VOTING MACHINES ARE STILL ABSURDLY VULNERABLE TO ATTACKS

BILL CLARK/GETTY IMAGES

REF: https://www.wired.com/story/voting-machine-vulnerabilities-defcon-voting-village/

2018 review: random reboots of Meltdown-Spectre patch

(January 12, 2018, 4:10 AM PST) Spectre and Meltdown are design flaws in modern CPUs that could allow hackers to bypass system protections on a wide range of devices, allowing attackers to read sensitive information, such as passwords, from memory.

Intel began making software and firmware updates available to mitigate attacks exploiting these flaws last week, pushing them out via system manufacturers. However, yesterday the chip maker admitted these updates were causing certain computers to unexpectedly reboot.

The random reboots appear to be affecting both PCs and servers that use Intel Broadwell and Haswell processors.

REF: https://www.techrepublic.com/article/meltdown-spectre-patch-watch-out-for-random-reboots-warns-intel/

Firefox 63.0 was released.

63.0

Firefox Release

October 23, 2018

Version 63.0, first offered to Release channel users on October 23, 2018

...users can opt to block third-party tracking cookies or block all trackers and create exceptions for trusted sites that don't work correctly with content blocking enabled.
REF: https://www.mozilla.org/en-US/firefox/63.0/releasenotes/

LJ: Linux and Supercomputers

As we sit here, in the year Two Thousand and Eighteen (better known as "the future, where the robots live"), our beloved Linux is the undisputed king of supercomputing. Of the top 500 supercomputers in the world, approximately zero of them don't run Linux (give or take...zero).

REF: https://www.linuxjournal.com/content/linux-and-supercomputers

LJ: Review: the Dell XPS 13 Developer Edition Laptop

A look at Dell's thin and sleek XPS 13 Developer Edition laptop that now ships with Ubuntu 18.04 LTS pre-installed.

REF: https://www.linuxjournal.com/content/review-dell-xps-13-developer-edition-laptop

TrendLabs: With Mirai Comes Miori: IoT Botnet Delivered via ThinkPHP Remote Code Execution Exploit

Figure 2. Miori infects device

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/with-mirai-comes-miori-iot-botnet-delivered-via-thinkphp-remote-code-execution-exploit/

LJ: Why Your Server Monitoring (Still) Sucks

Five observations about why your your server monitoring still stinks by a monitoring specialist-turned-consultant.

REF: https://www.linuxjournal.com/content/why-your-server-monitoring-still-sucks

TrendLabs: New PowerShell-based Backdoor Found in Turkey, Strikingly Similar to MuddyWater Tools

Figure 1. Fake Office document tries to get user to enable malicious macros. The blurred document contains logos of different Turkish government entities

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/new-powershell-based-backdoor-found-in-turkey-strikingly-similar-to-muddywater-tools/

New Dashboard of Plex

New Dashboard to see who’s naughty and nice

Do you share your libraries with friends and family? Wanna know who’s watching what? Now you lucky Plex Pass users have a new Dashboard to replace the previous Now Playing page, giving you instant insight into what’s currently being played and by whom. The new Dashboard can be found in your settings screen , and includes the following:

Trello: The Self-Talk Struggle Is Real: How To Win At Work With Sports Psychology

In the 1998 NBA Finals, down by one point and with only 18 seconds left in the game, Michael Jordan tore the ball away from the opponent and made the winning shot of his last game with the Chicago Bulls.

REF: https://blog.trello.com/negative-self-talk

TrendLabs: Android Wallpaper Apps Found Running Ad Fraud Scheme

Figure 5. C&C server response.

