A git clone action can leak cached / stored credentials for github.com to example.com due to insecure handling of newlines in the credential helper protocol.

The UK is the Europe's leading destination for foreign investment in green energy, followed by Spain, finds fDi’s Top European Locations for Renewable Energy Investment.

Computer and network security is an ever-evolving field. As technology advances, cybercriminals find new ways to exploit vulnerabilities in order to get at your personal, financial, or organizational data. We recently spoke with Symantec's Director of Security Response Kevin Haley to get an idea of what threats you'll face in the next year or two.

In short, expect a continuation of common threats like ransomware, as well as the emergence of new threats from connected devices and the so-called Internet of Things. Plus, keep an eye out for the resurgence of an old threat made new.

Ransomware with a Twist

Ransomware — malicious software that locks your data or otherwise compromises your computer in an attempt to extort money — is not a new threat. It's been around for a number of years in various forms. But according to Haley, a new form of ransomware doesn't just lock your files; instead, it threatens to publicly release your data unless you pay up.

For many individuals, this may simply mean an embarrassing leakage of personal data — browser history, emails, photos, and so on. For a nonprofit, especially one that deals with sensitive sociopolitical issues, the possibility of data leakage can have more serious ramifications. It could pose a threat to the community you serve.

Email That Looks Like It Came from a Co-worker

In traditional phishing attempts, scammers create an email that appears to be from a legitimate source — say, Google, Amazon, or Apple. Then they attempt to steal account information, such as usernames and passwords. But in an emerging form of phishing, hackers may use emails purportedly from co-workers or business associates to try to steal information from your organization.

For example, Haley says, you may receive an email from a vendor or a colleague asking for specific pieces of information (such as tax forms) or for money outright. The only problem is that these emails originate from scammers, not your colleagues. And once you email an important piece of information to these impersonators, there's no way to get it back.

With proper data handling, though, you can avoid these sorts of nightmares. See our recent post, 5 Data Security Risks for Nonprofits (and How to Fix Them), to learn more.

The Internet of Things Can Make People Vulnerable

From smart locks to Internet-connected appliances, the Internet of Things promises to change the way we interact with all sorts of items within our homes and offices. But with this comes the potential for security headaches.

According to Haley, these "smart" devices are rarely protected properly, and are easy to infect with malware. And this isn't just an issue that may cause problems some years down the line. Last year, as CNET reported, a network of malware-infected DVRs and webcams overloaded a number of popular websites and online services, temporarily knocking them offline.

Word Macro Viruses Make a Comeback

Perhaps the most surprising threat Haley warned about was the revival of Word macro viruses.

Macro viruses use Microsoft Word's macro programming feature — typically used to automate certain tasks within Word — to infect your computer. Macro viruses have been around for many, many years. And Word disables macros by default: If you open a Word document with a macro, you'll have to click a button to tell Word to turn on any macros within that document.

With this new wave of macro viruses, however, criminals employ social engineering trickery to goad you into turning on macros, allowing the macro virus to do its thing.

Fortunately, you can easily protect yourself from getting infected. First, don't open file attachments from people you don't know. If you receive a Word document with macros from someone you do know, confirm with that person to make sure that they intended to send the macros and that they are safe to run.

As Always, Vigilance Is Key

Although specific threats may evolve over time, good security practices never go out of style. Use a security software package and keep it updated. Enforce good account security practices within your organization.

Don't open file attachments from people you don't know, and don't open unexpected file downloads. Secure all your devices as best you can. And if something seems fishy — perhaps that email from your boss doesn't seem quite right — don't be afraid to question it.

By taking small steps like these, you might save yourself — and your organization — some serious pain.

spanhidden

(Please visit the site to view this video)

If you're a frequent visitor to our site, you might notice a few changes in the coming weeks. That's because we're making some big improvements and are proud to announce the upcoming launch of the newly redesigned TechSoup.org.

As a social enterprise, we never stop working to better serve nonprofits that share in our commitment to building a more equitable planet. In fact, TechSoup currently works with more than 965,000 NGOs in 236 countries and territories and has facilitated over $9 billion in U.S. market value of in-kind technology and funding.

To that end, we've created a refreshed, modern web presence to streamline access to all our traditional and beloved products and services. It will also serve as the place where TechSoup technologies and services are first announced.

The new TechSoup.org has been optimized for mobile devices, so you'll be able to experience all the new functionality wherever you go. We've also built the site with accessibility in mind on several fronts. And we're launching a new blog.

Our new website will officially go live in early November.

A Streamlined User Experience

Nonprofits who are regular visitors to TechSoup will find a streamlined catalog that makes finding product offers and solutions easier and more efficient. Additionally, the home page has been reconfigured, sending a clearer message of who we are and what we offer as an organization.

