Major Windows Security Hole Went Unpatched by Microsoft for Over a YEAR...

 

Hackers have been targeting Windows 10 and 11 users with malware for over a year, but a fix has finally arrived in the latest Windows update released on July 9th.

This vulnerability, exploited by malicious code since at least January 2023, was reported to Microsoft by researchers. It was fixed on Tuesday as part of Microsoft’s monthly patch release, tracked as CVE-2024-38112. The flaw, residing in the MSHTML engine of Windows, had a severity rating of 7.0 out of 10.

Security firm Check Point discovered the attack code, which used “novel tricks” to lure Windows users into executing remote code. One method involved a file named Books_A0UJKO.pdf.url, which appeared as a PDF in Windows but was actually a .url file designed to open an application via a link.

Internet Explorer Continues to Haunt Windows...

When viewed in Windows, these files looked like PDFs, but they opened a link that called msedge.exe (Edge browser). This link included attributes like mhtml: and !x-usc:, a trick long used by threat actors to open applications such as MS Word. Instead of opening in Edge, the link would open in Internet Explorer (IE), which is less secure and outdated.

Internet Explorer, Microsoft's infamously insecure browser has been discontinued for years, and even more previously unknown vulnerabilities are still occasionally discovered.  The point being - once a hacker has Internet Explorer open, and the ability to tell it to open a URL, they can choose from a wide variety of methods to install software, execute code, or destroy data.

IE would prompt the user with a dialog box to open the file, and if the user clicked “open,” a second dialog box appeared, vaguely warning about opening content on the Windows device. Clicking “allow” would cause IE to load a file ending in .hta, running embedded code.

Haifei Li, the Check Point researcher who discovered the vulnerability, summarized the attack methods: the first technique used the “mhtml” trick to call IE instead of the more secure Chrome/Edge. The second technique tricked users into thinking they were opening a PDF while actually executing a dangerous .hta application. The goal was to make victims believe they were opening a PDF using these two tricks.

Check Point’s report includes cryptographic hashes for six malicious .url files used in the campaign, which Windows users can use to check if they’ve been targeted.

____
Author: Stephen Hannan
New York Newsroom

Read More

China is Creating DNA Records for EVERY American - Using a Combination of Hacking, and Buying US Businesses To Get It...

This is story everyone should be aware of, yet few have heard.

Initially reported over a year ago, verified by both the NY Times and 60 Minutes, this isn't something anyone is still wondering "is it true?" - it is. 

But even those who became aware of it as a result of those initial reports are likley unaware of all of the disturbing details we've learned since then.

Chinese firms are gathering genetic data from around the world, part of an effort by the Chinese government and corporations to develop the world’s largest bio-database.

These are the claims made in an alarming declassified official American intelligence report...

In the report, the National Counterintelligence and Security Center asserted that the United States must improve the security of vital technologies, such as artificial intelligence, quantum computing, semiconductors, and other technology relevant to the so-called bioeconomy.

Michael Orlando, the interim director of the counterintelligence center, a division of the Office of the Director of National Intelligence, stated that China and other countries are attempting to dominate these technologies by using both legal and unlawful tactics to gain American know-how.

China and other nations have long targeted the American private sector in an effort to steal American technology and intellectual property.

Other countries, such as Russia, continue to pose a threat, but China's economic power makes it the greatest threat, according to officials.

China believes that dominating these fields will provide it with an economic advantage, and American companies are also spending extensively in these areas. Artificial intelligence and machine learning have the potential to transform numerous facets of society, including military operations. Quantum computing would enable nations to break the most secure encryption now in use, and semiconductors are essential not only for computers but also for many consumer goods.

Officials are now now emphasizing the convergence of technology, genetic, and biological research as a competitive and espionage-prone field. Edward You, the national counterintelligence officer for new and disruptive technologies, stated that the Chinese government was gathering worldwide medical, health, and genetic data. The nation that has the best database of knowledge will have an advantage in discovering remedies for future pandemics, he stated, and China is already in the lead.

Among the most extreme theories on why China would want this data: Bioweapons that target specific DNA sequences common among US citizens, and rare among Chinese...

In recent years, the FBI and the counterintelligence center have increased their wide warnings to corporations and institutions regarding Chinese attempts to steal American technology. Some of these overtures have been met with skepticism, especially by colleges that fear the U.S. government may be attempting to restrict the number of Chinese students studying at American universities.

While the U.S. government can review many Chinese purchases of American firms, other Chinese investments are more difficult to monitor. Mr. Orlando stated that an American corporation collaborating with a Chinese company should take precautions to safeguard its data.

----------
Alex Benningram
TechNews.CITY / New York Newsroom

Read More