Business For Sale | BusinessBrokerJournal.com

Discord and Slack are becoming potent tools for malware attacks

Posted onApril 7, 2021Authoradmin

Attackers are finding the file-sharing capabilities in popular group-chat apps such as Discord and Slack a convenient way to distribute malware, warns a new report from Cisco Talos, Cisco’s threat intelligence unit. The risk isn’t just that hackers can gain access to a particular channel and trick people in it into downloading malware. Once a file containing malicious code is uploaded, attackers can also grab a freely accessible link to that file where it’s hosted on the chat system’s servers. Then, they can send that link to people via phishing emails, misleading texts, or any other method they have of reaching potential victims. In some cases, malware can connect to these sorts of links to download additional malicious code once it’s already running on victims’ machines. Some malware also uses group-chat apps to share data with and receive commands from the people operating it, according to the report. In particular, Discord has an API (application programming interface) that enables programs to automatically post messages to channels on the service via a digital address called a webhook. That’s useful for many legitimate purposes, but it’s also valued by malware creators who want their software to essentially phone home from infected machines. And during the coronavirus pandemic, as more people are using platforms such as Discord and Slack to stay in touch with friends, coworkers, and others, so too are criminals moving to these tools for their own convenience, according to the Cisco Talos researchers. Malware and commands sent through these channels can blend in with other, legitimate traffic. “We’ve seen a marked increase in the abuse of collaboration apps like Discord and Slack to be used to both distribute malware and as a command-and-control system,” says Nick Biasini, a Cisco Talos threat researcher who worked on the report. Functionality such as that offered by Discord “allows them to manage command and control without having to manage their own server.” One challenge for people trying to thwart these attacks is that malware and commands sent through these channels can blend in with other, legitimate traffic to files and chat rooms hosted on these platforms. Seeing a URL that mentions Discord, Slack, or another trusted channel might also help lull users into a false sense of security when it appears in a phishing email. And it’s also not possible for security experts to take down the domain hosting the malicious content, since it’s commingled with legitimate Slack or Discord files from around the world rather than on a domain of its own. In some cases, hackers use malware to harvest digital access tokens that can be used to connect to Discord, according to the report. Read More …

Miss Hipmunk? Meet Flight Penguin, its founders’ new travel search engine

Posted onApril 5, 2021Authoradmin

In January of 2020, travel search Hipmunk shut down . The closure came less than four years after it had been acquired by business travel giant Concur, itself part of the even more gigantic SAP. It was one of countless examples over the years of a large company buying something small but innovative and then losing interest. But Hipmunk was so pleasant and useful that some of us are still in mourning: Last week, when a friend asked me for advice on travel booking sites, the first words out of my mouth were “I used to love Hipmunk, which is no more.” The bad news is that Hipmunk remains dead. However, some of its creators are back with a new travel tool called Flight Penguin that—though not at all a straightforward revival of the Hipmunk concept—will certainly appeal to some of the folks who were once fond of the ‘munk. Like Hipmunk, it’s got a quirky name, an adorable mascot ( drawn, in Hipmunk’s case, by Alexis Ohanian ), a clean interface, and a focus on finding flights that offer an attractive price without needless layovers and other complications. Read More …

6 Netflix tricks to supercharge your streaming

Posted onApril 5, 2021Authoradmin

Up until this point, you’ve probably found that Netflix works just fine without too much tinkering. However, there are a few things you can do—none of which requires much time at all—to make Netflix a little less clunky and a little more fun. Here are [some quick tricks for your next Netflix fix. No Netflix? No problem. Get hooked for free Not sure if you’re ready to commit to a full-blown Netflix subscription? Read More …

The simple reason tech CEOs have so much power

Posted onApril 3, 2021Authoradmin

Coinbase’s plan to go public in April highlights a troubling trend among tech companies: Its founding team will maintain voting control, making it mostly immune to the wishes of outside investors. The best-known U.S. cryptocurrency exchange is doing this by creating two classes of shares . One class will be available to the public. The other is reserved for the founders, insiders and early investors, and will wield 20 times the voting power of regular shares. That will ensure that after all is said and done, the insiders will control 53.5% of the votes . Coinbase will join dozens of other publicly traded tech companies —many with household names such as Google, Facebook, Doordash, Airbnb, and Slack—that have issued two types of shares in an effort to retain control for founders and insiders. The reason this is becoming increasingly popular has a lot to do with Ayn Rand , one of Silicon Valley’s favorite authors , and the “myth of the founder” her writings have helped inspire Read More …

The Air Force is using this mental health service to help with stress

Posted onApril 2, 2021Authoradmin

The pandemic has been stressful for everyone, and that includes members of the military. In the past two years, suicide rates among active military service members have gone up 15%. The military has long offered resilience training and access to therapy, but in 2020, the Air Force decided to take a different course of action. It began offering an innovative mental health platform called NeuroFlow to make care more accessible and to track how members were doing, so it could intervene if it seemed someone was a risk to themselves. “It is known throughout the mental health community that the Department of Defense is experiencing a spike in suicides at an alarming rate,” says Durel Williams, a Master Sergeant in the U.S. Air Mobility Command, where he’s responsible for 2,800 security forces members. Of those, 600 have signed up for NeuroFlow, which tracks fitness, sleep, well-being, loneliness, depression, alcohol use, and anxiety. It also offers tools for emotional regulation, like guided meditation, journaling, and video and written resources. All of this data becomes part of a user’s electronic health record. Artificial intelligence will then alert clinical staff about people who seem at risk. So far, 12 people have been flagged as at-risk, and in one instance a person was stopped from harming themselves. [Photo: courtesy of NeuroFlow] Military members can sign up for the app anonymously. Their data is also shared only with healthcare providers, not management. If they are flagged for any reason, a care coordinator gives them a call to check in on them and see if they need more help. Before this pilot with NeuroFlow, the military offered mental health care through traditional talk therapy and resilience training. Williams has been working as a resiliency trainer for the last 10 years, giving people tools to help them rebound from a difficult situation. However, accessing care is complicated. In order to see a therapist, service members are removed from duty, which is extremely stigmatizing. However, Williams says, it is a necessary step. “Their duty is to secure and protect, and they are on an arming roster where every day they’re expected to be able to pick up their weapon and go to work. Read More …