Cyber Bites

An annual study by the University of Roehampton has found that fewer 16-year-olds in England are getting a computing qualification. It also said schools have cut back on the hours spent teaching the subject. In 2018, 130,000 students got a GCSE in either computer science or ICT (information and communications technology), down from 140,000 the previous year. Source: BBC

A recent article in Nature highlights a discovery that pushes the boundaries of our imaginations and challenges some of the very attributes that make us human. The piece details how artificial intelligence is creating speech by interpreting brain signals (and even offers an audio recording for a chance to hear it for yourself). It’s a key advancement for people who can’t speak because it provides a direct technologically-enabled path from thought to speech. Source: Fortune

Samsung has announced its new Exynos i T100 chip that integrates a processor and memory. The solution, which is aimed at Internet of Things (IoT) devices will bolster the security and reliability of products that ship with this hardware. With more and more smart home devices coming online, maintaining good security is critical. Source: neowin.net https://www.neowin.net/news/samsung-launches-exynos-i-t100-chip-to-bolster-iot-security

Binance, one of the top five cryptocurrency exchanges in the world, announced a "large scale security breach" during which hackers stole over 7,000 Bitcoin, worth nearly $41 million at the time of writing. The breach occurred today, May 7, and was disclosed on the company's blog and social media channels. Binance said hackers used various techniques --such as "phishing, viruses and other attacks"-- to gain access to user accounts, including "API keys, 2FA codes, and potentially other...

A scammer looking to take over a YouTube account got a big fat nothing by targeting the owner of a channel that saw right through the fraud and spread the word about the attempt. The scam was simple and could have gotten through had it not been for some details that rang the alarm bells of the intended victim. Source: Bleeping Computer

Cisco has patched a critical, remotely exploitable authentication bypass vulnerability in Cisco Elastic Services Controller (ESC), a popular enterprise software for managing virtualized resources. About the vulnerability (CVE-2019-1867): “The vulnerability is due to improper validation of API requests. An attacker could exploit this vulnerability by sending a crafted request to the REST API. A successful exploit could allow the attacker to execute arbitrary actions through the REST API with administrative privileges on an affected system,”...

The 2019 Verizon Data Breach Investigations Report showed significant increases in cyberespionage and nation-state activity. It also painted a gloomy picture for email threats. Source: Tech Target

Ransomware attacks are becoming less prevalent as cyber criminals look to news way of attacking a system, a new report has found. Instead, hackers are turning towards hidden HTTPs tunnels that appear as normal encrypted web traffic to target healthcare organisations. The Vectra 2019 Spotlight Report on Healthcare identified Internet of Things (IoT) devices; unpartitioned networks; and reliance on out-dated systems, as weakness most likely to be exploited by cybercriminals looking to steal personal information...

UK cyber-security firm Sophos reported detecting a spike in ransomware attacks at the end of last week from a new strain named MegaCortex. Sophos said the ransomware appears to have been designed to target large enterprise networks as part of carefully planned targeted intrusions --in a tactic that is known as "big-game hunting." The modus operandi is not new and has been the preferred method of delivering ransomware for almost half a year. Source: ZDNet

Security researchers brought to life and released a wicked variant of Clippy, the recently resurfaced assistant in Microsoft Office that we all loved so much to hate, that makes it more difficult to detect a malicious macro in documents. Dubbed Evil Clippy, the tool modifies Office documents at file format level to spew out malicious versions that get by the static analysis of antivirus engines and even utilities for manual inspection of macro scripts. Source: BleepinComputer