Tuesday, February 01, 2022
Monday, January 31, 2022
BLEEPING COMPUTER: Active Threats + Current Vulnerabilities
NOTE: With the addition of these eight vulnerabilities, there is now a total of 351 exploited vulnerabilities listed in CISA's Known Exploited Vulnerabilities Catalog.
CISA adds 8 vulnerabilities to list of actively exploited bugs
The US Cybersecurity & Infrastructure Security Agency (CISA) has added eight more flaws to its catalog of exploited vulnerabilities that are known to be used in attacks, and they're a mix of old and new.
The goal of publishing these vulnerabilities is to raise awareness and remind federal organizations of their obligation to apply security updates by a specified strict deadline.
As all of the vulnerabilities in the catalog are leveraged in active threats and current cyber-attacks, they carry a significant risk to organizations, allowing the takeover of mobile devices, network access, the ability to execute commands remotely.
The eight flaws added by CISA last week are listed below:
| CVE ID | Description | Patch Deadline |
| CVE-2022-22587 | Apple IOMobileFrameBuffer Memory Corruption Vulnerability | 2/11/2022 |
| CVE-2021-20038 | SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability | 2/11/2022 |
| CVE-2014-7169 | GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability | 7/28/2022 |
| CVE-2014-6271 | GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability | 7/28/2022 |
| CVE-2020-0787 | Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability | 7/28/2022 |
| CVE-2014-1776 | Microsoft Internet Explorer Use-After-Free Vulnerability | 7/28/2022 |
| CVE-2020-5722 | Grandstream Networks UCM6200 Series SQL Injection Vulnerability | 7/28/2022 |
| CVE-2017-5689 | Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability | 7/28/2022 |
The most recent vulnerability, CVE-2022-22587, was discovered in 2022 and is a memory corruption flaw in the IOMobileFrameBuffer affecting iOS, iPadOS, and macOS "Monterey."
Apple released a security update to fix the zero-day last Wednesday, warning that it is actively exploited in attacks. Due to the potential impact of this vulnerability on devices with wide circulation, CISA has given federal agencies until February 11, 2022, to apply the security updates.
CISA also added the CVE-2021-20038 vulnerability affecting SonicWall SMA 100 Appliances after it was discovered that threat actors were actively scanning for and attempting to exploit the vulnerability. As a result, CISA also requires agencies to patch this bug by February 11, 2022.
Some attempts itw on CVE-2021-20038 (SonicWall SMA RCE). Also some password spraying of default passwords from the past few days
— Rich Warren (@buffaloverflow) January 24, 2022
Remember to update AND change default passwords :) pic.twitter.com/WyDIXVKb4m
Of the older flaws, CVE-2013-6271 holds special significance for being a reliable long-term intrusion channel for adversaries.
It surfaced again via the 'Sea Turtle' campaign, which took place between 2017 and 2019, being among a set of flaws exploited in the context of global-scale sophisticated DNS hijacking attacks.
It appears that many system administrators still find it practically challenging to apply the fixing updates after almost eight years since they were first made publicly available.
With the addition of these eight vulnerabilities, there is now a total of 351 exploited vulnerabilities listed in CISA's Known Exploited Vulnerabilities Catalog
Over 20,000 data center management systems exposed to hackers
Researchers have found over 20,000 instances of publicly exposed data center infrastructure management (DCIM) software that monitor devices, HVAC control systems, and power distribution units, which could be used for a range of catastrophic attacks.
- January 29, 2022
- 11:08 AM
0
Latest Articles
QNAP: DeadBolt ransomware exploits a bug patched in December
Taiwan-based network-attached storage (NAS) maker QNAP urges customers to enable firmware auto-updating on their devices to defend against active attacks.
- January 31, 2022
- 02:28 PM
- 0
Microsoft Office 365 to add better protection for priority accounts
Microsoft is working on updating Microsoft Defender for Office 365 with differentiated protection for enterprise accounts tagged as critical for an organization (i.e., accounts of high-profile employees including executive-level managers, the ones most often targeted by attackers).
