by Paul Arnote (parnote)
Monthly Update: Assault On Your Privacy
Last month it was LastPass, and the dust has hardly even started to settle from that data breach. Now, it's someone else's turn. Thousands of Norton LifeLock customers had their accounts compromised in recent weeks, potentially allowing criminal hackers access to customer password managers, the company revealed in a recent data breach notice, according to an article on TechCrunch. The information was also relayed on Slashdot.
A new high-severity vulnerability has been discovered that affects Google Chrome and other Chromium-based browsers like Microsoft Edge, according to an article on Tom's Guide. The vulnerability, dubbed SymStealer and tracked as CVE-2022-3656 (opens in new tab), was first discovered by security researchers at Imperva and more than 2.5 billion users could be at risk of potential attacks if they aren't running the latest version of Chrome. If exploited, an attacker could use this vulnerability to steal sensitive files from a users' computer including banking and crypto wallet credentials that could then be used to drain their accounts.
An unusual phishing technique has been observed in the wild, hiding empty SVG files inside HTML attachments pretending to be DocuSign documents, according to an article on BleepingComputer. Security researchers at email security provider Avanan named it "Blank Image." They explain that the attack allows phishing actors to evade detection of redirect URLs.
The entirety of the US "No Fly List" has been exposed online by a Swiss hacker who reportedly found three sensitive files stored on an unsecure cloud storage server, according to an article on TechRadar. One of the files contains the information of more than 1.5 million entries into the list, which covers individuals who have been barred from traveling to or from the US. The data was found out of boredom, according to a blog post written by the hacker, known online as maia arson crimew, which saw her searching Shodan for exposed Jenkins servers.
From the "it bears to be repeated again and again and again and again" department, the Tom's Guide website lists some strategies to protect yourself from some of the most common phishing attack vectors.
Criminals took advantage of an improperly configured API to steal the personal data of 37 million T-Mobile customers, such as customer names, billing addresses, email addresses, phone numbers, dates of birth, and T-Mobile account numbers, according to an article on TechRepublic.
Meta has once again been hit with a major GDPR violation, earning itself more than $400 million in fines for its latest data privacy misstep. The EU's Ireland-based Data Protection Commission levied two sets of Data Protection Commission levied two sets of fines after ruling that EU-based users have been illegally forced to accept personalized, targeted ads from both Facebook and Instagram, according to an article on TechRepublic. Naturally, this isn't the first rodeo for Meta facing fines for violation of the GDPR.
Bitwarden and other password managers are being targeted in Google ads phishing campaigns to steal users' password vault credentials, according to an article on Bleeping Computer. User beware. It's vitally important to inspect links before you click on them to make sure they aren't a spoofed version just looking to grab as much of your data as they can.
Once In A Lifetime Visitor
The last set of "human eyes" to have ever viewed this celestial visitor were probably Neanderthals. Comet C/2022 E3 (ZTF), a.k.a. the Green Comet (kind of sounds like one of forum member Arjaybe's novels, eh?), is making a near-Earth visit. On or around February 2, it will be making its nearest approach to Earth at only 28,000,000 miles (approximately 45,000,000 Km) away. The Green Comet takes 50,000 years to make its journey from the Oort Cloud to the sun, and then back out to the Oort Cloud.
The once-in-a-lifetime visitor will increase its visual magnitude to around +5.5, which means that it will be visible to the naked eye (depending on conditions) or with binoculars as it swings by Earth on its eons-long journey. A bright, waxing gibbous Moon may hinder visibility with the naked eye, though, in early February.
The comet will be visible (in the Northern hemisphere, anyway) slightly below Ursa Major, a.k.a. the Big Dipper, and may appear as a faint green smudge in the sky to the naked eye. Binoculars and telescopes will help garner a better view of the celestial visitor, as will getting far from the light pollution that will inhibit viewing in more urban areas.
Information about the comet's visit to the inner solar system is widely available on the internet. The comet's arrival has been widely covered in many media outlets. Here's a DuckDuckGo search for your convenience. If you're wanting to find more specific information, Wikipedia has a nice entry on the comet. Celestron (yes, the makers of the famous line of telescopes) has a nice entry about it on their blog. The Planetary Society also has a very nice and informative report on the comet.
Major Layoffs Announced Across Tech Industry
2022 and 2023 (so far) have NOT been kind to tech industry workers. First the pandemic forced many in this sector to work from home. With the pandemic "lockdowns" that swept the globe, much of the tech industry saw an uptick in relevance and usage. Now, greed the pursuit of ever-increasing profits has led to many companies in the tech industry to start to cut staff.