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/android-wallpaper-apps-found-running-ad-fraud-scheme/

NewTek NDI version 3.8 SDK Available Now

Some of the most significant changes are:

• Performance improvements across the board, both on Windows and the cross-platform libraries.
• The NDI® Tools suite includes many improvements: Scan Converter now supports high frame-rate screen capture for game capture; likewise Studio Monitor has been updated to support high frame-rate playback; Virtual Input has separate signed drivers for Windows 10 and previous versions, allowing it to correctly run on all Windows versions.
• The Mac and Linux versions of NDI® have noticeable performance improvements, and now support almost all of the same options as the Windows versions.
• Major focus on the optimization of NDI® discovery. Hundreds of sources on a network with hundreds of receivers coming and going at any time, running entirely without centralized servers, make discovery and notification complex. The new version introduces dramatic performance improvements in the way all of this is handled.
• Extended sample code, examples, better routing, and much more.
• (Shhhh. Some secret things have been put in place ahead of time, in preparation for new capabilities to be revealed later in NDI® v4.)

TrendLabs: URSNIF, EMOTET, DRIDEX and BitPaymer Gangs Linked by a Similar Loader

Figure 1. Connections of EMOTET, DRIDEX, URSNIF and BitPaymer.

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/ursnif-emotet-dridex-and-bitpaymer-gangs-linked-by-a-similar-loader/

Plex: TVs are lookin’ fiiine

We’ve updated the user experience on our Samsung and LG apps, as well as PlayStation 4, making it easier to find and enjoy the media that matters most to you. The experience is intended to be super-customizable—more consistent with more flexibility—to let you easily view and listen to different types of media from different sources. This means no more switching sources when you go from Photos (your own server) to Music (your favorite hipster friend’s music library)!

REF: https://support.plex.tv/articles/navigating-the-big-screen-apps/

NewTek Premium Access with LiveGraphics™ and more!

NewTek’s award-winning LiveGraphics™ is only one of the exciting applications included with Premium Access subscription-based software.

REF: https://www.newtek.com/

TrendLabs: Cybercriminals Use Malicious Memes that Communicate with Malware

Figure 2. Private IP address that a Pastebin URL points to

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/cybercriminals-use-malicious-memes-that-communicate-with-malware/

Trello: Asking For A Remote Work Policy? Pro Tips And Trends Of The Year To Reference

Remote work is growing in popularity, and more and more companies are adopting the mentality and practices of hybrid teams: Offering employees the option to work from the office, remotely, or alternate between the two. Working remotely is not only comfortable (can you say no commute?) but it also provides flexible hours, more ability to focus, and opens opportunities for people around the world to find interesting work regardless of their location.

REF: https://blog.trello.com/remote-work-policy-pro-tips-and-trends

TrendLabs: Cryptocurrency Miner Spreads via Old Vulnerabilities on Elasticsearch

Figure 1. GreyNoise marked the host as a known scanner

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/cryptocurrency-miner-spreads-via-old-vulnerabilities-on-elasticsearch/

NewTek: Celebro Makes Sure Broadcasters Have It All – Over IP With NDI

Celebro Makes Sure Broadcasters Have It All – Over IP With NDI®

REF: https://www.newtek.com/

TrendLabs: New Exploit Kit “Novidade” Found Targeting Home and SOHO Routers

Figure 1. Novidade infection chain

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/new-exploit-kit-novidade-found-targeting-home-and-soho-routers/

Trello: Why We Always Switch Productivity Methods Before They Stick, According To Science

Image Source: Cheezburger.com

REF: https://blog.trello.com/how-to-stick-with-a-productivity-method

All new Roku channel!

Our totally reimagined Roku channel makes it easier than ever to find and enjoy the media that matters most to you, giving you unparalleled flexibility and customizability. We’ve also added subtitles-on-demand as a preview for our beloved Plex Passsubscribers. No more searching high and low for the right subtitles–we’ll find them for you automagically. Lastly, if you use Plex Live TV on Roku, we’ve added DVR* capability so you can schedule recordings for your favorite shows, movies, and games right from your Roku device.

