Hackers Exploit Microsoft Word Auto-Updating Links To Install
Spyware
A freelance security consultant and
Handler at SANS Internet Storm Center has discovered a rather interesting
exploit in Microsoft Word, one
that allows an attacker to abuse the productivity program's ability to auto-update
links. This is a feature that is enabled by default—when you add links
to external sources like URLs, World with automatically update them without any
prompts. Therein lies the issue.
… In this case,
the Word files tries to access the malicious RTF file. If it succeeds, it downloads a JavaScript
payload. According to Mertens, the link
update is triggered without user interaction or without a prompt warning to the
user that such an action will take place.
Getting serious about Cyber Security or merely politics?
CYBERCOM Just Got A Major Pentagon Promotion From The
President
In a highly anticipated move, President Donald Trump announced on Aug. 18 that the U.S. Cyber Command would be
elevated to the status of a “unified combatant command,” putting it on a par with the likes of Central Command and Special Operations
Command.
… But its
elevation by the president is the latest product of years of debates over how
the United States should structure, support, and prioritize its cybersecurity
operations — debates that will probably intensify now, rather than resolve
themselves.
For example, Trump added in his statement that Defense
Secretary James Mattis was looking into “the possibility of separating United
States Cyber Command from the National Security Agency.” Since its creation in 2009, CYBERCOM has lived
under the NSA’s roof at Fort Meade, depended on NSA’s resources, and shared its
commander with NSA, as well: The commanding officer of CYBERCOM has
historically been the “dual hatted” NSA director.
There are plenty of pros and cons to a CYBERCOM-NSA split, most of
which boil down to bureaucratic wranglings over who’s responsible for what and
when. But one issue that’s helped spur
the divorce talk is the evolution of different missions for the two agencies. NSA has historically operated as a
“collection” entity, stealthily intercepting communications and hoovering up
all the details in them. CYBERCOM, on
the other hand, has been trying its hand as a “disruption” entity, taking
offensive actions against hackers and enemies. It’s hard to run both kinds of ops on a single
target through a single point of entry.
I haven’t made many comments about the capability of
satellite imaging recently. Apparently,
at least one company has found even commercial grade images adequate for its
purpose.
Roofr uses satellite imagery to evaluate the state of your
roof
Roofr,
which will be graduating from Y Combinator (YC) next week, developed a
satellite imagery software that analyzes the state of your roof to determine
whether it needs to be replaced.
… The
Toronto-based startup offers customers a free online quote using its satellite
imagery software, which takes the square footage and slope of the roof. It is currently using a Google API to capture
satellite images from Google Earth.
The team then connects customers with vetted contractors
who provide full replacements for any type of roof, including cedar, slate, and
metal.
Another step towards replacing lawyers with AI? (Are you sure that’s a human Judge on the
other end?)
Chinese 'cyber-court' launched for online cases
China has launched a digital "cyber-court" to
help deal with a rise in the number of internet-related claims, according to
state media.
The Hangzhou Internet Court opened on Friday and heard its
first case - a copyright infringement dispute between an online writer and a
web company.
Legal agents in Hangzhou and Beijing accessed the court
via their computers and the trial
lasted 20 minutes.
The court's focus will be civil cases, including online
shopping disputes.
Judges were sworn in and the first case was presented on a
large screen in the courtroom.
… Defendants and
plaintiffs appear before the judge not in person, but via video-chat.
… In some other
countries, online portals to allow people to resolve legal disputes in
cyber-space already exist.
Canada's Civil
Resolution Tribunal starting accepting claims for $5,000 (£3,000) or less in
British Columbia in June.
Perspective.
Because they succeeded they must be cheating?
The walls are closing in on tech giants
Tech behemoths Google, Facebook and Amazon are feeling the
heat from the far-left and the far-right, and even the center is starting to
fold.
Why it matters: Criticism over the companies' size,
culture and overall influence in society is getting louder as they infiltrate
every part of our lives. Though it's
mostly rhetoric rather than action at the moment, that could change quickly in
the current political environment.
Here's a breakdown of the three biggest fights they're
facing.
(Related). Is it
really so hard to start a new company?
Trapped in Tech’s Unicorn Land
The land of unicorns looks considerably less magical these
days.
Not that private investors have noticed. The IPO market
remains anemic for technology companies, and the M&A market isn’t faring
that much better. Yet investors continue
to pour money into venture-capital firms, and those firms continue to pour
money into technology startups—even the so-called unicorns valued at more than
$1 billion.
This has got to be better than forcing everyone in the
room to listen to the entire score of Der
Ring des Nibelungen each time you get a call. (Okay, maybe not numbers 5 and 8)
No comments:
Post a Comment