MrRobot
Did you notice YouTube’s new corners?
Watch this video on YouTube’s website to see if you have the rounded corners yet. | Screenshot by Jay Peters / The Verge
YouTube is rolling out rounded edges on the main video player you see on YouTube.com, spokesperson Allison Toh confirmed to The Verge on Tuesday. They’re coming to all users, so if you’re not seeing them now, you should be seeing them soon.
I asked about the corners after noticing them while browsing YouTube on the web over the past day or two. (I included a screenshot of what I see at the top of this post.) I think the rounded corners look really nice. They also make YouTube’s desktop design feel more holistic since you’ll see rounded corners on a video and rounded corners on thumbnails off to the side.
Understandably, I’m only seeing the rounded corners when viewing the standard-sized video player; in theater mode, which expands the...
New HiatusRAT malware attacks target US Defense Department
In a new HiatusRAT malware campaign, threat actors have targeted a server belonging to the U.S. Department of Defense in what researchers described as a reconnaissance attack.
This is a significant shift in tactics, seeing that the attacks previously focused on organizations from Latin America and Europe, being deployed to compromise business-class DrayTek Vigor VPN routers used by medium-sized businesses for remotely connecting to corporate networks.
However, as Lumen's Black Lotus Labs observed, the campaign's reconnaissance efforts took an unexpected turn between mid-June through August. A U.S. military procurement system was also targeted, with Taiwan-based organizations also singled out.
HiatusRAT samples were recompiled to cater to various architectures ranging from Arm, Intel 80386, and x86-64 to MIPS, MIPS64, and i386) and hosted on newly acquired virtual private servers (VPSs).
One of these VPS nodes was used in a data transfer operation with a U.S. military server designated for contract proposals and submissions.
The website's affiliation with contract proposals suggests that the attackers might be seeking publicly accessible information about military requisites or trying to find information on Defense Industrial Base (DIB)-affiliated organizations.
"We suspect this actor was searching for publicly available resources related to current and future military contracts," Lumen's Black Lotus Labs said.
"Given that this website was associated with contract proposals, we suspect the objective was to obtain publicly available information about military requirements and searching for organizations involved in the Defense Industrial Base (DIB), potentially for subsequent targeting."
New HiatusRAT campaign (Lumen Black Lotus Labs)
This campaign follows an earlier series of attacks where over a hundred businesses, mainly from Europe, North America, and South America, were infected with HiatusRAT to create a covert proxy network.
The malware is primarily used to install additional payloads on infected devices and convert the compromised systems into SOCKS5 proxies for command and control server communication.
"Despite prior disclosures of tools and capabilities, the threat actor took the most minor of steps to swap out existing payload servers and carried on with their operations, without even attempting to re-configure their C2 infrastructure," Lumen said.
As Lumen highlights, this shift in information collection and targeting preferences aligns with Chinese strategic interests, a connection emphasized by the 2023 ODNI annual threat assessment.
U.S. organizations have also been recently targeted in attacks linked to other Chinese-backed threat groups, including Volt Typhoon and Storm-0558.
"We suspect the HiatusRAT cluster serves as another example of tradecraft that could be applied against the U.S. Defense Industrial Base with a sense of impunity. We recommend defense contractors exercise caution and monitor their networking devices for the presence of HiatusRAT," Lumen concluded.
Windows 11 KB5029351 preview update released with Search fixes
Microsoft has released the optional August 2023 cumulative update for Windows 11, version 22H2, with fixes for several issues affecting the Search app.
KB5029351 is a monthly non-security preview update that enables Windows admins and users to test fixes and improvements scheduled for release with the forthcoming September 2023 Patch Tuesday rollout.
The update tackles an issue encountered after waking the system from sleep mode, where the Search app fails to launch when clicking the search icon.
Furthermore, it enhances the Search app's reliability while addressing an issue affecting the search box dimensions on Microsoft Surface Pro and Surface Book devices in tablet mode.
Notably, monthly "C" updates are optional; unlike Patch Tuesday releases, they do not come with security-related fixes.
To install the KB5029351 update, click the 'Download and install' button in Settings > Windows Update to check for new updates.
Alternatively, you can download it from the Microsoft Update Catalog and install it manually.
Other highlights in Windows 11 KB5029351
Today's optional update comes with additional fixes and improvements, with some of the most important ones listed below:
- This update adds new functionality that affects app defaults.
- This update addresses an issue that affects print jobs that are sent to a virtual print queue. They fail without an error.
- This update addresses an issue that causes high CPU use. This occurs when you enable the "fBlockNonDomain" policy.
- This update addresses an issue that affects disk partitions. The system might stop working. This occurs after you delete a disk partition and add the space from the deleted partition to an existing BitLocker partition.
The complete list of fixes and improvements can be found in the KB5029351 support bulletin.
With this update, Microsoft also introduced a new policy named "Enable optional updates," which gives admins better control of how monthly optional updates are installed on enterprise devices.
The same policy can be used to control the deployment of controlled feature rollouts (CFR) across endpoints.
A temporary fix is available for this issue, with Windows admins being advised to provision end-user devices before the Windows 11 22H2 upgrade to get around the provisioning issues.
New Dungeons & Dragons Adventure Promises a Return to Phandelver
One of the first 5e adventure supplements ever released, The Lost Mines of Phandelver has remained a fan favorite for the past decade of the game. Now, Dungeons & Dragonshas released more information for the newest adventure supplement. Phandelver and Below: The Shattered Obelisk returns to the town of Phandalin as…