IT news March 16: The number of errors in the code has increased by 50%, hackers are using coronavirus for extortion, a money transfer function has been added to Telegram
The number of bugs in open source applications increased by 50%
According to WhiteSource's annual vulnerability report , the number of bugs discovered in open source applications increased by almost 50% in 2019. In total, more than 6,000 vulnerabilities were discovered last year, while in 2018, 4,000 errors were recorded. About 85% of bugs in applications have already been fixed. Cybersecurity experts at WhiteSource believe that the increase in the number of bugs discovered in opensource applications indicates that developers have become more attentive to code review. In other words, there were always errors, but they became more noticeable because more attention was paid to finding them. “No code is perfect, and there are always vulnerabilities that can be found,” said Rami Sass, CEO and co-founder of WhiteSource. The largest percentage of vulnerabilities were found in code written in C (30%). Second place went to PHP (27%), third to Java (15%), and fourth place to JavaScript (10%). Next are C# (9%), Python (5%) and Ruby (4%). Source: The Register
Facebook shuts down augmented reality app MSQRD
Facebook has announced it is shutting down the popular face mask app MSQRD. Starting April 13, MSQRD will disappear from the App Store and Google Play. Previously installed applications will no longer work on smartphones and tablets. The reason for MSQRD's removal was the integration of its technical characteristics into Facebook's own application. MSQRD technology will be used in Spark AR, a unified platform for creating masks for Instagram and Facebook. Masks created in Spark AR have already been used by more than 1 billion users of Facebook, Instagram, Messenger and Portal. The MSQRD project was founded in 2015 by Belarusian programmers Evgeniy Nevgen, Sergei Gonchar and Evgeniy Zatepyakin. In 2016, their startup Masquerade Technologies was acquired by Facebook. The application has not been updated for the last three years, but was available for download. Source: Business Insider
Hackers use coronavirus for extortion
DomainTools specialists have discovered a surge in registrations of domain names mentioning coronavirus. In some cases, websites are created to trick users into installing a malicious mobile application that claims to be able to send instant notifications if a person infected with the coronavirus approaches the owner of the smartphone. By installing an Android application on his smartphone, the victim of hackers does not suspect that the screen of his gadget will then be blocked by the CovidLock Trojan. To remove the password on the lock screen, the malicious software requires the smartphone owner to pay $100 in bitcoins. DomainTools points out that the phishing application is not installed from the Play Store online store, but from a site that is supposedly certified by the World Health Organization (WHO) and the Centers for Disease Control and Prevention (CDC). The hackers also falsely claim that their app has received over 6 million reviews and has a 4.4 star rating. Source: The Next Web
Microsoft and Google have opened websites to track coronavirus
Microsoft has created a free tracker based on its Bing search engine to track coronavirus cases. The resource has similar functions to the Johns Hopkins University service . It shows an interactive map of the world with the number of all confirmed cases of infection, sickness, recovery and death from COVID-19. Information from WHO, the US Centers for Disease Control and Prevention and the European Center for Disease Prevention and Control (ECDC) is used to update the service. On March 15, Verily, a subsidiary of Google (Alphabet), launched a similar service, Project Baseline . With its help, users with a Google account can check their risk of contracting coronavirus. To do this, they will have to answer several questions. So far, the service is being tested in two California counties: San Mateo and Santa Clara. Source: Softpedia
Telegram has added a money transfer function
The Yandex.Money payment service has launched a function for money transfers via messages in the Telegram messenger. To transfer money, you must add your bank card number to your message. The messenger automatically converts the numbers into a direct link to transfer via Yandex.Money. In the window that appears, the sender's details are already indicated; you just need to choose where to transfer money from. This can be done from an electronic wallet in the Yandex.Money service or from any bank card issued in Russia. The new feature is available only for Russian users. According to Yandex, approximately 10 million citizens use its payment service every month. Source: 3D News
Cybersecurity experts at WhiteSource believe that the increase in the number of bugs discovered in opensource applications indicates that developers have become more attentive to code review. In other words, there were always errors, but they became more noticeable because more attention was paid to finding them. “No code is perfect, and there are always vulnerabilities that can be found,” said Rami Sass, CEO and co-founder of WhiteSource. The largest percentage of vulnerabilities were found in code written in C (30%). Second place went to PHP (27%), third to Java (15%), and fourth place to JavaScript (10%). Next are C# (9%), Python (5%) and Ruby (4%). Source: The Register
By installing an Android application on his smartphone, the victim of hackers does not suspect that the screen of his gadget will then be blocked by the CovidLock Trojan. To remove the password on the lock screen, the malicious software requires the smartphone owner to pay $100 in bitcoins. DomainTools points out that the phishing application is not installed from the Play Store online store, but from a site that is supposedly certified by the World Health Organization (WHO) and the Centers for Disease Control and Prevention (CDC). The hackers also falsely claim that their app has received over 6 million reviews and has a 4.4 star rating. Source: The Next Web
In the window that appears, the sender's details are already indicated; you just need to choose where to transfer money from. This can be done from an electronic wallet in the Yandex.Money service or from any bank card issued in Russia. The new feature is available only for Russian users. According to Yandex, approximately 10 million citizens use its payment service every month. Source: 3D News
GO TO FULL VERSION