Blog

Xfinity takes out Ookla’s US broadband report

Posted by Dave Cahill on Dec 12, 2018 in Internet | 0 comments

Xfinity takes out Ookla’s US broadband report

According to Ookla’s latest fixed broadband report, the fastest major US city is Kansas City on 159/127Mbps and the fastest state is New Jersey on 121/56Mbps.

Written by Corinne Reichert / Courtesy of ZDNet

The major city with the fastest fixed broadband in the United States is Kansas City, with the fastest state New Jersey, according to Ookla.

Ookla’s 2018 US Fixed Report, published on Wednesday, measured speeds from 24.3 million unique users, 66.7 million samples, 115.5 million tests, and 3.2 million data points.

Xfinity was the fastest, with an Ookla “speed score” of 104.67, followed by Verizon — whose FiOS fiber-optic network reached speeds of 8Gbps in a trial of NGPON2 technology across its live network in October — on 102.57.

Cox was third, with a speed score of 101.84; Spectrum fourth, with 87.56; AT&T Internet fifth, with 76; and CenturyLink sixth, with 28.32.

The top five fastest major cities across the nation were Kansas City with its Google Fiber providing mean download speeds of 159.19Mbps and mean upload speeds of 127.03Mbps; Austin, Texas, also with Google Fiber at 143.66Mbps down/70.65Mbps up; Lubbock, Texas, with Suddenlink at 141.48/26.98Mbps; Raleigh, North Carolina, with Google Fiber at 137.7/75.62Mbps; and San Antonio, Texas, with Grande Communications at 133.86/49.86Mbps.

Rounding out the top 10 cities were Lincoln, Nebraska, on Allo at 132/105Mbps; San Francisco, California, on Sonic at 131/69Mbps; Boston, Massachusetts, on Verizon at 131/46Mbps; Henderson, Nevada, on Cox at 131/23Mbps; and Charlotte, North Carolina, on Google Fiber at 128/66Mbps.

Ookla said the slowest five major cities in the US were Memphis, Tennessee, with XFinity on 44/12Mbps; Laredo, Texas, with Spectrum on 55/8Mbps; Toledo, Ohio, with Buckeye CableSystem on 59/10Mbps; Cleveland, Ohio, with Spectrum on 61/21Mbps; and Buffalo, New York, also with Spectrum on 65/17Mbps.

The state with the fastest average broadband speeds according to Ookla’s report was New Jersey, with a mean download speed of 121.45Mbps and upload speed of 56.50Mbps, and Verizon taking out the fastest speeds for the state.

It was followed by Massachusetts with RCN on 117/38Mbps; Maryland with Verizon on 117/63Mbps; Delaware with Xfinity on 114/48Mbps; Hawaii with Spectrum on 114/27Mbps; the District of Columbia with Verizon and RCN equally ranked to provide mean speeds of 109/53Mbps; Nevada with Cox on 109/24Mbps; Texas with Suddenlink on 106/39Mbps; Washington with Xfinity on 106/25Mbps; and Rhode Island with Verizon on 105/63Mbps.

Xfinity also provided the fastest speeds in Colorado, California, New Hampshire, Connecticut, Oregon, West Virginia, and Oklahoma; Verizon provided the fastest speeds in New York and Virginia; Cox took out Arizona and Oklahoma; and Spectrum was fastest in South Carolina, Kentucky, Montana, Wyoming, and Maine.

Google Fiber’s limited rollout means it only provided the fastest speeds in the states of Utah, Kansas, and Missouri; while AT&T Internet was fastest in North Carolina, Georgia, and Florida.

The slowest states according to Ookla were Maine, at 50/9Mbps; Wyoming, at 51/14Mbps; Montana, at 55/15Mbps; Idaho, at 56/17Mbps; and Vermont, at 60/36Mbps.

“With gigabit expanding across the nation, fixed broadband speeds in the United States are rapidly increasing. Speedtest data reveals a 35.8 percent increase in mean download speed during the last year and a 22 percent increase in upload speed,” Ookla said.

