Archive for March, 2021

Nice write up on a unique Cobalt Strike stager

March 31st, 2021

submitted by /u/FatherOfPitty
[link] [comments]

Posted in netsec | Comments (0)

Top 5 Attack Techniques May Be Easier to Detect Than You Think

March 31st, 2021

New analysis shows attackers for the most part are continuing to rely on the same techniques and tactics they have been using for years.

Posted in Uncategorized | Comments (0)

Trial started for vaccine against one of the scariest coronavirus variants

March 31st, 2021
Extreme close-up photo of a gloved hand holding a tiny jar.

Enlarge / A vial of the current Moderna COVID-19 vaccine. (credit: Getty | Ivan Romano)

Researchers have given out the first jabs of a tweaked version of Moderna’s COVID-19 vaccine, one aimed at fighting one of the most concerning coronavirus variants—the B.1.351 variant, first identified in South Africa.

The jabs are part of an early trial of the tweaked vaccine, which is being run by the NIH’s National Institute of Allergy and Infectious Diseases (NIAID). The agency aims to enroll around 210 healthy adults in the trial by the end of April.

“The B.1.351 SARS-CoV-2 variant, first identified in the Republic of South Africa, has been detected in at least nine states in the United States,” NIAID Director Anthony Fauci said in an announcement. “Preliminary data show that the COVID-19 vaccines currently available in the United States should provide an adequate degree of protection against SARS-CoV-2 variants. However, out of an abundance of caution, NIAID has continued its partnership with Moderna to evaluate this variant vaccine candidate should there be a need for an updated vaccine.”

Read 7 remaining paragraphs | Comments

Posted in clinical trial, COVID-19, Infectious disease, moderna, NIH, public health, SARS-CoV-2, science, vaccine, variant | Comments (0)

Google Updates on Campaign Targeting Security Researchers

March 31st, 2021

Attackers linked to North Korea began to target security researchers on social media earlier this year.

Posted in Uncategorized | Comments (0)

HoloLens for 120,000 Army personnel: Microsoft inks $21.9 billion deal

March 31st, 2021
A soldier raises a rifle from within a comically oversized headset.

Enlarge (credit: Aurich Lawson | Microsoft | Getty Images)

On Wednesday, the US Army formally moved forward with the largest ever government-related deal for headsets in the virtual and augmented reality sector: a 10-year agreement with Microsoft to provide 120,000 headsets “based” on the HoloLens line.

Reports by CNBC and Bloomberg point to a $21.9 billion value for this week’s updated arrangement, following its initial announcement in November 2018. Neither of those reports point to exact reasons for the deal’s jump from an initial contract value of $480 million, despite that earlier deal confirming similarly high headset numbers.

Official IVAS image as provided by Microsoft as part of Wednesday's announcements. Notice an array of sensors across the top, along with an apparent headset-strapping requirement for this model.

Official IVAS image as provided by Microsoft as part of Wednesday’s announcements. Notice an array of sensors across the top, along with an apparent headset-strapping requirement for this model. (credit: Microsoft)

The headset model in question, as revealed by Microsoft’s Alex Kipman in a Wednesday blog post, appears to deviate slightly from its originally announced intent. While it’s still known as the Integrated Visual Augmentation System (IVAS) and includes an array of HoloLens-like sensors, the model seen in today’s announcement appears to attach to a helmet. Ars previously reported that Microsoft and the US Army intended for this headset to not require mounting on a helmet, arguably to increase its applicability.

Read 5 remaining paragraphs | Comments

Posted in augmented reality, Department of Defense, Gaming & Culture, hololens, microsoft, Pentagon, Policy, virtual reality | Comments (0)

Apple commits to build “grid-scale” energy storage in California

March 31st, 2021

Apple today announced that it will build a “grid-scale” energy-storage project in California, capable of storing 240 megawatt-hours of energy. The storage will work closely with the 130-megawatt solar farm the company already build to power daytime energy needs at its headquarters in Cupertino. Additionally, Apple says that 110 of its manufacturing partners are moving to 100 percent renewable energy, as part of a commitment by Apple to make its supply chain and products carbon neutral by 2030.

The project is intended to store energy so the energy produced by the solar farm can be used during the night as well as during the day, and Cupertino says the project will store enough energy to “power over 7,000 homes for one day.” Apple plans to share some of what it learns from the project with other companies, executives have said.

Apple’s own corporate footprint is already carbon-neutral, the company says, but it will be a longer and more challenging road to bring its various manufacturing partners and suppliers along with it. Apple’s newsroom post offers details about how Apple works with suppliers to reduce their carbon footprints:

Read 5 remaining paragraphs | Comments

Posted in apple, Energy, Lisa Jackson, solar power, Tech | Comments (0)

What’s So Great About XDR?

March 31st, 2021

XDR is a significant advance in threat detection and response technology, but few enterprises understand why. Omdia identifies four catalysts driving the emergence of XDR.

Posted in Uncategorized | Comments (0)

83% of Businesses Hit With a Firmware Attack in Past Two Years

March 31st, 2021

A new Microsoft-commissioned report finds less than 30% of organizations allocate security budget toward preventing firmware attacks.

Posted in Uncategorized | Comments (0)

Ubiquiti breach puts countless cloud-based devices at risk of takeover

March 31st, 2021
Stylized image of rows of padlocks.

Enlarge (credit: Getty Images)

Network devices-maker Ubiquiti has been covering up the severity of a data breach that puts customers’ hardware at risk of unauthorized access, KrebsOnSecurity has reported, citing an unnamed whistleblower inside the company.

In January, the maker of routers, Internet-connected cameras, and other networked devices, disclosed what it said was “unauthorized access to certain of our information technology systems hosted by a third-party cloud provider.” The notice said that, while there was no evidence the intruders accessed user data, the company couldn’t rule out the possibility that they obtained users’ names, email addresses, cryptographically hashed passwords, addresses, and phone numbers. Ubiquiti recommended users change their passwords and enable two-factor authentication.

Device passwords stored in the cloud

Tuesday’s report from KrebsOnSecurity cited a security professional at Ubiquiti who helped the company respond to the two-month breach beginning in December 2020. The individual said the breach was much worse than Ubiquiti let on and that executives were minimizing the severity to protect the company’s stock price.

Read 5 remaining paragraphs | Comments

Posted in Biz & IT, Data breaches, Internet of things, IoT, routers, Tech, ubiquit | Comments (0)

College Students Targeted in Newest IRS Scam

March 31st, 2021

The Internal Revenue Service warns of fraudulent emails sent to .edu addresses.

Posted in Uncategorized | Comments (0)