[USN-3840-1] OpenSSL vulnerabilities

---------- Forwarded message ---------
From: Marc Deslauriers
Date: 2018年12月7日 週五 上午4:49

Samuel Weiser discovered that OpenSSL incorrectly handled DSA signing. An
attacker could possibly use this issue to perform a timing side-channel
attack and recover private DSA keys. (CVE-2018-0734)

Samuel Weiser discovered that OpenSSL incorrectly handled ECDSA signing. An
attacker could possibly use this issue to perform a timing side-channel
attack and recover private ECDSA keys. This issue only affected Ubuntu
18.04 LTS and Ubuntu 18.10. (CVE-2018-0735)

Billy Bob Brumley, Cesar Pereida Garcia, Sohaib ul Hassan, Nicola Tuveri,
and Alejandro Cabrera Aldaya discovered that Simultaneous Multithreading
(SMT) architectures are vulnerable to side-channel leakage. This issue is
known as "PortSmash". An attacker could possibly use this issue to perform
a timing side-channel attack and recover private keys. (CVE-2018-5407)

References:
  https://usn.ubuntu.com/usn/usn-3840-1
  CVE-2018-0734, CVE-2018-0735, CVE-2018-5407

Trello: How To Be Your Most Productive Self: Let Go Of Being Perfect

We live in an era of overachievement, and in this era flaunting those achievements (we’re looking at you, social media) is totally the norm.

REF: https://blog.trello.com/productive-not-perfectionism

TrendLabs: A Look into the Connection Between XLoader and FakeSpy, and Their Possible Ties With the Yanbian Gang

Figure 1. Monthly infection count for XLoader and FakeSpy attacks this year

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/a-look-into-the-connection-between-xloader-and-fakespy-and-their-possible-ties-with-the-yanbian-gang/

Announcing CrossOver 18.1.0

CrossOver 18.1 supports Visio 2016 on Linux.

For macOS users, CrossOver 18.1 contains a number of important bug fixes. We have resolved a bug which prevented game downloads and the Steam Store page from working on the latest Steam release. CrossOver 18.1 also addresses an issue some macOS users experienced running recent versions of Quicken on CrossOver 18. Those who experienced crashes or launch failures when using Quicken 2016-2018 should see full functionality on CrossOver 18.1.

Finally, CrossOver 18.1 restores controller support for Steam on both macOS and Linux.

REF: https://www.codeweavers.com/support/forums/announce/?t=24;mhl=212141;msg=212141#msg212141

Trello: That Stress You Feel? It’s A ‘Mental Load’ Of Invisible Work That Needs Talking About

Source: The gender wars of household chores: a feminist comic

REF: https://blog.trello.com/mental-load-invisible-work-stress

[USN-3830-1] OpenJDK regression

---------- Forwarded message ---------
From: Steve Beattie
Date: 2018年11月28日 週三 下午5:16

USN-3804-1 fixed vulnerabilities in OpenJDK. Unfortunately, that update
introduced a regression when validating JAR files that prevented Java
applications from finding classes in some situations. This update
fixes the problem.

We apologize for the inconvenience.

References:
  https://usn.ubuntu.com/usn/usn-3830-1
  https://usn.ubuntu.com/usn/usn-3804-1
  https://launchpad.net/bugs/1800792

TrendLabs: Trickbot Shows Off New Trick: Password Grabber Module

Figure 6. Trickbot’s shareDll32 module allows it to connect to a C&C server to download a copy of itself

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/trickbot-shows-off-new-trick-password-grabber-module/

[USN-3817-1] Python vulnerabilities

---------- Forwarded message ---------
From: Marc Deslauriers
Date: 2018年11月14日 週三 上午1:03

Summary:

Several security issues were fixed in Python.

Software Description:
- python2.7: An interactive high-level object-oriented language
- python3.5: An interactive high-level object-oriented language
- python3.4: An interactive high-level object-oriented language

Details:

It was discovered that Python incorrectly handled large amounts of data. A
remote attacker could use this issue to cause Python to crash, resulting in
a denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2018-1000030)

It was discovered that Python incorrectly handled running external commands
in the shutil module. A remote attacker could use this issue to cause
Python to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2018-1000802)

It was discovered that Python incorrectly used regular expressions
vulnerable to catastrophic backtracking. A remote attacker could possibly
use this issue to cause a denial of service. This issue only affected
Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2018-1060, CVE-2018-1061)

