LATEST ARTICLES

0


NBA 2K18 is now out and we’re seeing the first comparison videos. A few days we saw the Switch vs the PS4 Pro and Xbox One S, and now there’s a more detailed video that shows the same match played on Switch and PS4, and how they compare.

For a more detailed look, be sure to watch the video in full-screen. All things considered, the Switch version stacks up pretty well against the way more powerful PS4.

The biggest difference is frame rate: the Switch version runs at 30 fps while the PS4 runs at 60 fps.

NBA 2K18 launches only on the Switch eShop and will later be released physically on a cartridge.



Source link

0


The warnings consumers hear from information security pros tend to focus on trust: Don’t click web links or attachments from an untrusted sender. Only install applications from a trusted source or from a trusted app store. But lately, devious hackers have been targeting their attacks further up the software supply chain, sneaking malware into downloads from even trusted vendors, long before you ever click to install.

On Monday, Cisco’s Talos security research division revealed that hackers sabotaged the ultra-popular, free computer-cleanup tool CCleaner for at least the last month, inserting a backdoor into updates to the application that landed in millions of personal computers. That attack betrayed basic consumer trust in CCleaner-developer Avast, and software firms more broadly, by lacing a legitimate program with malware—one distributed by a security company, no less.

It’s also an increasingly common incident. Three times in the last three months, hackers have exploited the digital supply chain to plant tainted code that hides in software companies’ own systems of installation and updates, hijacking those trusted channels to stealthily spread their malicious code.

“There’s a concerning trend in these supplychain attacks,” says Craig Williams, the head of Cisco’s Talos team. “Attackers are realizing that if they find these soft targets, companies without a lot of security practices, they can hijack that customer base and use it as their own malware install base…And the more we see it, the more attackers will be attracted to it.”

According to Avast, the tainted version of the CCleaner app had been installed 2.27 million times from when the software was first sabotaged in August until last week, when a beta version of a Cisco network monitoring tool discovered the rogue app acting suspiciously on a customer’s network. Avast cryptographically signs installations and updates for CCleaner, so that no imposter can spoof its downloads without possessing an unforgeable cryptographic key. But the hackers had apparently infiltrated Avast’s software development or distribution process before that signature occurred, so that the antivirus firm was essentially putting its stamp of approval on malware, and pushing it out to consumers.

That attack comes two months after hackers used a similar supply-chain vulnerability to deliver a massively damaging outbreak of destructive software known as NotPetya to hundreds of targets focused in Ukraine, but also branching out other European countries and the US. That software, which posed as ransomware but is widely believed to have in fact been a data-wiping disruption tool, commandeered the update mechanism of an obscure—but popular in Ukraine—piece of accounting software known as MeDoc. Using that update mechanism as an infection point and then spreading through corporate networks, NotPetya paralyzed operations at hundreds of companies, from Ukrainian banks and power plants, to Danish shipping conglomerate Maersk, to US pharmaceutical giant Merck.

One month later, researchers at Russian security firm Kaspersky discovered another supply chain attack they called “Shadowpad”: Hackers had smuggled a backdoor capable of downloading malware into hundreds of banks, energy, and drug companies via corrupted software distributed by the South Korea-based firm Netsarang, which sells enterprise and network management tools. “ShadowPad is an example of how dangerous and wide-scale a successful supply-chain attack can be,” Kaspersky analyst Igor Soumenkov wrote at the time. “Given the opportunities for reach and data collection it gives to the attackers, most likely it will be reproduced again and again with some other widely used software component.” (Kaspersky itself is dealing with its own software trust problem: The Department of Homeland Security has banned its use in US government agencies, and retail giant Best Buy has pulled its software from shelves, due to suspicions that it too could be abused by Kaspersky’s suspected associates in the Russian government.)

Supply-chain attacks have intermittently surfaced for years. But the summer’s repeated incidents point to an uptick, says Jake Williams, a researcher and consultant at security firm Rendition Infosec. “We have a reliance on open-source or widely distributed software where the distribution points are themselves vulnerable,” says Williams. “That’s becoming the new low-hanging fruit.”

Williams argues that move up the supply chain may be in part due to improved security for consumers, and companies cutting off some other easy routes to infection. Firewalls are near-univeral, finding hackable vulnerabilities in applications like Microsoft Office or PDF readers isn’t as easy as it used to be, and companies are increasingly—though not always—installing security patches in a timely manner. “People are getting better about general security,” Williams says. “But these software supply-chain attacks break all the models. They pass antivirus and basic security checks. And sometimes patching is the attack vector.”

