Actively Exploited Microsoft Office Security Flaw Has No Patch But Here’s A Workaround

Posted on June 5, 2022 by esimantiras

Actively Exploited Microsoft Office Security Flaw Has No Patch But Here’s A Workaround

source: hothardware.com | image: microsoft.com

Malware and virus threats are practically commonplace, even a daily occurrence for some users these days. Unfortunately for many users in the Microsoft ecosystem, leveraging popular Office applications is a common security attack vector for many of the ne’er-do-wells of the Internet.

In that regard, Microsoft‘s Security Response Center has issued guidance to help add preventative layers to a newly discovered critical vulnerability or error (CVE). Specifically labeled CVE-2022-30190 by Microsoft, the vulnerability does not use the previous vulnerable attack vector of macros. In fact, macros as an attack vector for malware has been mostly patched out in many recent versions of Office applications anyway.
Continue reading “Actively Exploited Microsoft Office Security Flaw Has No Patch But Here’s A Workaround” →

Security News This Week: The NSA Swears It Has ‘No Backdoors’ in Next-Gen Encryption

Posted on June 5, 2022 by esimantiras

Security News This Week: The NSA Swears It Has ‘No Backdoors’ in Next-Gen Encryption

source: wired.com | image: nsa.gov

Don’t accidentally hire a North Korean hacker, FBI warns

Posted on May 26, 2022May 25, 2022 by esimantiras

Don’t accidentally hire a North Korean hacker, FBI warns

source: theguardian.com | image: pexels.com

Employing remote IT workers who are secretly working for Kim Jong-un’s regime poses risks and may breach sanctions, say US agencies

US officials have warned businesses against inadvertently hiring IT staff from North Korea, saying that rogue freelancers were taking advantage of remote work opportunities to hide their true identities and earn money for Pyongyang.

An advisory issued by the state and treasury departments and the FBI said the effort was intended to circumvent US and UN sanctions, and bring in money for North Korea’s nuclear weapons and ballistic missile programs. The officials said companies who hired and paid such workers may be exposing themselves to legal consequences for sanctions violations.

Continue reading “Don’t accidentally hire a North Korean hacker, FBI warns” →

Scientists create graphyne, the next generation wonder material

Posted on May 26, 2022May 24, 2022 by esimantiras

Scientists create graphyne, the next generation wonder material

source: indianexpress.com | image: pexels.com

This research fills a long-standing gap in carbon material science and opens up brand new possibilities for electronics, optics and semiconductor research.

For over a decade, scientists have been trying to synthesise a new form of carbon called graphyne with next to no success. But researchers from the University of Colorado Boulder have finally succeeded in creating the elusive allotrope of carbon. This research fills a long-standing gap in carbon material science and opens up brand new possibilities for electronics, optics and semiconductor research.

The researchers have documented their process in a study titled, “Synthesis of γ-graphyne using dynamic covalent chemistry,” published in Nature Synthesis. The creation of different carbon allotropes (forms) has long interested scientists because of the element’s versatility and usefulness in various industries.

Carbon allotropes can be constructed in different ways depending on how hybrids of carbons and their corresponding bonds are utilised. The most well known such allotropes include graphite used in pencil and diamonds. They are created out of ‘sp2’ carbon and ‘sp3’ carbon respectively.

Scientists have used traditional methods to create various such allotropes over the years, including fullerene and graphene. Researchers working on these materials were awarded the Nobel Prize in Chemistry in 1996 and 2010 respectively.

But unfortunately, these methods do not allow for different types of carbon to be synthesised together in any kind of large capacity and this is required for creating graphyne. Due to this obstacle, graphyne remained a theoretical material speculated to have unique electrical, mechanical and optical properties.

Continue reading “Scientists create graphyne, the next generation wonder material” →

CISA issues rare emergency directive as ‘critical’ cyber vulnerabilities emerge

Posted on May 26, 2022May 24, 2022 by esimantiras

CISA issues rare emergency directive as ‘critical’ cyber vulnerabilities emerge

source: federalnewsnetwork.com | image: pexels.com

Agencies have until Monday to mitigate vulnerabilities in five products from VMware that permit attackers to have deep access without the need to authenticate.

The Cybersecurity and Infrastructure Security Agency issued a new emergency directive today saying the vulnerabilities in VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation, and vRealize Suite Lifecycle Manager put federal networks and systems at immediate risk.

“These vulnerabilities pose an unacceptable risk to federal network security,” said CISA Director Jen Easterly in a release. “CISA has issued this Emergency Directive to ensure that federal civilian agencies take urgent action to protect their networks. We also strongly urge every organization — large and small — to follow the federal government’s lead and take similar steps to safeguard their networks.”

Continue reading “CISA issues rare emergency directive as ‘critical’ cyber vulnerabilities emerge” →

Cyber security: Global food supply chain at risk from malicious hackers

Posted on May 26, 2022May 24, 2022 by esimantiras

Cyber security: Global food supply chain at risk from malicious hackers

source: bbc.com | image: pexels.com

Modern “smart” farm machinery is vulnerable to malicious hackers, leaving global supply chains exposed to risk, experts are warning.