It was discovered that Python failed to initialize Expat's hash salt. A
remote attacker could possibly use this issue to cause hash collisions,
leading to a denial of service. (CVE-2018-14647)

References:
  https://usn.ubuntu.com/usn/usn-3817-1
  CVE-2018-1000030, CVE-2018-1000802, CVE-2018-1060, CVE-2018-1061,
  CVE-2018-14647

TrendLabs: Water and Energy Sectors Through the Lens of the Cybercriminal Underground

Figure 1. Post asking about SCADA information to avoid expensive professional training

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/water-and-energy-sectors-through-the-lens-of-the-cybercriminal-underground/

ADMIN: Highly available storage virtualization

Virtualized vs. Software-Defined

Software-defined storage (SDS) technology goes one step further. For example, on each physical server involved, hardware-independent software responsible for storage virtualization is installed, which acts as a hypervisor, bundling and centrally orchestrating the storage resources of the servers. In the case of VMware with vSAN or Windows 2016 with Storage Space, such functions are already included in the operating system, which allows the storage resources of the individual servers to be completely decoupled from the hardware and grouped into pools. Services such as deduplication, compression, and data protection are also offered.

A kind of erasure coding (i.e., the intelligent storage of data on several instances) ensures that the data is stored in a fail-safe manner. Compared with conventional SAN storage virtualization, this also means that the local or directly connected hard drives of the individual servers can be managed. SDS solutions can even integrate the unused RAM of the servers as a kind of cache with extremely fast access times. SDS as a relatively new virtualization technology is generally considered to have the greatest potential for the future. However, it remains to be seen to what extent this technology can also be used for highly heterogeneous server environments or I/O-intensive applications.

REF: http://www.admin-magazine.com/Articles/Highly-available-storage-virtualization

TrendLabs: Fake Voice Apps on Google Play, Botnet Likely in Development

Figure 1. One of the apps posing as a legitimate voice messenger uploaded on Google Play

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/fake-voice-apps-on-google-play-botnet-likely-in-development/

[USN-3791-1] Git vulnerability

---------- Forwarded message ---------
From: Steve Beattie
Date: 2018年10月12日 週五 上午10:42

It was discovered that git did not properly validate git submodule
urls or paths. A remote attacker could possibly use this to craft a
git repository that causes arbitrary code execution when recursive
operations are used.

References:
  https://usn.ubuntu.com/usn/usn-3791-1
  CVE-2018-17456

TrendLabs: Cryptocurrency Mining Malware uses Various Evasion Techniques, Including Windows Installer, as Part of its Routine

Figure 3. One of the windows displayed during installation

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/cryptocurrency-mining-malware-uses-various-evasion-techniques-including-windows-installer-as-part-of-its-routine/

ADMIN: Is North Korea Hacking US ATM Machines?

By Swapnil Bhartiya

US-CERT says the Hidden Cobra hacker group is behind the ATM cash-out scheme.

In a joint alert, which includes agencies like the FBI, DHS, and Treasury, US-CERT says they have identified malware and other indicators of compromise (IOCs) used by the North Korean government in an Automated Teller Machine (ATM) cash-out scheme.

REF: http://www.admin-magazine.com/News/Is-North-Korea-Hacking-US-ATM-Machines

TrendLabs: Fake Banking App Found on Google Play Used in SMiShing Scheme

Figure 1. The app claimed that it is digital token

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/fake-banking-app-found-on-google-play-used-in-smishing-scheme/

ADMIN: Chinese Spy Chip in US Servers?

By Swapnil Bhartiya

Bloomberg report says major US companies found spy chips on servers manufactured in China.

A Bloomberg report [1] claims that Chinese spy chips were found on the hardware used by DoD (Department of Defense), CIA, and Navy warships.

According to Bloomberg, the chip, smaller than a grain of rice, was allegedly installed by manufacturing sub-contractors in China.

