bbc
gadgets to use
geeky gadgets
gizmodo
jalopnik
jezebel
kotaku
lifehacker
ny times
pocket lint
readwrite
tech republic
tech world
techcrunch
technology
the inventory
the next web
venture beat
wired
count
sauces
help
I'm confused... What am I doing here?

Choose which sources you wish to remain and you're all set. Use the buttons to turn sources on and off.

What do the different colours mean?

Depending on if any articles/links are visible on the page there are 4 modes to show the state of your chosen sources.

on / visible on page

off / visible on page

on / not visible on page

off / not visible on page

Indian startups explore forming an alliance and alternative app store to fight Google’s ‘monopoly’ - techcrunch

Indian startups explore forming an alliance and alternative app store to fight Google’s ‘monopoly’

Google, which reaches more internet users than any other firm in India and commands 99% of the nation’s smartphone market, has stumbled upon an odd challenge in the world’s second largest internet market: Scores of top local entrepreneurs. Dozens of top startups and firms in India are working to form an alliance and toying with […]
techcrunch - 2 hours ago
Lots of happy people as Palantir and Asana spike on first day of trading - techcrunch

Lots of happy people as Palantir and Asana spike on first day of trading

The markets are closed and the verdicts are in: investors liked what they saw in Palantir and Asana . The two companies, which debuted this morning in dual (and duel) direct listings, continued to prove that enterprise tech companies without the brand recognition of Spotify (which conducted its own direct listing back in 2018) can […]
techcrunch - 6 hours ago
Dustin Moskovitz discusses Asana’s first trading day - techcrunch

Dustin Moskovitz discusses Asana’s first trading day

It’s a big day for Asana, the work management tool that debuted on the NYSE this morning in a direct listing. Founded back in 2009 by Dustin Moskovitz and Justin Rosenstein, the company has assiduously grown over the years, taking in about $213 million in venture capital the past decade and reaching almost $100 million […]
techcrunch - 6 hours ago
Everything Google announced at today’s hardware event - techcrunch

Everything Google announced at today’s hardware event

This year, Google’s annual hardware event consisted of a brisk 30 minutes of pre-recorded promotional videos, but the company managed to pack a number of new product announcements into that time. To make things easy for you, here’s a quick rundown of everything that Google announced, including the Google Pixel 5, a new TV interface […]
techcrunch - 7 hours ago
How 3 remote-friendly tech companies plan to return to the office - techcrunch

How 3 remote-friendly tech companies plan to return to the office

Six months ago, millions of workers left their offices for the last time without realizing it. Many would be laid off because of the pandemic, but for those fortunate to keep their jobs, some of their employers still haven’t determined whether they will open their workplaces again. Some of the biggest tech employers in the […]
techcrunch - 7 hours ago
Investors give Baltimore’s Facet Wealth $25 million to sell businesses on financial planning as a benefit - techcrunch

Investors give Baltimore’s Facet Wealth $25 million to sell businesses on financial planning as a benefit

Yesterday, Baltimore-based fintech company Facet Wealth said it raised $25 million in financing as it readies a new business line pitching financial planning as an employment benefit to businesses looking to recruit top talent. Employment benefit packages are expanding beyond the basic gym membership and healthcare to include subscriptions to Netflix, discounts on delivery and […]
techcrunch - 8 hours ago
A new Google Assistant feature, ‘Hold for Me,’ waits on hold so you don’t have to - techcrunch

A new Google Assistant feature, ‘Hold for Me,’ waits on hold so you don’t have to

Google has been pushing forward the capabilities of what a smartphone can do when it comes to one of the device’s most basic — if these days often overlooked — features: phone calls. In previous years, the company launched Call Screen to vet your incoming calls, Duplex for restaurant reservations, and just this month, a […]
techcrunch - 8 hours ago
AOC flagged ‘material risks’ to Palantir investors in letter to SEC - techcrunch

AOC flagged ‘material risks’ to Palantir investors in letter to SEC

In a newly released letter, New York Rep. Alexandria Ocasio-Cortez issued words of warning to the SEC over Palantir’s efforts to take the company public, cautioning the regulatory body over details the progressive congresswoman says were “omitted” in the company’s disclosures. Illinois Rep. Jesús “Chuy” García co-authored the letter, embedded below, which was submitted to […]
techcrunch - 9 hours ago
Pixel 5 and 4a 5g get the same, improved cameras with rear ultrawide lens, Night Sight portraits and more - techcrunch

Pixel 5 and 4a 5g get the same, improved cameras with rear ultrawide lens, Night Sight portraits and more