- January 31, 2022
- 12:17 PM
- 0
Russian 'Gamaredon' hackers use 8 new malware payloads in attacks
The Russia-linked hackers known as 'Gamaredon' (aka Armageddon or Shuckworm) were spotted deploying eight custom binaries in cyber-espionage operations against Ukrainian entities.
- January 31, 2022
- 11:14 AM
- 1
277,000 routers exposed to Eternal Silence attacks via UPnP
A malicious campaign known as 'Eternal Silence' is abusing Universal Plug and Play (UPnP) turns your router into a proxy server used to launch malicious attacks while hiding the location of the threat actors.
- January 31, 2022
- 10:40 AM
- 0
Researchers use GPU fingerprinting to track users online
A team of researchers from French, Israeli, and Australian universities has explored the possibility of using people's GPUs to create unique fingerprints and use them for persistent web tracking.
- January 30, 2022
- 10:12 AM
- 0
FTC: Americans lost $770 million from social media fraud surge
Americans are increasingly targeted by scammers on social media, according to tens of thousands of reports received by the US Federal Trade Commission (FTC) in 2021.
- January 30, 2022
- 10:00 AM
- 0
RED PLANET + China's 5-Year Plan
The five-year plan lays out an incredibly ambitious vision for space exploration. Should it come to fruition, China would rival NASA and its commercial space industry by the end of the decade.
Unfortunately, the white paper does not present budgeting information, nor does the closed leadership of China provide transparency about space spending. To meet some of these aims will almost certainly require significantly more funding than China is presently investing in space. Therefore, China's space plans are likely dependent upon the country's economy remaining relatively healthy.
A new video of Tianwen-1 flying above Mars is pretty epic
"The space industry will contribute more to China's growth as a whole."
China celebrates the start of a new year on Tuesday—it will be the Year of the Tiger—and on the eve of the holiday, the Chinese space program sent a special message from the red planet.
The country's Tianwen-1 spacecraft, which has been in orbit around Mars for nearly one year, captured a "selfie" video that shows the craft passing in front of the planet. This video was taken by a camera on the end of a narrow arm that extends 1.6 meters away from the vehicle and is used by operators to monitor the health of the spacecraft.
Highlights of the visuals include Tianwen-1's waggling solar panels, main engine, and fuel tanks. About halfway through, the ice-capped northern pole of Mars appears in the background as Tianwen-1 makes its orbit around the planet.
Another surprise from China's Tianwen-1 Mars spacecraft, this time to celebrate Chinese New Year, with a video taken using a selfie stick. CNSA/PEC https://t.co/Fqm6JMUPDX pic.twitter.com/Co7Zjvq0Uk
— Andrew Jones (@AJ_FI) January 31, 2022
This imagery offers a rare glimpse of a spacecraft orbiting another world and is rather striking. Its release on the eve of the Chinese New Year demonstrates how the country's leadership uses civil spaceflight to instill national pride and works to establish China on the world stage as an equal to the United States.
Some of this is propaganda, of course. But China very much has a national space program in ascendance. And on Friday, the government released a white paper that outlines China's five-year civil space strategy, which aims to continue an upward trajectory.
"In the next five years, China will integrate space science, technology, and applications while pursuing the new development philosophy, building a new development model and meeting the requirements for high-quality development," the white paper states. "It will start a new journey towards a space power. The space industry will contribute more to China's growth as a whole, to global consensus and common effort with regard to outer space exploration and utilization, and to human progress."
During the coming half-decade, China's space program intends to complete its Tiangong space station and launch a space telescope. The country also plans further study of a "plan for a human lunar landing" and research of key technologies to lay a foundation for exploring and developing cislunar space. Eventually, China plans to work with Russia and other international partners to build a "research station" on the Moon. This puts China in direct competition with NASA, which seeks to unite nations under the "Artemis Accords" and make a series of lunar landings in the late 2020s and early 2030s. . .