REF: http://www.admin-magazine.com/News/Chinese-Spy-Chip-in-US-Servers

TrendLabs: TrickBot’s Bigger Bag of Tricks

Figure 1. TrickBot’s new module, psfin32

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/trickbots-bigger-bag-of-tricks/

[USN-3819-1] Linux kernel vulnerability

---------- Forwarded message ---------
From: Steve Beattie
Date: 2018年11月15日 週四 上午8:50

Felix Wilhelm discovered that the Xen netback driver in the Linux kernel
did not properly perform input validation in some situations. An attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code.

References:
  https://usn.ubuntu.com/usn/usn-3819-1
  CVE-2018-15471

TrendLabs: Hide and Script: Inserted Malicious URLs within Office Documents’ Embedded Videos

Figure 1: Comparison of the PoC (left) and the in-the-wild sample’s (right) infection chains
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/hide-and-script-inserted-malicious-urls-within-office-documents-embedded-videos/

[USN-3814-2] ClamAV vulnerabilities

---------- Forwarded message ---------
From: Alex Murray
Date: 2018年11月13日 週二 下午12:06

 It was discovered libmspack incorrectly handled certain malformed
 CAB files.
 A remote attacker could use this issue to cause libmspack to
 crash, resulting
 in a denial of service. (CVE-2018-18584, CVE-2018-18585)

References:
  https://usn.ubuntu.com/usn/usn-3814-2
  https://usn.ubuntu.com/usn/usn-3814-1
  CVE-2018-18584, CVE-2018-18585

TrendLabs: Using Machine Learning to Cluster Malicious Network Flows From Gh0st RAT Variants

Figure 2. Gh0st RAT variants

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/using-machine-learning-to-cluster-malicious-network-flows-from-gh0st-rat-variants/

[USN-3804-1] OpenJDK vulnerabilities

---------- Forwarded message ---------
From: Steve Beattie
Date: 2018年10月31日 週三 上午4:02

Several security issues were fixed in OpenJDK.

References:
  https://usn.ubuntu.com/usn/usn-3804-1
  CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3150,
  CVE-2018-3169, CVE-2018-3180, CVE-2018-3183, CVE-2018-3214

TrendLabs: Exploring Emotet: Examining Emotet’s Activities, Infrastructure

Figure 1. Countries wherein Emotet C&C servers are distributed

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/exploring-emotet-examining-emotets-activities-infrastructure/

[USN-3795-1] libssh vulnerability

---------- Forwarded message ---------
From: Marc Deslauriers
Date: 2018年10月17日 週三 下午10:14

Details:

Peter Winter-Smith discovered that libssh incorrectly handled
authentication when being used as a server. A remote attacker could use
this issue to bypass authentication without any credentials.

References:
  https://usn.ubuntu.com/usn/usn-3795-1
  CVE-2018-10933

TeamViewer 14 is here!

REF: https://www.teamviewer.com/en/

TrendLabs: November Patch Tuesday Fixes Another Zero-Day Win32k Bug, Other Public Vulnerabilities

As the year comes to a close, updates for both Microsoft and Adobe products and services are still ongoing via Patch Tuesday. This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability that is already being used in malicious attacks. Perhaps the most notable vulnerability addressed this month is CVE-2018-8589, another Win32k Elevation of Privilege Vulnerability that is similar to October’s CVE-2018-8453, which allows an attacker to make use of specially crafted applications to take full control of a targeted machine. Kaspersky Lab researchers confirmed that threat actors are already actively exploiting this bug for their attacks.

REF: https://newsroom.trendmicro.com/blog/security-intelligence/november-patch-tuesday-fixes-another-zero-day-win32k-bug-other-public-vul

Google Cloud and NASA hunt for life in the universe.

IA22097_large.jpg

REF: https://cloud.google.com/blog/products/ai-machine-learning/is-there-life-on-other-planets-google-cloud-is-working-with-nasas-frontier-development-lab-to-find-out

Updated Debian 9: 9.6 released

---------- Forwarded message ---------
From: Laura Arjona Reina
Date: 2018年11月10日 週六 下午11:54

The Debian project is pleased to announce the sixth update of its stable
distribution Debian 9 (codename "stretch"). This point release mainly
adds corrections for security issues, along with a few adjustments for
serious problems. Security advisories have already been published
separately and are referenced where available.