Google made its newest smartphones official today, unveiling the much-leaked Pixel 4a 5g and Pixel 5. Both smartphones will get the same, improved cameras, despite a $200 price different between the models, which is great news for people who are specifically coming to Google for their excellent mobile camera tech. Here’s an overview of what […]
techcrunch - 9 hours ago
Google unveils the $99 Nest Audio smart speaker - techcrunch

Google unveils the $99 Nest Audio smart speaker

Four years after the introduction of the Google Home smart speaker, Google showcased its successor to the company’s mid-range smart speaker. In keeping with the broader rebranding of the company’s smart home products, the device is now called Nest Audio. The smart speaker will retail for $99 and come in a variety of colors including […]
techcrunch - 9 hours ago
Google launches the $499 Pixel 4a 5G - techcrunch

Google launches the $499 Pixel 4a 5G

As expected, Google today officially launched the 5G version of its Pixel 4a phone at its annual hardware event. Given all the previous leaks, there were no real surprises left and Google had already announced the $499 price. We now have a launch date, though. It’ll launch in Japan on October 15 and then come […]
techcrunch - 9 hours ago
Google’s Pixel 5 get reverse wireless charging and 5G for $699 - techcrunch

Google’s Pixel 5 get reverse wireless charging and 5G for $699

Here it is, the centerpiece of this morning’s confusing-titled Launch Night In. The Pixel 5 is Google’s latest mobile flagship. Launching months after the budget-minded Pixel 4a (and same day as the Pixel 4a 5G) , the new handset sports a a 100% recycled aluminum body to set the new phone apart from the rest […]
techcrunch - 9 hours ago
The new Chromecast adds a remote and the new Google TV interface for $49 - techcrunch

The new Chromecast adds a remote and the new Google TV interface for $49

It’s been a while since Google gave its Chromecast line a proper bit of love — perhaps not surprising for a fairly mature device now marking its seventh year. At today’s big Launch Night In event, however, the company’s bringing the popular TV dongle a much-needed refresh by way of Chromecast with Google TV. The […]
techcrunch - 9 hours ago
The new Google TV brings streaming apps, live TV and search into a single interface - techcrunch

The new Google TV brings streaming apps, live TV and search into a single interface

Not to be confused with the smart TV platform of the same name (2010-2014, RIP) or the Android TV platform it’s built on top of, Google has just taken the wraps off the new Google TV. The name refers to the interface for the new, aptly titled Chromecast with Google TV, combining streaming services, live […]
techcrunch - 9 hours ago
Golden raises $14.5M to build a wiki-style database of tech knowledge - techcrunch

Golden raises $14.5M to build a wiki-style database of tech knowledge

Golden is announcing that it has raised $14.5 million in Series A funding. The round was led by previous investor Andreessen Horowitz, with the firm’s co-founder Marc Andreessen joining the startup’s board of directors. When Golden launched last year, founder and CEO Jude Gomila told me that his goal was to create a knowledge base focused […]
techcrunch - 9 hours ago
The roadmap to startup consolidation in Southeast Asia is becoming clearer - techcrunch

The roadmap to startup consolidation in Southeast Asia is becoming clearer

While Southeast Asia’s startup ecosystems are still young compared to those in China or India, it has matured over the last five years. Unicorns like Grab, Gojek and Garena are continuing to grow, and more competitive startups are emerging in sectors like fintech, e-commerce and logistics. That leads to the question: Will consolidation start to […]
techcrunch - 9 hours ago
Following Apple’s Sidecar launch, Astropad announces Luna Display for Windows - techcrunch

Following Apple’s Sidecar launch, Astropad announces Luna Display for Windows

In June, Luna Display creator Astropad wrote a blog post titled, “Why Getting Sherlocked by Apple Was a Blessing in Disguise.” It arrived on the one-year anniversary of Apple’s launch of Sidecar for macOS, which let Mac owners use an iPad as a second display — thus making Luna’s functionality redundant. The rose-colored post detailed […]
techcrunch - 9 hours ago
Aurora Labs ramps ‘self-healing’ software with $23M from LG Technology Ventures, Porsche SE, Toyota Tsusho - techcrunch

Aurora Labs ramps ‘self-healing’ software with $23M from LG Technology Ventures, Porsche SE, Toyota Tsusho

The automotive market is grappling with increasingly complex software systems, and in turn greater risks of glitches that can cause costly and unsafe disruptions and damage an automaker’s credibility. Just look at today’s new cars, trucks and SUVs compared to their counterparts a decade ago. New vehicles coming off assembly lines today contain tens of […]
techcrunch - 10 hours ago
‘The Real Facebook Oversight Board’ launches to counter Facebook’s ‘Oversight Board’ - techcrunch

