Kaspersky

Kaspersky Lab uncovers a suite of surveillance platforms that hide in hard drive firmware

Security researchers at Kaspersky Lab have unearthed a suite of surveillance platforms that can hide within the firmware of hard drives from more than a dozen manufacturers. The attackers, which Kaspersky is calling the Equation Group due to their complex skill set, are the most advanced that the researchers have encountered to date.

The programs, some of which date back to 2001, appear to have been developed in succession with each new program being more sophisticated than the last according to Wired.

Personal computers in more than 30 different countries have been discovered to carry the infection, Kaspersky said.

One of the worms uncovered has direct connections with Stuxnet and may have even been used as a test to help figure out the best route for the malware to reach systems involved in Iran’s nuclear program. Researchers didn’t name who they believe might be behind the attacks although there’s a good bit of circumstantial evidence that points to the NSA.

One component of the suite, GrayFish, is able to reflash the firmware on hard drives. Because it resides in the firmware, reformatting the drive doesn’t get rid of the infection. Key to being able to rewrite the firmware is having access to source code. If the NSA is indeed behind the attacks, getting source code wouldn’t present too much of an issue.

In addition to physically intercepting shipments (in this case, hard drives) and loading them with malware before repackaging and sending to targets, the NSA could have simply asked manufacturers for their source code (directly or indirectly) or posed as software developers.

Lenovo website hacked

Lenovo website apparently hacked by Lizard Squad because of Superfish incident

Things took a turn from bad to worse from Lenovo this week. After the embarrassment that was Superfish last week, the Chinese computer maker’s website recently fell victim to hackers.

For a brief period on Tuesday afternoon, those visiting lenovo.com in search of a new computer or drivers were instead met with a bizarre series of photos of teens set to the pop song Breaking Free from High School Musical. As of writing, the site is offline due to "system maintenance."

The source code of the hacked page references it as the new and improved rebranded Lenovo website featuring Ryan King and Rory Andrew Godfrey. These two individuals have previously been ousted as members of Lizard Squad.

Clicking on the slideshow would take visitors to Lizard Squad’s Twitter account.

By all accounts, this appeared to be a DNS hijacking that granted attackers the ability to redirect traffic from lenovo.com to a server under their control. A visit to the squad’s Twitter account, however, suggests they may have somehow gained access to some of the company’s e-mail accounts / e-mails.

In one screenshot of an e-mail, we learn that removal of the Superfish software on one customer’s computer resulted in a bricked device.

Speaking of, it’s likely that this hacking incident is in direct relation to Superfish – a piece of adware that Lenovo had been secretly adding to machines. After getting caught red-handed last week, the company released a removal tool and vowed to never use it again.

YouTube

HTML5 replaces Flash as default player on YouTube

HTML5 is now the default setting for video playback on YouTube when using Chrome, IE 11, Safari 8 and beta versions of Firefox. If you needed any more evidence to support the claim that Flash is dead, it doesn’t get much more damning than this.

YouTube has actually supported HTML5 for years, having first introduced support for the standard way back in 2010. Of course, it was extremely limited at that time and lacked support for several key features like adaptive bitrate (ABR).

This feature, one of many now supported by HTML5, helps reduce buffering and enables livestreaming on game consoles, devices like Chromecast and in web browsers.

HTML5 also lets users take advantage of the VP9 codec which YouTube used to showcase 4K streaming video at CES 2014. This codec from Google reduces bandwidth by 35 percent, allowing for wider access to 4K and HD at 60FPS videos. Videos also start anywhere between 15 to 80 percent faster according to YouTube engineering manager Richard Leider.

Last but not least, a bit of advice for those that embed video. YouTube is deprecating the “old style” of Flash < object > embeds and is instead encouraging all embedders to use the < iframe > API as this method will use whichever technology is best suited for the client.

Up to this point, Adobe Flash was the default for videos on YouTube. If you wanted to use HTML5 on the site, you had to go manually enable it.

WhatsApp

WhatsApp adds two new browsers to its web client messaging

About a month ago WhatsApp announced that its 700 million users will be able to access the popular messaging service through a new web browser client. Since then the company began rolling out voice calling features, but has now returned its focus to the browser adding a few new options for its massive user base.

While previously limited to Google’s Chrome web surfer, WhatsApp has now added support for both FireFox and Opera. Much like the Chrome set-up process, users will simply need to navigate to the web client and scan a QR code in order to connect the browser app with their mobile WhatsApp account. As we previously reported, because all your conversations on the web client will be kept on your mobile device, your phone will need to remain connected during your browser calls.

As you might know, WhatsApp uses no passwords or user names and instead relies on a user’s mobile phone number for identification. Due to the QR requirements and what WhatsApp describes as iOS limitations, this service is only available for those with Android, Windows Phone and BlackBerry devices at this point.

While Safari and iOS users appear to be still left out in the cold as we previously explained, WhatsApp did say publicly that an iOS compatible client was on its