“As a result, the US ranks seventh in the world for download speed, between Hungary and Switzerland. The US ranks 27th for upload, between Bulgaria and Canada, during Q2-Q3 2018.

“Though 5G looms on the mobile horizon, fixed broadband speeds in the US continue to outpace those on mobile, showing both faster speeds and greater increases in speed.”

Reflected in its next report will be Verizon’s new 5G Home service.

Read the original article over at ZDNet.com.

Bethesda’s attempt to fix a Fallout 76 blunder leaks angry shoppers’ PID

Posted by Dave Cahill on Dec 6, 2018 in Privacy, Security News | 0 comments

Bethesda’s attempt to fix a Fallout 76 blunder leaks angry shoppers’ PID

Bethesda confirms leak of users’ messages, photos; will notify affected users.

Written by Sam Machkovech / Courtesy of ArsTechnica

Bethesda’s latest video game, Fallout 76, launched last month with its share of uneven reviews and responses (including our own), and chief among players’ complaints is that the always-online game is quite buggy.

But to borrow a term that Bethesda itself used to describe the game’s pre-release beta period, Fallout 76 is facing a new “spectacular issue,” albeit one that’s technically outside of the game client. Instead, the issue comes from the game’s equally troubled $200 Power Armor edition: buyers of the Power Armor edition who went to Bethesda’s site to resolve the issue were seeing their personally identifying data (PID) leaked to everybody else who was trying to resolve the issue.

This requires backing up for context. Fallout 76 could be pre-ordered in a pricey Power Armor set, complete with a wearable replica helmet and a tote bag. As I pointed out in a November unboxing article, that bag turned out to be “a cheap, flimsy carrying case,” but what I didn’t realize at the time was that Bethesda had originally advertised a higher-quality canvas bag as part of the $200 set.

Once orders for the set began shipping to players, their outcry prompted Bethesda to respond with a token of apology: a $5 voucher for Fallout 76‘s in-game cosmetics store. Fans took umbrage with the token by pointing out a hilarious irony: that amount of credit couldn’t even buy a virtual canvas bag within the game in question.

Power armor, meet power error

Bethesda soon followed this with a seemingly more fitting offer: an actual canvas bag, just like the publisher had originally promised. This required logging on to Bethesda’s help-ticket system and submitting a few things for replacement-bag processing: a picture serving as proof of purchase, complete with hand-written name, Bethesda.net username, and receipt, along with a shipping address and phone number.

On Tuesday, however, user reports began circulating with an ominous allegation: that anyone who filed a support ticket at Bethesda’s site was receiving a lot of replies to their threads. As in, every ticket going through the system.

From Bethesda’s own forums:

I went on the support website today to update a ticket of mine, and surprisingly (or not…) I ended up being able to see all sorts of tickets, with people putting their personal information in them, like receipt screenshots, names, addresses, and so on. I’m assuming this is a bug in the website, because I don’t see for what reason Bethesda would make tickets public.

I’m not going to paste screenshots of what I have access to for the privacy of people, but I can see receipts of people from all over the world, and if I can, other people probably can, too.

It seems like the code of the website sucks as much as the one of the game.

Shortly after this post went live, the thread was updated by a moderator to indicate that it would be locked, but users were still able to reply to the thread. That “thread locked” notice went away shortly afterward, with an indication that the data-leak issue had been resolved. I was unable to file a ticket to attempt to replicate the issue, however, as the ticket-submission page was still missing its “submit” button as of press time.

Other Reddit users added their own allegations of the same issue, with one public screenshot showing multiple, confused replies to the same support-ticket thread. This public screenshot includes no personally identifying data; screenshots with other users’ addresses and photos have since been taken down from Reddit and Bethesda threads, while GamesIndustry.biz tracked down the first public image of the bug’s effects, posted by a Twitter user.

Update, 11:12pm: In a statement provided to Ars Technica, Bethesda confirmed that users’ PID was exposed to fellow customer service users without their knowledge or consent via “an error with our customer support website.” According to the statement, Bethesda is “still investigating the incident and will provide additional updates as we learn more.” The statement emphasized what kinds of data had been exposed: namely, the specific details that the bag-replacement support site requests, not “full credit card numbers or passwords.”

