This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On December 21, 2018

Monday 12/17

Symantec Collaborates with Aon to Address Hacking Concerns

As incidences of high-profile cybercrimes and cyber warfare continue to grow, demand for stronger cyber security solutions and products are becoming vital for businesses and individuals alike. To address this growing concern, Symantec is taking initiatives to enhance its products. 

http://bit.ly/2ECLnzs

Microsoft wants AI to predict if your Windows PCs will get malware

Microsoft has launched a new $25,000 malware challenge for data scientists on the Google-owned Kaggle crowdsourcing site to develop an algorithm that can predict what types of Windows PCs are most likely to be soon infected with malware.

https://zd.net/2S4mrnt

Public Clouds: Fertile Ground to Spread Malware

“End users, as well as security professionals, tend to place implicit trust in cloud vendors such as Microsoft, AWS, Google and SaaS app vendors such as Box and Salesforce,” Ashwin Vamshi of Netskope security explained. This allows threat actors to take advantage of any cracks in the system.

http://bit.ly/2EyHwDv

Holiday shoppers need to be on high alert for email scams

Malicious email disguised as delivery notifications or online purchase invoices are particularly effective during the holiday season when shoppers are active, says F-Secure, a Helsinki-based cybersecurity firm.

https://fxn.ws/2SVslaI

Tuesday 12/18

New malware pulls its instructions from code hidden in memes posted to Twitter

Although Twitter didn’t host any malicious content, nor could the tweets result in a malware infection, it’s an interesting (although not unique) way of using the social media site as a clever way of communicating with malware.

https://tcrn.ch/2EvSDMv

Facebook bug exposed private photos of 6.8 million users

Facebook blamed this new leak on a Photo API bug that was present in its backend code between September 13 and September 25, 2018.The company said that during that interval the bug allowed Facebook third-party apps to access more than just the user's public photos.

https://zd.net/2Bsns1v

Robotics and Smart Cities just got a lot more real with NVIDIA Jetson Xavier Edge Compute Module

The NVIDIA Jetson AGX Xavier will enable the construction of the next generation of autonomous machines, serving as the “brain” behind these bots. These robotic and smart cities platforms featuring Jetson AGX Xavier should be able to operate completely autonomously in the field, without the need for human intervention or constant cloud connectivity. 

http://bit.ly/2CjXRcR

Wednesday 12/19

Microsoft officially announces ‘Windows Sandbox’ for running applications in isolation

This feature, which will be part of Windows 10 Pro and Enterprise editions, creates "an isolated, temporary desktop environment" where users can run potentially suspicious software.

https://zd.net/2EBUlNj

NASA reveals employee data breach in internal memo

"Those NASA Civil Service employees who were on-boarded, separated from the agency, and/or transferred between Centers, from July 2006 to October 2018, may have been affected," Bob Gibbs, the assistant administrator in NASA's office of human capital management, wrote in the memo.

https://cnet.co/2rMbbRi

Thursday 12/20

This business email scam spreads Trojans through Google Cloud storage

The Houdini remote access trojan (RAT) is able to move laterally through networks and removable drives and is able to execute and download additional payloads from C2 servers such as ransomware or cryptojacking malware.

https://zd.net/2S7m2Rq

Malware targeting IoT devices grew 72% in Q3 alone

Malware led the pack in terms of disclosed attack vectors, the report found, followed by account hijacking, leaks, unauthorized access, and vulnerabilities.

https://tek.io/2PNLvNP

Hacker spoofing bypasses 2FA security in Gmail, targets secure email services

The phishing site was designed to obtain account credentials as well as the 2FA code required to access the account. Once the researchers logged into one of the fraudulent domains using a throwaway Gmail address, they were alerted that a 2FA code had been sent -- triggered by the automated scheme

https://zd.net/2EHlRJs

Friday 12/21

A Review of Malware affecting macOS in 2018

2018 has been very much the year of the RAT for macOS, with Empyre leading the way as the exploitation framework of choice for several malware variants. EvilOSX, EvilEgg and a Java-based RAT also made appearances in the wild.

http://bit.ly/2QO8k9z

Microsoft issues a rare emergency fix as criminals exploit hole in Internet Explorer

The flaw affects older Internet Explorer browser versions including Windows 7 and 10 and Windows Server 2012, 2016 and 2019 versions of Explorer 11, Explorer 10 for Windows Server 2012 and Explorer 9 for Windows Server 2008.

https://cnb.cx/2EA4CJb

Using Artificial Intelligence to Help Corporations Mine Their Own Data

“The biggest problem about this data is—they actually have no idea how to use it: the segregation within the internal workings of a large corporation, or in a public agency, is just too huge. So this is problem number one,” Said Danny Goh founder and CEO of Nexus Frontier Tech, a company that’s helping corporations use AI to more efficiently mine and use their own data

http://bit.ly/2BuZfI2