Posts

Showing posts with the label #2020-Mar

COVID-19 slams tech outfits and startups in India

Image
  Most vulnerable are wage-earners working for rideshare companies or manufacturing plants who have no safety net. With COVID-19 cutting a devastating swath throughout the world, what everyone wants to know about India is how bad the situation really is. In a country with a large but mostly poor population of 1.3 billion and a per capita of around just $2,000, a virus such as this can spread like wildfire and cause devastation of no one has expected.  So far, India has seen  612 cases  and twelve deaths, but this is easily a questionable number considering the lack of testing kits, testers, and the country's massive population. China shut Wuhan down almost instantly and still suffered. India, like China, could also be deeply affected, especially if it has under-reported its figures. Realising this, the Indian government has done the smart thing by implementing a 21-day lockdown -- or de-facto "house arrest" -- along with an international and domestic flight...

Microsoft Bing team launches COVID-19 tracker

Image
  Microsoft's COVID-19 tracker is located at bing.com/covid. The Microsoft Bing team launched today a web portal for tracking coronavirus (COVID-19) infections across the globe. "Lots of Bing folks worked (from home) this past week to create a mapping and authoritative news resource for COVID19 info," said Michael Schechter, General Manager for Bing Growth and Distribution at Microsoft. The website, accessible at  bing.com/covid , is a basic tracker. It shows up-to-date infection statistics for each country around the globe and all the US states. Data is aggregated from authoritative sources like the World Health Organization (WHO), the US Centers for Disease Control and Prevention (CDC), and the European Centre for Disease Prevention and Control (ECDC). Users can click countries or US states on the map and see the latest infection stats, along with the latest COVID-19 news coverage for that specific country or state. Microsoft announced the website tonight, two days afte...

Details about new SMB wormable bug leak in Microsoft Patch Tuesday snafu

Image
  SMB vulnerability is currently not patched, but now everyone knows it's there. Details about a new "wormable" vulnerability in the Microsoft Server Message Block ( SMB ) protocol have accidentally leaked online today during the preamble to Microsoft's regular Patch Tuesday update cycle. No technical details have been published, but short summaries describing the bug have been posted on the websites of two cyber-security firms, Cisco Talos and Fortinet. The security flaw, tracked as  CVE-2020-0796 , is not included with this month's March 2020 Patch Tuesday updates, and it's unclear when it will be patched. BUFFER OVERFLOW IN SMBV3 According to Fortinet , the bug was described as "a Buffer Overflow Vulnerability in Microsoft SMB Servers" and received a maximum severity rating. "The vulnerability is due to an error when the vulnerable software handles a maliciously crafted compressed data packet," Fortinet said. "A remote, unauthentica...

Intel CSME bug is worse than previously thought

Image
  Security researchers say that a bug in one of Intel’s CPU technologies that was patched last year is actually much worse than previously thought.”Most Intel chipsets released in the last five years contain the vulnerability in question,” said Positive Technologies in a report published today.Attacks are impossible to detect, and a firmware patch only partially… The actual vulnerability is tracked as CVE-2019-0090, and it impacts the Intel Converged Security and Management Engine (CSME), formerly called the Intel Management Engine BIOS Extension (Intel MEBx). The CSME is a security feature that’s included with all recent Intel CPUs. It is considered a “cryptographic basis” for all other Intel technologies and firmware running on Intel-based platforms. According to Mark Ermolov, Lead Specialist of OS and Hardware Security at Positive Technologies, the CSME is one of the first systems that start running and is responsible for cryptographically verifying and authenticating all firmwa...