Tag:

trusted

Can Google be trusted without a break up?
Gaming Gear

Can Google be trusted without a break up?

by admin


On day three of the two-week remedies trial in the Justice Department’s ad tech case against Google, Judge Leonie Brinkema boiled down the argument to one key issue: trust. Brinkema interrupted testimony from a DOJ expert with a hypothetical: should she issue a strict order modifying Google’s behavior, could it resolve the issues at hand if “you had confidence that Google would actually act in complete good faith?”

The question felt particularly pointed, given how the Google trial Brinkema presided over last year unfolded. Over three weeks, the DOJ repeatedly presented examples of Google employees allegedly using chat messages to avoid leaving a paper trail for discovery. Brinkema later said the practice represented “systemic disregard of the evidentiary rules.” While she opted not to sanction Google for its lax approach to preserving evidence, she warned not to take its decision as condoning the behavior.

Soon, Brinkema will decide how hard to crack down on the monopoly that she ruled Google holds in ad tech. That decision may hinge on whether she thinks it will follow the rules this time.

Google’s remedies proposal involves a court order banning specific business practices and requiring it to engage in the ad auction process in ways similar to its rivals. But the DOJ says that leaves it easily capable of monopolizing the market again. The government wants to take power out of Google’s hands altogether by making it spin off ad exchange AdX and open source part of (and possibly even sell) its DFP tool for web publishers.

It’s the second time in just a few months that a judge has faced the question of breaking up Google. In a separate case over Google’s search monopoly, Judge Amit Mehta declined to do so, opting for lower-lift remedies like banning anticompetitive practices and sharing data. The facts that led Mehta to decide against a break up have no bearing on this case, the government argued in its opening statement. Still, Brinkema’s ruling could be an indicator of how widely judges share Mehta’s caution, as more cases against Big Tech companies roll toward a trial.

“The devil is in the details”

The DOJ was still in the midst of its case-in-chief on Friday, but Google’s attorneys were already driving at their core argument: that the government is underselling how difficult and risky its asks are. Google advertising executive Tim Craycroft testified that the DOJ’s proposals were “naive” and “incoherent.” This line of thinking seemed to land with the judge by mid-week. “The devil is in the details,” she said during the testimony of Jonathan Weissman, the DOJ’s expert witness on the technical feasibility of a break up. After he compared changing Google’s ad tech tools to changing tires on a car, Brinkema noted that a change to snow tires could result in a “bumpier” ride for the user.

But during Craycroft’s testimony, Brinkema appeared to entertain an even more extreme option the government hadn’t asked for: shutting down AdX altogether. This was apparently something Google itself considered within the past few years in an analysis it called “Project Monday,” Craycroft said.

“Why is that not a very simple and elegant solution?” Brinkema asked, after Craycroft noted that another Big Tech company could buy AdX and create its own monopoly. Though several ad exchanges exist today, the court found they’ve been denied a level playing field because of tactics like reserving full real-time bidding access to Google’s huge advertiser base through its own tools. Publishers testified in the liability trial that made it nearly impossible to leave, even though AdX was charging a supracompetitive take rate of 20 percent on transactions. Craycroft told the judge that deprecating AdX could be an elegant solution, but that would also get rid of other helpful features in the product.

Brinkema made clear she wants to learn what’s actually possible, as she considers options for leveling the playing field without harming publishers and advertisers who rely on Google products.

Google found a so-called business divestiture of AdX would be feasible within two years, Craycroft said, including offloading IP, moving customer contracts, and providing reference code to guide the buyer through duplicating product functions in its own systems. But he stressed Google couldn’t realistically provide source code guaranteed to work in an unknown buyer’s tech stack, as the DOJ requests. Former Facebook capacity engineer Goranka Bjedov, who helped migrate Instagram and WhatsApp during their acquisitions, testified that the reference source code would be sufficient for a full migration. If Brinkema finds a divestiture is possible, she’ll have to decide if she trusts Google enough not to force one.

Even after helping Google’s attorneys craft their remedies proposals, Craycroft told DOJ attorney Matthew Huppert that he could not commit to lowering AdX’s 20 percent take rate, which the judge had ruled to be above a competitive level, and said a tie between DFP and access to AdX real-time bidding, a sticking point for publishers, was “just how the product was built.”

The answer to Brinkema’s question about trust wasn’t necessarily reassuring for Google. Robin Lee, the Harvard economist she asked, said the problem was how many different ways Google could get around the intentions behind a court order. Lee said there’s an almost unpredictably exhaustive list of methods for tilting the scales in Google’s favor, and it’s got every incentive to take them.

Longtime Google critics were disappointed after Mehta’s ruling didn’t include a breakup. If Brinkema reaches a similar conclusion, The Trade Desk Chief Revenue Officer Jed Dederick testified, “I think there will be a sense that they got away with it.”

Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.

  • Close

    Lauren Feiner

    Posts from this author will be added to your daily email digest and your homepage feed.

