The Bitdefender parsing engine supports the RAR archive format. The parsing engine can be bypassed by specifically manipulating an RAR Archive (RAR Compression Information) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating. All Bitdefender Products and Vendors that have licensed the Engine before Dec 12, 2019 are affected.

The ESET parsing engine can be bypassed by specifically manipulating a ZIP Archive Compression Information Field so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.

The Kaspersky parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive (File Name length Field) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.

The Bitdefender parsing engine supports the GZIP archive format. The parsing engine can be bypassed by specifically manipulating a GZIP Archive (Compression Method) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating.

The AVAST parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating a ZIP archive so that it can be accessed by an end-user but not the anti-virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.

The QuickHeal parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive (GPFLAG) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating.

Apple iPhone 4 with iOS 4.3 (8F190) suffers from a passphrase disclosure vulnerability that allows all local processes access to it.

IPhone TreasonSMS suffers from html injection and file inclusion vulnerabilities.

This Metasploit module exploits a shell command injection vulnerability in the libnotify plugin. This vulnerability affects Metasploit versions 5.0.79 and earlier.

TP-LINK Cloud Cameras including products NC200, NC210, NC220, NC230, NC250, NC260, and NC450 suffer from a command injection vulnerability. The issue is located in the swSystemSetProductAliasCheck method of the ipcamera binary (Called when setting a new alias for the device via /setsysname.fcgi), where despite a check on the name length, no other checks are in place in order to prevent shell metacharacters from being introduced. The system name would then be used in swBonjourStartHTTP as part of a shell command where arbitrary commands could be injected and executed as root.

Singapore has retained its place at the top of fDi's Asia-Pacific Cities of the Future ranking, with Shanghai and Tokyo completing the top three list. 

Synaccess netBooter NP-02x and NP-08x version 6.8 suffer from an authentication bypass vulnerability due to a missing control check when calling the webNewAcct.cgi script while creating users. This allows an unauthenticated attacker to create an admin user account and bypass authentication giving her the power to turn off a power supply to a resource.

An exploitable unverified password change vulnerability exists in the ACEManager upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a unverified device configuration change, resulting in an unverified change of the user password on the device. An attacker can make an authenticated HTTP request to trigger this vulnerability.

An exploitable Information Disclosure vulnerability exists in the ACEManager EmbeddedAceGet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause an information disclosure, resulting in the exposure of confidential information, including, but not limited to, plaintext passwords and SNMP community strings. An attacker can make an authenticated HTTP request, or run the binary, to trigger this vulnerability.

An exploitable Permission Assignment vulnerability exists in the ACEManager EmbeddedAceSet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a arbitrary setting writes, resulting in the unverified changes to any system setting. An attacker can make an authenticated HTTP request, or run the binary as any user, to trigger this vulnerability.

The IDAL HTTP server CGI interface contains a URL, which allows an unauthenticated attacker to bypass authentication and gain access to privileged functions. In the IDAL CGI interface, there is a URL (/cgi/loginDefaultUser), which will create a session in an authenticated state and return the session ID along with the username and plaintext password of the user. An attacker can then login with the provided credentials or supply the string 'IDALToken=......' in a cookie which will allow them to perform privileged operations such as restarting the service with /cgi/restart.

What if the coronavirus lasts until the end of the year? Lawrence Yeo has a bleak forecast.

In this age of increasing hacks and cybercrime, the Norman Rockwell Museum has a lot of digital assets, museum operations data, and private patron data that need to be protected. Find out why Frank Kennedy, IT manager at the Rockwell museum, chose Veritas Backup Exec to be a key part of the museum's security strategy.

About the Museum

Norman Rockwell is one of the great iconic painters and illustrators of American life in the 20th century. His hundreds of covers for the Saturday Evening Post magazine alone are a national treasure. The Norman Rockwell Museum is located in Stockbridge, Massachusetts, where Rockwell spent the last part of his celebrated life. The museum started two years before Rockwell's death in 1978 and houses over 100,000 of his works and also those of other illustrators.

The museum now has 140,000 annual visitors, and 220,000 people view its traveling exhibitions each year. It also has an active website with more than 600,000 worldwide unique visitors per year.

The Museum's IT System

IT Manager Frank Kennedy is an IT department of one (plus an occasional contractor). He supports 90 staff and volunteers and is responsible for critical information security and data protection for the museum.

The museum's IT network consists of several large physical servers and many single-purpose virtual machines. The single-purpose virtual machines allow for emergency service without disrupting other departments.

Frank says, "Most of our enterprise software is procured via TechSoup, which makes it affordable to license so many servers! We do not have to make do with weak, low-budget software."

Digital Assets: Preserving Art over the Long Term

Frank Kennedy explains that digital assets are of increasing importance in the work of museums. There are high-resolution images or copies of art works that must be carefully stored to preserve work in its best condition. He says that digital versions are often irreplaceable, as when the original object is disintegrating or would be damaged by further handling.

