By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

A Wall Street regulator is opening a probe into Goldman Sachs Group Inc.’s credit card practices after a viral tweet from a tech entrepreneur alleged gender discrimination in the new Apple Card’s algorithms when determining credit limits. A series of posts from David Heinemeier Hansson starting Thursday railed against the Apple Card for giving him 20 times the credit limit that his wife got. The tweets, many of which contain profanity, immediately gained traction online, even attracting comments from Apple co-founder Steve Wozniak. Hansson didn’t disclose any specific income-related information for either of them but said they filed joint tax returns and that his wife has a better credit score than he does. “The department will be conducting an investigation to determine whether New York law was violated and ensure all consumers are treated equally regardless of sex,” said a spokesman for Linda Lacewell, the superintendent of the New York Department of Financial Services. “Any algorithm, that intentionally or not results in discriminatory treatment of women or any other protected class of people violates New York law.” “Our credit decisions are based on a customer’s creditworthiness and not on factors like gender, race, age, sexual orientation or any other basis prohibited by law,” said Goldman spokesman Andrew Williams. Hansson said Goldman’s response doesn’t explain what happened after he started airing his issues on social media. “As soon as this became a PR issue, they immediately bumped up her credit limit without asking for any additional documentation,” he said in an interview. “My belief isn’t there was some nefarious person wanting to discriminate. But that doesn’t matter. How do you know there isn’t an issue with the machine-learning algo when no one can explain how this decision was made?” More details can be found on OUR FORUM.

T-Mobile is the last of the major cellular service providers in the United States to officially launch a 5G network, with Verizon, AT&T, and Sprint all in on the action already. Today, however, the company announced its plans to launch its 5G network on December 6, and as expected, it'll be based on the 600MHz spectrum that the Un-carrier has been promoting for some time. Not only that, T-Mobile says this will be nationwide 5G, covering more than 200 million people and 5,000 cities, which is easily ahead of its competitors in terms of scale. To use the company's 5G network, you'll need a Samsung Galaxy Note10+ 5G or a OnePlus 7T Pro 5G McLaren Edition, and if T-Mobile's merger with Sprint is approved, those devices will support Sprint's sub-6GHz 5G network, too. In addition to the network launch on December 6, T-Mobile made a few promises in case its merger with Sprint is approved. First, the company announced the Connecting Heroes Initiative, which will see the carrier providing free 5G access to every first responder in "public and non-profit state and local police, fire and EMS agency across the entire country". The New T-Mobile promises to maintain this commitment for 10 years. There's also Project 10Million, which will see a $10 billion investment from New T-Mobile to give free internet to children in households with no internet connection, in an attempt to bridge the "homework gap" - T-Mobile says seven out of 10 teachers assign online homework. In addition, T-Mobile will invest $700 million to provide hardware to 10 million households. Recipients of Project 10Million will get 100GB of free data per year, plus a T-Mobile Wi-Fi hotspot for free, and even those users will be able to benefit from the company's 5G network. Learn more from OUR FORUM.

Beijing has announced plans to develop 6G technology in the hope of cementing its supremacy in wireless connection amid a US-led crusade against Chinese companies over 5G networks. China’s Science and Technology Ministry has set up two teams to develop a 6G network. The first group links several government agencies, while the second one unites more than 30 experts from various universities, research centers and corporations. Speaking at a “kick-off” meeting over the weekend, Vice Minister Wang Xi noted that current global knowledge in the relevant field remains at an “exploratory stage” and the exact path to 6G is “still not clear.” However, Beijing is determined to win the race to dominate in wireless technology and will present a detailed plan for 6G development sometime in the future. Chinese companies have been in intense competition with their US and South Korean rivals to roll out 5G networks, which would allow for faster internet speed and more advanced smartphones. Last week, three state-backed operators began offering ‘superfast’ 5G services to Chinese consumers. The CEO of Huawei, one of the leaders in 5G revolution, Ren Zhengfei, confirmed in September that the company started to work on 6G “a long time ago,” but the technology is still “10 years out.”

