Intelligent CISO Issue 43 - Page 24

threat updates


Researchers with the University of Cambridge have discovered a bug that affects most computer code compilers and many software development environments . At issue is a component of the digital text encoding standard Unicode , which allows computers to exchange information regardless of the language used . Unicode currently defines more than 143,000 characters across 154 different language scripts . Specifically , the weakness involves Unicode ’ s bi-directional or ‘ Bidi ’ algorithm , which handles displaying text that includes mixed scripts with different display orders . Computer systems need to have a deterministic way of resolving conflicting directionality in text . Enter the ‘ Bidi override ’, which can be used to make left-toright text read right-to-left , and vice versa .


The Federal Bureau of Investigation ( FBI ) warns that ransomware gangs are targeting companies involved in ‘ time-sensitive financial events ’ such as corporate mergers and acquisitions , to make it easier to extort their victims . In a private industry notification published recently , the FBI said ransomware operators would use the financial information collected before attacks as leverage to force victims to comply with ransom demands .
24 www . intelligentciso . com