Category: Technology

There is a flaw in the way Microsoft handles it Safe Emails (Opens in a new tab) Via Microsoft Office 365, a security researcher claimed.

As I mentioned weekly computerWith a large enough sample, a threat actor could apparently abuse the vulnerability to decrypt the encrypted contents Email messages.

However, Microsoft downplayed the results, saying they’re not really a flaw. At the moment, the company has no intention of putting together a cure.

More emails, easier discovery

The flaw was discovered by security researcher Harry Sintonen of WithSecure (formerly F-Secure) at Office 365 Message Encryption (OME).

Organizations typically use OME when looking to send encrypted email messages, both internally and externally. But given the fact that OME encrypts each cipher block individually, and with message blocks corresponding to the same ciphertext blocks repeated each time, the threat actor can theoretically reveal details about the message structure.

This, Sintonen claims, means that any potential threat actor with a large enough sample of OME emails can infer the contents of the messages. All they need to do is analyze a location and repeat the recurring patterns in each message and match them with the others.

“More emails make this process easier and more accurate, so attackers can do this after they get their hands on email archives stolen during a data breach, or by hacking someone’s email account or email server or accessing copies,” Sentonen said. backup”.

If the threat actor gets access to the stolen email archives during the data breach, this means that he will be able to analyze patterns offline, which simplifies the work even more. This will also make your crypto/key fetching (BYOE/K) practices obsolete as well.

Unfortunately, if a threat actor gets their hands on these emails, there isn’t much business they can do.

Apparently, the researcher reported the problem to Microsoft early this year, to no avail. In a statement provided to WithSecure, Microsoft said that the report “is not considered to meet the Security Services Standards, and is not considered a breach. No change was made to the code and therefore no CVE has been released for this report.”

Across weekly computer (Opens in a new tab)

Microsoft has indicated that there may be some seismic changes in the way it handles file sharing and collaboration through OneDrive cloud storage Solution, but encrypted messages leave a lot to be answered.

The company regularly updates and adds new features to its entire suite, and publishes about them on its dedicated roadmap page. Last (Opens in a new tab) In a series of OneDrive updates it reads: “Sharing Experiences – Simplify External Sharing.”

The summary shares a bit more detail: “We want to simplify the engagement journey when a customer wants to collaborate with someone outside their organization.”

Share files in OneDrive

What we do know is that the update will first come to the web version of OneDriveAnd it could arrive as early as this month. We also know that it is in the testing phase.

Microsoft’s annual conference aimed at developers and IT professionals – Ignite – is currently taking place, and it has provided many exciting tidbits about OneDrive.

In a post on OneDrive Blog (Opens in a new tab)Author irfansha Baghdad explains that the OneDrive homepage has been “reimagined”. The changes are more subtle than in-your-face changes, and revolve around some background work showing recently accessed files and new filters to sort by file type.

There are also updates to management sharing, with new tabs to share with you, people, and meetings (the latter two do a good job of categorizing files shared by owner or event). The demo on the company’s blog shows that it works in tandem with other filters, such as sorting by file type.

The company is also working on an offline mode for the OneDrive web app, as is Files On Demand for desktop clients. The so-called Project Nucleus will allow you to make changes, with modifications uploaded once you’re back online.

Full spoilers for The Rings of Power Episode 8 read on.

Markella Kavenagh revealed that The Rings of Power didn’t recognize The Stranger’s identity until they received the script for Episode 8.

Speak exclusively to TechRadar by The last episode of season one Aired, Kavina — who portrays Nouri Brandefoot, one of the show’s main Harvots characters — made it clear that she had no idea who The Stranger was until late in production.

Major spoilers trace to Episodes of Power Episode 8. Don’t read beyond the image below if you haven’t streamed it yet.

Although we don’t know The Stranger’s actual name, we do receive confirmation of what kind of creature he is in High Fantasy. Show Prime VideoThe latest episode. He is one of the Istari, a group of five wizards sent by Valar to Middle-earth to aid the races of the world in their fight against Sauron.

since then The first trailer for The Rings of Power was dropped in FebruaryLord of the Rings fans have speculated that The Stranger was one of the Istari, despite it being pricey. Prime video The series sometimes makes the mistake of thinking that it was actually Sauron. As Episode 8 of The Rings of Power arrives, we know The Stranger is one of the good guys – it remains to be seen who he really is.