    PlusFollow

    See All by Lauren Feiner

  • AntitrustClose

    Antitrust

    Posts from this topic will be added to your daily email digest and your homepage feed.

    PlusFollow

    See All Antitrust

  • GoogleClose

    Google

    Posts from this topic will be added to your daily email digest and your homepage feed.

    PlusFollow

    See All Google

  • PolicyClose

    Policy

    Posts from this topic will be added to your daily email digest and your homepage feed.

    PlusFollow

    See All Policy

  • ReportClose

    Report

    Posts from this topic will be added to your daily email digest and your homepage feed.

    PlusFollow

    See All Report

  • TechClose

    Tech

    Posts from this topic will be added to your daily email digest and your homepage feed.

    PlusFollow

    See All Tech



Source link

0 comments
0 FacebookTwitterPinterestEmail
A hacker in a Guy Fawkes mask using an Apple MacBook.
Gaming Gear

Fraudulent GitHub Pages impersonate trusted companies to trick Mac users into installing malware, leaving financial and personal data at risk

by admin



  • Atomic Stealer malware installs silently via fake GitHub Pages targeting Mac users
  • Attackers create multiple GitHub accounts to bypass platform takedowns repeatedly
  • Users copying commands from unverified websites risk serious system compromise

Cybersecurity researchers are warning Apple Mac users about a campaign using fraudulent GitHub repositories to spread malware and infostealers.

Research from LastPass Threat Intelligence, Mitigation, and Escalation (TIME) analysts found attackers are impersonating well-known companies to convince people to download fake Mac software.

Two fraudulent GitHub pages pretending to offer LastPass for Mac were first spotted on September 16 2025 under the username “modhopmduck476.”


You may like

How the attack chain works

While these particular pages have been taken down, the incident suggests a broader pattern that continues to evolve.

The fake GitHub pages included links labeled “Install LastPass on MacBook,” which redirected to hxxps://ahoastock825[.]github[.]io/.github/lastpass.

From there, users were sent to macprograms-pro[.]com/mac-git-2-download.html and told to paste a command into their Mac’s terminal.

That command used a CURL request to fetch a base64-encoded URL that decoded to bonoud[.]com/get3/install.sh.

The script then delivered an “Update” payload that installed Atomic Stealer (AMOS malware) into the Temp directory.

Atomic Stealer, which has been active since April 2023, is a known infostealer used by financially motivated cybercrime groups.

Investigators have linked this campaign to many other fake repositories impersonating companies ranging from financial institutions to productivity apps.


You may like

The list of targeted names includes 1Password, Robinhood, Citibank, Docker, Shopify, Basecamp, and numerous others.

Attackers appear to create multiple GitHub usernames to bypass takedowns, using Search Engine Optimization to push their malicious links higher on search results in Google and Bing.

This technique increases the chances that Mac users searching for legitimate downloads will encounter the fraudulent pages first.

LastPass states it is “actively monitoring this campaign” while working on takedowns and sharing indicators of compromise to help others detect threats.

The attackers’ use of GitHub Pages reveals both the convenience and the risks of community platforms.

Fraudulent repositories can be set up quickly, and while GitHub can remove them, attackers often return under new aliases.

This cycle raises questions about how effectively such platforms can protect users.

How to stay safe

  • Only download software from verified sources to avoid malware and ransomware risks.
  • Avoid copying commands from unfamiliar websites to prevent unauthorized code execution.
  • Keep macOS and all installed software up to date to reduce vulnerabilities.
  • Use the best antivirus or security software that includes ransomware protection to block threats.
  • Enable regular system backups to recover files if ransomware or malware strikes.
  • Stay skeptical of unexpected links, emails, and pop-ups to minimize exposure.
  • Monitor official advisories from trusted vendors for timely security updates and guidance.
  • Configure strong, unique passwords and enable two-factor authentication for important accounts.

You might also like



Source link

0 comments
0 FacebookTwitterPinterestEmail
Logitechsuperlight2
Game Reviews

Logitech G’s Gaming Mouse Trusted by League of Legends Pros Hits Record Low After Several Price Drops

by admin


If you’re sitting at your desk, do me a favor and look around for a moment. What’s your setup look like? Do you have a good keyboard? How are your speakers? How big is your monitor? Is there more than one? When it comes to PC gaming, there’s so may areas you can upgrade, and we didn’t even cover the stuff under the hood like your GPU and CPU. with all the shiny, new products you can buy level up your space, it’s easy to overlook something small but important—the mouse.

Your mouse is 50% off how you’re interacting with the games you play, assuming you use mouse and keyboard. It’s time to ditch that ten dollar mouse you picked up in the checkout lane of Staples, and get something solid. The Logitech G Pro X SuperLight 2 wireless gaming mouse right now goes for $180. However, an Amazon limited time deal is currently bringing it down to just $130. That 28% discount saves you $50.

See at Amazon

For the Pros, By the Pros

This Logitech mouse was engineered to be your optimal gaming peripheral. Professional e-sports players were consulted in designing the mouse with rigorous hands-on testing to ensure every curve and click is unmatched.

Designed for speed and precision, this gaming mouse from Logitech has a powerful sensor—the HERO 2—capable of an 8 kHz polling rate, an 88g acceleration, an 888 IPS speed, and up to 44,000 DPI sensor calibration. It uses zero-additive PTFE mouse feet, which allows the mouse to glide smoothly across your desktop.

With the Logitech G Pro X SuperLight 2, you get five different programmable buttons which can be mapped to anything and allowing you to act more quickly to enemies in League of Legends or whatever is your game of choice.

This mouse has a crazy 95-hour battery life. So long as you remember to plug it in every few gaming sessions, you’ll never have to worry about it dying on you. If your gaming sessions are somehow longer than that, well it may be time to go touch grass. It charges over USB-C.

This Logitech gaming mouse is compatible with both Mac and PC and you have your choice of either black or white. There is a sleek magenta option as well, but that one is unfortunately not part of the sale. So long as you go black or white, you’ll get the mouse for a cool $50 discount. That brings the price down for as limited time from $180 to just $130.

See at Amazon



Source link

0 comments
0 FacebookTwitterPinterestEmail
Discord Communities Targeted by Scammers Posing as Trusted Friends
Crypto Trends

Discord Communities Targeted by Scammers Posing as Trusted Friends

by admin



Last month, crypto user and NFT artist Princess Hypio told her followers she lost $170,000 in crypto and non-fungible tokens after a scammer convinced her to play a game with them on Steam. 

While she was “mindlessly” playing with the scammer, they were secretly stealing her funds and hacking her Discord. The same tactic was used on three of her other friends, she wrote in a post on Aug. 21 on X. 

Source: Princess Hypio

It turns out, the tactic has been around for a while and is known by some as the “try my game” scam, which users have been reporting for years in different forms.

Speaking to Cointelegraph, Kraken’s chief security officer, Nick Percoco, said these methods have become an increasingly popular attack method

“Try my game” hack: How it works 

The crypto version of the scam involves a hacker joining a Discord server or group, lying in wait, learning about how users interact with each other and later using that information to gain trust.

The hacker then asks users if they own crypto or NFTs, often feigning interest to ask questions and gauge what digital assets they might own. In Princess Hypio’s case, they had a Milady NFT, which resulted in her being targeted.

After identifying a target with crypto, the hacker invites victims to play a game, sending a link to a server with Trojan malware that provides access to user devices, which allows them to steal personal information and drain any connected wallets.

In Princess Hypio’s case, the ploy involved convincing her to download a game on Steam by offering to buy it for her. The game itself was safe, but the server on which the game was being hosted was malicious.

She lost $170,000 from the attack, she said.

It comes only days after Discord released its deceptive practices policy explainer, warning that promoting or carrying out financial scams on the social platform violates the terms of use. 

“These scams do not exploit code; they exploit trust. Attackers impersonate friends and pressure people into taking actions they normally would not take,” said Percoco. 

“The biggest vulnerability in crypto is not code, it is trust. Scammers exploit community spirit and curiosity to take advantage of good intentions.” 

Attackers embed themselves in communities, learn the culture, mimic trusted friends, and then strike, he said. 

Scammer tactic moving past crypto 

In February, a user under the handle RaeTheRaven posted to the Malwarebytes forum that they had fallen prey to the “infamous scam” after someone they thought was a friend sent a link. A Reddit forum that started in July also warned of scams targeting gamers. 

Another person reported being hit with the scam back in July, which resulted in a ransomware demand. Source: Malwarebytes

Percoco told Cointelegraph that while the crypto industry tends to see these scams first, the tactic spreads across sectors.

He said the best way to avoid being snared is to have a “healthy skepticism,” confirm identities through another channel, avoid running unknown software, and remember that “doing nothing is safer than taking a risky step.”

“If something feels rushed, generous, or too good to be true, it almost always is. Do not trust, verify.” 

Fake recruitment campaigns even worse 

However, Percoco also said that while the Discord scams are on the rise, a more widespread trend in crypto currently involves fake recruiters. 

Related: North Korean hackers target crypto devs with fake recruitment tests

In a recent June case, a North Korea-aligned threat actor targeted job seekers in the crypto industry with malware designed to steal passwords for crypto wallets and password managers.

“Discord impersonation is rising quickly, but the most widespread trend we are tracking today is fake recruitment campaigns where victims are lured with job offers and tricked into clicking phishing links,” Percoco said.

 Magazine: XRP ‘cycle target’ is $20, Strategy Bitcoin lawsuit dismissed: Hodler’s Digest, Aug. 24 – 30



Source link

0 comments
0 FacebookTwitterPinterestEmail
Close