Please note that the point release does not constitute a new version of
Debian 9 but only updates some of the packages included. There is no
need to throw away old "stretch" media. After installation, packages can
be upgraded to the current versions using an up-to-date Debian mirror.

Those who frequently install updates from security.debian.org won't have
to update many packages, and most such updates are included in the point
release.

New installation images will be available soon at the regular locations.

Upgrading an existing installation to this revision can be achieved by
pointing the package management system at one of Debian's many HTTP
mirrors. A comprehensive list of mirrors is available at:

https://www.debian.org/mirror/list

Trello: Why You Need To Say 'No' At Work

Here’s a familiar scenario: You’re up to your ears in projects. Despite this, your boss comes up with a new initiative and is asking you to spearhead it, knowing full well you’re already overloaded. You somehow ignore the internal screaming inside your head and, to your own disbelief, you hear yourself saying yes to this request. Why?

REF: https://blog.trello.com/say-no-at-work-framework

[USN-3812-1] nginx vulnerabilities

---------- Forwarded message ---------

From: Marc Deslauriers 
Date: 2018年11月8日 週四 上午12:02

It was discovered that nginx incorrectly handled the HTTP/2 implementation.
A remote attacker could possibly use this issue to cause excessive memory
consumption, leading to a denial of service. This issue only affected
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-16843)

Gal Goldshtein discovered that nginx incorrectly handled the HTTP/2
implementation. A remote attacker could possibly use this issue to cause
excessive CPU usage, leading to a denial of service. This issue only
affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10.
(CVE-2018-16844)

It was discovered that nginx incorrectly handled the ngx_http_mp4_module
module. A remote attacker could possibly use this issue with a specially
crafted mp4 file to cause nginx to crash, stop responding, or access
arbitrary memory. (CVE-2018-16845)

References:
  https://usn.ubuntu.com/usn/usn-3812-1
  CVE-2018-16843, CVE-2018-16844, CVE-2018-16845

TrendLabs: Gathering Insights on the Reemergence and Evolution of Old Threats Through Managed Detection and Response

Figure 1. The top 15 malware detections in North America for the third quarter of 2018

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/gathering-insights-on-the-reemergence-and-evolution-of-old-threats-through-managed-detection-and-response/

[USN-3809-1] OpenSSH vulnerabilities

---------- Forwarded message ---------
From: Leonidas S. Barbosa
Date: 2018年11月6日 週二 下午10:48

Robert Swiecki discovered that OpenSSH incorrectly handled certain
messages. An attacker could possibly use this issue to cause a denial
of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04
LTS. (CVE-2016-10708)

It was discovered that OpenSSH incorrectly handled certain requests.
An attacker could possibly use this issue to access sensitive
information. (CVE-2018-15473)

References:
  https://usn.ubuntu.com/usn/usn-3809-1
  CVE-2016-10708, CVE-2018-15473

TrendLabs: Disrupting the Flow: Exposed and Vulnerable Water and Energy Infrastructures

Figure 1. Screenshot of an exposed HMI for controlling/configuring a water treatment plant

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/disrupting-the-flow-exposed-and-vulnerable-water-and-energy-infrastructures/

LXM: A command-line presentation app with purpose

Impress and PowerPoint slide shows have limited options for design or presentation. By contrast, Impressive offers users more formatting options. Impressive also has a small, but effective set of practical tools to make a presentation more effective.

REF: http://www.linux-magazine.com/Issues/2018/217/Eye-Candy

TrendLabs: Phishing Campaign uses Hijacked Emails to Deliver URSNIF by Replying to Ongoing Threads

Figure 2. Comparison between the malicious email and a legitimate one. Note the difference in language and the changed signature

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/phishing-campaign-uses-hijacked-emails-to-deliver-ursnif-by-replying-to-ongoing-threads/

NewTek Now Shipping Connect Spark™ Pro

The NewTek Connect Spark™ Pro is the fastest, easiest, and most flexible way to acquire 4K UHD video for your IP-based production workflow.

REF: https://www.newtek.com/