Boris Johnson, the Prime Minister of UK, warned the world leaders of the near future where and when “Pink-eyed Terminators…” and ″Terrifying limbless chickens”  control most of the human activities. And he has said more interesting things about the future of human beings where IoT make major decisions and dominate most of our daily routines. Even though we may not have actual prove/disprove for what he has claimed, his speech represents one way of looking at the world that has been changing so fast. After all,  he is a British and conservative, and, for sure, his views matter even if we may not agree with him…If you are interested in the intersections of information/computer technology  AND  politics/culture/and society, you may find his speech very interesting….here is one of the links that summarize his speech which is relevant to the subject we are discussing:

https://www.theguardian.com/global/video/2019/sep/25/boris-johnson-speaks-at-un-of-limbless-chickens-brexit-and-hangover-cures-video

Top IT officials in the USA believe that China is still a serious threat to cyber security for the USA. Even though it has been clear that China takes lion’s share for the cyber attacks in the USA( for that matter in the world), it is still astounding to hear the top IT officials picked one nation, China, as a single most threat to the cyber-security in the USA. According to Grant Schneider, Federal Chief Information Security Officer (CISO), China has the “capacity and the capability and the intent” to launch cyber-attacks against the USA. Schneider and other officials believe China has already proved its motives, plans and capabilities “to get into and attack our critical infrastructure systems, our government systems, you name it, both from an intellectual property theft point of view, as well as an espionage point of view”. If you are interested in the details, you may find it in the following links.

https://thehill.com/policy/national-security/459961-top-it-official-names-china-as-main-cyber-threat-to-us

Malware operators power virtual disk files to deliver their malware as VHD files can easily bypass Google security and evade detection by antivirus solutions. As it is known Gmail cannot mount VHD files because they’ve have not been considered as containers for delivering malware. According to this news, Windows operating system and antivirus software treat VHD and VHDX disk image downloads like a black box. Scanning the files inside these containers does not happen until the image is mounted and the files run. VHD and its newer version, VHDX, are disk images that appear and behave like a physical drive when opened in Windows. Attackers can slip malware inside the disk images and lure potential victims to get them from an online location to bypass initial defenses in Windows. For more detail take a look at the following website:

https://cyware.com/news/virtual-disk-attachments-can-be-used-to-evade-antivirus-detection-researchers-say-d026b5cf

This news show how Google Calendar App in combination with Gmail has been with serious vulnerabilities for a very long time. According to this report, even though this vulnerability was first identified two years, Google did not fix it as it believed that such fixes might cause major inconvenience to the Calendar Users. The good news is that Google is dealing with the problems now even though it seems late. Late is better than never, right!

Google Calendar is used by Billions of users to schedule different events including meetings.  This App allows anyone to schedule meetings with any other App users. When the schedule invitation is being sent, pop-ups notifications appear on the devices, especially smartphones, of the person invited. This creates the chances of clicking on the popped up notification which “the threat actors craft … to include a malicious link, leveraging the trust that user familiarity with calendar notifications brings with it.”

This lead to fake apps or websites on which the users are solicited to give up their personal and financial information, the very things the threat actors are after. In bigger organizations, the threat actors can even get access to the physical facilities by disguising as the maintenance workers simply by manipulating the maintenance schedules of these targeted organizations.

This is interesting news given the numbers of users, which is in billions, and the seriousness of the risks involved. It worth your time if you read the report itself on this website: https://www.forbes.com/sites/daveywinder/2019/09/09/google-finally-confirms-security-problem-for-15-billion-gmail-and-calendar-users/#7a0f09f279fa    

This news was reported on August 27, 2019, on the WEIRD. The main gist of the report is that Telsa’s Model S Key fobs can be hacked without deploying large scale hacking operation or resources. Telsa is an American automobile company that produces electric cars. Telsa’s Key fobs are remote control devices that enable someone to enter the car and start its engine. These remote control devices are controlled by secret cryptographic encryption/decryption codes to unlock/lock the car and trigger its engine to run. According to this report, the small number of researchers were able to break into the Model S key fob’s encryption, start the engine and drive the car away. The report finds that the technique these researchers have found “…would allow them to again clone the keys and stealthily steal the car”. This is a very interesting report and you may find the rest of the details from the link below.

https://www.wired.com/story/hackers-steal-tesla-model-s-key-fob-encryption/

In case you want the technical review of Tesla Model S, you can take a look at this link

https://cars.usnews.com/cars-trucks/tesla/model-s

Thanks for joining me!

Good company in a journey makes the way seem shorter. — Izaak Walton