In some recent cases, hackers have moved yet another link up the chain, attacking not just software companies instead of consumers, but the development tools used by those companies’ programmers. In late 2015, hackers distributed a fake version of the Apple developer tool Xcode on sites frequented by Chinese developers. Those tools injected malicious code known as XcodeGhost into 39 iOS apps, many of which passed Apple’s App Store review, resulting in the largest-ever outbreak of iOS malware. And just last week, a similar—but less serious—problem hit Python developers, when the Slovakian government warned that a Python code repository known as Python Package Index, or PyPI, had been loaded with malicious code.

These kinds of supply-chain attacks are especially insidious because they violate every basic mantra of computer security for consumers, says Cisco’s Craig Williams, potentially leaving those who stick to known, trusted sources of software just as vulnerable as those who click and install more promiscuously. That goes double when the proximate source of malware is a security company like Avast. “People trust companies, and when they’re compromised like this it really breaks that trust,” says Williams. “It punishes good behavior.”

These attacks leave consumers, Williams says, with few options to protect themselves. At best, you can try to vaguely suss out the internal security practices of the companies whose software you use, or read up on different applications to determine if they’re created with security practices that would prevent them from being corrupted.

But for the average internet user, that information is hardly accessible or transparent. Ultimately, the responsibility for protecting those users from the growing rash of supply-chain attacks will have to move up the supply chain, too—to the companies whose own vulnerabilities have been passed down to their trusting customers.



Source link

0



It can be hard for big companies to keep tabs on all the research and innovation in their industry. The search for the best patents can be both cumbersome and disorganized.

That’s the idea behind Resolute Innovation, a startup that aims to connect companies with big ideas. New York-based Resolute is building what they’re calling “technology scouting software,” or a searchable R&D database. From food and beverage to cosmetics to pharmaceuticals to space, the concepts span many categories.

Resolute is raising $3.3 million in Series A funding, led by Revolution Ventures, the venture firm created by Tige Savage, David Golden and AOL co-founder Steve Case.

The tech transfer process needs to be re-imagined,” said Case. He believes Resolute will “emerge as the leading platform in building this bridge between innovators with ideas and intellectual properties with businesses that can take those ideas and commercialize them and scale them.”

A lot of the research is provided by universities, including Columbia University (my alma mater), which has a partnership with Resolute. Other ideas stem from startups, hospitals, federal laboratories and research institutes.

Resolute makes money by selling subscriptions to its software. The team says it has thousands of customers and has been working with Fortune 500 companies and other large institutions.

Tige Savage said that he invested because Resolute “uses modern AI technology to make this stuff findable, searchable, indexable, organized.” He believes it fits his investment thesis of looking for “categories where billions of dollars being spent in old-fashioned ways.”

CEO Sebastian Metti says he plans to use the funding to expand their network of researchers. He also wants to continue the international expansion, targeting Asia, Europe, North America and Israel. The startup previously just had angel investors.

 

 

Featured Image: Amy/Flickr UNDER A CC BY 2.0 LICENSE



Source link

0


The critically acclaimed psychedelic horror game Layers of Fear will be coming to the Switch, developer Bloober Team announced today.

Layers of Fear: Legacy, as it will be called on the Switch, includes much of the post-release content from the original game. The original Layers of Fear was released last year on a variety of platforms.

In the game, players assume the role of a psychologically disturbed painter who must complete his biggest work while staying in a haunted Victorian house.

Check out the Switch announcement trailer below:



Source link

0



Roku, the digital streaming business, is looking to raise about $204 million when it goes public later this month. According to a SEC filing revealed Monday, the company plans to price its shares between $12 to $14.

This is more than double the $100 million that was forecast in the IPO filing earlier this month. That’s because that number is a placeholder and often changes.

If it goes public at the midpoint of the range, it would value the company at about $1.2 billion. It was earlier reported that the company was seeking a $1 billion market cap. 

Roku has previously raised over $200 million in equity funding dating back to 2008. Menlo Ventures is the largest stakeholder owning 35.3% of the company prior to the offering, and Fidelity owned 12.9%. Menlo Ventures will be selling 6 million shares.

Roku has digital streaming players which help cord-cutters watch content without a cable subscription. It competes with Apple TV, Chromecast and other devices.

The company brought in $399 million in revenue last year, but lost $43 million. This compares to $320 million in revenue and $38 million in losses the year before.

Roku plans to list on the Nasdaq under the ticker “ROKU.” The bankers underwriting the offering are led by Morgan Stanley and Citigroup.

 

 

 

 



Source link

0



Roku, the digital streaming business, is looking to raise about $204 million when it goes public later this month. According to a SEC filing revealed Monday, the company plans to price its shares between $12 to $14.

