A vulnerability in Microsoft's Azure cloud computing service left several thousand customers susceptible to cyberattacks. The tech giant has warned its clients of the flaw in its flagship database service Cosmos DB after it was discovered and reported by security company Wiz. In the blog post Wiz has published, it said it was able to use the vulnerability, which it has named "ChaosDB," to gain "complete unrestricted access to the accounts and databases" of thousands of Azure clients.

Azure customers, including Fortune 500 companies such as Coca-Cola and Exxon-Mobil, use Cosmos DB to manage the massive amounts of data they get in real time. The company explained that it found a series of flaws in the Cosmos DB feature called Jupyter Notebook that gives customers a way to visualize their data. That feature has been around since 2019, but it was switched on for all Cosmos DB customers just this past February. Wiz said that a series of misconfigurations in the notebook created a loophole, which allows any user "to download, delete or manipulate a massive collection of commercial databases, as well as read/write access to the underlying architecture of Cosmos DB." 

While the security company praised Microsoft for disabling the notebook within 48 hours after it was alerted about the issue and for notifying around 30 percent of its customers, it warned that more clients may be at risk. Microsoft only notified the customers that were affected during Wiz's week-long research period this early August. However, the security firm believes the vulnerability has been exploitable for months, possibly even years. It's now advising Azure customers to rotate and regenerate their access keys even if they didn't get an email from Microsoft. That said, the tech giant said it found no evidence that the flaw has been exploited. It told the customers it emailed that there's no "indication that external entities outside the researcher (Wiz) had access to the primary read-write key

As Reuters notes, this is the latest in a series of bad security news for Microsoft over the past year. In February, the tech giant has revealed that the SolarWinds hackers accessed and downloaded source code for Azure, its cloud-based management solution Intune and its mail and calendar server Exchange. The Chinese Hafnium hacking group also exploited a vulnerability in Exchange to infiltrate at least 30,000 organizations around the world, including police departments, hospitals and banks.

Streamlabs' new livestreaming tool offers streamers a new way to make money — and it won't even be taking a commission. The Logitech-owned company has launched a monthly tipping service called Streamlabs Creator Subscription, which (as you can probably guess from its name) gives streamers a way to set up a subscription service for viewers. Streamlabs says creators will get 100 percent of the tips fans give them after PayPal takes its usual processing fees. 

As The Verge notes, that makes Streamlabs Creator Subscription a more appealing option than Twitch's built-in service, which takes a 50 percent cut from the subscription fees streamers get. Especially since Streamlabs' new tipping tool can be directly integrated into its popular OBS software suite anyway. The OBS software can be used to stream not just on Twitch, but also on YouTube, Facebook and TikTok. 

Streamlabs will let creators decide on what kind of subscription service they want to offer their fans, and they can also set specific price points. If they choose, however, they can allow viewers to choose how much to contribute every month. Fans will get "redeemable alerts" in exchange for their contributions, and they can use those if they want their favorite streamer to thank them on screen. Streamlabs will also be adding leaderboards and badges in the coming weeks to encourage fans to support their favorite creators.

Ashray Urs, Head of Product at Streamlabs, said in a statement: 

"As the live streaming industry has grown, so has the need for a sustainable revenue model. Currently, most major streaming platforms provide viewers with a way to subscribe to a channel; however, they usually split the revenue from the subscription in half between the creators and platform. In addition, platforms require a creator to meet certain qualifications before they can unlock the ability for viewers to subscribe. Streamlabs Creator Subscription is open for anyone with a Streamlabs tip page, regardless of size or how often they stream."

The main Bravely Default games are famously known for being Nintendo exclusives, and the latest entry in the franchise launched only for the Switch. Pretty soon, though, you'll be able to play Bravely Default II on a non-Nintendo device: The third main installment in the JRPG series will be available on Steam starting on September 2nd. 

Bravely Default II was slated for release last year until Nintendo of America announced that its launch date was going to be pushed back to February 26th, 2021. The two main entries in the franchise before it, Bravely Default and Bravely Second: End Layer, were both Nintendo 3DS exclusives. It didn't come as a surprise that the game was going to be released only for the Switch, but now you'll also also be able to give the game a try even if you don't have the console.

The game is set in a world separate from its two prequels, on continent named Excillant that's divided into five kingdoms. It features a new story with a new set of characters on a quest to retrieve the stolen crystals of the four elements. The title set you back $60 on Steam, but it's currently available for a 10 percent discount if you pre-order. In case you'd still prefer playing it on Switch, though, Bravely Default II physical copies are on sale for $30 on Amazon right now.

Amazon is adding more titles to the list Prime Gaming subscribers can claim for free starting on September 1st. One of the latest additions is Knockout City, a recent release from Velan and EA. It's a cross-platform dodgeball brawler launched in May that's already available through Xbox Games Pass Ultimate and EA Play. The game is also free to play until level 25, but Prime Gaming users who want to keep playing until after they reach it will now be able to grab the title at no additional cost. 

