Quote:A North Korean hacking group took advantage of the Oct. 29 Itaewon crowd-crush tragedy, which killed more than 150 people, to trick South Korean targets into downloading malicious files, researchers with Google’s Threat Analysis Group revealed Wednesday.
The discovery of the campaign appears to be just the latest attempt by a notorious North Korean hacking group known as APT37, which has targeted North Korean defectors, policymakers, journalists and human rights activists and others in South Korea for the past decade.
Researchers discovered the campaign after multiple South Korean submissions of a Microsoft Office document titled “221031 Seoul Yongsan Itaewon accident response situation (06:00)” to VirusTotal on Oct. 31.
The hackers appear to have designed the malicious document to install malware on victims’ devices and relied on a recently discovered Internet Explorer zero-day vulnerability, CVE-2022-41128, that allows for remote code execution.
Researchers notified Microsoft about the zero-day within a few hours of its discovery Oct. 31 and patches were issued on Nov. 8.
If you need that patch, go get it, guys!
Just don't buy some pirate patch, OK?
Quote:Apple will introduce end-to-end encryption for iCloud backups, resolving longstanding criticism over the absence of the safeguard for a key way users store data. The “Advanced Data Protection” mode will be available for all iCloud data including backups, photos and notes, the company announced Wednesday.
Apple already offers end-to-end encryption for iMessage and other iCloud data such as health data. The expanded protections, expected to be rolled out in early 2023, will help users safeguard all iCloud data from unwanted access such as data breaches.
...
To enable encrypted back-ups, users will have to opt-in, meaning that some unencrypted back-up data may still be available to law enforcement requests.
The expanded features have been hailed by privacy groups as welcome but long overdue.
What comes next in the article is what worries me sick, up to some point.
Quote:The FBI criticized the move, saying in a statement that the bureau wants to see technology companies embrace “responsibly managed encryption — encryption that providers can decrypt when served with a legal order and provide that information to law enforcement.” The spread of increasingly sophisticated encryption will hamper investigations, and “the FBI and law enforcement partners need ‘lawful access by design’ to keep pace with adversary tradecraft,” the bureau said.
Technologists and civil society groups maintain that building so-called “lawful access” tools into encryption systems fatally undermines them, exposing them to attack and putting user data at risk.
Quote:Twitter Inc. will relaunch a revamped version of its subscription service Twitter Blue on Monday at a higher price for Apple users, the company said in a tweet on Saturday.
The company said users could subscribe to the revamped service that will allow subscribers to edit tweets, upload 1080p videos, and get a blue checkmark post account verification, for $8 per month through the web but for $11 per month through Apple iOS.
Twitter did not explain why Apple users were being charged more than others on the web but there have been media reports that the company was looking for ways to offset fees charged in the App Store.
Twitter had initially launched Twitter Blue early in November before pausing it as fake accounts mushroomed. It was then scheduled to launch again on Nov. 29 but was pushed back.
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE