An anonymous reader quotes a report from VentureBeat: Mozilla today released Firefox 9.0 for iOS and updated Firefox Focus for Android. The iOS browser is getting tracking protection, improved sync, and iOS 11 compatibility. The Android privacy browser is getting tabs. You can download the former from Apple's App Store and the latter from Google Play. This is the first time Firefox has offered tracking protection on iOS, and Nick Nguyen, vice president of product at Mozilla, notes that it's finally possible "thanks to changes by Apple to enable the option for 3rd party browsers." This essentially means iPhone and iPad users with Firefox and iOS 11 will have automatic ad and content blocking in Private Browsing mode, and the option to turn it on in regular browsing. This is the same feature that's available in Firefox for Android, Windows, Mac, and Linux, as well as the same ad blocking technology used in Firefox Focus for Android and iOS.

Read more of this story at Slashdot.

Presidential hopeful praises top court's decision to order Kenya's fresh election after claims of manipulation.

An anonymous reader shares a report: Security researchers from Adguard have issued a warning that the popular GO Keyboard app is spying on users. Produced by Chinese developers GOMO Dev Team, GO Keyboard was found to be transmitting personal information about users back to remote servers, as well as "using a prohibited technique to download dangerous executable code." Adguard made the discovery while conducting research into the traffic consumption and unwanted behavior of various Android keyboards. The AdGuard for Android app makes it possible to see exactly what traffic an app is generating, and it showed that GO Keyboard was making worrying connections, making use of trackers, and sharing personal information. Adguard notes that there are two versions of the keyboard in Google Play which it claims have more than 200 million users in total.

Read more of this story at Slashdot.

Sir David Attenborough spoke to the BBC about Zoo Quest, the environment and the planet's future.

Introduction

As a follow-up to one of our June 2017 diaries asking people to forward us any DDoS threats, we received yet another example: 

 

Details

Since 2017-09-19, at least 4 people have tweeted about the same type of emails, supposedly from Phantom Squad:

• https://twitter.com/TProphet/status/910199852524478464
• https://twitter.com/willfull/status/910504944729559040
• https://twitter.com/drowningbynums/status/910774194803224581
• https://twitter.com/trbrink/status/910211259655704577

This feels like a scam using the notariety of Phantom Squad's name, because the group has gotten some fairly high-profile press coverage in recent years.  In December 2015, Phantom Squad claimed responsibility for a DDoS attack against Xbox Live.  A year later in December 2016, Phantom Squad was apparently involved in a DDoS attack against Steam.  However, I haven't found any evidence yet this group is involved in small business extortion.

Wheter or not this email is legitimate or fake, they all use notariety of the group's name to make the threat sound plausible.

In our June 2017 diary about fake DDoS extortion emails, Johannes Ullrich provides some guidance for people that receive these types of messages.  Tips include:

• Verify your DDoS plan:  Do you have an agreement with an anti-DDoS provider?  A contact at your ISP?  If so, make sure everything is set up and working right.

• Attackers often run short tests before launching a DDoS attack.  Can you find any evidence of that?  Has there been a brief, unexplained traffic spike?  If so, take a closer look.  The threat is more serious if you detect an actual test, because the purpose of a test is often to assess the firepower needed to DDoS your network.

Final words

Thanks to everyone who already forwarded examples to us.  As Johannes previously asked in June 2017, please continue to forward us any similar emails.  We can always use the additional data.

A santized copy of our most current example can be found here.  It's in a password-protected zip archive.  If you don't know the password, look here.

---
Brad Duncan
brad [at] malware-traffic-analysis.net

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

An anonymous reader shares a report: Facebook will turn over copies of political ads purchased by Russian sources to congressional lawmakers, who are investigating the country's potential interference in the 2016 U.S. presidential election. Initially, Facebook had only released those ads -- 3,000 of them, valued at about $100,000 -- to Robert Mueller, the former FBI director who is spearheading the government's probe into Russia's actions. Facebook had withheld those details from House and Senate leaders, citing privacy concerns. But the move drew sharp rebukes from the likes of Sen. Mark Warner, the top Democrat on the Senate Intelligence Committee, who has charged in recent days that Facebook may not have done enough to scan its systems for potential Russian influence and to ensure that such foreign purchases -- otherwise illegal under U.S. law -- don't happen again. "After an extensive legal and policy review, today we are announcing that we will also share these ads with congressional investigators," wrote Colin Stretch, the company's general counsel. "We believe it is vitally important that government authorities have the information they need to deliver to the public a full assessment of what happened in the 2016 election."

Read more of this story at Slashdot.

Create tools to validate, migrate and edit configuration files

Job queue

Alien package for the GNU Multiple Precision library.

Roger Stone predicts a Civil War if Trump is impeached. What happens when they find out how they lost their health insurance?