In addition, subscribers can still claim Lucasfilm Games' Sam & Max: Hit The Road beyond September 1st. The game has been free for subscribers since July, but like the studio's Indiana Jones and the Fate of Atlantis, it was supposed to be removed from the list after that date. Sam & Max: Hit The Road is based on a comic featuring an anthropomorphic detective dog and a rabbit-like creature. Completing the list games that will available for free starting on September 1st are Candleman The Complete Journey, Puzzle Agent, Secret Files 2: Puritas Cordis, Tools Up! and Unmemory.

Subscribers will also get access to new loot for popular open-world RPG Genshin Impact. Namely: 60x Primogems, 8x Hero's Wit and 5x Calla Lily Seafood Soup. New loot also awaits Madden NFL 22, Fall Guys, Red Dead Online, Brawlhalla, Apex Legends, Grand Theft Auto Online and Rogue Company players. These freebies will be available at different dates throughout the month and will be up for a limited time only. Subscribers can check the official Amazon Prime Gaming website for the offers' start and end dates.

Google's YouTube Music app for Wear OS is now live, a few months after the tech giant promised to release one for the platform. That certainly sounds like great news for users who've been waiting for it after Google retired Play Music for Wear OS in 2020. The bad news is, as noted by 9to5Google, it only currently works on Google's Wear OS 3 platform. Samsung's Galaxy Watch 4 and Galaxy Watch 4 Classic wearables, which will be available on August 27th, will be the only devices that will be running the OS in the foreseeable future. 

The company killed off the Play Music app for Wear OS watches back in August 2020, weeks before it completely shut the service down in favor of YouTube Music. It quickly released a YouTube Music app for the Apple Watch, but Wear OS users have had to wait for their turn. And, based on what we know now, they may have to continue waiting, unless they're set to get Samsung's new smartwatches tomorrow. In comparison, Spotify's Wear OS app works even on older smartwatches and can be used to stream and download music.

In addition to extremely limited compatibility, the app can't actually be used to stream music. According to 9to5Google's hands-on experience, users will only be able to download tracks on the app. Further, the phone must be plugged in to be able to download anything. For those not bothered by all those limitations and will soon have access to a Galaxy Watch 4, the app is now available on Google Play.

The Government Accountability Office has revealed in a new report that 10 federal agencies are planning to expand their use of facial recognition. In a survey involving 24 federal agencies on their use of facial recognition technology, the Agriculture, Commerce, Defense, Homeland Security, Health and Human Services, Interior, Justice, State, Treasury and Veterans Affairs departments told GAO that they're planning to use facial recognition in more areas through fiscal year 2023. 

As The Washington Post notes, most agencies already use facial recognition to give their personnel access to their phones and computers. However, there's a growing number of agencies using it to investigate crime and to track people. The Department of Agriculture apparently wants to monitor the live feeds at its facilities and scan for individuals in the watch list. Another agency wants to use it to automate identity verification for travelers at airports. 

The agencies are planning this expansion despite the strengthening pushback against facial recognition systems. They're still far from being perfectly accurate, especially when identifying women and POCs, and have led to false arrests in the past. In Detroit, their use led to the wrongful arrest of two men last year, both of whom are Black. The states of Massachusetts, Maine and Virginia banned law enforcement from using facial recognition. At the same time, several cities across the US, including Portland, Oregon, had also restricted their use. GAO's report noted, however, that "recent advancements in facial recognition technology have increased its accuracy and its usage."

Ten of GAO's respondents have also revealed they've been involved in the research and development of facial recognition tech. For instance, they're looking into the technology's ability to identify individuals wearing masks and to detect image manipulation. In addition, several agencies, including the Justice Department, the Air Force and Immigration and Customs Enforcement, admitted to using Clearview AI. Clearview has been under fire for scraping people's images from social networks over the past years without the companies' knowledge or consent to build its database. As of last year, the system, which can identify people in real time, was reportedly in use by 600 police departments across the US, including the FBI and DHS.

The FCC has proposed the largest fine yet under the Telephone Consumer Protection Act, and the subjects are two robocallers Law & Crime describes as "hard-right hoaxers." John M. Burkman and Jacob Alexander Wohl are facing a $5,134,500 fine for allegedly making 1,141 unlawful pre-recorded calls to mobile phones without the recipients' prior consent. The calls' content? Fake information designed to discourage people from voting by mail. 

According to the commission's Enforcement Bureau, the calls were made on August 26th and September 14th, 2020, prior to last year's Presidential elections in the US. The robocalls told potential voters that if they vote by mail, their personal information will be added to a public database law enforcement can use to track down old warrants. Credit card companies will also be able to access the database to collect outstanding debts, the calls said, and the CDC can issue mandatory vaccines on the people in the list. Law & Crime says the calls primarily targeted Black and Latino populations in New York, Ohio and Michigan.