"We reduced clutter and developed a cleaner, simpler user experience with more breathing room in the interface to encourage users to do what they are intended to do on the site," says TechSoup head of user experience Tyler Benari. "It will now be easier to benefit from offerings available in and out of our catalog, interact with others in the nonprofit community, and gain access to other TechSoup services."

Maximized for Mobile

TechSoup's updated website will be maximized for mobile devices, allowing nonprofit staffers to take advantage of the many offers on TechSoup.org right from their phone or tablet.

"It's an exciting time," Benari says. "We will now be able to literally get TechSoup into more people's hands. Redesigning the site to be more mobile-friendly will allow us to grow our community much faster and better serve the existing nonprofits we love so much."

Improved Accessibility

The newly redesigned TechSoup.org also features greater accessibility and is informed by Web Content Accessibility 2.0 Guidelines (WCAG).

"TechSoup cares very much about accessibility and enabling access for all people," Benari says, describing two key factors that have been improved upon: contrast and code. "Our new color scheme makes it easier for people with impaired vision to access content on the site, and our code was updated to better communicate with screen readers."

A New Blog Platform

Finally, we're excited to introduce our new blog, more suited to integrate existing TechSoup.org content in a single, easy-to-access location. We've given the platform an upgrade, complete with a fresh look and improved functionality aimed to make blog posts more easily shareable and to promote a more robust multimedia experience.

You'll continue to see improvements in the coming months as we receive feedback from the communities we serve. Also, be on the lookout for more information surrounding the new site, including a webinar and short video.

spanhidden

FDI levels have already fallen throughout Iran's main sphere of influence in the region. 

Philomène Dias, director of inward investment at Portuguese investment promotion agency Aicep, on how staff and organisation are working through lockdown.

Eco Equity is one of only a few Europe-based investors in medicinal cannabis from Africa and the Caribbean, an area in which the UK is missing an opportunity, according to CEO Jon-Paul Doran.

Foreign investment in the global renewable energy market hit unprecedented highs in 2019. However, the coronavirus crisis may reverse this trend. 

The coronavirus pandemic could change human behaviour more permanently in future.

Sardar Popalzai, president of the Balochistan Economic Forum, talks about the blue economy and the Pakistani province’s tourism potential.

The trend towards the vetting of foreign investment, especially projects that involve advanced technology and national data or pose potential security threats, is on the rise. David Gabathuler and Matthew T West give a trans-Atlantic perspective.

Scientific innovation, a conducive regulatory climate and increased globalisation of drug markets are driving an investment boom in biotechnology, with small companies and emerging markets shaking up the sector.

When Kazakhstan’s president, Kassym-Jomart Tokayev, took the baton from ‘leader of the nation’ Nursultan Nazarbayev, he pledged stability and continuity, as well as new approaches to succeed where previous policies have struggled to gain traction. Jacopo Dettoni reports on the progress so far. 

Embodied by its huge historic port and diverse population, Antwerp has long embraced globalisation. Renewed impetus from stakeholders across Belgium’s second most populous city is ensuring ample opportunities for foreign investors.

Successive annual increases of FDI inflows to Spain culminated in a record year in 2018. Alex Irwin-Hunt reports.

According to an analysis by the SUN DAY Campaign of data just released by the Federal Energy Regulatory Commission (FERC), U.S. electrical generating capacity by renewable energy sources (i.e., biomass, geothermal, hydropower, solar, wind) has now - for the first time - surpassed that of coal.

German utility EnBW has acquired French wind and solar developer and operator VALECO.

A sparsely populated Chinese province that’s home to the headwaters of the Yangtze and Yellow rivers is attempting to set a new record for clean energy use, serving as a test bed for the entire country.

On June 12, Target corporation said it was increasing its renewable energy goals by committing to source 100 percent of its electricity from renewable sources by 2030. The goal applies to all of Target’s domestic operations.

Today, solar power has become cheaper than the production cost of any other existing conventional power generation technology. The arrival of grid parity heralds a milestone in the history of energy production. It means solar energy being commercially viable without any subsidies or state support; producing energy with the lowest possible environmental impact.

Eleven million people were employed in renewable energy worldwide in 2018 according to the latest analysis by the International Renewable Energy Agency (IRENA).

New York is poised to pass its own version of the Green New Deal with a climate bill that would more than triple the state’s solar capacity and aggressively promote development of wind farms off the state’s coast.

New York’s Climate Leadership and Community Protection Act passed the Assembly early in the morning of June 20 and will now await the governor’s signature. Solar advocates praised the state legislature’s adoption of long anticipated legislation that will require at least 70 percent of electric generation come from renewable sources by 2030 and providing needed funding to low-income and environmental justice communities.

Nigerian distributed utility company, Arnergy, announced it has raised $9 Million in a Series A round of funding led by Breakthrough Energy Ventures with participation from the Norwegian Investment Fund for Developing Countries (Norfund), EDFI ElectriFI and All On.