‘The Real Facebook Oversight Board’ launches to counter Facebook’s ‘Oversight Board’

Today a group of academics, researchers and civil rights leaders go live on with ‘The Real Facebook Oversight Board’ which is designed to criticize and discuss the role of the platform in the upcoming US election. The group includes Facebook’s ex-head of election security, leaders of the #StopHateForProfit campaign and Roger McNamee, early Facebook investor. […]
techcrunch - 10 hours ago
Asana up 39% and Palantir still holding as both direct listings hit the public markets - techcrunch

Asana up 39% and Palantir still holding as both direct listings hit the public markets

Two direct listings in one day. Lots to talk about. Asana started trading just a bit after noon Eastern today, quickly zooming to roughly $29 a share in early trading this afternoon. We are still waiting for the first trades of Palantir to hit the market. Asana’s reference price was revealed yesterday by the NYSE, […]
techcrunch - 10 hours ago
LOAD MORE TECH
bbc
gadgets to use
geeky gadgets
gizmodo
jalopnik
jezebel
kotaku
lifehacker
ny times
pocket lint
readwrite
tech republic
tech world
techcrunch
technology
the inventory
the next web
venture beat
wired
count
sauces
help
I'm confused... What am I doing here?

Choose which sources you wish to remain and you're all set. Use the buttons to turn sources on and off.

What do the different colours mean?

Depending on if any articles/links are visible on the page there are 4 modes to show the state of your chosen sources.

on / visible on page

off / visible on page

on / not visible on page

off / not visible on page

techcrunch
Hackers say ‘jackpotting’ flaws tricked popular ATMs into spitting out cash

Hackers say ‘jackpotting’ flaws tricked popular ATMs into spitting out cash

techcrunch - 1 month ago

In 2010, the late Barnaby Jack, a world-renowned security researcher, hacked an ATM live on stage at the Black Hat conference by tricking the cash dispenser into spitting out a stream of dollar bills. The technique was appropriately named “jackpotting.”

A decade on from Jack’s blockbuster demo, security researchers are presenting two new vulnerabilities in Nautilus ATMs, albeit virtually, thanks to the coronavirus pandemic.

Security researchers Brenda So and Trey Keown at New York-based security firm Red Balloon say their pair of vulnerabilities allowed them to trick a popular standalone retail ATM, commonly found in stores rather than at banks, into dispensing cash at their command.

A hacker would need to be on the same network as the ATM, making it more difficult to launch a successful jackpotting attack. But their findings highlight that ATMs often have vulnerabilities that lie dormant for years in some cases since they were first built.

Barnaby Jack, the late security researcher credited with the first ATM “jackpotting” attacks. Now, 10 years later, two security researchers have found two new ATM cash-spitting attacks. Credit: YouTube

So and Keown said their new vulnerabilities target the Nautilus ATM’s underlying software, a decade-old version of Windows that is no longer supported by Microsoft. To begin with, the pair bought an ATM to examine. But with little documentation, the duo had to reverse-engineer the software inside to understand how it worked.

The first vulnerability was found in a software layer known as XFS or Extensions for Financial Services which the ATM uses to talk to its various hardware components, such as the card reader and the cash dispensing unit. The bug wasn’t in XFS itself, rather in how the ATM manufacturer implemented the software layer into its ATMs. The researchers found that sending a specially crafted malicious request over the network could effectively trigger the ATM’s cash dispenser and dump the cash inside, Keown told TechCrunch.

The second vulnerability was found in the ATM’s remote management software, an in-built tool that lets owners manage their fleet of ATMs by updating the software and checking how much cash is left. Triggering the bug would grant a hacker access to a vulnerable ATM’s settings.

So told TechCrunch it was possible to switch the ATM’s payment processor with a malicious, hacker-controlled server to siphon off banking data. “By pointing an ATM to a malicious server, we can extract credit card numbers,” she said.

Bloomberg first reported the vulnerabilities last year when the researchers privately reported their findings to Nautilus. About 80,000 Nautilus ATMs in the U.S. were vulnerable prior to the fix, Bloomberg reported. We contacted Nautilus with questions but did not hear back.

Successful jackpotting attacks are rare but not unheard of. In recent years, hackers have used a number of techniques. In 2017, an active jackpotting group was discovered operating across Europe, netting millions of euros in cash.

More recently, hackers have stolen proprietary software from ATM manufacturers to build their own jackpotting tools.


Send tips securely over Signal and WhatsApp to +1 646-755-8849 or send an encrypted email to: zack.whittaker@protonmail.com

sauce: techcrunch
CLOSE