Thomson Reuters, a global content and technology company focused on the public accounting profession, announced last week the launch of Thomson Reuters Audit Intelligence. This suite of Al-powered data-driven audit solutions is designed to transform audit practices by reducing errors and enhancing confidence, while enabling auditors to realize efficiency gains.

The first tool to debut in the suite, named Audit Intelligence Analyze, employs Al and machine learning to simultaneously enhance both audit quality and efficiency. The solution focuses on high-risk areas by efficiently segmenting audit testing populations based on risk level and reducing the overall number of items to be tested. With advanced anomaly detection, Analyze integrates directly within existing workflows, identifying unusual items often overlooked by humans and automatically generating all necessary audit documentation.

Dave Wyle, general manager of Audit at Thomson Reuters, emphasized the importance of using technology to modernize audit practices to stay competitive. "Today's announcement underscores our commitment to investing in and developing products that enable data-driven, Al-powered audits. We aim to provide these solutions swiftly to our customers, maximizing the benefits of Al in their audits, while supporting firms to implement solutions at a pace that works for their businesses," he said. "Our new solution, Analyze, can cut sample sizes by half, saving valuable time for auditors and their clients. This makes audits more efficient and allows auditors to focus on higher-risk areas, improving overall audit quality."

The Audit Intelligence suite will integrate CoCounsel, Thomson Reuters professional-grade GenAl assistant, from next year, as part of the company's broader vision to provide a GenAl assistant to every professional it serves. Auditors will be able to leverage CoCounsel alongside Thomson Reuters Guided Assurance to automate the completion of audit program steps and checklists.

Future additions to the suite will include Audit Intelligence Test, which automates substantive testing and verification by dynamically tracing accounting transactions to banking activity and supporting documentation, and Audit Intelligence Plan, which merges full data populations with technology-driven analytics to empower auditors' planning and risk assessment processes.

Key benefits of Thomson Reuters Audit Intelligence Analyze
• Increased efficiency: Automation of manual processes allows for smaller, risk-focused samples. This enables auditors to concentrate on high-risk areas, enhancing efficiency and reducing overall firm risk while improving audit quality. Time savings of 30 minutes to two hours are achieved in both client data provision and auditor sample selection and documentation.

• Enhanced accuracy: Automated analysis using Al and machine learning increases confidence in audit results, integrating seamlessly into existing audit processes without requiring new methodologies.

• Improved transparency: The solution is fully configurable, providing a clear and transparent process for selecting and understanding advanced risk identification techniques.
​
Available now as part of an early adopter program, Audit Intelligence Analyze is expected to debut in the United States in the fall of 2024, followed by the UK in 2025. The solution is integrated into both Thomson Reuters Cloud Audit Suite and directly into audit methodologies and workflows. It can also be used as a standalone by firms with their own methodologies.

It is simple to have your computer or tablet screen visually hacked in public, which allows someone to steal private information. Plastic screen coverings are one technique to stop this from happening, as they make it harder for someone to view the document unless they are directly in front of it. Microsoft might develop a technology that encrypts text graphically as you read it.

A system that encrypts a document so that only the reader can decipher it is described in a recent Microsoft patent. By changing the letters in the text section of the original document, the approach encrypts the document. The document is then shown in a private mode using an alpha-blended version that combines the encoded and original copies of the text. Next, the system takes advantage of eye tracking to show the user the decoded portion of the document at their fixation point and the encoded version at the periphery of their field of vision.

This issue is currently addressed by a wide range of products on the market, from hardware privacy screens to software that uses webcams and eye tracking to let light from the screen enter the eyes of the intended user while blocking light from the screen from entering the eyes of onlookers. They are all limited, though.
Because it is challenging to attain 100% light efficiency, privacy screens make the display appear dull to the intended user’s eyes. In the meantime, reading the text becomes more challenging when non-fixed portions of the screen are arbitrarily blurred or dimmed—it becomes like reading through a telescope.