The company says it will notify any customers whose messages and photos may have been inadvertently shared. “Bethesda takes the privacy of our customers seriously, and we sincerely apologize for this situation,” the statement concludes.

Read the original article over at ArsTechnica.com.

Microsoft Replacing Edge With New Chromium-based Browser

Posted by Dave Cahill on Dec 5, 2018 in Internet, Windows | 0 comments

Microsoft Replacing Edge With New Chromium-based Browser

Written by Mayank Parmar / Courtesy of Bleeping Computer

According to reports, Microsoft is abandoning development of Microsoft Edge and instead focusing on a new Chromium-based browser under the codename Anaheim.

Microsoft is said to be developing its own Chromium-based browser that will replace Microsoft edge in Windows 10. While it will be powered by the rendering engine which is currently used in other Chromium browsers and presumably support existing Chrome extensions, it will not include any Google services.

It has not been revealed if Microsoft will be changing the name of their browser from Edge to another name, but according to WindowsCentral who first reported on this new project, the internals will be a completely different package. Microsoft Edge currently utilizes a engine called EdgeHTML that has not been able to keep up with other browsers such as Chrome and Firefox.

By switching to the Chromium-based Blink engine, Microsoft will immediately be able to gain greater compatibility with current sites and ease development as new standards are created.

The latest market share report revealed that Microsoft Edge is having a hard time improving its global market share, as most PC users prefer Google Chrome. The figure also suggests that users are not very impressed with how Edge is evolving as the browser due to its performance and compatibility issues. 

According to The Verge, the new Windows 10 browser could be announced this week and will see daylight in the upcoming Windows 10 19H1 update for the general public. This could mean we may see the new browser in soon-to-be released Insider builds.

This is good news for Windows users

This is a smart move on Microsoft’s part. One of the first things people I know do when they install a new computer is to install a different browser such as Chrome and Firefox.

Microsoft Edge has performance issues, compatibility issues, very basic settings, and does not offer a wide range of extensions like the other browsers. By switching to a Chromium-based router, they are now able to support thousands of quality browser extensions and immediately increase compatibility, while still retaining the Edge brand if they wish.

The only concern I have is that with the ability to run Chrome extension, Windows users will also be exposed to the endless amount of unwanted and malicious browser extensions that plague the Chrome ecosystem. I hope the Windows Defender team is up to the task.

Read the original article over at BleepingComputer.com.

Q&A site Quora says data breach may affect 100 million users

Posted by Dave Cahill on Dec 4, 2018 in Privacy, Security News | 0 comments

Q&A site Quora says data breach may affect 100 million users

Written by Lawrence Abrams / Courtesy of Bleeping Computer

Quora announced tonight that one of their systems was hacked and has led to the exposure of approximately 100 million user’s data to an unauthorized third-party.

Quora discovered this breach on Friday, November 30th, when saw that user’s data was accessed by an unauthorized third-party. Quora stated that they then contacted law enforcement and hired a digital forensics and security consulting company to determine how this breach occurred and who may have conducted the attack.

“We recently became aware that some user data was compromised due to unauthorized access to our systems by a malicious third party,” stated Quora’s security update. “We have engaged leading digital forensic and security experts and launched an investigation, which is ongoing.  We have notified law enforcement officials. We are notifying affected Quora users. We have already taken steps to ensure the situation is contained, and we are working to prevent this type of event from happening in the future. Protecting our users’ information and fostering an environment built on trust remains our top priority so that together we can continue to share and grow the world’s knowledge.”

The data that was exposed for the 100 million users includes:

It is not currently known how the attacker gained access to their systems. Quora has started emailing users who were impacted by this breach. These emails do not contain any further information than what was already given.

BleepingComputer has contacted Quora for answers to further questions, but had not heard back at the time of this publication.