The digital versions keep a faithful record of the art in its best state. The most sensitive objects of this museum include a collection of Rockwell's cellulose nitrate film negatives, which deteriorate over time.

The museum also has analog audio and video tape and motion picture film that deteriorates, as well as works on paper that degrade with exposure to light. Other crucial data for the museum includes databases for collection management, point of sale records, donor management, and email.

Frank's backup system is designed to be redundant on purpose. He says, "Protecting this data means keeping many copies in many places. Doing so becomes a big challenge when the size of the data becomes several terabytes. I use many layers of redundancy."

The Backup Crisis

As the museum's data got bigger and bigger, and server patches piled on, the museum's previous backup solution eventually became unstable. Frank reports that his backups were failing constantly and causing him stress in his careful, risk-based management approach. When he first went to get a new backup solution from TechSoup, he discovered that what he needed was not available.

He says, "The cost for the options I use would have been over $4,000 per year, unbudgeted. TechSoup responded to users' desperate cry and worked with Veritas to bring Backup Exec back to TechSoup! I can't even describe my relief. Veritas Backup Exec is better than ever. It is so stable that I get suspicious and have to go look just to be sure it's really working!"

Why the Norman Rockwell Museum Chose Backup Exec over Other Options

Frank told me that the license he gets from TechSoup includes every option his museum needs. These options and features include

• Exchange Server backup
• Unlimited media server backups
• Unlimited agents for specific applications like VMware, Windows, Linux, and so on
• Simplified disaster recovery
• Protection against accidental deletion, damage, or overwriting
• Storing backups to disk, network share, tape (any type), or cloud — or all four at once
• Virtual machine snapshots that are viewable directly from the host's agent
• A deduplication engine so backed-up data is as clean as possible
• Backup retention periods that can be defined per job and per media server
• An excellent graphical user interface
• The status of every backed-up resource available at a glance
• Sending an email to the admin when anything goes wrong
• Running several jobs simultaneously (depending on server horsepower)

Advice for Museums and Other Organizations Considering Veritas Backup Exec

• Backup Exec is powerful software geared toward backing up an entire network. It requires some study to do the installation and learn the software.
• You don't get phone support with the charity licensing, so you need to be comfortable Googling for answers and working in the Veritas community support forum.
• Frank recommends dedicating a strong server for running the software. He likes eight cores and 32 GB of RAM; hot-swappable, hot-growable RAID-5; fast network connectivity; and a very large uninterruptible power supply (UPS).
• Avoid the temptation to install other services or applications on what seems to be a machine that is often idle.

In a Nutshell

Frank's experience is that "Veritas Backup Exec is the best, most reliable, most flexible, and versatile backup software you can get. Commit the needed resources to operate it, and you will be rewarded with peace of mind and business continuity. Your donors will be pleased that you are protecting their investment so carefully."

Image: Norman Rockwell Museum / All rights reserved / Used with permission

spanhidden

4

In Week 1 of National Cybersecurity Awareness Month (NCSAM) we looked at spoofed emails, cybercriminals' preferred method of spreading malware. Today, in an effort to provide you with the best information out there to keep you safe online, we're hitting you with a double dose of cybersafety news.

Let's take look at the topics for Week 2 and 3 of National Cybersecurity Awareness Month: malware and password security. They're separate but related issues in the world of Internet crime prevention, and a better understanding of each is key to protecting your property and personal information in today's digital world.

Malware

Malware is an umbrella term used to describe software that is intended to damage or disable computers and computer systems. If you'd like, you can take a moment and watch this video on malware from Norton Security. But the best way to begin protecting yourself against this stuff is to learn about all the different types of malware that can affect your computer. There are tons, so we'll just go over the broader categories for now.

Viruses: Malicious bits of code that replicate by copying themselves to another program, computer boot sector, or document and change how a computer works. Viruses are typically attached to an executable file or program and spread once a user opens that file and executes it.

Worms: They're like viruses, but are different in terms of the way they're spread. Worms typically exploit a vulnerability or a weakness that allows an attacker to reduce a system's information assurance. Missed that last Windows update? You might be more vulnerable to worms.

Trojans: These look like legitimate pieces of software and are activated after a user executes them. Unlike a virus or a worm, a trojan does not replicate a copy of itself. Instead, it lurks silently in the background, compromising users' sensitive personal data.

Ransomware: This refers to a type of malware that prevents or limits users from accessing their system, either by locking the system's screen or by locking or threatening to erase the users' files unless a ransom is paid. You may recall the WannaCry attack that affected users across the globe this summer, only to be thwarted by the accidental discovery of a "kill switch" that saved people from the malicious software.

Spyware: This malware collects your personal information (such as credit card numbers) and often passes this information along to third parties online without you knowing.

You can check out more descriptions and examples of the types of malware that exist today at MalwareFox, a malware detection and removal software program.

Tips for Protecting Yourself Against Malware

Staying malware-free doesn't require an engineering degree. You can greatly reduce, if not completely eliminate, your chances of falling victim to malware by following these easy tips.