A PHOTO ESSAY
A sign of the times:
Polar bears move into abandoned Arctic weather station – photo essay
Photographer Dmitry Kokh discovered polar bears living in an abandoned weather station in Kolyuchin, in the Chukotka Autonomous Okrug of the Russian Federation, while on a trip to Wrangel Island, a Unesco-recognised nature reserve that serves as a refuge to the animals.
. . .There are only a few places on the planet where polar bears can be found in large numbers. One of them is Russia’s Wrangel Island, a nature reserve under Unesco protection that is often called a polar bear maternity ward. The place is very inaccessible, which may be bad for tourists but is great for the animals.
[...] Though several months have passed since the expedition, I still sometimes see polar bears in decaying windows before my eyes when falling asleep. And looking at the main photo in my life at the moment, the one named House of Bears, I think that sooner or later all human-made things on Earth will cease to exist – buildings, cars and computers will all meet their end. But life is eternal. These bears will continue to hunt, swim among ice floes and explore islands even when civilization ceases to exist. But life will remain eternal only if we humans finally begin to take care of the planet and the living creatures that need our protection."
Preparations for the expedition to Wrangel took nearly two years, and last August we finally set off for the north of Chukotka on a small ice-class sailing yacht. . .
READ MORE:
CITY CREEK MALL IN SALT LAKE CITY: 10 Years Later Largely Empty with Few Shoppers
Here's an eye-witness report from January 25, 2022
". . .Last Saturday, I took my family to hear a man who was born without arms or legs. While he was not up on a tower, he was up on the steps of Utah Capital that overlooks downtown Salt Lake. In my opinion, this disabled man reminded me of Samuel the Lamanite, the great prophet in the Book of Mormon. For those who don't know much about Samuel, he was an unlikely prophet who cried repentance to a prosperous people living in the great city of Zarahemla. These people thought they were righteous and had built a magnificent Temple in the center of their city. However, they had set their hearts upon riches and had become prideful. Samuel cried repentance to this people to warn them of their pending destruction if they didn't turn from their wicked ways.
It is interesting that after ten years, the shopping mall is largely empty with few shoppers. I can't help but think that the billions of dollars used by the Church to built this mall could have been spent helping to clothe the naked, feeding the poor, and helping the sick.
I took this below photo of a man named David and his dog named Peedy. While he was grateful for the assistance I offered to him, he said it meant more to him that I would sit down with him and talk to him like a friend instead of garbage like most people do who pass him by. 
================================
RELATED CONTENT ON MESAZONA
HYPER-LOCAL
A Flash-Back to June 10, 2018: Coulda, Woulda . . . It's A Done Deal 
OK sounds nice, right?
What happens when we take that hyper-local to home right here in downtown Mesa. . . What we get instead is what you < see in the opening image: plans for new construction in the Mormon Temple Area for a Massive Make-Over that mimic the retro-old faux-historic architecture used for the 23-acre Cave Creek, an urban revitalization project in Salt Lake City.
Shall we call it "Cave Creek-Lite" resigning ourselves to outside plans with no local input from downtown residents?
________________________________________________________________________
There's nothing "Mesa-authentic" in the proposed plans that have doubled from about 4 acres into more than 8 acres now. It's not the right thing and it's not the right time.
That's the hype we get and the hype we read:
If you're not directly involved in real estate speculation and development as an investment affiliate of the for-profit tentacles of the LDS Church all this came as a surprise slow-reveal after years of behind-the-scenes planning with city officials, developers, and stakeholders (so they said in announcements from the Mormon Newsroom in May 2018).
No financial details disclosed. No input from the public.
Is there any redemption at all for this architectural mimicry?
There's only one local architect - Tim Boyle, with a degree from Columbia University - who did speak up. He's also an appointed member of the City of Mesa's Planning &
Here's this report in The Salt Lake Tribune June 7, 2018
THIS WEEK IN MORMON LAND:
Massive Mesa Mormon Temple Make-Over Plan could transform downtown Mesa- East Valley Tribune Report by Jim Walsh reproduced by Rose Law Group Reporter
"An extensive renovation of the iconic Mesa Arizona Temple has the potential of becoming a catalyst for the transformation of the city’s downtown. Using Pioneer Park* and the revamped Temple as its anchor, that transformation could attract an unparalleled revival, said Maricopa County Supervisor and East Valley Partnership President Denny Barney.
