Saturday, August 19, 2017

Of course, they do.
Hackers Exploit Microsoft Word Auto-Updating Links To Install Spyware
A freelance security consultant and Handler at SANS Internet Storm Center has discovered a rather interesting exploit in Microsoft Word, one that allows an attacker to abuse the productivity program's ability to auto-update links.  This is a feature that is enabled by default—when you add links to external sources like URLs, World with automatically update them without any prompts.  Therein lies the issue.
   In this case, the Word files tries to access the malicious RTF file.  If it succeeds, it downloads a JavaScript payload.  According to Mertens, the link update is triggered without user interaction or without a prompt warning to the user that such an action will take place.


Getting serious about Cyber Security or merely politics?
CYBERCOM Just Got A Major Pentagon Promotion From The President
In a highly anticipated move, President Donald Trump announced on Aug. 18 that the U.S. Cyber Command would be elevated to the status of a “unified combatant command,” putting it on a par with the likes of Central Command and Special Operations Command.
   But its elevation by the president is the latest product of years of debates over how the United States should structure, support, and prioritize its cybersecurity operations — debates that will probably intensify now, rather than resolve themselves.
For example, Trump added in his statement that Defense Secretary James Mattis was looking into “the possibility of separating United States Cyber Command from the National Security Agency.”  Since its creation in 2009, CYBERCOM has lived under the NSA’s roof at Fort Meade, depended on NSA’s resources, and shared its commander with NSA, as well: The commanding officer of CYBERCOM has historically been the “dual hatted” NSA director.
There are plenty of pros and cons to a CYBERCOM-NSA split, most of which boil down to bureaucratic wranglings over who’s responsible for what and when.  But one issue that’s helped spur the divorce talk is the evolution of different missions for the two agencies.  NSA has historically operated as a “collection” entity, stealthily intercepting communications and hoovering up all the details in them.  CYBERCOM, on the other hand, has been trying its hand as a “disruption” entity, taking offensive actions against hackers and enemies.  It’s hard to run both kinds of ops on a single target through a single point of entry.


I haven’t made many comments about the capability of satellite imaging recently.  Apparently, at least one company has found even commercial grade images adequate for its purpose.
Roofr uses satellite imagery to evaluate the state of your roof
Roofr, which will be graduating from Y Combinator (YC) next week, developed a satellite imagery software that analyzes the state of your roof to determine whether it needs to be replaced.
   The Toronto-based startup offers customers a free online quote using its satellite imagery software, which takes the square footage and slope of the roof.  It is currently using a Google API to capture satellite images from Google Earth.
The team then connects customers with vetted contractors who provide full replacements for any type of roof, including cedar, slate, and metal.


Another step towards replacing lawyers with AI?  (Are you sure that’s a human Judge on the other end?) 
Chinese 'cyber-court' launched for online cases
China has launched a digital "cyber-court" to help deal with a rise in the number of internet-related claims, according to state media.
The Hangzhou Internet Court opened on Friday and heard its first case - a copyright infringement dispute between an online writer and a web company.
Legal agents in Hangzhou and Beijing accessed the court via their computers and the trial lasted 20 minutes.
The court's focus will be civil cases, including online shopping disputes.
Judges were sworn in and the first case was presented on a large screen in the courtroom.
   Defendants and plaintiffs appear before the judge not in person, but via video-chat.
   In some other countries, online portals to allow people to resolve legal disputes in cyber-space already exist.
Canada's Civil Resolution Tribunal starting accepting claims for $5,000 (£3,000) or less in British Columbia in June.


Perspective.  Because they succeeded they must be cheating? 
The walls are closing in on tech giants
Tech behemoths Google, Facebook and Amazon are feeling the heat from the far-left and the far-right, and even the center is starting to fold.
Why it matters: Criticism over the companies' size, culture and overall influence in society is getting louder as they infiltrate every part of our lives.  Though it's mostly rhetoric rather than action at the moment, that could change quickly in the current political environment.
Here's a breakdown of the three biggest fights they're facing.

(Related).  Is it really so hard to start a new company?
Trapped in Tech’s Unicorn Land
The land of unicorns looks considerably less magical these days.
Not that private investors have noticed. The IPO market remains anemic for technology companies, and the M&A market isn’t faring that much better.  Yet investors continue to pour money into venture-capital firms, and those firms continue to pour money into technology startups—even the so-called unicorns valued at more than $1 billion.


This has got to be better than forcing everyone in the room to listen to the entire score of Der Ring des Nibelungen each time you get a call.  (Okay, maybe not numbers 5 and 8)

No comments: