Instagram down updates — Thousands of users report issues with app, website and logging in today
Instagram releases statement
After a Meta spokesperson told The U.S. Sun that Instagram was working to get “back to normal” quickly, another statement was released.
“Earlier today, a technical issue caused some people to have trouble accessing Instagram,” Meta said in a statement.”
“We resolved the issue as quickly as possible for everyone who was impacted, and we’re sorry for any disruption this has caused.”
New Security Warning Issued For Google's 1.8 Billion Gmail Users – Forbes
06/05 Update below. This post was originally published on June 3
The security of Gmail has always been one of its biggest selling points, but now one of its most important new security features is actively being used by hackers to scam users
Introduced last month, the Gmail checkmark system highlights verified companies and organizations to users with a blue checkmark. The idea is to help users discern which emails are legitimate and which may have been sent by impersonators running scams. Unfortunately, scammers have tricked the system.
Spotted by cybersecurity engineer Chris Plummer, scammers have found a way to convince Gmail that their fake brands are legitimate. Thereby using the confidence the checkmark system is supposed to instill against Gmail users.
“The sender found a way to dupe @gmail ’s authoritative stamp of approval, which end users are going to trust,” explains Plummer. “This message went from a Facebook account, to a UK netblock, to O365, to me. Nothing about this is legit.”
Plummer reports that Google initially dismissed his discovery as “intended behaviour” before his tweets about it went viral, and the company acknowledged the error. In a statement to Plummer, Google wrote:
“After taking a closer look we realized that this indeed doesn’t seem like a generic SPF vulnerability. Thus we are reopening this and the appropriate team is taking a closer look at what is going on.
We apologize again for the confusion and we understand our initial response might have been frustrating, thank you so much for pressing on for us to take a closer look at this!
We’ll keep you posted with our assessment and the direction that this issue takes.
Regards, Google Security Team”
Plummer highlights that Google has now listed the flaw as a ‘P1’ (top priority) fix, which is currently “in progress.”
Immense credit goes to Plummer, not just for his discovery, but for the lengths he went to to make Google acknowledge the problem. That said, until Google has a fix, the Gmail checkmark verification system remains broken and is being used by hackers and spammers to trick you with the exact thing it was meant to combat. Stay vigilant.
06/05 Update: security researchers are beginning to understand how Gmail’s checkmark verification system is being tricked and how it applies to other email services. In a blog post, debugger Jonathan Rudenberg revealed he was able to replicate the hack on Gmail, explaining:
“Gmail’s BIMI implementation only requires SPF to match, the DKIM signature can be from any domain. This means that any shared or misconfigured mail server in a BIMI-enabled domain’s SPF records can be a vector for sending spoofed messages with the full BIMI ✅ treatment in Gmail…
BIMI is worse than the status quo, as it enables super-powered phishing based on a single misconfiguration in the extremely complicated and fragile stack that is email.”
Rudenberg also published results for BIMI implementations on other major email services, stating:
- iCloud: properly checks that DKIM matches the From domain
- Yahoo: only attaches BIMI treatment to bulk sends with high reputation
- Fastmail: vulnerable but also supports Gravatar and uses the same treatment for both so the impact is minimal
- Apple Mail + Fastmail: vulnerable with a dangerous treatment
Yes, this means Apple Mail and Fastmail users must also be vigilant, though they don’t run the same verified checkmark system as Gmail. There has been a highly critical response to this vulnerability from the security community, with questions raised about how this was allowed to happen and how poorly implemented the Gmail verification method is. Google needs a fix ASAP.
Follow Gordon on Facebook
More On Forbes
What's Trending Today: Apple WWDC Event, Hollywood Deal, Unruly Delta Air Passenger, Zhang Wins LPGA – Financial Post
(Bloomberg) — Welcome to Social Buzz, a daily column looking at what’s trending on social media platforms. I’m Caitlin Fichtel, an editor on Bloomberg’s Breaking News team, which monitors everything from company statements to tweets from some of the most prominent people in the financial world. Here’s your daily look at what the internet is talking about.
Apple Inc.’s next big thing is finally here, with the company set to announce its mixed-reality headset at its Worldwide Developers Conference, better known as WWDC, on Monday. The headset has the potential to usher in a new era: It could kick off the shift to a different interface that upends how people work, play games and entertain themselves. Investors will be keen to see how it all plays out with shares of the tech behemoth trading higher this morning, putting them on pace to close at a record high ahead of this product launch.