It seems that many of the actors on the show weren’t aware of who The Stranger was for a long time either. As Kavina revealed, none of the actors playing Harfoot – including Megan Richards (Poppy), Sarah Zongbani (Marigold) and Dylan Smith (Largo) – as well as Stranger himself (Daniel Wyman) were known early on, with the group only finding out once they deliver scripts for them.

“Yeah, when we really got the scripts,” Kavina said when asked when she learned of The Stranger’s wizard reveal. “I think we got [episode] Eight is too late and there were two copies as well, because the ending was very secretive. We had to read the scripts and it was very interesting to see who Daniel was playing. It was so important to finally find out who The Stranger was – somehow! “

“Somehow” is the correct way to end an answer like that. Unfortunately, The Rings of Power does not confirm which wizard The Stranger is. This is a reveal that is being pushed back until season two at the earliest. Although based on a certain line of dialogue that The Stranger said to Norie in Episode 8, we might already know who he is.

Fortunately, the show’s eighth entry isn’t the end of Nuri and Stranger’s blossoming friendship. We see the couple leave the rest of Harvots to travel east, with the land of Wren firmly in their sights. There, the couple hope to learn more about The Stranger’s powers – and hopefully discover his real name.

For Kavenagh, the opportunity to explore Nouri’s relationship with The Stranger in the series’ second season is very exciting. Mainly, because the duo can talk to each other now – something that wasn’t possible when The Stranger first landed on the first episode of The Rings of Power.

“They are able to communicate more verbally now,” she added. “We have that dialogue-filled scene in Episode 8, but it’s the first time we’ve actually been able to interact. It was a great experience, and I think that will change as their friendship develops.

“It’s going to add something more to their dynamics, but we’ll have to see how it goes. I don’t know when the shooting will start in season two – it’s starting slowly but I don’t have a specific time so Daniel and I know each other really well now so I hope it’s more fun and allows us to by adding a deeper connection to their relationship.”

For more exclusive Power Episodes coverage, discover Why episode 2 almost ruined the big Sauron series. Instead, keep reading When the show crew found out which one of them was playing Sauron.

There’s been a lot of controversy surrounding the recently revealed Nvidia GeForce RTX 4080 12GB release, and it looks like the company has finally succumbed to the proverbial pressure and made an unexpected decision.

nvidia (Opens in a new tab) Announced that it will be a 12 GB Unrelease Unlock RTX4080. According to the official post, the reason for the “not working” is that “RTX 4080 12GB is a great graphics card, but it is not named correctly. Having two GPUs with the designation 4080 is confusing.”

The 16GB version of the graphics card is still gearing up for its November 16 release, however, with the announcement that it’s “amazing and on track to delight gamers everywhere.”

What happened with the RTX 4080 12GB?

there was a lot of controversy Surrounding the 12GB RTX 4080 and its specs, especially considering the hefty $899 starting price. When compared to the 16GB version, we found that the graphics cards use two different chips: 16GB has the AD103 GPU chip while 12GB uses the AD104 chip.

Not only that, but the 4080 has 2048 fewer CUDA cores, less cache, and a smaller bus width. Although we don’t have the card to test at the moment, this will likely result in a 20-25% performance difference between the 12GB and 16GB versions. This is a big difference for models with the same brand 4080. Reference standards from . have also been leaked overclock That support this difference in the proposed performance.

This has led many to believe the 12GB 4080 is a compelling 4070, with an exaggerated price point. Judging from the lackluster performance and the fact that Nvidia delayed its launch with a rebranding on the horizon, there’s a lot of credit for this theory. Hopefully an error of this magnitude will never happen again.

The Church of Jesus Christ of Latter-day Saints, often referred to as the LDS Church or the Mormon Church, suffered a data breach that included sensitive personal information of church members, employees, contractors and friends. Payments and other bank statements were not affected.

in Advertising (Opens in a new tab) The church said the data breach occurred in late March 2022, but as the law enforcement investigation continues, it has been asked to keep the incident confidential.

