Recent Posts

Blockstream Inc. to Launch Satellite for Better Bitcoin Proliferation

Blockstream Inc. to Launch Satellite for Better Bitcoin Proliferation

Blockchain technology company BlockStream Inc. is planning to launch a satellite that can broadcast bitcoin data, reaching areas of the world without Internet access or those where bandwidth costs discourage participation in bitcoin. The satellite will be able to provide free access to the Bitcoin blockchain, sending and recirculating blocks in real time. The company says that it is the first public satellite service that will allow anyone to manage Bitcoin nodes without being constrained by traditional network connectivity. Dr. Adam Back, CEO and co-founder of the company, additionally said that the permissionless nature of Bitcoin allows anyone to create […]

Hackers Use PowerPoint to Deliver Malware

Hackers Use PowerPoint to Deliver Malware

Earlier this week, researchers from Trend Micro discovered a PowerPoint vulnerability that can be exploited to deliver a malware payload which bypasses antivirus detection. Cyber attackers are now using the flaw in the Windows Object Linking and Embedding (OLE) interface to distribute malicious MS Office files. Hackers use a spear-phishing email to deliver the infected PowerPoint attachment. Once opened, the file exploits the CVE-2017-0199 vulnerability, using PowerPoint Show animations feature to download a file logo that executes a file named “RATMAN.EXE” which is a “trojanized” version of the Remcos remote access tool. Microsoft has released a patch for the said […]

Amazon Web Services Launches Security Service That Uses Machine Learning

Amazon Web Services Launches Security Service That Uses Machine Learning

Earlier this week, Amazon Web Services (AWS) launched a managed data security service called “Macie”. Amazon Macie uses machine learning to process sensitive data such as personally identifiable information and intellectual property. Since machine learning is the only way to secure rapidly increasing data across an enterprise, Macie should be able to provide a baseline that companies can configure settings from.      At present, Macie only supports S3, but more will be made available for other data stores in the following months. Autodesk, Netflix, and Edmunds are some of Macie’s first customers.   Source: ZDNet

TrickBot Malware Redirects Victims to Real-Looking Fake Login Page

TrickBot Malware Redirects Victims to Real-Looking Fake Login Page

Security researchers at Cyren discovered earlier this week that the notorious banking Trojan is once again making rounds, targeting clients of a major bank using a new phishing email campaign.   The credential stealing malware, infamous for hitting online banking customers, is now able to redirect its victims to a fake login page that is practically indistinguishable from the real one. The fake page even uses the correct URL and certificates. The phishing emails usually bear the subject “Incoming BACs”, and come with Excel attachments. The recipient is asked to enable macros, which deploys the malicious payload. Once a computer […]

Google Hires Legendary Programmer Chris Lattner to Boost AI Efforts

Google Hires Legendary Programmer Chris Lattner to Boost AI Efforts

Confirmed earlier this week is the hiring of Chris Lattner, known as a “legendary” programmer within the tech industry, by Google. Before coming to Google, Lattner had previously worked at two other Silicon Valley giants – Apple and Tesla. He developed the Swift programming language while at Apple, then moved on to Tesla where he worked on the carmaker’s autopilot technology. Sources from Bloomberg say that Lattner will be working on Google’s TensorFlow language used in the search giant’s AI projects. Lattner says that by joining Google’s “Brain Team”, he’s hoping to make AI accessible to everyone.   Source: Engadget

Australia To Look Into Improving Cyber Terminology

Australia To Look Into Improving Cyber Terminology

Earlier this week, Alastair MacGibbon, Special Adviser to the Prime Minister on Cyber Security, discussed a draft on “contentious” cybersecurity terminology in a two-hour roundtable at the Department of Prime Minister and Cabinet (PM&C). The event was attended by representatives from cybersecurity agencies, law enforcement, and other key federal government departments.   MacGibbon said that there should be a standard definition for particular words used in the discussion of cybersecurity issues to help bring everybody on the same page. He cited “cyber terrorism”, “cyber war”, “and cyber attack” as examples of terms that often get confused with one another. He […]

HBO Hackers Leaks More HBO Shows

HBO Hackers Leaks More HBO Shows

Last Monday, hacking group Mr. Smith leaked an additional number of unaired episodes from ten different HBO shows. This is the third release in a series of leaks done by the group.    The files were uploaded to Mega.nz and sent to selected journalists and online publications. Some of the shows that got leaked were Ballers, Barry, Curb Your Enthusiasm, Insecure, Latino Shorts, Room 104, and The Deuce. HBO’s most popular series, Game of Thrones, was not included in this leak. The hacking group had also previously released scripts, internal network information, even administrator passwords and email correspondence. Source: BleepingComputer

VMware Releases Patch for Denial-of-Service Vulnerability

VMware Releases Patch for Denial-of-Service Vulnerability

Earlier this week, VMware released an update that addresses the CVE-2017-4920 security flaw present in the OSPF protocol implementation of the NSX-V network virtualization solution. In an advisory, VMware says that by using a rogue LSA, it is possible to induce a continuous sending of LSAs between two routers that will eventually result in a loop or connectivity loss. However, they assure that it is extremely difficult to execute, as it requires the attacker to have local access to the target system. Cisco has also advised system administrators regarding the vulnerability, reminding them to allow access to local systems only […]

Google’s Cloud Speech API Gets Major Update

Google’s Cloud Speech API Gets Major Update

Google’s Cloud Speech API received an update last Monday that included support for 30 new languages and word-level timestamps. The service has been used by developers to transcribe spoken words to text since 2016, and the update gives it additional languages including Latvian, Bengali, and Swahili which is used by around a billion speakers. The addition of word-level timestamps also dramatically reduces the time needed for proofreading transcripts. Developers can now upload 3 hour long files and get a quota extension for longer ones. The service still offers free 60 minutes of audio processing, with every succeeding 15 seconds at […]

Web Hosting Company Boots Neo-Nazi Site

Web Hosting Company Boots Neo-Nazi Site

Last Monday, domain registrar and web hosting company GoDaddy dropped the Daily Stormer website from their client list for violating their Terms of Service. The Daily Stormer, a known news and commentary website for white supremacists and neo-Nazis, previously published a slanderous post on Heather Heyer, an anti-fascist protester who was killed by a car that crashed into the crowd in Charlottesville, Virginia.   GoDaddy gained positive feedback for their decision. However, a few pointed out that the company only took action after receiving public pressure. Bharath Ganesh at the Oxford Internet Institute adds that while freedom of speech is […]