Over the past two years, tech industry workers have faced massive layoffs. How massive? Well, according to a CNBC article, over 70,000 have been axed. In November 2022, Meta cut 13% of its workforce, which amounts to over 11,000 of its workers. Alphabet, the company behind Google, announced a layoff of 12,000 of its workers. Microsoft announced a layoff of 10,000 of its workers. Amazon laid off more than 18,000 of its workers. Crypto.com has laid off around 500 of its workers. Coinbase cut 2,000 jobs. Salesforce has cut 10%, or 7,000, of its employees. Elon Musk's Twitter let 3,700 of its employees go after he purchased Twitter. Lyft cut 13% of its employees, or about 700 jobs. Stripe cut 1,100 jobs from its ranks. Shopify sent 1,000 employees packing. Netflix cut 450 employees from its payroll. Snap cut 1,000 jobs. Robinhood cut 1,100 jobs. Tesla axed 6,000 workers.
Let's add that up ... 11,000 + 12,000 + 10,000 + 18,000 + 500 + 2,000 + 7,000 + 3,700 + 700 + 1,100 + 1,000 + 450 + 1,000 + 1,100 + 6,000 equals 75,550 jobs.
Meanwhile, revenues for these companies, for the most part, hit record levels in 2021 (the last figures available for these companies). Alphabet posted revenues in excess of $250 billion. Microsoft delivered $168 billion in revenue. Meta posted nearly $118 billion in revenues. Amazon crushed them all, reporting annual revenues of nearly $470 billion. The list of growing profits/revenues goes on and on, up and down the list of the companies mentioned here.
For a really interesting take on the current round of layoffs that have besieged the tech industry, take a look at this article from The Verge website. It pretty much hits the nail squarely on the head.
PCLinuxOS Magazine Short Topix Roundup
Physicist Germain Tobar says that time travel may be possible, without the troubling paradox usually associated with it, according to an article on BGR. Of course, we would first have to figure out time travel before anyone can prove him right or wrong.
Most "best of" lists are highly subjective by their very nature. It's usually someone's opinion of what's "best" or "significant" that determines what "makes the list." What might be "best" or "significant" to one person may not be to another person. So, keeping that in mind, there are two lists of science's greatest achievements of 2022. One list, on the Visual Capitalist website, uses a graphical timeline of significant scientific advances of 2022. Another list of the "10 wildest scientific discoveries of 2022" is on the Listverse website.
There are many reasons to enjoy a cup of ruby red hibiscus tea, including its ability to warm the body in the winter, boost the immune system, regulate blood pressure, and aid in weight loss. Now, research has found that it could defeat Alzheimer's disease, according to an article on SciTechDaily.
Microsoft officially pulled the plug on the Extended Security Update program for Windows 7, effectively ending all support for the aging operating system, according to an article on Lifehacker. Initially released in October 2009, Windows 7 is STILL being used by roughly 11% of computers. This not only means no more updates ... period ... but that software vendors will also (most likely) stop supporting Windows 7 with their software releases and updates.
An article on the JStor website makes the argument for turning human waste matter into agricultural fertilizer. While that hasn't worked out well for North Korea (it's common knowledge that they use human waste to fertilize their agricultural fields), it's most likely because they aren't following the proven processes that turn human waste into usable fertilizer. One of the oldest plants is in Milwaukee, where they have been churning out Milorganite by the tons since 1925. Other plants exist scattered all around the world, using one of the three processes that have proven to be successful for turning human waste into fertilizer.
A TechRepublic article gives a breakdown on the next generation of wireless communications, known as 6G. Still in the R&D stages, it may be a little while before any of us see 6G networks roll out. Heck, many folks are just now getting access to 5G wireless networks.
An essay on the AEON website makes the case that there's no planet B. The scientific evidence is clear: the only celestial body that can support us is the one we evolved with.
Microsoft may be preparing to FINALLY replace the NTFS file system with a faster, better performing file system, known as ReFS, according to an article on the Windows Report website. Resilient File System (ReFS) is said to be more resilient, offers better performance than NTFS, and supports file systems up to 35PB (as opposed to NTFS, which only supports disks up to 256TB).
Can spicy foods cure colds? A neuroscientist reveals the encouraging truth in an article on Inverse. Spicy food does nothing against the rhinovirus, but it can ease symptoms.