Qualys discovered a vulnerability in OpenSMTPD, OpenBSD's mail server. This vulnerability, an out-of-bounds read introduced in December 2015, is exploitable remotely and leads to the execution of arbitrary shell commands.

Russia remains fDi’s most diversified commodity economy, while second ranked Brazil has displaced Ukraine into third place. Cathy Mullan reports.

The UAE's DMCC takes home the top prize in fDi’s Global Free Zones of the Year for a fifth consecutive year. 

This tool is a wrapper for the reaver WPS attack toolkit. As there is no automatic way to prescan, decide, and then start the attack, this wrapper takes care of it. Written in perl.

The FLIR Brickstream 3D+ sensor is vulnerable to unauthenticated config download and file disclosure vulnerability when calling the ExportConfig REST API (getConfigExportFile.cgi). This will enable the attacker to disclose sensitive information and help her in authentication bypass, privilege escalation and/or full system access.

The Rifatron Intelligent Digital Security System DVR suffers from an unauthenticated and unauthorized live stream disclosure when animate.cgi script is called through Mobile Web Viewer module.

The CEO of the UN’s Global Compact initiative, Lise Kingo, talks about the sustainability shift in the C-suite, FDI’s role in achieving the SDGs and how CEOs can address common risks.

Computer and network security is an ever-evolving field. As technology advances, cybercriminals find new ways to exploit vulnerabilities in order to get at your personal, financial, or organizational data. We recently spoke with Symantec's Director of Security Response Kevin Haley to get an idea of what threats you'll face in the next year or two.

In short, expect a continuation of common threats like ransomware, as well as the emergence of new threats from connected devices and the so-called Internet of Things. Plus, keep an eye out for the resurgence of an old threat made new.

Ransomware with a Twist

Ransomware — malicious software that locks your data or otherwise compromises your computer in an attempt to extort money — is not a new threat. It's been around for a number of years in various forms. But according to Haley, a new form of ransomware doesn't just lock your files; instead, it threatens to publicly release your data unless you pay up.

For many individuals, this may simply mean an embarrassing leakage of personal data — browser history, emails, photos, and so on. For a nonprofit, especially one that deals with sensitive sociopolitical issues, the possibility of data leakage can have more serious ramifications. It could pose a threat to the community you serve.

Email That Looks Like It Came from a Co-worker

In traditional phishing attempts, scammers create an email that appears to be from a legitimate source — say, Google, Amazon, or Apple. Then they attempt to steal account information, such as usernames and passwords. But in an emerging form of phishing, hackers may use emails purportedly from co-workers or business associates to try to steal information from your organization.

For example, Haley says, you may receive an email from a vendor or a colleague asking for specific pieces of information (such as tax forms) or for money outright. The only problem is that these emails originate from scammers, not your colleagues. And once you email an important piece of information to these impersonators, there's no way to get it back.

With proper data handling, though, you can avoid these sorts of nightmares. See our recent post, 5 Data Security Risks for Nonprofits (and How to Fix Them), to learn more.

The Internet of Things Can Make People Vulnerable

From smart locks to Internet-connected appliances, the Internet of Things promises to change the way we interact with all sorts of items within our homes and offices. But with this comes the potential for security headaches.

According to Haley, these "smart" devices are rarely protected properly, and are easy to infect with malware. And this isn't just an issue that may cause problems some years down the line. Last year, as CNET reported, a network of malware-infected DVRs and webcams overloaded a number of popular websites and online services, temporarily knocking them offline.

Word Macro Viruses Make a Comeback

Perhaps the most surprising threat Haley warned about was the revival of Word macro viruses.

Macro viruses use Microsoft Word's macro programming feature — typically used to automate certain tasks within Word — to infect your computer. Macro viruses have been around for many, many years. And Word disables macros by default: If you open a Word document with a macro, you'll have to click a button to tell Word to turn on any macros within that document.

With this new wave of macro viruses, however, criminals employ social engineering trickery to goad you into turning on macros, allowing the macro virus to do its thing.

Fortunately, you can easily protect yourself from getting infected. First, don't open file attachments from people you don't know. If you receive a Word document with macros from someone you do know, confirm with that person to make sure that they intended to send the macros and that they are safe to run.

As Always, Vigilance Is Key

Although specific threats may evolve over time, good security practices never go out of style. Use a security software package and keep it updated. Enforce good account security practices within your organization.

Don't open file attachments from people you don't know, and don't open unexpected file downloads. Secure all your devices as best you can. And if something seems fishy — perhaps that email from your boss doesn't seem quite right — don't be afraid to question it.

By taking small steps like these, you might save yourself — and your organization — some serious pain.

spanhidden

Poor infrastructure and political instability deter tourism, but small and manageable steps to avoid chaos and promote hospitality can work wonders.

Kenya’s cabinet secretary for the national treasury and planning, Ukur Yatani, discusses the country’s agenda of fiscal reforms and the importance of constructing an east-west Africa highway.

The UN Sustainable Development Goals aim to end global poverty, but poorer countries are struggling to hit them. More help from richer countries is crucial, writes Mazdak Rafaty.

Togo won a record number of greenfield investment projects last year.

FDI levels have already fallen throughout Iran's main sphere of influence in the region. 

Lower fertility rates will boost economic growth, according to a demographic model developed by Renaissance Capital. 

Celebrating its centennial, Albania’s capital is ranked among fDi’s top five mid-sized European Cities of the Future 2020/2021 for Cost Effectiveness

Announced greenfield projects into China plummeted in early 2020 with the US and Europe taking the lion's share of global foreign investment. 

In spite of the uncertainty caused by Brexit, London retains its position as fDi's European City of the Future for 2020/21, while Paris keeps the regional crown.

London has retained its position as fDi’s European City of the Future, while Paris has climbed to second place, knocking Dublin into the third spot. 

London is crowned best major city in Europe in fDi's FDI Strategy category, with Glasgow, Vilnius, Reykjavik and Galway also winning out.

Paris Region has kept its fDi European Region of the Future title, while Dublin Region holds on to second place and North Rhine-Westphalia is in third. 

North Rhine-Westphalia is fDi's top large region for FDI Strategy, with the Basque Country topping the table for mid-sized regions and Ireland South East first among small regions. 

London LEP and Thames Valley Berkshire LEP hold on to their respective first and second places in the Local Enterprise Partnership rankings, while Oxfordshire LEP jumps up eight places to third. 

From historically underperforming when compared with its peers, the German federal state of Rhineland-Palatinate is now attracting major investment projects on the back of its auto and electrification expertise.

The documentary "American Factory" tells us communities need to go beyond the job creation narrative when it comes to attracting foreign investment. 

Long-dominant global supply chains look less tenable in the light of pressures ranging from pandemics to disasters, trade tensions and protectionism.

The UK is the top country, but Dublin is leading city, for foreign companies setting up headquarters in Europe, according to fDi’s ranking.

Eco Equity is one of only a few Europe-based investors in medicinal cannabis from Africa and the Caribbean, an area in which the UK is missing an opportunity, according to CEO Jon-Paul Doran.

The UAE followed Singapore’s swift reaction to combat Covid-19, to preserve the health of its citizens. Now moves are in place to tackle the country’s economic wellbeing.

Consulting firms in the Middle East are likely to take a hit in 2020 due to the coronavirus, after two strong years.