ago, a human and a mammoth crossed paths. Excavations at the site had already revealed “ghost prints” left by a person who walked north, and then back south, for about 800 meters (2,625 feet).
A recent blockbuster study found that software used in healthcare settings systematically provides worse care for black patients than white patients, and two senators want to know what both the industry and regulators are going to do to fix the situation.
Senators Cory Booker (D-N.J.) and Ron Wyden (D-Ore.) on Tuesday issued letters to the Federal Trade Commission, the Centers for Medicare and Medicaid Services (CMS), and the five largest US health insurers asking about bias in the algorithms used to make healthcare decisions.
"In using algorithms, organizations often attempt to remove human flaws and biases from the process," Booker and Wyden wrote. "Unfortunately, both the people who design these complex systems, and the massive sets of data that are used, have many historical and human biases built in. Without very careful consideration, the algorithms they subsequently create can further perpetuate those very biases."