Google discloses Windows zero-day exploited in the wild

Security researchers from Google have disclosed today a zero-day vulnerability in the Windows operating system that is currently under active exploitation.

The zero-day is expected to be patched on November 10, which is the date of Microsoft’s next Patch Tuesday, according to Ben Hawkes, team lead for Project Zero, Google’s elite vulnerability research team.

On Twitter, Hawkes said the Windows zero-day (tracked as CVE-2020-17087) was used as part of a two-punch attack, together with another a Chrome zero-day (tracked as CVE-2020-15999) that his team disclosed last week.

The Chrome zero-day was used to allow attackers to run malicious code inside Chrome, while the Windows zero-day was the second part of this attack, allowing threat actors to escape Chrome’s secure container and run code on the underlying operating system — in what security experts call a sandbox escape.

The Google Project Zero team notified Microsoft last week and

Read More

Apple to replace crackling AirPods Pro earbuds

Following many months of complaints from some users, Apple has launched a replacement program for defective AirPod Pro earbuds. 

And it’s pretty broad, as it covers buds manufactured before October 2020.

Must read: iOS 14.1 rolling out to iPhones, but no sign of a battery fix

Here are the symptoms to look out for:

  • Crackling or static sounds that increase in loud environments, with exercise or while talking on the phone
  • Active Noise Cancellation not working as expected, such as a loss of bass sound, or an increase in background sounds, such as street or airplane noise

Either or both buds can be affected, and will be replaced upon confirmation of the issue after examination. The AirPods Pro case is unaffected.

The program covers affected AirPods Pro for 2 years after the first retail sale of the unit.

Got a problem? Here are your options:

Read More

What we need in the UK’s telecoms diversification strategy

The UK’s 5G future is caught between more than just the one proverbial rock and a hard place.

On the resilience front, the National Cyber Security Centre has said the current situation of having just three large-scale suppliers is “crazy”. The Telecoms security bill, which will be delivered in the coming weeks will, among other actions, place a legal requirement to remove Huawei, one of those suppliers (alongside Nokia and Ericsson), from our 5G networks. Without further remedy, this moves us from three to two scale suppliers in the UK market.

On the deployment front, 5G was meant to be where we caught up. From being a 4G laggard to being a 5G leader, realising the economic opportunity that brings. Yet according to the secretary of state for digital, the cumulative impact of the government’s actions for the past 10 months is delay to 5G roll-out

Read More

Misinformation on social media, alongside Trump's lies, is overwhelming local election officials across the US as they shoot down rumors via phone and email (New York Times)

New York Times:

Misinformation on social media, alongside Trump’s lies, is overwhelming local election officials across the US as they shoot down rumors via phone and email  —  From Philadelphia to Sonoma County, Calif., election officials said they were working marathon hours to fight a flood of falsehoods.… Read More

Black Friday 2020 deals: The best BJ’s Wholesale Club sales

The trend of retailers moving from Black Friday as a single day of shopping to a month-long state of mind continues as BJ’s Wholesale Club announces its deals, which will begin on Nov. 5 and go all the way through Cyber Monday on Nov. 30 (though most discounts will be available between Nov. 20 and Nov. 30). Among the variety of products on sale at the warehouse chain are a number of computing devices to entice members shopping for a new laptop, desktop, or tablet. 

For those who are members — or are considering joining BJ’s — here are the PC deals that may make that membership worth the price.

Must see offer: Membership options/join BJ’s Wholesale Club

$180 off

Starting on Nov. 5, you can save a nice chunk of change off the current price on Lenovo’s midrange IdeaPad 5, which features an Intel Core i5-1035G1 quad-core processor, a

Read More

Five9 CEO says COVID-19 has ‘turbo-charged’ cloud computing and digitization

“The dual drivers of cloud and digitization have always been there, but now you’ve got COVID-19 turbo-charging it.”

That’s how Rowan Trollope, chief executive officer of call center software vendor Five9 explains what has happened to the world of work as a result of the pandemic.

“When everybody had to go home — that’s going to be a permanent feature of the landscape going forward — that really exposed the cracks of on-premise systems to not be able to handle those situations well.”

“With Five9, it’s a Web browser, you can have a Web browser at home, it’s really easy.”

Five9 on Thursday evening reported third-quarter revenue and profit that comfortably surpassed analysts’ expectations, and forecast this quarter’s results much higher as well. 

A good chunk of what is happening is a “labor shift,” said Trollope in an interview with ZDNet following the report. “

If you go to Home

Read More