Your daily dose of tech news, in brief.
Not only are we on the last day of September 2022, but today is the last day for SpiceWorld 2022! It feels like it takes too long for SpiceWorld to come around each year, and it also flies by way too fast once it's started.
You can still check out the virtual events if you're not attending in-person. Speaking of which, our keynote speaker Bryan Seely's session was amazing and that might have been the first standing ovation I've seen at SpiceWorld. When you get a chance, go to the SpiceWorld virtual site and check it out, as it's available now for on-demand!
Speaking of September 30th, if we roll back the clock 42 years ago to 1980, today is the day that Digital, Intel, and Xerox released version 1.0 of the Ethernet specificationOpens a new window, which quickly became known as the “Blue Book.” The document laid out how a LAN would function, laying the foundations for what would become the standard for local networking.You need to hear this. Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild
Microsoft has confirmed that two recently reported zero-day vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019 are being exploited in the wild.
According to The Hacker News:
""The first vulnerability, identified as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, while the second, identified as CVE-2022-41082, allows remote code execution (RCE) when PowerShell is accessible to the attacker," the tech giant said.
The company also confirmed that it's aware of "limited targeted attacks" weaponizing the flaws to obtain initial access to targeted systems, but emphasized that authenticated access to the vulnerable Exchange Server is required to achieve successful exploitation.
The attacks detailed by Microsoft show that the two flaws are stringed together in an exploit chain, with the SSRF bug enabling an authenticated adversary to remotely trigger arbitrary code execution."
I know I've seen more of our members talking about the Brave browser lately, so I wanted to highlight this upcoming update.
According to BleepingComputer:
"The Brave browser will soon allows users to block annoying and potentially privacy-harming cookie consent banners on all websites they visit.
If you visited BleepingComputer from Europe, you may have noticed an annoying cookie consent prompt asking if you would like to accept data-collecting cookies from our advertisers.
These notifications are incredibly annoying but have become necessary to do business online to comply with data protection regulations like GDPR.
In some cases, however, these banners can serve as trackers themselves, as they engage in a privacy-breaching data exchange before the user even has a chance to opt out.
Secondly, it is widely accepted that the consent prompts severely disrupt the browsing experience, as users have to deal with them almost every time they visit a website."
Mystery Hackers Are ‘Hyperjacking’ Targets for Insidious Spying
Hackers may be shifting their targets from workstations to virtual environments where endpoint detection and response aren't supported, says Mandiant in a report detailing novel malware that attacks VMware hypervisors.
According to WIRED:
"Today, Google-owned security firm Mandiant and virtualization firm VMware jointly published warnings that a sophisticated hacker group has been installing backdoors in VMware’s virtualization software on multiple targets’ networks as part of an apparent espionage campaign. By planting their own code in victims’ so-called hypervisors—VMware software that runs on a physical computer to manage all the virtual machines it hosts—the hackers were able to invisibly watch and run commands on the computers those hypervisors oversee. And because the malicious code targets the hypervisor on the physical machine rather than the victim’s virtual machines, the hackers’ trick multiplies their access and evades nearly all traditional security measures designed to monitor those target machines for signs of foul play.
“The idea that you can compromise one machine and from there have the ability to control virtual machines en masse is huge,” says Mandiant consultant Alex Marvi. And even closely watching the processes of a target virtual machine, he says, an observer would in many cases see only “side effects” of the intrusion, given that the malware carrying out that spying had infected a part of the system entirely outside its operating system."
A SpaceX Dragon spacecraft could move the Hubble space telescope into an orbit that extends its life by up to 20 years.
According to PCMag:
"NASA and SpaceX have signed an unfunded Space Act Agreement to study whether boosting Hubble into a higher orbit using a Dragon spacecraft is both technically feasible and worth it for the "commercial possibilities."
The idea was proposed by SpaceX and the Polaris Program, and NASA decided it was at least worth looking into. "This study is an exciting example of the innovative approaches NASA is exploring through private-public partnerships," said Thomas Zurbuchen, associate administrator for the Science Mission Directorate at NASA Headquarters in Washington."
FCC approves new "5-year rule" for space junk
The Federal Communications Commission adopted a new rule that will shorten the time for satellite operators to deorbit low Earth orbit satellites from 25 to 5 years.
According to ZDNet:
"The US Federal Communications Commission on Thursday adopted new rules meant to address the growing problem of "space junk" – the non-functional spacecraft, abandoned rocket stages and other pieces of mostly human-made debris that's cluttering up space. Under the new rules, satellite operators in low-Earth orbit (LEO) have to haul away their satellites within five years of completing their missions.
Previously, there were no hard-and-fast rules governing space junk. However, guidelines suggested that satellites should be deorbited after around 25 years post-mission. "
A former employee has pleaded guilty to charges that he deliberately misdirected a financial company's email traffic and prevented customers from reaching its website in a failed attempt to convince the firm to rehire him at a greater salary.
According to BleepingComputer:
"To prolong the business disruption for several more days, Umetsu performed additional actions that essentially locked out the firm's IT team from the website administration panel.
Umetsu admitted that his motive for causing this damage was to convince his former employee to hire him back at a higher salary.
"Umetsu criminally abused the special access privileges given to him by his employer to disrupt its network operations for personal gain," said U.S. Attorney Clare E. Connors.
"Those who compromise the security of a computer network – whether government, business, or personal – will be investigated and prosecuted, including technology personnel whose access was granted by the victim," Connors added.
In the end, the victimized company learned who was responsible for the sabotage after reporting the cybersecurity incident to the FBI."
But wait, there's more! Apparently, today is also Ask a Stupid Question Day, created by a collection of teachers who wanted to encourage students to ask more questions in the classroom. So, while I do anticipate a few, shall we say, attempts at humor for Ask a Stupid Question Day, realize it is more about asking questions you don't ask because you feel others may judge you for not knowing it. This is a challenge I know many IT pros have when trying to resolve an issue but are hesitant to post about it due to potential "feedback" from their peers. So, ask those "stupid" questions and Spiceworks Community members, remember to keep it not just spicy but friendly when answering questions.
Reading the email notification for this and you want to chat with others? Go directly to this Snap!'s community topic and join in on the conversation.