Mac malware that can tap into live webcam and mic feeds

Security is hard, and the bad guys are clever.

Security researcher and former NSA staffer Patrick Wardle is this afternoon demonstrating a way for Mac malware to tap into live feeds from the built-in webcam and microphone. His presentation is being delivered at the Virus Bulletin conference in Denver later today.

Although any unauthorized access to the webcam will light the green LED – a firmware-level protection that is exceedingly difficult to bypass – Wardle’s presentation shows how a malicious app can tap into the outgoing feed of an existing webca

Source: Former NSA staffer demonstrates Mac malware that can tap into live webcam and mic feeds | 9to5Mac

The Crash Of 3D Robotics

3DR has seen better days. Sad to see them pivot, I really wanted a US-based drone company to do well.

While it may prove fruitful, 3D Robotics’ pivot puts it in direct competition with a host of Silicon Valley startups, including Kespry, DroneDeploy and others that have raised millions of dollars on the original intent of developing software solutions for companies. 3D Robotics must play catch up and it may not have the resources to do so. In June, a document filed with the Securities and Exchange Commission showed that the company raised $26.7 million in debt and warrants.

“We’re not making anymore Solos and we’re not going to make another drone,” said Anderson, who suggested that 3D Robotics would start developing software for other drone makers. “I love the idea of other companies making hardware so we don’t have to and we can focus on the software and services side. We’re a Silicon Valley company and we’re supposed to be doing software and there are Chinese companies that are supposed to be doing hardware.”

Source: Behind The Crash Of 3D Robotics, North America’s Most Promising Drone Company

Source Code for IoT Botnet ‘Mirai’ Released

The source code that powers the “Internet of Things” (IoT) botnet responsible for launching the historically large distributed denial-of-service (DDoS) attack against KrebsOnSecurity last month has been publicly released, virtually guaranteeing that the Internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices.

Source: Source Code for IoT Botnet ‘Mirai’ Released — Krebs on Security