The Ponemon Institute claims that visual hacking is a common issue. The institute carried out an experiment in the US in 2015 that showed how simple it was to use visual hacking to get confidential firm information. In 2016, 3M supported an enlarged version of this project with offices in China, France, Germany, India, Japan, South Korea, and the UK.
​
According to the 3M investigation, in 91% of the worldwide trials, information was visually hacked by an undercover white hat hacker. An undercover visual hacker was able to collect information in 15 minutes or less in nearly half of the global trials. Only 32% of the hacker efforts were successful, and 52% of the sensitive data was taken from staff computer screens. The outcomes matched those of the smaller study conducted by the Ponemon Institute.

During its Google I/O 2024 developer conference last week, Google unveiled Private Space, a new Android feature that allows users to segregate a part of the operating system for sensitive data. It partitions specific apps into a “container,” much like the mobile operating system’s Incognito mode.

The launcher makes the space available, and it can be secured as an additional degree of authentication. Notifications, settings, and recents will not display for apps that are in Private Space. If the private space is unlocked, users can continue to use the apps using the system sharesheet and photo picker in the main area.

During an Android 15 developer-only glimpse of the second beta, the feature was revealed. The company advises app developers to test the offering currently, but it does so with a warning: “There is a known issue with private space in Beta 2 that affects home screen apps.”
​
According to Google, the bug should be fixed in the next few days. The functionality itself is expected to be available when Android 15 is released, which is expected to happen in late summer or early fall.

A recent Bleeping Computer report claims that Microsoft has discovered a serious security flaw that might impact many Android apps. This vulnerability, dubbed “Dirty Stream,” poses a major risk since it might allow someone to take control of apps and steal important user data.

The ability for malicious Android apps to change and abuse Android’s content provider system is at the core of the “Dirty Stream” vulnerability. Usually, this technology enables safe data transfer between several apps on a device. To prevent unwanted access, it incorporates security measures such as stringent data isolation, the application of rights linked to certain URIs (Uniform Resource Identifiers), and careful file path validation.
But if this system is implemented carelessly, it could be vulnerable to abuse. Researchers at Microsoftdiscovered that improper use of “custom intents,” the communications system that connects Android app components, can reveal private portions of an application. Vulnerable programs, for instance, might not properly verify file names or paths, which allow malicious apps to smuggle in dangerous code masquerading as normal files.

An attacker might fool a susceptible app into overwriting important files in its private storage space by taking advantage of the Dirty Stream issue. In such an attack scenario, the attacker might take complete control of the behavior of the app, get sensitive user data without authorization, or intercept private login credentials.
Microsoft’s examination showed that this vulnerability is not unique since many well-known Android apps were found to have erroneous content provider system implementations. Xiaomi’s File Manager software, with over a billion installs, and WPS Office, with over 500 million installs, are two noteworthy instances.

The astounding number of devices in danger was highlighted by Microsoft researcher Dimitrios Valsamaras, who said, “We identified several vulnerable applications in the Google Play Store that represented over four billion installations.”

Microsoft has been aggressive in sharing its findings, notifying developers of potentially weak programs, and working with them to release updates. The two companies mentioned by Microsoft have swiftly acknowledged the flaws that have been found in their software.

By revising its app security rules and giving more weight to vulnerable common content provider design weaknesses, Google has taken action to stop similar vulnerabilities in the future.

What Actions Can Android Users Take? Android users can take a few easy safety measures as developers work to identify and fix insecure apps. It’s important to keep an eye out for software upgrades because developers will probably release fixes quickly.
​
It’s also a good idea to only download apps from the official Google Play Store; unofficial sources, which are more likely to include harmful apps, should be avoided.

A new line of investigation conducted by Australian researchers seeks to use fungi to fight fire.

The aim of this new research is to develop biologically based substitutes for the harmful flame retardantsnow used in building materials that thrive on organic waste and are nontoxic even if they burn.

In a set of recent papers, scientists from Australia’s RMIT University described the successes of growing molasses-fed sheets of fungi that could eventually be stacked in layers for applications such as fire-resistant cladding in construction or leather-like textiles for the fashion industry.

"Cladding" is the term used to describe a thin, external covering or skin applied to another material, such as the exterior of a structure, to provide insulation, fire resistance, or other properties.

To help prevent incidents like the 2017 UK Grenfell Tower tragedy, in which combustible cladding contributed to deadly flames, the new "bio-based" compounds would cover other building components.