"An extensive renovation of the iconic Mesa Arizona Temple has the potential of becoming a catalyst for the transformation of the city’s downtown. Using Pioneer Park* and the revamped Temple as its anchor, that transformation could attract an unparalleled revival, said Maricopa County Supervisor and East Valley Partnership President Denny Barney.
 |
| Iconic figure from Monopoly |
“We’re talking about tens of millions of dollars in private investment down there,’’ Barney said. “I think this will be a catalyst for future investment. . . "
RIGHT DENNY! . . . but we'll never know since no financial details were ever revealed.
* Blogger Footnote: The original Parks Bond budget approved figure for the renovation of Pioneer Park was $5.9 Million dollars that somehow doubled to $12 Million$ while the eastward Gilbert Road Extension of Valley Metro Light Rail Service was in-progress. One public report stated that the architect for the temple's redevelopment area 'worked with' planners, possibly for the underground installation of city-owned utilities infrastructure.
____________________________________________________________________________
Reporter Jim Walsh frames his take on the story like this: (it is) . . . " a classic confrontation between neighborhood revitalization and historic preservation with a landmark of the Church of Jesus Christ of Latter-day Saints at the center. . . " It's way more than that!
__________________________________________________________________
* Blogger Footnote: The original Parks Bond budget approved figure for the renovation of Pioneer Park was $5.9 Million dollars that somehow doubled to $12 Million$ while the eastward Gilbert Road Extension of Valley Metro Light Rail Service was in-progress. One public report stated that the architect for the temple's redevelopment area 'worked with' planners, possibly for the underground installation of city-owned utilities infrastructure.
____________________________________________________________________________
Reporter Jim Walsh frames his take on the story like this: (it is) . . . " a classic confrontation between neighborhood revitalization and historic preservation with a landmark of the Church of Jesus Christ of Latter-day Saints at the center. . . " It's way more than that!
__________________________________________________________________
09 October 2018
Inspiring Better Cities > Elevating the Role of Architects as Advocates for Equitable Housing
What happens when we take that hyper-local to home right here in downtown Mesa. . . What we get instead is what you < see in the opening image: plans for new construction in the Mormon Temple Area for a Massive Make-Over that mimic the retro-old faux-historic architecture used for the 23-acre Cave Creek, an urban revitalization project in Salt Lake City.
Shall we call it "Cave Creek-Lite" resigning ourselves to outside plans with no local input from downtown residents?
________________________________________________________________________
There's nothing "Mesa-authentic" in the proposed plans that have doubled from about 4 acres into more than 8 acres now. It's not the right thing and it's not the right time.
If you're not directly involved in real estate speculation and development as an investment affiliate of the for-profit tentacles of the LDS Church all this came as a surprise slow-reveal after years of behind-the-scenes planning with city officials, developers, and stakeholders (so they said in announcements from the Mormon Newsroom in May 2018).
No financial details disclosed. No input from the public.
Is there any redemption at all for this architectural mimicry?
There's only one local architect - Tim Boyle, with a degree from Columbia University - who did speak up. He's also an appointed member of the City of Mesa's Planning &
Here's this report in The Salt Lake Tribune June 7, 2018
THIS WEEK IN MORMON LAND:
Plans for 'City Creek South' Unveiled
(Courtesy Intellectual Reserve Inc.) Plans have been announced to redevelop 4.5 acres of land near the Mesa Arizona Temple. This rendering offers a southeast view of the mixed-use community.
City Creek South? You could call it City Creek South or City Creek Lite.
By David Noyce · Published: 3 days ago Updated: 2 days ago
The real estate investment arm of the LDS Church has announced plans to erect a new mixed-use development near the faith’s Mesa Temple, which is being renovated.