The FCC started investigating the calls after receiving complaints from consumers and a non-profit organization. Its Enforcement Bureau then worked with the Ohio Attorney General's Office to identify the dialing service providers Burkman and Wojl used. The providers turned over subpoenaed call records to identify Burkman and Wohl by name, along with information on the zip codes they wanted to target. Both individuals also admitted under oath that they were involved in the creation and distribution of those particular robocalls.

In addition to facing a $5 million fine from the FCC, the pair also face a $2.75 million lawsuit from the New York Attorney General's office. Back in May, a federal judge gave the NY AG the go-ahead to join a lawsuit accusing the pair of violating the Ku Klux Klan Act, which protects Americans from political intimidation. As for the FCC fine, Burkman and Wohl will be given an opportunity to submit evidence and legal arguments before the commission takes any more step towards a resolution.

Don't unlock your new Samsung Galaxy Fold 3's bootloader if you don't know what you're getting into, or you may just regret it. According to XDA-Developers, the foldable device shows a warning when you attempt to unlock its bootloader, telling you that doing so "will cause the camera to be disabled and may cause your phones and apps to stop working correctly." Indeed, that's exactly what happens when you do go through with the process to gain root access and modify the device's software.

After unlocking the bootloader, you'll notice that the stock camera app will fail to operate. You'll no longer be able to fire it up to take photos, and the apps on your phone that use the camera won't be able to access it, as well. Those apps — yes, including third-party camera apps — just remain dark or time out after a while, so there's no workaround. In fact, all camera-related features will cease to function, including facial recognition. 

We've reached out to Samsung for a statement and were told that the company has nothing to share right now. As the publication notes, Samsung has always made it difficult to root its phones: Modifying the device's software already voids your warranty and kills Samsung Pay. This is next level protection, though — and perhaps a most effective one — considering most people at this point in time frequently use their phones as cameras. XDA says re-locking the bootloader will also re-enable the Galaxy Fold 3's camera, so all won't be lost if you do decide to try it out and poke around for a solution yourself.

Facebook has started testing a feature that gives users a way to place voice and video calls from within the main app itself, according to Bloomberg. Like with any of the social network's experiments, it will only be available to a limited number of accounts. But those who do get access to the test will be able to call friends on the platform without having to fire up the Messenger app. 

As the publication notes, this looks like a move Facebook is exploring to further streamline its services that include Messenger, which became a separate app in 2014, and WhatsApp. Connor Hayes, director of product management at Messenger, told Bloomberg that it's meant to reduce the need to jump back and forth between the company's main app and its Messenger service.

Facebook already has plans to unify its messaging apps. In September 2020, it enabled the ability to chat and send messages between Instagram and Messenger, and the social network previously said that WhatsApp would also get inter-app messaging capabilities. The company tested putting a simpler version of Messenger within the main app last year, as well. That's something the social network been considering since at least 2019 when Jane Manchun Wong found an experimental feature that takes users straight to a "Chats" section when they tap on the messaging icon. Currently, doing so automatically opens the Messenger app. 

Hayes told the publication that Facebook now considers Messenger as a service instead of a standalone app. We may see more of its technologies across the company's other apps in the future — in fact, Instagram, Oculus and Portal devices already use Messenger's technology for voice and video calls. "You’re going to start to see quite a bit more of this over time," he said.

EA won't be filing any lawsuit against other developers that use the patented accessibility mechanics it uses in its games. The video game giant has announced that it's making a Patents Pledge, which gives rival developers free access to any of its accessibility-related technologies. While not all gameplay mechanics are patented, some companies have taken to making sure competitors aren't legally allowed to use their technologies. Critics condemn the practice, accusing the companies of stifling creativity and innovation in the industry. EA at least won't be suing anybody that incorporate its accessibility features in their games, including Apex Legends' "ping" system.

The feature gives players in the same team a way to communicate with each other without using voice chat. They can simply tap buttons to tell their teammates where they are on a map, to alert others of a threat or to tag targets. Supposedly, Epic Games borrowed Apex's ping system for Fortnite. The Patents Pledge also covers at least four more EA features, three of which make video games more accessible to players with vision issues. Those technologies, already in use in the Madden NFL and FIFA franchises, can automatically detect colors and then modify their brightness and contrast to make them more visible. 

The last patent in the five EA specifically mentioned covers a technology allowing players with hearing issues to modify or create their own music. EA says it will add any future accessibility patents to the pledge and that it hopes the move can "encourage others to build new features that make video games more inclusive."

Chris Bruzzo, EA's EVP of Positive Play, Commercial and Marketing, said in a statement: 

"At Electronic Arts, our mission is to inspire the world to play. We can only make that a reality if our video games are accessible to all players. Our accessibility team has long been committed to breaking down barriers within our video games, but we realize that to drive meaningful change, we need to work together as an industry to do better for our players.

We hope developers will make the most of these patents and encourage those who have the resources, innovation and creativity to do as we have by making their own pledges that put accessibility first. We welcome collaboration with others on how we move the industry forward together."