• Keep your operating system current.
• Keep your software up to date, particularly the software you use to browse the Internet.
• Install antivirus and security software and schedule weekly scans. At TechSoup, we're protected by Symantec Endpoint Protection. At home, there are dozens of solutions you can use to protect yourself (PCMag lists many here).
• Mind where you click. Think twice before you download torrent videos or free Microsoft Office templates from some random website.
• Avoid public, nonpassword, nonencrypted Wi-Fi connections when you can. Use a VPN when you cannot.

Spread the Word

Let people know that TechSoup is helping you become more #CyberAware by sharing a message on your social media channels. If you tag @TechSoup on Twitter, we'll retweet the first two tweets. Remember, we're all in this together.

Password Security

Now that we've covered the nasty stuff that can make your life miserable if it ends up on your computer, let's go over some password security tips to help prevent malware from getting there in the first place. Using best practices when it comes to protecting your passwords is a proven way to protect your personal and financial information. Curious how knowledgeable you already are? Watch this video and take this quiz to enter a drawing for a $25 Amazon gift card!

First, let's go over some facts.

• Passwords are the first line of defense to protect your personal and financial information.
• A weak password can allow viruses to gain access to your computer and spread through TechSoup's or your family's network.
• It's estimated that 73 percent of users have the same password for multiple sites and 33 percent use the same password every time. (Source: Digicert, May 2014)
• Despite a small sample size of 1,110 U.S. adults, a recent YouGov survey still found that 28 percent of adults use the same passwords for most of their online accounts. (Source: Business Insider, October 2017).

Best Practices for Effective Password Protection

One great way to better protect yourself is by opting for a passphrase, which is much more difficult to crack than a single-word password. Here are some guidelines to creating one.

• Pick a famous quote or saying and use the first letter of each word.
• Add a number that you can remember.
• Capitalize one letter.
• Make it unique by adding the first letter of your company's name to the beginning or end of the passphrase.
• Make it between 16 and 24 characters.

You should never write your password down, but if you must, never store user IDs and passwords together. Finally — even though it might seem unwieldy — you should always use a different password for each site that requires one. In today's world, everything is connected. A savvy hacker can easily breach your bank account, email, and medical records in one fell swoop if you're using the same password for all three.

Additional Cybersecurity Resources

In case you missed it, take a look at last week's post on recognizing suspicious emails.

Need a little inspiration? Find out how TechSoup and Symantec are making a difference in the lives of at-risk teens.

Get more security tips from the National Cyber Security Alliance. National Cyber Security Alliance Month — observed every October — was created as a collaborative effort between government and industry to ensure that all Americans have the resources they need to stay safer and more secure online. Find out how you can get involved.

spanhidden

Twenty-five countries attracted high-ticket investment deals at the Africa Investment Forum

Poor infrastructure and political instability deter tourism, but small and manageable steps to avoid chaos and promote hospitality can work wonders.

Kenya’s cabinet secretary for the national treasury and planning, Ukur Yatani, discusses the country’s agenda of fiscal reforms and the importance of constructing an east-west Africa highway.

The UN Sustainable Development Goals aim to end global poverty, but poorer countries are struggling to hit them. More help from richer countries is crucial, writes Mazdak Rafaty.

FDI levels have already fallen throughout Iran's main sphere of influence in the region. 

Announced greenfield projects into China plummeted in early 2020 with the US and Europe taking the lion's share of global foreign investment. 

Authorities in the US, the EU and across the developed world are stepping up efforts to scrutinise foreign investment on the grounds of both national security and tech sovereignty.

London is crowned best major city in Europe in fDi's FDI Strategy category, with Glasgow, Vilnius, Reykjavik and Galway also winning out.

Serbia’s technology cluster is gaining momentum and attracting FDI, for both its software and hardware expertise.

This Metasploit module exploits a vulnerability in Total.js CMS. The issue is that a user with admin permission can embed a malicious JavaScript payload in a widget, which is evaluated server side, and gain remote code execution.

The UAE followed Singapore’s swift reaction to combat Covid-19, to preserve the health of its citizens. Now moves are in place to tackle the country’s economic wellbeing.

The coronavirus pandemic could change human behaviour more permanently in future.

Once the powerhouse of the industrial US, the rust belt states have revived their economies with the help of foreign investment. 

Consulting firms in the Middle East are likely to take a hit in 2020 due to the coronavirus, after two strong years.

The pandemic is likely to hit the Middle East’s more fragile countries hardest.

Despite its thriving automotive sector, Gothenburg is vulnerable to global economic pressures. However, local authorities are confident that their strategies will see the city ride out the uncertainties related to Brexit and the US-China trade wars.

Passion Capital's Eileen Burbidge talks to fDi about what fintech companies should consider when expanding internationally, and why London will always be a key market in the sector.

AstraZeneca will set up a R&D centre and an AI innovation centre in Shanghai, as well as create a $1bn fund that would invest in healthcare start-ups.