Governance & Risk Management , IT Risk Management , Patch Management The Flaw in Windows Graphics Component Can Enable Web-Based Attacks Akshaya Asokan (asokan_akshaya) • February 26, 2021 Microsoft has patched a critical vulnerability in Windows that can be exploited by tricking users to visit websites that use a malicious font. The flaw…
After a journey of about seven months Nasa’s Perseverance rover landed on Mars last Thursday. Designed to look for signs of past microbial life, the rover has been sending back stunning images of the Red planet. But those who watched the rover’s descent onto the Martian surface may have spotted a coded message on the…
The single-shot Johnson & Johnson coronavirus vaccine should get its final approval in the United States later on Friday. If approved the US would be the first country in the world to do so. Infectious disease expert and adviser to the Centers for Disease Control and Prevention, Dr Helen Talbot, told BBC World News that…
Wenatchee High School in Washington state wanted a way to allow students to rehearse safely during the pandemic – and they came up with a creative solution. Principal Eric Anderson said the tents may be small, but they are allowing band members to play together again.
BBC Click’s Paul Carter looks at some of the best technology news stories of the week including: Google’s sister firm, Sidewalk Labs, cancels a smart-city project to track mobility patterns in the US city of Portland, Oregon Boston Dynamics criticises an art installation that will allow people to control a version of the firm’s robot…
A life-long friend of Aung San Suu Kyi has spoken of her worries about her detention. Ann Pasternak Slater, who is also the godmother to one of Aung San Suu Kyi’s sons said she had been following the news “with great concern and great sorrow that the victory they won in the elections which would…
Critical Infrastructure Security , Cybercrime as-a-service , Cyberwarfare / Nation-State Attacks Kaspersky Ties Latest Hacking Campaign and Backdoor to Lazarus Group Doug Olenick (DougOlenick) • February 25, 2021 Lazarus, the North Korean-backed advanced persistent threat group, has been conducting a campaign striking defense industry targets in more than a dozen countries using a…
A North Korean-backed hacking group has targeted the defense industry with custom backdoor malware dubbed ThreatNeedle since early 2020 with the end goal of collecting highly sensitive information. This espionage campaign affected organizations from more than a dozen countries and was coordinated by DPRK-backed state hackers tracked as Lazarus Group. The attackers used COVID19-themed spear-phishing…
Governance & Risk Management , IT Risk Management , Patch Management Flaw Allows Unauthorized Users to Send Specially Crafted Requests Prajeet Nair (@prajeetspeaks) • February 25, 2021 Security firm Positive Technologies says more than 6,000 VMware vCenter devices worldwide that are accessible via the internet contain a critical remote code execution vulnerability. VMware…
Researchers: ‘Jian’ Hacking Tool Targeted Zero-Day Flaw in Windows Scott Ferguson (Ferguson_Writes) • February 22, 2021 A Chinese hacking group reportedly “cloned” and deployed a zero-day exploit developed by the U.S. National Security Agency’s Equation Group before Microsoft patched the Windows vulnerability that was being exploited in 2017, according to an analysis published…
