-- Leo's gemini proxy
-- Connecting to gemini.tuxmachines.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
Tux Machines
Posted by Roy Schestowitz on Oct 17, 2022
> Australia's second biggest telco Singtel Optus dropped its daily digital advertising spend from US$55,000 (A$88.1 million) on 21 September to less than US$5000 on 22 September, the day it announced a massive data breach, a data analytics company says.
> Digital marketing intelligence company Pathmatics said Optus’ decision to reduce its advertising did not come as a surprise as this is the normal response during a crisis.
> Ten days after the breach, the company had yet to re-ignite its advertising efforts. But since 14 October, the digital advertising spend has come back to normal levels.
> Security updates have been issued by Arch Linux (kernel, linux-hardened, linux-lts, and linux-zen), Debian (python-django), Fedora (apptainer, kernel, python3.6, and vim), Gentoo (assimp, deluge, libvirt, libxml2, openssl, rust, tcpreplay, virglrenderer, and wireshark), Slackware (zlib), SUSE (chromium, python3, qemu, roundcubemail, and seamonkey), and Ubuntu (linux-aws-5.4 and linux-ibm).
> CISA has released RedEye, an interactive open-source analytic tool to visualize and report Red Team command and control activities.
> This gap in coverage left users vulnerable to a certain type of attack called BYOVD, or bring your own vulnerable driver. Drivers are the files your computer’s operating system uses to communicate with external devices and hardware, such as a printer, graphics card, or webcam. Since drivers can access the core of a device’s operating system, or kernel, Microsoft requires that all drivers are digitally signed, proving that they are safe to use. But if an existing, digitally-signed driver has a security hole, hackers can exploit this and gain direct access to Windows.
> We’ve already seen several of these attacks carried out in the wild. In August, hackers installed BlackByte ransomware on a vulnerable driver used for the overclocking utility MSI AfterBurner. Another recent incident involved cybercriminals exploiting a vulnerability in the anti-cheat driver for the game Genshin Impact. North Korean hacking group Lazarus waged a BYOVD attack on an aerospace employee in the Netherlands and a political journalist in Belgium in 2021, but security firm ESET only brought it to light late last month.
> Microsoft has been accused of using a huge network of tax havens and subsidiaries to minimise the quantum of tax it pays in Australia, a report from a tax transparency group claims.
> The Centre for International Corporate Tax Accountability and Research said in a 36-page report that while Microsoft reported an operating profit of more than 30% to shareholders, the financial reports from its subsidiaries in the UK, Australia and New Zealand among other countries listed profit as being between 3% and 5%.
> The report, which needs to be read in its entirety to understand the scale of these tax-minimisation operations, pointed out that Microsoft's Irish subsidiaries took in profits from around the world and paid nothing in corporate taxes.
> "The Irish subsidiary Microsoft Round Island One has previously made headlines for its US$315 billion (A$506.4 billion) annual profit – nearly equivalent to three-quarters of Ireland’s GDP – and a corporate tax bill of zero dollars, thanks, in part, to its tax residency in Bermuda," the report claimed.
-- Response ended
-- Page fetched on Thu Jun 13 21:23:42 2024