The Utah-based church completed a similar — albeit much larger — project in the heart of Salt Lake City with its City Creek Center.
(Courtesy Intellectual Reserve Inc.) Plans have been announced to redevelop 4.5 acres of land near the Mesa Arizona Temple. This rendering offers a southeast view of the mixed-use community.
City Creek South? You could call it City Creek South or City Creek Lite.
By David Noyce · Published: 3 days ago Updated: 2 days ago
The real estate investment arm of the LDS Church has announced plans to erect a new mixed-use development near the faith’s Mesa Temple, which is being renovated.
The Utah-based church completed a similar — albeit much larger — project in the heart of Salt Lake City with its City Creek Center.
"All of us are very familiar with the non-profit side of the Church with the buildings of Temples, churches, and the missionary program, but most are not familiar with the LDS Church for-profit companies. . .
Many might be surprised to know that the LDS church is the largest non-governmental land owner in the US.
It is not unusual for the Church to buy land. It normally does so through its primary corporate entity, the Corporation of the Presiding Bishop of the Church of Jesus Christ of Latter-day Saints. . .
the Church builds more square footage in United States than Walmart."
Source: BARE RECORD OF TRUTH
“We’ve been planning this project for years,” said Matt Baldwin, real estate development director for City Creek Reserve (CCRI)), an investment affiliate of the Church.
“We’ve talked with city and county government leaders, city planning staff and other local developers. We want to enhance and beautify this block, but we also want to make sure what we’re proposing is what downtown Mesa needs,” he added. . . .
Image: Matt Baldwin with Mesa developer Tony Wall and Mike Hutchinson, former Mesa City Manager and Vice President East Valley Partnership
__________________________________________________________________________
> Source: The Mormon News Room https://www.mormonnewsroom.org
1
14 March 2020
A Cloak of Secrecy Persists @ "City Creek Lite" Under The Guise of "The Grove on Main Street"
It's one thing to claim an exemption for "a non-profit" status organization but when a for-profit religion is in the business of real estate development - and uses public taxpayers municipal funds to for all the underground infrastructure - it is time way over due to provide both "an abundance of clarity" and accountability.
That's no secret.
It's a smaller-scale 10-acre version of the 23-acre project called City Creek Mall in Temple Square.
< "City Creek Center Lite"@ SEC Main/Mesa Drive
The complaint alleges a series of payments from EPA totaling $1.4 billion to help construct the City Creek Center mall in Temple Square in downtown Salt Lake City, Utah, which features a retractable roof, luxury storefronts and simulated creek with live trout. The LDS Church and its developers aimed to create a new urbanism in downtown Salt Lake City. The success of that expenditure of billions is open to conflicting opinions
GLOBAL WATER RESOURCES...Privatizing Water Rights is a Slippery Suibject
Intro: Here in Mesa, Arizona the issue in this post headline got some attention most recently during the Pandemic when residents could not pay increasing "service-fees-and-charges" for water usage that were approved by the Mesa City Council year-over-year in annual budgets.
At least one city council member analyzed the flaws of those actions taken for transferring the debt burden onto the backs of citizens - a subject that was covered by featured posts on this blog, as well as the City of Mesa selling-off rights-to-the-water on more than 11,400 acres included in the Mesa Water Farm subsequently purchased by Saints Holdings LLC.Recently the Arizona Corporate Commission approved some plans by a corporation named Global Water Resources to supply water to Maricopa and other cities. Previously the same entity bought water rights for Leisure World in East Mesa. In San Tan Valley and Queen Creek there were problems with water utilities and take-over of service by a company EPCOR
> Nationwide, dozens of new privatisation deals are under consideration, according to Global Water Intelligence, with 14 major acquisitions (each worth at least $10m) pending across five states, with a combined value of almost $800m, according to S&P Global Market Intelligence.
The following report on Chester, Pennsylvania appeared in The Guardian January 25, 2022.