It is feared hackers could exploit flaws in agricultural hardware used to plant and harvest crops.

Agricultural manufacturing giant John Deere says it is now working to fix any weak spots in its software.

A recent University of Cambridge report said automatic crop sprayers, drones and robotic harvesters could be hacked.

The UK government and the FBI have warned that the threat of cyber-attacks is growing.

John Deere said protecting customers, their machines and their data was a “top priority”.

Smart technology is increasingly being used to make farms more efficient and productive – for example, until now the labour-intensive harvesting of delicate food crops such as asparagus has been beyond the reach of machines.

Continue reading “Cyber security: Global food supply chain at risk from malicious hackers” →

Self-driving cars could be potential crime witnesses

Posted on May 14, 2022 by esimantiras

Self-driving cars could be potential crime witnesses

source: axios.com, contributed by FAN Bill Amshey | image: pixabay.com

The police in San Francisco see camera-laden autonomous vehicles as potential witnesses in their criminal investigations, setting off alarm bells for privacy advocates, VICE reports.

Why it matters: As Axios has reported, self-driving cars capture and store huge databases of images so that they can train their algorithms and become better drivers. What that means is that bystanders are often captured in the footage, raising privacy concerns.

Continue reading “Self-driving cars could be potential crime witnesses” →

A designer and a NASA Scientist Fight a $244 Billion Problem

Posted on May 14, 2022 by esimantiras

A designer and a NASA scientist team up to fight a $244 billion problem that’s hiding in plain sight

source: fastcompany.com | image: pixabay.com

The debut project from Brooklyn-based Betterlab takes aim at a condition that affects a third of people worldwide.

earsightedness doesn’t sound that scary, but more and more people around the world are suffering from its clinical name: myopia. Because of myopia, China can’t find enough pilots, while the world is losing $244 billion in productivity a year, and that’s just the beginning: By 2050, more than half the world’s population is projected to have myopia—and as many as 10% of that group will go blind from the condition.

The problem was once primarily genetic, but new cases are increasingly attributed to kids getting too much screen time and too little sunlight for the eyes to develop properly. And while research has found that preventing myopia isn’t much more complicated than spending enough time outside, a new pair of glasses developed by designer Todd Bracher and a former NASA scientist aims to fix myopia without forcing anyone to change their behavior, take drugs, or wear special prismatic lenses. They were a finalist in our recent World Changing Ideas awards.

Continue reading “A designer and a NASA Scientist Fight a $244 Billion Problem” →

FBI, CISA, and NSA warn of hackers increasingly targeting MSPs

Posted on May 14, 2022 by esimantiras

FBI, CISA, and NSA warn of hackers

increasingly targeting MSPs

source: bleepingcomputer.com, contributed by FAN Steve Page | image: pixabay.com

Members of the Five Eyes (FVEY) intelligence alliance today warned managed service providers (MSPs) and their customers that they’re increasingly targeted by supply chain attacks.

Multiple cybersecurity and law enforcement agencies from FVEY countries (NCSC-UK, ACSC, CCCS, NCSC-NZ, CISA, NSA, and the FBI) shared guidance for MSPs to secure networks and sensitive data against these rising cyber threats.

“The UK, Australian, Canadian, New Zealand, and U.S. cybersecurity authorities expect malicious cyber actors—including state-sponsored advanced persistent threat (APT) groups—to step up their targeting of MSPs in their efforts to exploit provider-customer network trust relationships,” the joint advisory reads.

Continue reading “FBI, CISA, and NSA warn of hackers increasingly targeting MSPs” →

Anatomy of a Phishing Scam…

Posted on May 14, 2022 by esimantiras

Anatomy of a Phishing Scam As Told Through Scamming the Scammer

image - phishing

source: blog.avast.com. | image: pixabay.com

to view all images associated with this blog post, go to Avast.com

Here’s a “scam the scammer” SMS conversation to highlight some of the red flags to look out for the next time your “boss” messages you.

Sometimes it feels like scammers are coming at you from every direction these days. They’re on the phone. They’re on SMS. They’re on social media. Sorting the real from the nonsense can feel like a full time job but, for some people, that “job” turns into fun.

That’s what happened recently when a professional woman in New York City decided to play around a little bit with her “boss,” (spoiler: not her boss) who was making odd requests via text. And while “scam the scammer” situations like this one are often hilarious, they’re also a great way to learn about the methodology that scammers use to trick people into giving them money.

So let’s take a look at the following “scam the scammer” SMS conversation to highlight some of the red flags to look out for the next time your “boss” messages you.

1. They set up a situation where you can’t talk to them on the phone.

“Josh” makes it clear up front that he can’t talk on the phone. Obviously there are some situations where this is legitimate — like if he was actually Josh and was actually at a conference — but “Cris,” as an employee, would likely know if her boss was out of office. The scammer is hoping that Cris doesn’t know her boss’ schedule.