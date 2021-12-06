Proprietary Software and Security
YouTubers are sick of comment spam, so YouTube is testing a stricter moderation system
YouTube comment spam can take many forms. Major creators are often concerned about spam that impersonates them, promises viewers something good for messaging them, and then directs individuals off YouTube in some way to eventually scam them.
Security experts surprised by Russia’s ineffective cyberattacks in Ukraine but warn against complacency [iophk: Windows TCO]
The absence of significant cyberattacks against Ukraine by Russia during the current war is the dog that didn’t bark or bite. Cybersecurity experts around the globe are puzzling over why Russia, with highly sophisticated cyberattack capabilities as demonstrated by NotPetya, election meddling and the SolarWinds software supply chain breach, has not done more to disrupt digital operations in Ukraine.
Aside from a few isolated and largely ineffective attacks and a surprisingly mild disinformation campaign, Russia has either refrained from or been incapable of flexing its sizable cyberwarfare muscles in the conflict. The burning question is: Why?
VMware patches critical flaws in Workspace ONE Access identity management software
The vulnerability – tracked as CVE-2022-22954 and with a CVSS rating of 9.8 – arises as the result of a server-side template injection issue.
“A malicious actor with network access can trigger a server-side template injection that may result in remote code execution,” VMware warns in a security bulletin.
Also on the critical list are two authentication bypass vulnerabilities in the OAuth2 ACS framework, which is tied to VMware Workspace ONE Access.
These flaws – tracked as CVE-2022-22955 and CVE-2022-22956 and both with a CVSS rating of 9.8 – each bypass an authentication mechanism and “execute any operation due to exposed endpoints in the authentication framework”, VMware warns.
Pegasus used against activists and journalists in Jordan. Lazarus Group distributes Trojanized DeFi wallet. Deep Panda exploits Log4Shell.
The University of Toronto's Citizen Lab says phones belonging to "four Jordanian human rights defenders, lawyers, and journalists were hacked with NSO Group’s Pegasus spyware between August 2019 and December 2021." The researchers don't attribute this activity to any particular government, but they note that two Pegasus customers appear to be primarily focused on targets in Jordan:
"One of the customers, which we name MANSAF, appears to be spying primarily in Jordan, with limited additional operations in Iraq, Lebanon, and Saudi Arabia. We believe that MANSAF has been operating since December 2018.
Rivals aren't convinced by Microsoft's one-click default browser change
Wake-up call: Is the infosec skills gap causing a mental health crisis? [iophk: Windows TCO]
Mounting pressure on information security professionals is creating a mental health crisis across the industry, a new report claims.
The survey from Vectra AI, released today (April 7), found that more than half of respondents (51%) have suffered depression, anger, or anxiety due to feeling overwhelmed by work.
A further 56% have had sleepless nights worrying about work and 42% have called in sick because they couldn’t face work.
The report polled 200 respondents working in roles across the infosec industry.
China accused of cyberattacks on Indian power grid [Ed: Sounds like another incident or example of Windows in core infrastructure (where it never belonged)]
China has been accused of conducting a long-term cyber attack on India's power grid, and has been implicated in cyber attacks against targets in Ukraine.
Cybersecurity firm Insikt Group found network intrusions at seven Indian State Load Dispatch Centers (SLDCs) that conduct real-time operations for grid control and electricity dispatch, according to a report released Wednesday. All seven SLDCs were located near the disputed India-China border in Ladakh.
Although one of the SLDCs had been previously targeted – in a 2020 incident that Insikt Group named RedEcho and credited to Beijing – the newly identified intrusions target an almost entirely different set of victims.
Deep Dive Analysis – Borat RAT [Ed: Microsoft Windows TCO strikes again]
Borat RAT: Multiple threat of ransomware, DDoS and spyware
To further rattle victims, Borat can run such tasks as playing audio, showing and hiding the desktop or taskbar, enabling or disabling the webcam light, turning off the monitor or showing a blank screen.
FIN7 crime-gang pen tester headed to US prison for five years
Since at least 2015, FIN7 gang members have used phishing emails with malicious files attached to break into hundreds of companies' networks. Once they gained access, they injected malware to steal customers' credit- and debit-card numbers, which they then sold on the dark web or used to fund their own shopping sprees.
Gd
Microsoft dogs Strontium domains to stop attacks on Ukraine [Ed: Microsoft is a key reason Ukraine's system are vulnerable to Russian attacks; this is a misleading inversion of narratives, reinforced by gullible or complicit publishers]
WordPress Plugins and Themes Could Have Vulnerabilities: How to Secure Your Site
As by far the most popular content management system, WordPress powers millions of different websites. It's open source software, which means its source code is publicly accessible and can be modified by pretty much anyone with sufficient know-how.
Though WordPress plugins and themes can be purchased, tens of thousands of them are available for free. As one might expect, this does not come without its downsides. So how vulnerable are WordPress sites? What about its themes and plugins? And how can you protect your sites?
Mailchimp: Cryptocurrency clients' mailing-list info stolen • The Register
Mailchimp has confirmed a miscreant gained access to one of its internal tools and used it to steal data belonging to 100-plus high-value customers.
The clients were all in cryptocurrency and finance-related industries, according to Mailchimp. "Our findings show that this was a targeted incident," the mailing-list giant's CISO Siobhan Smyth said in a statement to The Register on Monday.
Rumors of the intrusion surfaced on Twitter over the weekend: on Sunday, hardware cryptocurrency wallet maker Trezor, whose website is trezor.io, warned someone was sending out emails from noreply[at]trezor[dot]us containing a link to malware designed to harvest wallet owners' information.
Less than an hour later, Trezor said it managed to get the domain names associated with the scam disabled, and that MailChimp said its service had been "compromised by an insider targeting crypto companies."