The materials under study make use of the mycelium, a fungi's threadlike, rootlike structure that can underpin fruit-like mushrooms and has fire-resistant qualities.

“The great thing about mycelium is that it forms a thermal protective char layer when exposed to fire or radiant heat,” Everson Kandare, one researcher, said. “The longer and the higher the temperature at which mycelium char survives, the better its use as a fireproof material.”

Mycelium-based fireproofing has the advantage of avoiding the harmful chemicals and plastics used in conventional fireproofing.

Fire retardants that contain bromide, iodide, phosphorus, and nitrogen are effective but have negative impacts on human health and the environment, according to Kandare. They can affect plant and animal life, since they are neurotoxins and carcinogens.

Kandare pointed out that burning mycelium results in the production of only carbon dioxide and water.
Using bioengineering, mycelium can be made homogeneous and "paper-thin" while keeping its structure and fire resistance.

“Fungi are usually found in a composite form mixed with residual feed material, but we found a way to grow pure mycelium sheets,” Tien Huynh, one researcher, explained.

Although it doesn't seem like the research has a specific focus on how to adapt to the Earth's changing climate, employing nontoxic fireproofing could assist people secure their homes in a warmer environment when fires are more likely to break out close to human structures.

Mycelium still needs to be improved before it can compete with today's fire-resistant materials, according to the researchers.

Huynh remarked that while fungal grows slowly and is significantly more difficult to create at scale, plastics are rapid and simple to produce.

Still, there might be a place for fireproof fungi in the future.
​
According to Huynh, the researchers have already begun discussions with mushroom farmers about using their byproducts. Working with the mushroom business would eliminate the need for new farms while creating goods that satisfy fire safety requirements sustainably.

Cybercriminals are experimenting with a new method of delivering the dangerous payload and employing specially prepared phishing emails to infect users with malware.

According to a study by Proofpoint, digital OneNote notebooks (denoted by “.one” extensions) are increasingly being used by cyber-attackers to spread malware. OneNote is included in the Microsoft 365 office software bundle and a widely used piece of software.

OneNote documents are rarely misused in this manner, according to cybersecurity professionals, and there is only one clear reason attackers are experimenting with them: they can more readily avoid threat detection than other attachments. And it seems to be effective.

According to statistics from open-source malware repositories, initially observed attachments were not identified as dangerous by several anti-virus engines. As a result, it is likely that the original campaigns had a high success rate if the email was not stopped, according to Proofpoint.

Proofpoint expanded on the study findings by saying, ”Since Microsoft began blocking macros by default in 2022, threat actors have experimented with many new tactics, techniques, and procedures, including use of previously infrequently observed file types such as virtual hard disk (VHD), compiled HTML (CHM), and now OneNote (.one)."

The phishing emails are attempting to deliver one of several malware payloads, including AsyncRAT, Redline, AgentTesla, and DOUBLEBACK, all of which are designed to steal sensitive information from victims, including usernames and passwords. The phishing emails were first sent in December 2022, with the number significantly increasing in January 2023.

Researchers from Proofpoint also report that a cybercriminal organization they track by the name of TA577has used OneNote in campaigns to distribute Qbot. TA577 operates as an initial access broker, selling stolen usernames and passwords to other cybercriminals, including ransomware gangs, as opposed to stealing data for its own use.

There have been over 60 of these campaigns found so far, and they all have the same traits. Emails and file attachments are connected to topics like invoicing, remittances, shipping, and seasonal themes, such as details on a Christmas bonus, among others.

For instance, attachment names in a phishing letter addressed to targets in the manufacturing and industrial sectors included references to machine parts and specifications, showing that the lure had undergone extensive investigation.

Other OneNote efforts target thousands of potential victims all at once and are a little broader. One of these efforts used fake invoices to target the education industry, while another was more broadly disseminated and promised a Christmas bonus or present to thousands of unsuspecting victims.

The victim must open the email, open the OneNote attachment, and click on any harmful links for the phishing scam to succeed in each instance. OneNote does include a warning message regarding dangerous URLs, but users who have received an email that has been specially tailored to appeal to them or who believe they may be receiving a bonus may attempt to ignore this warning.