The Directors Guild of America reached a tentative agreement with the Alliance of Motion Picture and Television Producers, which represents Hollywood studios, a victory for one of several entertainment industry unions seeking adjusted contracts this summer. The tentative agreement reached Saturday will allocate a 5% wage increase in the first year of contract, 4% in the second year and 3.5% in the third year, according to a statement from the union, DGA. The deal also says that generative AI cannot replace duties performed by members as the technology isn’t considered a person.
A passenger on a Delta Air Lines Inc. flight from Paris, France, to Detroit, Michigan, is facing criminal charges after his disruptive behavior caused the plane to be diverted to Canada, CNN reported, citing police. The 34-year-old man was acting in an “unruly manner” and was believed to be under the influence of alcohol according to the Royal Canadian Mounted Police. He was arrested by the RCMP and is facing charges of endangering an aircraft.
Dame Jacinda Ardern
Former Prime Minister of New Zealand Jacinda Ardern was awarded the title of dame for her service to the country, The New York Times reported. The accolade — Dame Grand Companion of the New Zealand Order of Merit — was given to Ardern for her work during the coronavirus pandemic and the terrorist attacks in Christchurch.
Rose Zhang won the LPGA Tour, becoming the first player to win in a pro debut in 72 years. Her stunning win drew congratulatory tweets from other professional sports players including Tiger Woods: “Incredible few weeks for Rose Zhang, defends her NCAA title and then wins in her Pro debut.”
Terminal users can sign up to receive this daily piece in their inbox by clicking here.
—With assistance from Mark Gurman, Ryan Vlastelica and Alicia Diaz.
Apple expected to reveal mixed-reality headset at developer conference – The Globe and Mail
Apple Inc AAPL-Q is expected to unveil a mixed-reality headset at its annual software developer conference on Monday, its first big move into a new product category since the introduction of the Apple Watch nine years ago.
The launch will see Apple test a market crowded with devices that have yet to gain traction with consumers and put it in direct competition with Facebook-owner Meta Platforms META-Q.
Like Meta’s Quest Pro from last year and Quest 3 announced last week, Apple’s device is likely to blend a video feed from the outside world with a virtual world displayed on screens inside the headset.
Analysts expect Apple’s headset to come with premium features including a high-quality display and hand-tracking so it can be controlled without an external controller. It’s also likely to cost much more than the planned $500 Quest 3.
Investors and tech fans alike will be focusing on how much Apple’s view of the virtual reality market overlaps with Meta’s. Meta Chief Executive Mark Zuckerberg has outlined his vision for using headsets to dip in and out of a “metaverse” where people can meet virtually to work, play and spend.
In addition to Meta, Sony Group Corp and ByteDance-owned Pico both recently released virtual reality devices.
Research firm IDC said companies sold a total of 8.8 million headsets last year, down 20.9 per cent from 2021. In the first quarter of 2023, sales more than halved.
Apple’s presentation on Monday is mostly aimed at sparking the imaginations of the thousands of software developers who will stream into Apple Park for a keynote address at 1 p.m. Eastern Time (1700 GMT).
Apple will also deliver updates on its operating systems for iPhones, iPads and Mac computers.
Investors will also look for updates on CarPlay, Apple’s software for vehicles, which the company said last year would start to power more dashboard functions.
CAMH Study Confirms Ongoing Brain Inflammation Associated With Long COVID – muskoka411.com – Muskoka 411
Wall Street’s Blackstone Made Billions in Real Estate Bet on Urban Warehouses – Bloomberg
Brent may rise toward $100/bbl as Saudi output cut could worsen supply gap – analysts – Yahoo Finance
Silver investment demand jumped 12% in 2019
Iran anticipates renewed protests amid social media shutdown
Search for life on Mars accelerates as new bodies of water found below planet’s surface
Science12 hours ago
Behind Galactic Bars: Webb Telescope Unlocks Secrets of Star Formation
News12 hours ago
Why are mosquitoes so bad in 2023?
Tech22 hours ago
‘Diablo 4’ Patch Notes Bring Fast Barbarian, Druid, Rogue Nerfs, Necro Buffs
Tech10 hours ago
Diablo 4 Received Its First Big Patch and It’s All About Class Balance
News18 hours ago
Toronto’s Future: A Crap Shoot.
Economy23 hours ago
Can market veteran Simsek pull Turkey’s economy back from brink?
Economy22 hours ago
Canada’s largest solar farm, GDP growth and an immigrant jobs boom: Must-read business and investing stories
Tech11 hours ago
Apple prepares for game-changing WWDC 2023: Mixed reality headset and new features in the spotligh