cthomas

Microsoft Outlook Vulnerability Could Be 2023's 'It' Bug Microsoft recently patched a zero-day vulnerability under active exploit in Microsoft Outlook, identified as CVE-2023-23397, which could enable an attacker to perform a privilege escalation, accessing the victim's Net-NTLMv2 challenge-response authentication hash and impersonating the user. Now it's becoming clear that CVE-2023-23397 is dangerous enough to become the most far-reaching bug of the year, security researchers are warning. Since disclosure just three days ago, more proof-of-concept (PoC) exploits have sprung onto the scene, which are sure to translate into snowballing criminal interest — helped along by the fact that no user interaction is required for exploitation. If patching isn't possible quickly, there are some options for addressing the issue, noted below. Easy Exploit: No User Interaction Necessary The vulnerability allows the attackers to steal NTLM authentication hashes by sending malicious Outlook notes or tasks to the victim. These trigger the exploit automatically when they're retrieved and processed by the Outlook client, which [...]

Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears Employees are submitting sensitive business data and privacy-protected information to large language models (LLMs) such as ChatGPT, raising concerns that artificial intelligence (AI) services could be incorporating the data into their models, and that information could be retrieved at a later date if proper data security isn't in place for the service. In a recent report, data security service Cyberhaven detected and blocked requests to input data into ChatGPT from 4.2% of the 1.6 million workers at its client companies because of the risk of leaking confidential information, client data, source code, or regulated information to the LLM. In one case, an executive cut and pasted the firm's 2023 strategy document into ChatGPT and asked it to create a PowerPoint deck. In another case, a doctor input his patient's name and their medical condition and asked ChatGPT to craft a letter to the patient's insurance [...]

Lukoil-backed Congo project to begin LNG output in December -media MOSCOW, March 20 (Reuters) - A senior executive at Russia's Lukoil (LKOH.MM) energy company said a project in the Congo in which it is involved will begin producing liquefied natural gas (LNG) in December, Russian news agencies reported. Lukoil Vice President Ivan Romanovsky said the initiative will produce around 600,000 tonnes of LNG per year, and that Lukoil plans to boost total LNG output at the Marine XII oil and gas project in the Congo to 3 million tonnes by the end of 2025. Lukoil acquired a 25% stake in Marine XII in 2019. The project also involves Italy's Eni (ENI.MI), which holds a 65% stake, as well as a Congo state-owned company which holds 10%. Lukoil and Eni have previously applied for two new energy blocks - Marine 24 and Marine 31 - in a bid to further boost production of Congo's offshore energy resources. Article Source

Iran, Saudi Arabia agree to resume ties, with China’s help DUBAI, United Arab Emirates (AP) — Iran and Saudi Arabia agreed Friday to reestablish diplomatic relations and reopen embassies after seven years of tensions. The major diplomatic breakthrough negotiated with China lowers the chance of armed conflict between the Mideast rivals — both directly and in proxy conflicts around the region. The deal, struck in Beijing this week amid its ceremonial National People’s Congress, represents a major diplomatic victory for the Chinese as Gulf Arab states perceive the United States slowly withdrawing from the wider Middle East. It also comes as diplomats have been trying to end a long war in Yemen, a conflict in which both Iran and Saudi Arabia are deeply entrenched. The two countries released a joint communique on the deal with China, which brokered the agreement as President Xi Jinping was awarded a third five-year term as leader earlier Friday. Xi, whose administration in recent days has [...]

AMLO discusses gigafactory plans with Tesla team President López Obrador met with Tesla executives at the National Palace on Wednesday to discuss the company’s construction of a new electric car gigafactory in Nuevo León. The meeting was attended by the Economy Minister, Raquel Buenrostro; Foreign Minister Marcelo Ebrard; Finance Minister Rogelio Ramírez de la O; and Germán Martínez Santoyo, head of the National Water Commission (Conagua). “We met with Tesla executives and technicians. We advanced on the project of the automotive plant of Nuevo León and on others. We’re doing well,” AMLO said on Twitter. Tesla’s huge gigafactory will be constructed in the municipality of Santa Catarina, about 17 kilometers from Monterrey, with an expected investment of US $5 billion. It will have the capacity to produce 1 million cars a year, which may include Tesla’s upcoming “Model 2”. The factory is expected to employ around 6,000 people and create nearly 30,000 more indirect jobs. [...]