Researchers caution that additional cyber-threat groups will probably use this strategy successfully to distribute phishing and malware campaigns because it is expected that these efforts will succeed frequently if the emails are not stopped.
​
"Proofpoint has increasingly observed OneNote attachments being used to deliver malware. Based on our research, we believe multiple threat actors are using OneNote attachments to bypass threat detections," said researchers, who warn that this is "concerning" because, as demonstrated by TA577, this tactic can become an initial entry point for distributing ransomware, which could cripple a whole organization and its networks.
"This is a phishing technique that convinces a victim to open a document with an embedded malicious attachment and then bypass a security prompt to run the attachment. We encourage customers to practice good computing habits online, including exercising caution when clicking on links to webpages or opening unknown files," a Microsoft spokesperson said.

The White House reported recently that the President had implemented a new framework to safeguard the privacy of personal data transferred between the United States and Europe.

Since a European court invalidated an earlier version in 2020, the new framework significantly closes a gap in data protections on both sides of the Atlantic. The court determined that the U.S. had an excessive amount of power to monitor European data transferred under the previous arrangement.

The court case, known as Schrems II, “created enormous uncertainty about the ability of companies to transfer personal data from the European Union to the United States in a manner consistent with EU law,” then-Deputy Assistant Commerce Secretary James Sullivan wrote in a public letter shortly after the decision. The result increased business complexity by requiring U.S. corporations to use several "EU-approved data transmission protocols" on an as-needed basis, according to Sullivan.

The so-called Privacy Shield 2.0 seeks to address European concerns about possible surveillance by U.S. intelligence agencies. In March, after the U.S. and EU agreed in principle to the new framework, the White House said in a fact sheet that the United States is “committed to implement new safeguards to ensure that signals intelligence activities are necessary and proportionate in the pursuit of defined national security objectives.”

With the new system, EU citizens will have access to a Data Protection Review Court (DPRC) that is independent of the U.S. government and composed of members from other countries. According to the March fact sheet, the committee "would have complete authority to adjudicate allegations and direct remedial steps as needed."

The civil liberties protection officer in the Office of the Director of National Intelligence will also carry out an initial inquiry of complaints before a matter reaches the DPRC. Its judgments are final and enforceable, subject to review by the impartial body.

The executive order instructs the American intelligence community to change its policies and practices to conform to the framework's new privacy protections. It gives the independent Privacy and Civil Liberties Oversight Board instructions to go over these revisions and undertake an annual evaluation of the intelligence community's compliance with binding redress rulings.
​
“The EU-U.S. Data Privacy Framework includes robust commitment to strengthen the privacy and civil liberties safeguards for signals intelligence, which will ensure the privacy of EU personal data,” Commerce Secretary Gina Raimondo told reporters Thursday.

A new, highly dangerous malware called “Erbium” has been making the rounds over the last couple of months, and it’s highly likely that it will spread exponentially to new channels.

Erbium is an information-stealing tool that targets passwords, credit card information, cookies, cryptocurrency wallets, and more.

Today, this malware is being shared under the disguise of pirated games and cheats for popular titles. However, because of its nature, it can spread like wildfire, because Erbium is a Malware-as-a-Service (MaaS)—essentially subscription malware.

Initially, Erbium was priced at just $9 per week, but now it’s $100 per month or $1,000 for a year-long license. This pricing is still cheap (it costs about a third of RedLine stealer, according to Bleeping Computer), and it’s getting a lot of praise on lots of hacker forums.

The license they buy entitles threat actors to customer support, updates, and the tool itself, with its rich set of capabilities.

Cyfirma, a threat identification and cyber-intelligence business, made the initial discovery of Erbium after finding the virus discretely tucked away among game cracks.

Erbium may also steal cold cryptocurrency wallets for a variety of cryptocurrencies, including Exodus, Atomic, Bytecoin, Ethereum, and more. Additionally, it can steal 2FA codes from a variety of password and 2FA managers, including Trezor, EOS Authenticator, Authy 2FA, and Authenticator 2FA.

