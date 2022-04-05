today's leftovers
It's 2022 and there are still malware-laden PDFs in emails exploiting bugs from 2017 [Ed: "Microsoft" and "Windows" conspicuously absent from the headline]
HP's cybersecurity folks have uncovered an email campaign that ticks all the boxes: messages with a PDF attached that embeds a Word document that upon opening infects the victim's Windows PC with malware by exploiting a four-year-old code-execution vulnerability in Microsoft Office.
Booby-trapping a PDF with a malicious Word document goes against the norm of the past 10 years, according to the HP Wolf Security researchers. For a decade, miscreants have preferred Office file formats, such as Word and Excel, to deliver malicious code rather than PDFs, as users are more used to getting and opening .docx and .xlsx files. About 45 percent of malware stopped by HP's threat intelligence team in the first quarter of the year leveraged Office formats.
SelfPrivacy: Get your own private secure [server]
Selfprivacy is a free, open-source user-hosted cloud that helps you manage all of your sensitive data in one platform.
The project is initiated by Kirill Zholnay, a software engineer and a security expert, who manages to create a strong community to pack it and keep it maintained and secure.
With the Selfprivacy you can manage your emails, chat messages, passwords, files, video conversations, git, and a built-in VPN.
SelfPrivacy is developed on the "zero trust" principle, even in relation to SelfPrivacy developers. That means you're the sole owner of your data.
Safari is crippling the mobile market, and we never noticed • The Register
You'd be forgiven for remembering a much earlier monopoly browser decision, that of Microsoft's bundling of Internet Explorer with Windows. The courts alleged that was (US v Microsoft Corp) that illegal and Microsoft finally settled in 2001, nine years after antitrust investigations had started into the company. Not that it made much difference, with only one update to Internet Explorer in the next four years due to lack of competition. As the web went wild, browser innovation stalled.
Programming Leftovers
DongShanPi One - A SigmaStar SSD202D system-on-module with a mini PCIe edge connector for GPIO, Ethernet...
DongShanPi One system-on-module features SigmaStar SSD202D Arm Cortex-A7 processor with 128MB on-chip RAM, a 128MB NAND SPI flash and a microSD card slot, an LCD interface, two USB Type-C ports, and a mini PCIe edge connector that exposes interfaces like Ethernet, USB, and GPIOs when connected to a baseboard. I noticed the module in Linux 5.18 changelog yesterday together with the Miyoo game console, with support being added by dgp (Daniel Palmer), a frequent commenter on CNX Software, who also happen to maintain the linux-chenxing community. The DongShanPi One is optionally offered with a baseboard equipped with an RJ45 port, four USB ports, an IR receiver, and plenty of GPIO headers for expansion.
Security: Tor Browser Release, Harms of Kubernetes Complexity, and CFAA
Software: Virtue-Vice, dijo, XODA, Jarvis
