Trend Micro Analysis Finds Common Objectives for Website Defacements
Today’s topics include Trend Micro examining 13 million website defacements; Intel testing a fix for its Spectre patch issues; Google releasing a 3D model viewer prototype for augmented reality apps; and Microsoft rolling out inclusive Learning Tools for Office 365.
A new study released on Jan. 22 by Trend Micro examines web defacement, the most common types of internet attack, where an attacker changes a victim's website to post a message.
The 64-page report analyzed data from 13 million website defacements that occurred over an 18-year period from 1998 to 2016, and found that many of the defacements were driven by politically motivated hactivist groups.
Mark Nunnikhoven, vice president of cloud research at Trend Micro, said "Defacements are an outlier within the cyber-crime world, as most groups responsible are quick to claim responsibility and state their motivations."
According to Trend Micro, attackers are using common attack vectors, including SQL injection and password stealing, to gain access to victim websites. The most common attack vector used in web defacements were file inclusion vulnerabilities.
It turns out that Intel’s fix for its Spectre processor security issues needs a fix of its own. Intel Senior Vice President Navin Shenoy said Jan. 22 that Intel has discovered the root cause of a series of random reboots that has afflicted servers running mostly older Intel processors.
Shenoy said that Intel is now testing the fix to the earlier Spectre microcode patch that caused problems and is asking its hardware partners to help with the testing. “Over the weekend, we began rolling out an early version of the updated solution to industry partners for testing, and we will make a final release available once that testing has been completed,” he said.
In the meantime, Shenoy is recommending that customers of Intel products maintain security best practices and keep their systems up to date with the code updates.
Google has developed a prototype 3D model viewer as part of its ongoing effort to bring more augmented reality capabilities to smartphones and tablets.
Google's Article prototype model viewer works on all browsers and allows users to view and interact with digital content superimposed on, or blended with, real-world images.
On an augmented reality-capable browser and device, an AR button on the bottom of the screen activates the device camera and places the 3D image on a specific spot on the live image in front of the user, rendered at its physical size.
With actions like scrolling and touch and drag, users can then move and place the object at different spots on the live image, zoom in and out, or walk around the object.
Reza Ali and Josh Carpenter from Google's Daydream augmented reality team said, "AR [blends] digital content with the real world. … We can, for example, surf the web, find a model such as a couch], place it in our room to see just how large it truly is, and physically walk around it.
Announced Jan. 22 and just in time for the Bett education conference in London on Jan. 24-27, Microsoft is rolling out new features for its Learning Tools, a suite of artificial intelligence-assisted software helpers for Office 365 Education.
Learning Tools transforms Office UI and adds text-to-speech functionality, among other capabilities, to improve reading comprehension and help students better focus on learning material.
Now, Microsoft is moving to make Learning Tools even more inclusive with features that allow students, regardless of ability, to engage more fully with educational content.
The updates, which include new Dictation, Read Aloud and Immersive Reader features, are intended to help teachers connect with students and help ensure that none of them fall behind.