Mexico’s populist demagogue president is gutting fair elections Mexico could be entering a golden age, perfectly placed as it is to benefit from the growing tension between the United States and China. Parts of the country are already seeing a boom as companies diversify away from China and invest in it. In fact, a good chunk of that investment is being made by Chinese companies that are finding a way to continue to sell goods to the United States. But these promising economic winds are being stifled by bad politics. For most of the past three decades, Mexico had a run of presidents who were serious about policy and tried to modernize the country, albeit with varying degrees of success. Alas, that luck has run out. Mexico’s president since 2018, Andrés Manuel López Obrador, also known as AMLO, is a populist demagogue straight out of the worst pages of Latin American history. López Obrador’s covid policies were [...]

General Motors agrees to 10% pay increase with union at GTO plant General Motors has agreed to a 10% pay raise for workers at its pickup truck manufacturing facility in Silao, Guanajuato, following negotiations with Mexico’s National Independent Union of Automotive Industry Workers (Sinttia). The above-inflation salary hike — one of the biggest recent auto worker raises in Mexico auto manufacturing — will go into effect on March 25. “The agreement represents a historic achievement, as it overcomes the two-digit barrier that has not been reached in the automotive industry in many years,” Sinttia said in a statement. The union added that General Motors had agreed to give additional salary-leveling rewards to some workers with more than 20 years at the company, including a weekly bonus of 5.6% and 15 retirement packages per year. “[The deal] allows recovery of purchasing power for the workers of GM-Silao as it is above inflation, and gives recognition to the [...]

Shell moves forward on Dover project in US Gulf of Mexico March 15 (Reuters) - Shell plc (SHEL.L) said on Wednesday it has taken a final investment decision on the Dover exploration field in the U.S. Gulf of Mexico, which it plans to develop as a below-sea connection to the Appomattox production hub. The Dover project is expected to start production in late 2024 or early 2025 and produce up to 21,000 barrels of oil equivalent per day (boepd) at peak rates. Appomattox is Shell's largest floating platform in the Gulf of Mexico, with a 79% ownership. Shell's investment at Dover underscores the firm's long-term commitment to the U.S. Gulf of Mexico, where oil production has among the lowest greenhouse gas intensity in the world, the energy company said in a statement. Originally discovered in 2018, Dover is located within Mississippi Canyon, about 170 miles offshore southeast of New Orleans, Louisiana in about 7,500 feet of water. [...]

Eni announces a new discovery offshore Mexico San Donato Milanese (Milan), 17 March 2023 – Eni announces a new discovery on the Yatzil exploration prospect in Block 7, located in the mid-deep water of the Cuenca Salina in the Sureste Basin, offshore Mexico. According to preliminary estimates, the new finding may contain around 200 million barrels of oil (MBoe) in place. Yatzil-1 EXP is the second commitment well of Block 7 and the eight successful one drilled by Eni in the Sureste Basin.  It is located approximately 65 kilometers off the coast, and 25-30 km away from other discoveries. The well was drilled by the Valaris DPS5 Semisub rig in a water depth of 284 meters and reached a total depth of 2,441 meters. Yatzil-1 EXP found in excess of 40 meters of net pay sands with good quality oil in the Upper Miocene sequences with excellent petrophysical properties confirmed by an extensive subsurface data collection. The successful result [...]

An Abandoned American Hostage Finally Makes It Home BALL PLLC Special Projects Advisor Jason Amerine was discussed in a New Yorker article on hostage trade negotiations for Mark Frerichs, an American POW in Afghanistan.