Security researchers have spotted the first mass-hacking campaign using the BlueKeep exploit; however, the exploit is not being used as a self-spreading worm, as Microsoft was afraid it would happen last May when it issued a dire warning and urged users to patch. Instead, a hacker group has been using a demo BlueKeep exploit released by the Metasploit team back in September to hack into unpatched Windows systems and install a cryptocurrency miner. This BlueKeep campaign has been happening at scale for almost two weeks, but it's been only spotted today by cybersecurity expert Kevin Beaumont. The British security expert said he found the exploits in logs recorded by honeypots he set up months before and forgot about. First attacks date back to October 23, Beaumont told ZDNet. Beaumont's discovery was confirmed by Marcus "MalwareTech" Hutchins, the security researcher who stopped the WannaCry ransomware outbreak, and who's a recognized expert in the BlueKeep exploit. The attacks discovered by Beaumont are nowhere near the scale of the attacks Microsoft was afraid of back in May, when it likened BlueKeep to EternalBlue, the exploit at the heart of the WannaCry, NotPetya, and Bad Rabbit ransomware outbreaks of 2017. Microsoft engineers were terrified that BlueKeep would trigger another world-spanning malware outbreak that spread on its own, from an unpatched system to an unpatched system. However, the first mass-hacking operation didn't turn out to include self-spreading, worm-like capabilities. Instead, the hackers appear to search for Windows systems with RDP ports left exposed on the internet, deploy the BlueKeep Metasploit exploit, and later a cryptocurrency miner. Follow this thread on OUR FORUM.

Attention readers, if you are using Chrome on your Windows, Mac, and Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today. With the release of Chrome 78.0.3904.87, Google is warning billions of users to install an urgent software update immediately to patch two high severity vulnerabilities, one of which attackers are actively exploiting in the wild to hijack computers. Without revealing technical details of the vulnerability, the Chrome security team only says that both issues are use-after-free vulnerabilities, one affecting Chrome’s audio component (CVE-2019-13720) while the other resides in the PDFium (CVE-2019-13721) library. The use-after-free vulnerability is a class of memory corruption issues that allows corruption or modification of data in the memory, enabling an unprivileged user to escalate privileges on an affected system or software. Thus, both flaws could enable remote attackers to gain privileges on the Chrome web browser just by convincing targeted users into visiting a malicious website, allowing them to escape sandbox protections and run arbitrary malicious code on the targeted systems. Discovered and reported by Kaspersky researchers Anton Ivanov and Alexey Kulaev, the audio component issue in the Chrome application has been found exploited in the wild, though it remains unclear at the time which specific group of hackers. For more and to update your browser visit OUR FORUM.

Google Android users have been put at risk again after it emerged a keyboard app called ai.type previously available on the Play Store has been making millions of unauthorized purchases of premium digital content. The Android app has been downloaded more than 40 million times, according to researchers at Upstream. Hiding in plain sight by masking its activity to spoof apps such as Soundcloud, the rogue Google Android app delivers millions of invisible ads and fake clicks, passing on user data about real views, clicks, and purchases to ad networks. Ai.type is a customizable on-screen keyboard app developed by Israeli firm ai.type LTD, which describes the app as a “free emoji keyboard.” But in the background, without your knowledge, the Android app turns your device into “one of the many bots of the network controlled by fraudsters to commit ad fraud,” says Guy Krief, CEO of Upstream. The app was deleted from the Google Play Store in June, but it remains on millions of Android devices and is still available from other third-party marketplaces. There was a spike in its suspicious activity once removed, the Upstream researchers say. Specifically, Upstream says its Secure-D platform has detected and blocked more than 14 million suspicious transaction requests from 110,000 unique devices that downloaded the ai.type keyboard. It’s one of many rogue Android apps reported in recent weeks. Only last week, researchers at ESET discovered a year-long campaign that saw 8 million installs of adware delivered through 42 apps. It came after ESET researcher Lukas Stefanko published his report detailing the 300 million malicious Android app reports during the month of September. Other recent rogue apps plaguing Android users include spyware and adware. Follow this thread by navigating to OUR FORUM.

 

Translate