The church did not mention the name of the source of the threat behind the attack, nor did it say if there was anything Malware (Opens in a new tab) It was used, but he said US federal law enforcement suspects the break-in was “part of a pattern of state-sponsored cyber attacks targeting organizations and governments around the world” that are not intended to harm individuals.

Bank data is safe

When hackers gained access to the church’s database, they stole “essential” data, including usernames, membership record numbers, full names, gender information, email addresses, birthdays, postal addresses, phone numbers, and preferred language.

Although your donation history or banking information is not affected, it is still enough sensitive data for identity theft, phishing, and other types of fraud.

So far, the church has not seen evidence of data being used in the wild, but has urged everyone to be extra vigilant when receiving any emails, SMS or phone calls, and to be alert for potential fraud attempts.

She also added that those affected by the accident have already been contacted, and those with additional questions can contact the listed phone numbers over here (Opens in a new tab).

To keep its members, employees, contractors, and friends safe, the church has hired outside forensic experts, notified US federal law enforcement, and “other cybersecurity professionals” who investigated the incident and “further strengthened” the security of the church’s systems. It did not elaborate on what this boost meant, nor did it provide the affected individuals with identity protection services.

A new phishing campaign impersonating Google Translate has been discovered to deceive victims.

The campaign was monitored by cybersecurity researchers from Afanan, and they found several phishing emails, some of which were written in Spanish.

The emails are consistent with what one would expect from a phishing attack, as they allegedly came from the victim’s email provider, explaining that identification (Opens in a new tab) It is not confirmed, and unless they act immediately, they will lose access to unread messages.

Lots of javascript

This is a common practice with phishing emails, the researchers say, because a sense of urgency causes people to act irrationally and recklessly, making them more likely to click on a malicious link or download a malicious attachment.

To “confirm” their identity, victims are asked to click on the link in the email itself. Those who fall for the scam and click on the link are redirected to a page that looks like Google Translate (which it isn’t). However, at the top of the page there is a login popup box, where victims have to enter their credentials. user name/The password (Opens in a new tab) The combination entered there goes directly to the attackers.

The fake translation page looks completely real, the researchers say, adding that the attackers used “a lot of JavaScript” to make it happen. It was also said that they included the Unescape command to conceal their true intentions.

Experts concluded, “This attack has a little bit of everything.” “It has a unique front-end social engineering. It makes use of a legitimate site to help access the inbox. It uses deception and obfuscation to confuse security services.”

The researchers warn that users need to be extra vigilant to defend against such attacks.

As a general rule, emails that require urgent action from the user are most likely phishing attacks and should be handled with extreme caution.

Intel Ark – the companycondemnedThe new controversial screen cards – Has been beaten in the latest Puget . system standardized tests (Opens in a new tab).

When trying out the new Intel Arc A750 8GB and Arc A770 16GB graphics cards, which were released on October 12, the custom PC builder discovered that performance was less than amazing compared to NVIDIA’s popularity. GeForce RTX 3060.

While Intel’s GPUs focus primarily on gaming, which means content creation is sometimes a secondary concern, the company admitted, “We’ve encountered a number of instances where we lose software support, or where a planned feature wasn’t working properly. Totally Correct.”

Create content (slowly)

Conduct a series of tests in Da Vinci Resolve – Our best pick for Best Free Video Editing Software The results showed that both Arc graphics cards struggled when facing the 12GB GeForce RTX 3060. Overall, NVIDIA’s demo was found to be 20-30% faster than either.

Going deeper, the company has turned its attention to GPU effects and RAW correction. Once again, GeForce outperformed the competition, with impact processing 10-20% faster and deposit removal nearly 50%.

When it comes to H.264 encoding and decoding, it was hardly a competition at all. The Intel GeForce RTX 3060 duo has been stripped, with nearly identical results upon decoding on the Nvidia GPU and Intel’s iGPU.

Compounding the problem, Puget Systems discovered that “when using an Intel Arc card in addition to the iGPU (with Resolve set to use ‘Intel Quick Sync’ for decoding), we experienced slightly lower performance than we did with either the iGPU or NVDEC with the RTX 3060. “

“Performance was lower if we only used an Arc card (with iGPU disabled),” she added.

However, there has been better news on the crypto front. When pairing the Arc A770 with the iGPU, the company found it to be 43% faster than the original encoder with Core i9 12900 K And 32% faster than using the Intel iGPU alone.