Securing your passwords at other sites

Quora is estimated to be the 95th largest site in the world with close to 700 million visits per month, so the amount of users affected is staggering. With that said, there is thankfully no financial information associated with the exposed user data. Instead users need to be concerned that their will be attempts to use their information to try to gain access at other sites that they have accounts.

Due to this, it is necessary for all users to change any passwords at other sites that use the same password as Quora. It is also strongly suggested that unique passwords are used at every site you visit in order to minimize the impact of a breach like this.

Update 12/3/18 9:40PM EST: Updated to include information about emails that are going out.

Read the original article over at BleepingComputer.com.

Two simple tricks to make your iPhone battery last all day

Posted by Dave Cahill on Dec 1, 2018 in Mac / Apple, Smart Phones, Tips & Tricks | 0 comments

Two simple tricks to make your iPhone battery last all day

If you use your iPhone as much as I do, then you will no doubt be familiar with that anxiety that creeps over you when you realize that your battery is heading towards the red zone and it’s only mid afternoon! Here are my two favorite tricks for making my iPhone’s battery last all day.

Written by Adrian Kingsley-Hughes / Courtesy of ZDNet

It’s two o’clock in the afternoon, and your iPhone’s battery is already heading towards the red zone. What do you do?

There are no end of “tips and tricks” out there for making your iPhone battery last longer. I’ve seen them all. Bit more importantly, I’ve also tested them all (well, OK, not some of the really crazy ones like wrapping your iPhone in tinfoil, but most of them), and found that most of them do little to improve your battery’s lifespan, and many compromise your iPhone’s features so badly as to make is pretty much unusable.

So, after a lot of testing, and spending a lot of time running my iPhone’s battery flat, I’ve come up the with two best ways of making your iPhone battery last all day. And the nice thing is that both of these methods and quick and simple, and don’t involve making huge changes to iOS.

The first one the simplest one, but also the most effective, and that is to switch on Low Power Mode.

As the name suggests, activating this setting puts your device into low power mode. And it really does work, giving you about three hours of extra battery life. If you are worried about your battery not making it through the day, this is the setting to activate.

However, it achieves this by turning off or reducing mail fetch, background app refresh, automatic downloads, and some visual effects.

Here’s a list of what Low Power Mode reduces or affects in order to increase battery life:

• Email fetch
• “Hey Siri”
• Background app refresh
• Automatic downloads
• Some visual effects
• Auto-Lock (defaults to 30 seconds)
• iCloud Photo Library (temporarily paused)

iOS pops up a notification offering to turn on Low Power Mode when your battery goes below 20 and 10 percent, and will automatically switch it off when the device is charged back up to 80 percent.

You can also turn this on manually, either from the Control Center panel, or from Settings > Battery.

One thing that I do if I know I have a long day ahead of me away from a charger is to switch over to Low Power Mode as soon as I start my day. I find that this gives me the longest possible battery life.

The other thing I find that dramatically improves battery life is turning down the screen brightness. OK, don’t go bananas with this one and turn it down to the point where the screen is unreadable, but knocking it down when you are indoors or not in bright sunlight really makes a huge difference to how long your battery will last.

You can either drop the brightness from Settings > Display & Brightness or from the Control Center screen.

Bonus tip: I think that life’s too short to worry about my iPhone’s battery life, which is why I carry around with me a portable battery power bank. These days, power packs are so small ( here’s the Anker PowerCore 5000 that’s marketed as being “lipstick sized”) that you can pop them in a pocket and not think about them, and yet they pack enough of a punch to add hours to your iPhone’s battery life.

What I do these days is carry a power bank with me, and if I think that’s not going to be enough to get me through the day I activate Low Power Mode. Fiddling with other iPhone’s settings (such as notifications and messing with Wi-Fi and Bluetooth) in order to try to get a bit more battery life is, in my opinion, tedious and there’s a risk that I’ll forget to undo the settings later, so from now on I won’t be doing it.

Read the original article over at ZDNet.com.

