Lifeboat Foundation

Microsoft has revised its mitigation measures for the newly disclosed and actively exploited zero-day flaws in Exchange Server after it was found that they could be trivially bypassed.

The two vulnerabilities, tracked as CVE-2022–41040 and CVE-2022–41082, have been codenamed ProxyNotShell due to similarities to another set of flaws called ProxyShell, which the tech giant resolved last year.

In-the-wild attacks abusing the shortcomings have chained the two flaws to gain remote code execution on compromised servers with elevated privileges, leading to the deployment of web shells.

A new Android malware dubbed “RatMilad” has been observed targeting Middle Eastern enterprise mobile devices by posing as VPNs and spoofing apps.

FBI, CISA and NSA have disclosed information on how multiple nation-state hacker groups targeted the network of a Defense Industrial Base.

Avast has released a decryptor for variants of the Hades ransomware known as ‘MafiaWare666’, ‘Jcrypt’, ‘RIP Lmao’, and ‘BrutusptCrypt,’ allowing victims to recover their files for free.

The security company says it discovered a flaw in the encryption scheme of the Hades strain, allowing some of the variants to be unlocked. However, this may not apply to newer or unknown samples that use a different encryption system.

Utilizing Avast’s tool, victims of the supported ransomware variants can decrypt and access their files again without paying a ransom to the attackers, which ranges between $50 and $300. However, ransom demands reached tens of thousands in some cases.

Security researchers have found a new piece of malware targeting Microsoft SQL servers. Named Maggie, the backdoor has already infected hundreds of machines all over the world.

Maggie is controlled through SQL queries that instruct it to run commands and interact with files. Its capabilities extend to brute-forcing administrator logins to other Microsoft SQL servers and doubling as a bridge head into the server’s network environment.

The backdoor was discovered by German analysts Johann Aydinbas and Axel Wauer of the DCSO CyTec. Telemetry data shows that Maggie is more prevalent in South Korea, India, Vietnam, China, Russia, Thailand, Germany, and the United States.

Microsoft has updated the mitigations for the latest Exchange zero-day vulnerabilities tracked as CVE-2022–41040 and CVE-2022–41082, also referred to ProxyNotShell.

The initial recommendations were insufficient as researchers showed that they can be easily bypassed to allow new attacks exploiting the two bugs.

Unfortunately, the current recommendations are still not enough and the proposed mitigation can still allow ProxyNotShell attacks.

Companies creating lab-grown steak, chicken, and fish see a recent White House announcement as a signal that meat grown without animal slaughter is on the cusp of being legally sold and eaten in the US.

“We are laser focused on commercial-scale production, and for us, that means moving into competing with conventional meat products in scale,” said Eric Schulze, vice president of product and regulation at Upside Foods, a cultivated meat company, as the industry calls itself. The goal is to be selling its meat on the US market within the year.

The traditional meat and poultry industry reacted strongly to President Joe Biden’s executive order last month on biotechnology and biomanufacturing, which observers say could push federal agencies to allow commercial sales of meat grown from an animal’s cells.

Algorithms have helped mathematicians perform fundamental operations for thousands of years. The ancient Egyptians created an algorithm to multiply two numbers without requiring a multiplication table, and Greek mathematician Euclid described an algorithm to compute the greatest common divisor, which is still in use today.

During the Islamic Golden Age, Persian mathematician Muhammad ibn Musa al-Khwarizmi designed new algorithms to solve linear and quadratic equations. In fact, al-Khwarizmi’s name, translated into Latin as Algoritmi, led to the term algorithm. But, despite the familiarity with algorithms today – used throughout society from classroom algebra to cutting edge scientific research – the process of discovering new algorithms is incredibly difficult, and an example of the amazing reasoning abilities of the human mind.

In our paper, published today in Nature, we introduce AlphaTensor, the first artificial intelligence (AI) system for discovering novel, efficient, and provably correct algorithms for fundamental tasks such as matrix multiplication. This sheds light on a 50-year-old open question in mathematics about finding the fastest way to multiply two matrices.

Today, Google announced the development of Imagen Video, a text-to-video AI mode capable of producing 1280×768 videos at 24 frames per second from a written prompt. Currently, it’s in a research phase, but its appearance five months after Google Imagen points to the rapid development of video synthesis models.

According to Google’s research paper, Imagen Video includes several notable stylistic abilities, such as generating videos based on the work of famous painters (the paintings of Vincent van Gogh, for example), generating 3D rotating objects while preserving object structure, and rendering text in a variety of animation styles. Google is hopeful that general-purpose video synthesis models can “significantly decrease the difficulty of high-quality content generation.”