The Intel Arc A750, on the other hand, was less fast — but the results show some potential, the company claimed.

Standards have also been implemented Adobe Premiere ProAnd the Adobe After EffectsUnreal Engine, and higher 3D modeling and animation software mixer;

The results were more encouraging here. The A770 easily rivals (but couldn’t beat) the GeForce card in both Adobe’s premium video editor and vfx-programs. The A750 performed less well, but held its own – especially in Premiere Pro. But, as Puget Systems noted, the CPU is much more important in After Effects.

In Unreal Engine – which hints at Intel’s attempt to attract not only gamers but also game developers – it was found that “Considering performance in the Unreal Engine, the Arc A770 is about 8.5% faster than the NVIDIA RTX 3060, while the A750 is 7% slower.”

For graphic design artists, both Intel Arc GPUs deliver surprisingly poor performance – making NVIDIA the only game in town when it comes to professional rendering.

Despite concerns that high-end Arc GPUs provide a subpar experience for content creators, at least Puget Systems has found that video editing It took advantage of Intel’s Deep Link technology, which allows the Arc dGPU and Intel’s iGPU to work together.

Google’s plan to change the way we interact with Video conferencing software It was just taken to the next level with Project Starline rolling out to Google offices and more locations across the United States.

Despite Meta’s growing success in the VR headset space, Google remains committed to 3D shapes. Google says its “magic window” allows users to “speak, gesture and make eye contact with another person, both in life size and in three dimensions.”

Of course, the technology and hardware required for this can be very costly, including machine learning, computer vision, spatial sound, and light field display systems, however, all of these in tandem bring us the most realistic representation to date.

Google Project Starline

Google believes that increasing call signals can help make meetings more efficient, saving time and therefore money. In his own research, he saw on average about 40% more hand gestures, about 25% more head gestures, and 50% more eyebrow movements.

Internal testing at Google Sites has proven successful, and after some visits from retail, media and healthcare partner companies, the tech giant is now hoping to roll out demos in offices other than their own. The Early Access program, starting this year, will install prototypes in the offices of Salesforce, WeWork, T-Mobile and Hackensack Meridian Health as the future of video conferencing approaches the reality.

In addition to building and maintaining company relationships, Google sees its Starline kiosks expanding to include customer-business relationships and even “just sit down for a coffee chat,” although it will likely take years for this technology to become popular in home environments.

<!–

Privacy and Cookie Policy

for minecraft server Affected by a distributor denial of service (DDoS (Opens in a new tab)The attack that Cloudflare claims is the largest, in terms of bitrate, has ever been mitigated.

As I mentioned Computerthe attack was carried out by a type of Mirai (one of the most famous botnets in the world), against a Minecraft server called Wynncraft.

Whoever was behind the attack managed to develop a 2.5 terabits per second strike, which lasted about two minutes. It consisted of UDP and TCP packets that were trying to confuse servers and drive away “hundreds of thousands” of players. According to Cloudflare, which defended the incident, people playing the game “didn’t even notice the attack.”

Large DDoS attacks are increasing in number

These numbers are part of Cloudflare’s DDoS Threat Report for the third quarter of 2021. In the report, the company claims that multi-terabit DDoS attacks are increasing in frequency. In fact, during the third quarter, “multiple” attacks attenuated in excess of 1 terabyte per second.

Overall, the number of DDoS attacks has increased over the past 12 months. Long-term volumetric attacks are also on the increase, especially against targets in Taiwan and Japan. In these two countries, attacks grew by 200% and 105% on a quarterly basis, respectively. Furthermore, the report claims that HTTP DDoS attacks grew by 111% year-on-year, but decreased by 10% quarter-on-quarter.

Cloudflare added that Layer 3 and Layer 4 DDoS attacks grew 97% year-over-year, and 24% quarter-on-quarter, noting that threat actors are particularly fond of Mirai.

Commenting on his findings, Cloudflare said, “The attacks may be initiated by humans, but they are carried out by bots — and to play to win, bots must fight with bots.” “Detection and mitigation should be automated as much as possible, because relying solely on humans puts defenders at a disadvantage.”

“Over the years, it has become easier, cheaper, and easier for attackers and hackers to launch DDoS attacks.”