Records of 114 Million US Citizen and Companies Exposed Online

Posted by Dave Cahill on Nov 29, 2018 in Privacy, Security News | 0 comments

Records of 114 Million US Citizen and Companies Exposed Online

Written by Ionut Ilascu / Courtesy of Bleeping Computer

A huge database with over 114 million records of US citizens and companies has been discovered sitting online unprotected. The number of individuals impacted by the exposure is estimated to almost 83 million.

Researchers from HackenProof, a penetration testing company based in Estonia, found the massive cache of data via the Shodan search engine, in two Elasticsearch indices.

All the good stuff for a proper scam

One of the instances contained personal information of 56,934,021 US citizens, including sensitive details like full name, employer, job title, email and street address, ZIP code, phone number, and an IP address.

“Another index of the same database contained more than 25 million records with more of a “Yellow Pages” details directory: name, company details, zip address, carrier route, latitude/longitude, census tract, phone number, web address, email, employees count, revenue numbers, NAICS codes, SIC codes, and etc,” the company informs in a blog post.

A fact sheet from the company sets the total number of records discovered to 114,686,118 and the people affected to 82,851,841.

Such details are a valuable asset for fraudsters who can use them to target companies and individuals with more efficient spear-phishing emails. Cold calling is another method they can use to scam businesses and individuals.

The researchers were not able to determine the owner of the data but believe it may belong to a 10-year old data management company called Data & Leads Inc. (cached link) based in Toronto, Canada.

Records no longer available

The root cause for the information exposure was a misconfiguration of the Elasticsearch instances that allowed public access to the data without authentication.

This type of mistake is typically exploited by cybercriminals who often plant malware to connect remotely to the server and leverage its resources or to ask for a ransom in exchange for the data they already deleted. 

Sometimes the crooks don’t copy the information, so the victim gets nothing even if they comply with the ransom demand.

HackenProof says they received no response from the a Data & Leads representative, but their website went offline before publicly disclosing the privacy blunder. Also, the database is no longer open for access.

It is unclear how long the information was exposed. Shodan indexed it on November 14, but this is just the timestamp when the search engine became aware of its existence online. It may have been available for a longer period and that others accessed it.

Read the original article over at BleepingComputer.com.

iCloud For Windows Updated To Support Latest Version Of Windows 10

Posted by Dave Cahill on Nov 28, 2018 in Mac / Apple, Smart Phones, Windows | 0 comments

iCloud For Windows Updated To Support Latest Version Of Windows 10

Written by Paul Morris / Courtesy of Redmond Pie

Apple has pushed out an updated version of iCloud for Windows taking the app to version 7.8.1. The new version of the company’s app focuses on addressing some major compatibility issues as well as featuring incremental fixes and improvements.

Both Apple and Microsoft are extremely good at ensuring that users get timely updates which include platform improvements and enhanced functionality.

As part of this commitment to development, a growing number of iCloud for Windows users have been reporting relatively serious compatibility problems with the app ever since Microsoft pushed out its Windows 10 October 2018 update to the public domain. Some of the reported issues have effectively made the iCloud for Windows app defunct for a lot of device owners runnings Windows 10.

In the time that has followed, Apple and Microsoft have been working closely together in order to resolve the reported problems and keep an iCloud for Windows app out that resolves the issues and gets the seamless nature of the experience back. Version 7.8.1 definitely appears to be that release.

Before this update, new iCloud for Windows users trying to install the app was getting an error message preventing the installation, whereas existing iCloud users with the app installed prior to the update were experiencing syncing issues related to Photos and other types of data.

Hopefully, version 7.8.1 of iCloud for Windows will remove those issues for all affected users running the October 2018 Windows 10 update. We can only imagine that this has been put through a stringent and extremely robust set of testing from Apple and Microsoft’s side and that it has been released into the public domain with the utmost confidence that it actually fixes the problems and puts users back on an even keel. Apple has also updated its Windows for iCloud support page to remove the previous declaration that the October 2018 update was not supported:

iCloud for Windows 7.8.1 requires Microsoft Windows 7 or later; Outlook 2007 or later or iCloud.com (for Mail, Contacts, Calendar); and Internet Explorer 10 or later, Firefox 30 or later, or Google Chrome 28 or later (for Bookmarks).

