The internet is on fire.
1. A critical vulnerability in a widely used software tool – one quickly exploited in the online game Minecraft – is rapidly emerging as a major threat to organizations around the world. “The internet’s on fire right now,” said Adam Meyers, senior vice-president of intelligence at the cybersecurity firm Crowdstrike. “People are scrambling to patch”, he said, “and all kinds of people scrambling to exploit it.” He said on Friday morning that in the 12 hours since the bug’s existence was disclosed, it had been “fully weaponized”, meaning malefactors had developed and distributed tools to exploit it. The flaw, dubbed “Log4Shell”, may be the worst computer vulnerability discovered in years. It was uncovered in an open-source logging tool that is ubiquitous in cloud servers and enterprise software used across the industry and the government. Unless it is fixed, it grants criminals, spies and programming novices alike, easy access to internal networks where they can loot valuable data, plant malware, erase crucial information and much more. (via theguardian.com)
2. China has created a quantum communication network in space to protect its electric power grid against attacks, according to scientists involved in the project. Part of the network links the power grid of Fujian, the southeastern province closest to Taiwan, to a national emergency command centre in Beijing. In a drill conducted in May, the ultra-secure communication line allowed central government staff to take over control of the coastal province’s power grid operation without their commands being vulnerable to tapping or manipulation by a third party. (via scmp.com)
3. Evergrande’s international bondholders are bracing themselves for a prolonged restructuring process as investors attempt to recoup funds loaned to China’s most indebted property group. Fitch on Thursday placed the real estate developer into “restrictive default” after Evergrande failed to make a crucial interest payment by the time a 30-day grace period expired. The missed installment has dashed the hopes of some investors, who were expecting the sprawling company to make a last-minute payment. “I thought we were going to receive [the interest payment],” said one investor in the group’s bonds who asked to remain anonymous. (via ft.com)
Keep reading with a 7-day free trial
Subscribe to News Items to keep reading this post and get 7 days of free access to the full post archives.