Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: futurism – Page 697

Mitigation for Exchange Zero-Days Bypassed! Microsoft Issues New Workarounds

Microsoft has revised its mitigation measures for the newly disclosed and actively exploited zero-day flaws in Exchange Server after it was found that they could be trivially bypassed.

The two vulnerabilities, tracked as CVE-2022–41040 and CVE-2022–41082, have been codenamed ProxyNotShell due to similarities to another set of flaws called ProxyShell, which the tech giant resolved last year.

In-the-wild attacks abusing the shortcomings have chained the two flaws to gain remote code execution on compromised servers with elevated privileges, leading to the deployment of web shells.

Microsoft updates mitigation for ProxyNotShell Exchange zero days

Microsoft has updated the mitigations for the latest Exchange zero-day vulnerabilities tracked as CVE-2022–41040 and CVE-2022–41082, also referred to ProxyNotShell.

The initial recommendations were insufficient as researchers showed that they can be easily bypassed to allow new attacks exploiting the two bugs.

Unfortunately, the current recommendations are still not enough and the proposed mitigation can still allow ProxyNotShell attacks.

Saudi Arabia’s $500 billion megacity NEOM will host winter games in desert

The event will take place in a man-made city with a year-round winter sports complex.

Can you make snow in the desert? It seems you can, as Saudi Arabia will be hosting the 2029 Asian Winter Games, according to a report.

The games will take place at an under-construction US$500 billion megacity called Neom that is set to boast a year-round winter sports complex along with other futuristic amenities and features.

Water-based chips could be the future of neural networks

Researchers are working on water-based microprocessors that could one day be used as a more diverse alternative to the current wafer architecture of today, with applications ranging from AI to DNA synthesis and likely beyond.

The chips in question are still in the prototype stage, so don’t expect processors with built in water cooling just yet, but the way they work is really exciting. They use a technique called ionics, which involves manipulating different ion species in liquid, as opposed to the standard electrons shooting through our semiconductors today.

Microsoft confirms hackers are actively exploiting Exchange zero-day flaws

Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.

Microsoft Exchange server is one of those enterprise staples, but it’s also a key target for cybercriminals. Last week, GTSC reported attacks had begun chaining two new zero-day Exchange exploits as part of coordinated attacks.

While information is limited, Microsoft has confirmed in a blog post that these exploits have been used by a suspected state-sponsored threat actor to target fewer than 10 organizations and successfully exfiltrate data.

/* */