If you are a Windows 10 device owner who uses the iCloud for Windows app, and who has previously had trouble with the October 2018 update, then you should hopefully have those problems removed with this latest update.

Read the original article over at RedmondPie.com.

WordPress 5.0 – Everything is About to Change!

Posted by Dave Cahill on Nov 27, 2018 in Internet, Web & Graphic Design News | 0 comments

WordPress 5.0 – Everything is About to Change!

WordPress updates its CMS platform multiple times every year and most changes are fairly incremental. Many users never notice the difference from one update to the next but everyone is going to feel the impact of WordPress 5.0 when the update rolls out (probably) later this month.

This is the single biggest update in the history of WordPress and it’s going to change the way you do everything on the platform.

When WordPress powers roughly 30% of the entire web, a significant change like this is always going to have a major impact on website owners and marketers. So here’s a quick look at everything that’s coming with WordPress 5.0 and what you need to do to get ready.

What is WordPress 5.0 going to change?

It’s probably easier to think of WordPress 5.0 as a complete overhaul of the platform, rather than an update – at least, in the sense we’ve become used to from the CMS. Once you update to version 5.0, everything is going to look and function a whole lot different to the WordPress you currently know.

The headline feature is the WordPress editor, which is named Gutenberg – a WYSIWYG editor that allows you to create pages and content visually. If you’ve used WordPress page builder plugins before or builder themes such as Divi, the format will be somewhat familiar.

Gutenberg isn’t only a WYSIWYG builder, though – it’s also a modular builder that allows you to create content blocks. You can use these blocks multiple times across your pages and edit them all from the same place. So, for example, you can create a CTA block promoting one of your digital downloads, place it on every blog page and every optimization change you make will be applied across your site.

Now is the time to get ready for WordPress 5.0

WordPress 5.0 is going to make the platform more powerful and easier to use but successfully completing the update is going to be more complex than you might be used to. If you’re using any themes or plugins that change the functionality of the existing WordPress editor, there could be integration issues after you update. To minimize the risk of integration problems, here’s what you need to do:

1. Test the WordPress 5.0 plugin

WordPress has released a Gutenberg plugin that you can use to get to grips with the new editor before it rolls out for real. Test it out, get your clients to have a play and give everyone the best chance to become familiar with it ahead of release.

2. Install the classic editor plugin

There’s also an official Classic Editor plugin that you can use to restore the existing editor and this will provide an important backup for you and your clients until you know everyone is comfortable with Gutenberg.

3. Create a staging website to test the update

To avoid any issues with updating to WordPress 5.0, create a staging website on a local server so you can update this first and test for any issues. Simply create a copy of your existing sites and test the update on all of them, leaving the live version of each site untouched until you’re ready to go live.

4. Assess your themes

This is one of the biggest areas for potential problems and you need to make sure you’re running a Gutenberg compatible theme when you update. If your existing theme isn’t being updated (or you can’t confirm) it might be a good idea to switch to a new theme that’s already committed to Gutenberg, even if this means redesigning your site.

5. Assess your plugins

This is another potential problem area and there’s no guarantee every plugin you use is going to be updated for Gutenberg compatibility. Now is the time to assess your plugins, check for any Gutenberg documentation and decide whether you need to make any changes.

The most important thing is to start getting ready now to make sure you don’t experience any critical errors during the update. The last thing you want is a plugin causing problems across your site because it isn’t compatible with the new editor.

Read the original article over at business2community.com.

Google is Adding Force-Installed Extension Removal to the Chrome Cleanup Tool

Posted by Dave Cahill on Nov 26, 2018 in Google, Security News | 0 comments

Google is Adding Force-Installed Extension Removal to the Chrome Cleanup Tool

Written by Lawrence Abrams / Courtesy of Bleeping Computer

Google Chrome includes a built-in utility called the Chrome Cleanup Tool that scans for and remove malware that injects ads or performs other unwanted behavior in Chrome. A problem, though, is that this tool does not allow the removal of Chrome extensions that are force-installed through Windows group policies.