Erbium steals Telegram authentication files, Steam and Discord tokens, and screenshots from each connected monitor. Threat actors are supplied a detailed breakdown of everything that was taken from the victim in real time.

Given how versatile it is, it is likely that someone will ultimately include it into something other than gaming cracks, and at that point, it will probably spread more widely.
​
Right now, all you need to do to ensure that you're not at risk is to not download any unlawful downloads (such as cracked games or bots for games). It's also a good idea to be cautious and to use the best antivirus software, keep it updated, and scan every file you download. If you possess cryptocurrency, think about switching from a desktop wallet to a fully offline cold wallet.

For years, each cellphone included a tiny smart card called a SIM (Subscriber Identity Module) that contained the “identity” of that device so that it could connect to a specific cellular network.

Data on SIM cards includes user identification, location, and phone number, network authorization information, personal security keys, contact lists, and saved text messages.

When Apple introduced the new iPhone 14, they repeated something they had done years before. They removed a piece of hardware from the phone. First, it was the earphone jack and now it was the removable SIM card and tray. Just like the earphone jack, Apple is touting this change as a boon for consumers. Now, all iPhone 14s sold in the US will use eSIM technology.

"I think it's transformational," Ahmed Khattak, founder and CEO of US Mobile, a mobile virtual network operator that offers service on Verizon and T-Mobile's respective networks. "I think the fact that it even happened ... I'm shaking my head ... because it really democratizes connectivity." 

A type of programmable SIM card known as an eSIM (embedded-SIM) consists of software put onto a chip permanently installed in a device, as opposed to an integrated circuit on a releasable universal integrated circuit card, which is commonly constructed of PVC.
​
Once an eSIM carrier profile has been installed, it operates the same as a physical SIM, complete with a unique integrated circuit card identifier (ICCID) and network authentication key generated by the carrier.
So, why is this change so important? For users, there are three advantages to eSIMs over physical SIM cards:
     •  It’s more secure, because no one can remove it from the phone and use it to intercept phone calls or text messages. (This isn’t the most common form of SIM card hijacking, but it is still possible for someone with physical access to the phone.)
     •  Switching carriers is easier, because you don’t have to wait for a SIM card to arrive or pick one up at a store.
    •  Adding extra lines is easier, because you no longer need a phone with dual SIM card trays. (On the iPhone, Apple supports up to two phone numbers and eight data lines with eSIM.)

An eSIM also benefits phone manufacturers and wireless carriers.
    • By getting rid of the SIM tray, Apple will gain more valuable interior space it can use to install more technology.
     • For carriers, it's a money-saver because they no longer must spend between $10-$20 per physical SIM card.

Like almost every change, there are going to be some growing pains. Not all US carriers are eSIM compatible. Some alternative providers that lease capacity from the major carriers–known as Mobile Virtual Network Operators, or MVNOs, in industry jargon–don’t support eSIM today, which means you can’t use an iPhone 14 on their networks. Some notable examples include Ting, Walmart Mobile, US Mobile, Net10, and Tello.

Conversely, there are small carriers like Mint Mobile, US Mobile and Boost Mobile in the US who have been preparing for this change for some time.
​
"Mint has always believed in digital technologies that enhance and ease wireless services," Aron North, Mint Mobile's chief marketing officer, said in a statement. "Mint has been supporting [the] eSIM for almost two years because we knew, even back then, this innovation would allow users to switch faster and easier."

Each week, I select one article from the current issue of my newsletter Technology This Week, and post it to this blog. Today, I received a note from a representative from the VPN company Private Internet Access (PIA).
​
In his note to me, he said he’d read my article on passkeys and thought it was interesting. He continued, “Everyone online is at an ever-increasing risk of being targeted by hackers these days, which is why covering these issues is really important.”

“At PIA, we’ve also done our part to raise awareness, even producing an in-depth, four-part series on hacking that was well received. We added a helpful glossary, important infographics, and expanded statistics, plus a few safety tips for preventing cyberattacks.”

“Perhaps you would consider fitting in a link to our series in your page? We hope this will help keep more of your readers safe and well-informed – and much less vulnerable to hackers.”
So, if you want to get some well-thought-out information on hacking and Internet security, consider reading their four-part series.