(Please Note: Images inserted for editorial comment. They are not in the source)
Here's an excerpt: "Federal funding for water systems peaked in 1977, and since then municipal utilities have mostly depended on rate hikes and credit to fund infrastructure upgrades, water safety mandates and climate adaptation. As a result, the cost of water and sewage has risen sharply over the past decade or so, making this basic service an increasing burden for many Americans, a Guardian investigation found. Still, the funding shortfall remains gob smacking, which has been further exacerbated by billions of dollars in unpaid bills during the pandemic. 
‘Corporate vultures’: how Americans fearing higher water bills are fighting takeovers
"Corporations are trying to privatize dozens of public water utilities around the US, capitalizing on the financial troubles of cities.
The Octoraro reservoir is a lake in south-east Pennsylvania where locals fish, kayak and marvel at bald eagles and owls. It’s a picturesque scene but in the neighbourhoods nearby there are placards that carry warnings.
“No to Big Water”, the signs say, and “Save CWA”.
The signs show the local opposition to a hostile takeover effort by Aqua Water, one of the country’s biggest private water companies, against the public utility Chester Water Authority (CWA), which owns the reservoir and bordering woodland.
The CWA relies on the watershed to provide drinking water to about 200,000 people in Delaware and Chester counties. It’s an award-winning public utility that is financially robust and delivers safe, clean and affordable water. It does not need a bailout.
Campaigners say the battle here, which started in 2017, should be a wake-up call for residents around the US, as privatization often means higher bills.
“This takeover is about putting money over people’s needs – it’s corporate greed,” said Delaware county resident Santo Mazzeo, 42, a high school maths teacher with three children working two jobs to make ends meet.
“Water is the stuff of life, it’s a fundamental human right which should be run by the people for the people, not for profits,” added Mazzeo, who in his spare time delivers the anti-takeover signs to neighbours. . .
=========================================================================
RELATED CONTENT
18 September 2021
Influence-Maker Jordan Rose: Pinal has Water. . .What She Doesn't Disclose Her Clients are Real Estate Developers
OK. There's a very long back-story going back to a deal arranged by Mesa Deputy City Natalie Lewis to sell more than 11,000 acres of land owned by the City of Mesa that - surprise! - ended up in the hands of Saints Holdings LLC.
"According to Natalie Lewis, assistant to city manager Chris Brady, and also lead negotiator on the deal, Mesa purchased the land in 1985 for more than $29 million for its water rights to create a water farm. Eventually, the city found more cost-effective means to provide the city water.
OH REALLY? DID THEY?
The city expected it would take 20 years or more to sell the land. But two years ago, PLH approached the city with interest in purchasing the land in phases over five years. . More than 5 years ago, this LAND DEAL was one of the largest in Mesa's history.
The city expected it would take 20 years or more to sell the land. But two years ago, PLH approached the city with interest in purchasing the land in phases over five years. . More than 5 years ago, this LAND DEAL was one of the largest in Mesa's history. We didn't know more about it then.
Mesa Seals $135 Million Land Deal
How Pinal County defies the odds to increase development in a drought
By Madelaine Braggs | Rose Law Group Reporter
With a massive influx of new out of state residents filling Phoenix metro vacancies, Arizona desperately needs housing development to grow in Pinal County, but with no groundwater.
=========================================================================
The unconventional side of water investment
The prospects for a US federal infrastructure funding package are improving, but how should the funds be spent? George Hawkins outlines four areas worthy of attention.
Subscribe
Cart
municipal finance
Countries:
United StatesUS municipal water borrowing eases amid increased federal funding
Utilities are raising less tax-exempt debt for new water and wastewater projects. With interest rate hikes and additional federal dollars on the horizon, what are the implications for municipal spending?
https://www.globalwaterintel.com/global-water-intelligence-magazine/project-trackers
Subscribe to:
Comments (Atom)
-
Flash News: Ukraine Intercepts Russian Kh-59 Cruise Missile Using US VAMPIRE Air Defense System Mounted on Boat. Ukrainian forces have made ...
Federal infra funding should focus more on performance