This is about to change according to a Chrome source code commit, which has the description of “Update chrome_cleaner/chrome_utils to remove force-installed extensions.” According to this update, the Chrome Cleanup Tool will now be able to detect and remove force-installed extensions. It will, though, utilize a whitelist of Google extensions that should continue to be automatically installed.

Force-installed extensions are extensions that are automatically installed by Chrome without user interaction due to configured Windows group policies. These policies are legitimately used by administrators to prep the Chrome browser with extensions commonly used within their organization.

These policies can be added by creating the HKLMSOFTWAREPoliciesGoogleChromeExtensionInstallForcelist or HKCUSOFTWAREPoliciesGoogleChromeExtensionInstallForcelist Registry keys or through policy templates provided by Google.

For example, in the image below you can see a ExtensionInstallForcelist group policy that automatically downloads and installs the Grammarly extension in Chrome when the browser is started.

Unfortunately, malicious extension developers are also known to use these policies to force-install their extensions on Chrome users without their knowledge. To make matters worse, as these extensions are installed by group policies, Chrome will not allow users to remove them using normal means. Instead users need to modify the Registry to remove the policies.

For this reason, having this feature added to the Chrome Cleanup Tool is a welcome addition.

The Chrome Cleanup Tool

The Chrome Cleanup tool is a program created by Google that utilizes a malware detection and removal engine created by security software company ESET. This module goes by the internal name of “Chrome Protector” or “Chrome Cleanup”.

Chrome will routinely launch the tool, download the latest engine and definitions from ESET, and performs scans of the computer for unwanted programs. When it detects a program that can interfere with Chrome, it will prompt you to remove the detected infections as shown below.

Users can also force a scan of their computer by entering chrome://settings/cleanup in the browser’s address bar and pressing enter. This will bring them to a page that will allow you to initiate an immediate scan by clicking on the FIND button.

In past tests, the Chrome Cleanup Tool has not done a very good job detecting installed adware or malware that injects ads into Chrome. With that said, the ability to easily remove forced-install extensions brings an extra feature that is really needed.

Read the original article over at BleepingComputer.com.

Amazon Data Leak Exposes Email Addresses Right Before Black Friday

Posted by Dave Cahill on Nov 21, 2018 in Privacy | 0 comments

Amazon Data Leak Exposes Email Addresses Right Before Black Friday

Written by Lawrence Abrams / Courtesy of Hongkiat

If you received a strange email from Amazon stating that they may have disclosed your email address due to a technical error, you are not alone. It seems a web site issue caused some user’s email addresses to be disclosed and has since been resolved.

Some Amazon users are reporting that they have received an email with the subject “Important Information about your Amazon.com Account” that states that the Amazon web site disclosed their email address due to a technical error. They email goes on to say that the issue has been fixed.

The entire text of this email is:

Hello,

We’re contacting you to let you know that our website inadvertently disclosed your email address due to a technical error. The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action.

Sincerely, Customer Service http://Amazon.com

Amazon is not being forthcoming with the details related to this “technical error”. When we contacted their press office, we were told by an Amazon representative that the issue has been fixed and user’s have been informed. Pretty much what we already knew from the email.

“We have fixed the issue and informed customers who may have been impacted.”

Amazon’s help chat wasn’t that helpful either.

“I really do apologize that you receive an email regarding that,” an Amazon support representative told BleepingComputer. “There’s nothing to worry, we will fixed this issue as soon as possible so it wont happen again.”

The lack of information is concerning as users should know how and when their personal data was mishandled. Furthermore, this comes right before the biggest shopping season of the year, Black Friday, and phishers love nothing more than being able to get their hands on people’s email addresses.

With the lack of information being released, there is unfortunately no way to know who saw and for how long these email addresses were exposed.

Finally, what’s up with the http:// link in the email?

Read the original article over at Hongkiat.com.