This is more than double the $100 million that was forecast in the IPO filing earlier this month. That’s because that number is a placeholder and often changes.

If it goes public at the midpoint of the range, it would value the company at about $1.2 billion. It was earlier reported that the company was seeking a $1 billion market cap. 

Roku has previously raised over $200 million in equity funding dating back to 2008. Menlo Ventures is the largest stakeholder owning 35.3% of the company prior to the offering, and Fidelity owned 12.9%. Menlo Ventures will be selling 6 million shares.

Roku has digital streaming players which help cord-cutters watch content without a cable subscription. It competes with Apple TV, Chromecast and other devices.

The company brought in $399 million in revenue last year, but lost $43 million. This compares to $320 million in revenue and $38 million in losses the year before.

Roku plans to list on the Nasdaq under the ticker “ROKU.” The bankers underwriting the offering are led by Morgan Stanley and Citigroup.

 

 

 

 



Source link

0



Each year, TechCrunch selects early-stage startups from a pool of thousands across the globe, and selects the top innovators to compete in Startup Battlefield. Over the next three days at TechCrunch Disrupt SF 2017, a select few will vie for $50,000 and the coveted Disrupt Cup.

Our founders are using VR for precision spinal surgery and emotional recognition. They are using biotech for pathogen detection, personalized cancer treatments, and even gender detection in eggs. They are removing the need for commercial photo studios, and annoying cords to charge devices. Of course, they are also helping to protect your data and homes. 

Each company has spent the last two months refining their business models and pitches with the Battlefield team and TechCrunch editorial. It culminates onstage with a six-minute pitch in front of the masses and a tough Q&A session from our panel of esteemed judges.

Battlefield alumni have collectively raised nearly $7 billion and produced nearly 100 exits and IPOs to-date. Investors, prepare your term sheets.

Samantha Stein and Anthony Ha will kick off Startup Battlefield at 1:40 PM PT on Monday. You can find more information about Startup Battlefield here. Watch Disrupt via livestream here.

Monday

Session 1: Pi, Future Family, Bridgefy, Nuada

Session 2: Index, Colormass, Looxid Labs

Wildcard: Wildcard companies are selected from the Startup Alley by an audience vote and TechCrunch editorial staff. Download the Disrupt app to cast your vote!

Tuesday

Session 3: Ourotech, eggXYt, Cryptomove, Roots Studio, Materialize.X

Session 4: AUGmedics, lilu, Matic, OlfaGuard, M8

Session 5: Poshtel, Oneva, Tomorrow

Wildcard

Only a few selected finalists will have a chance to present once more on Wednesday, with $50,000 and the Disrupt Cup on the line.

Battlefield companies will also be showcasing in the Startup Alley all three days of the conference, so swing by and say hi.



Source link

0



As computer vision and object recognition technology continue to mature, we’re edging closer to automating away the exceedingly boring task of monitoring closed circuit TV cameras. Matroid is one of the startups leading the democratization of this variety of machine intelligence. The company is announcing a $10 million Series A this morning from NEA and Intel Capital that brings Matroid’s total financing to $13.5 million.

We first wrote about Matroid’s web platform for building custom video recognition detectors back in May. Customers can use their own videos and images to train detectors to recognize anything they want within videos or streams. This is a far more democratized approach than more traditional object recognition APIs.

In terms of commercialization, founder Reza Zadeh is focusing on the security and media markets for now. Fortune 500 companies will pay to monitor when their brands and key executives are featured on TV channels (check out Face-O-Matic for a political example of this). Meanwhile, other businesses will pay for a system to play the role of CCTV monitor, observing camera footage for long periods of time and flagging abnormalities for reference.

In addition to today’s financing, Matroid is announcing that it is working with Intel to assist them with executing computer vision tasks on their chips. Instead of building its own computer vision-enabled hardware, Matroid is building inroads inside the hardware ecosystem to implement its technology. Zadeh defends this move by asserting that building hardware is effectively a race to the bottom.

“Eventually all cameras will have some ability to understand what they’re looking at,” Zadeh explained to me in an interview.

This makes a lot of sense — it’s tough to do all of the real time analysis necessary in the cloud and edge computing is having something of a renaissance. So to start, Intel is acting as a customer of Matroid as well as a strategic investor assisting with go-to-market.

Zadeh is leveraging his connections as a Stanford professor to build a community around Matroid. His Scaled Machine Learning conference brought together researchers from Google, Intel, NVIDIA and OpenAI, among other companies and institutions. These experts are helping to support the creation of new and shareable detectors on Matroid.



Source link