This week, we had the first glimpse of GNOME 43. The GNOME team announced the release of GNOME 43 alpha. GNOME 43 alpha comes with improvements in the notifications, bug fixes, and other enhancements. Also, WordPress switched back to its previous model after overwhelmingly negative feedback from users. Free, Personal, Premium, Business, and eCommerce plans are now available for users. This week, Federal Communications Commission Chairwoman proposed to increase minimum broadband speeds. The chairwoman proposed to increase the standard to 100 Mbps for download and 20 Mbps for upload.
GNOME 43 alpha is ready for testing
The GNOME Project has released GNOME 43 alpha which brings many new features as well as improvements among its components. The alpha version is available for testing new features and changes and reporting the bugs. GNOME 43 delivers a feature that allows users to view other apps from the developer in the app details pages. The GNOME Weather also has received polishments, including improving transitions and refreshing the primary menu. GNOME 43 alpha’s Calendar also comes with a sidebar in the main window. The final version of GNOME 43 is expected in the middle of September this year.
WordPress.com switches back to the previous pricing model
After tons of negative feedback from customers, WordPress.com decided to revert changes made a few months ago. Customers stated their frustration when the company reduced the storage for its free plan, monthly payment options, and plans between Free and Pro plans. After months of criticism from its users, the company decided to bring back the Free, Personal, Premium, Business, and eCommerce plans. The company admitted that the plans didn’t align with users and admitted that users were missing the “more granular flexibility of previous plans” in the announcement.
Researchers pinpoint a new cyber-attack technique using SATA cables
Researchers at the Ben-Gurion University have discovered a new cyber-attack technique which is called SATAn. In this method, SATA cables are used as wireless antennas to be able to transmit data from a compromised PC to transfer radio signals at the 6 GHz frequency band even though the air-gap computers don’t have wireless connectivity. The design of the transmitter and receiver and present the implementation of these components allows researchers to demonstrate the attack on different computers. The attack can operate from user mode, is effective even from inside a Virtual Machine, and can successfully work with other running workloads in the background.
Cisco fixes the critical vulnerability on Nexus Dashboard
Cisco has released patches to fix many vulnerabilities on Nexus Dashboard and some other products; four of them are high and critical severity vulnerabilities. Those patches fix 45 vulnerabilities in Cisco Nexus Dashboard and some routers. The vulnerabilities can allow remote attackers to execute arbitrary commands, read or upload container image files, and deploy cross-site request forgery attacks. One particular vulnerability has a CVSS score of 9.8, which means it is a critical vulnerability. According to Cisco, none of those vulnerabilities has been exploited by any attackers yet. But admins should immediately apply the related patches.
WordPress to create a module for SVG uploads
WordPress Performance Team discussed the idea of creating a new module that allows users to upload SVG files. SVG files’ vector-based nature allows them to be scaled and smaller than PNG, JPG, and WebP files. However, the file type doesn’t work in WordPress. There are plugins allowing users to upload SVG files with over 1.5 million downloads combined. During the latest WordPress Performance Team meeting, the contributors discussed a new module for SVG uploads. However, SVG files can contain Javascript and it is a security concern. The team will focus on allowing users to SVG files with an SVG sanitizer library and provide an SVG preview in the media library.
FCC proposes to increase minimum broadband speeds
Federal Communications Commission announced that Chairwoman Jessica Rosenworcel proposed to increase minimum broadband speeds and set a gigabit future goal. The Notice of Inquiry proposes to increase the standard to 100 Mbps for download and 20 Mbps for upload. It also provides evidence supporting the proposed standard, including the requirements for new networks funded by the Infrastructure Investment and Jobs Act. The previous standard was also set by FCC at 25 Mbps for download and 3 Mbps for upload in 2015. The Notice of Inquiry also proposes to set a separate national goal of 1 Gbps/500 Mbps for the future.
8220 Gang infects its botnet to nearly 30,000 victims globally
8220 Gang, a crimeware group, expanded its botnet to approximately 30,000 hosts worldwide, targeting cloud vulnerabilities and poorly secured configurations. SentinelLabs published its findings about a new campaign started by 8220 Gang. The group uses an infection script that acts as the main code for the botnet to run. The script is badly coded and usually contains unused or outdated functions, allowing trivial tracking over time. The group is utilizing long-running sets of infrastructure, bringing the botnet numbers to approximately 30,000 infected hosts. They use new tactics to the current script to expand their botnet.