Latest news with #Sites
Yahoo
25-06-2025
- Business
- Yahoo
Entergy Arkansas certifies two Stuttgart industrial sites for economic development
STUTTGART, Ark. — Officials announced that two sites in the Stuttgart Industrial Park have received Select Site certification from Entergy Arkansas. The Select Site initiative is a development program by Entergy Arkansas that helps communities prepare shovel-ready sites to attract industrial and commercial projects. A spokesperson announced that both selected sites are located in the Stuttgart Industrial Park along U.S. Highway 79. One site is 154-acre and the other is 62-acre. Little Rock Zoo breaks ground on major expansion, bringing new exhibits and more family fun Bethany Hildebrand, president and CEO of the Stuttgart Chamber of Commerce, said the recognition follows two years of infrastructure improvements supported by federal and state grants. A grant was provided by Entergy Arkansas to help offset some of the costs associated with the certifications, officials said. Hot Springs looks toward new beginnings with demolition of former high school 'Certifying a site is not an easy or quick task and certifying two at the same time is an even bigger challenge,' said Entergy Arkansas Vice President of Business and Economic Development Danny Games. 'Accomplishing these certifications ensures that Stuttgart has timely information on hand to satisfy site location consultants and prospective company inquiries. We are pleased to recognize Stuttgart for achieving this milestone and look forward to featuring the Stuttgart Industrial Park Select Sites on our website and promoting them as our newest certified sites.' For more information, visit Copyright 2025 Nexstar Media, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
Yahoo
14-05-2025
- Science
- Yahoo
Local students awarded with Frank G. Paul Medal of Excellence
(BINGHAMTON, N.Y. (WIVT/WBGH) – An Afton woman is keeping her parents' legacy alive by awarding local students who excel in math and science. Seniors from high schools in Broome, Chenango, and Tioga Counties were honored for their academic excellence on Tuesday at SUNY Broome. The top students in math and science at each school were given a $1,000 per year scholarship and a medal for their achievement. This is the 24th year of the scholarship, which was established by Francis and Lillian Paul. Francis was an IBM employee who believed everyone should have access to education regardless of their financial circumstances. He passed away in 1996. The awards are given out each year by their daughter, Becky Komorowski. 'My heart is just full of love, and I really wish they were here. I really do. I brought a picture of them, and it's up on the front, and I'm just really proud to be able to speak for my family,' said Komorowski. Komorowski says she hopes the scholarship encourages students to continue doing their best, Students who attend first SUNY Broome will receive the $1,000 scholarship for all four years of college, should they go on to pursue a bachelor's degree. Komorowski says she took the scholarship over from her parents, and her daughter plans to continue handing it out after she is no longer able to. Real Heroes Breakfast honors community members for their bravery UHS receives $3.9 million grant as it continues pursuit of nursing excellence Community prepares for 15th annual Sacred Sites tour NYS awards $86M to arts and culture nonprofits throughout state Local students awarded with Frank G. Paul Medal of Excellence Copyright 2025 Nexstar Media, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
The Journal
14-05-2025
- Business
- The Journal
Dublin building collapse example of why derelict site levy should rise, says councillor
THE COLLAPSE OF a derelict building in Dublin city centre is a sign that the government must increase the derelict site levy, according to Dublin City Green Party councillor Hazel Chu. The vacant building, which is located across the road from the Grand Canal in Dublin 6, partially collapsed this week, resulting in Dublin Fire Brigade having to attend the scene to make it safe. Speaking to The Journal , Chu said she was very frustrated about the incident, stating that some years ago in 2021 she tried to get the site rezoned for mixed use residential and commercial, but the proposal was rejected. Advertisement Instead, it remained for commercial use only. The building was placed on the vacant sites register in 2023. Planning permission for the site was obtained in 2024, but no work had begun on the site prior to its collapse, she said. While the 7% derelict site levy was applied in 2023, it is clearly not enough to encourage the development of sites, Chu said. Each local authority keeps a Derelict Sites Register which includes the sites subject to an annual levy of 7% of its market value for being in a 'ruinous, derelict, dangerous or neglected condition' . Related Reads Shared equity scheme gets two more years - but Sinn Féin says it will 'make things worse' RPZ changes will have 'significant impact' says Minister, who claims he understands renters' fears Government missed its target of social housing by about 18% (or 2,345 homes) last year The levy continues to apply until the site is no longer deemed derelict 'It is clearly not enough in terms of applying to derelict sites around the city,' she said, adding that the government is literally 'letting buildings fall down before we actual move to do something about them,' said the former Lord Mayor of Dublin. She also questioned why some sites were being zoned for commercial use and not residential in the middle of a housing crisis. Chu has suggested higher levies could apply for larger developers who have an ability to pay higher rates and who leave sites vacant. Readers like you are keeping these stories free for everyone... A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation. Learn More Support The Journal
New York Post
07-05-2025
- New York Post
Tech expert warns of ‘extremely sophisticated' new Gmail scam claiming to be from ‘law enforcement'
It's a digital wolf in sheep's clothing. Phishing messages are becoming nearly indistinguishable from the real deal. Now, techsperts are warning of a super 'sophisticated' Google spoofing scheme in which cybercriminals use legitimate-looking Gmail communications to hijack user accounts. Nick Johnson, the lead developer of Ethereum Name Service (ENS), brought this digital Trojan Horse to light in a series of X posts. Advertisement 'Recently I was targeted by an extremely sophisticated phishing attack, and I want to highlight it here,' he wrote while describing the chameleonic scheme. 'It exploits a vulnerability in Google's infrastructure, and given their refusal to fix it, we're likely to see it a lot more.' In this case, the phishing scam was disguised as an official request by law enforcement. 3 To make things more confusing, the email (pictured) originated from an official no-reply on Google's domain. @nicksdjohnson/X Advertisement 'This notice is to alert you that a subpoena was issued to Google LLC by a law enforcement that seeks retrieval of information contained in your Google account,' it read, per a screenshot of the message. 'To examine the case materials or take measures to submit a protest, please do so in the provided Google Support Case.' Upon clicking on 'upload additional documents' or 'view case,' the user is taken to a sign-in page to input their credentials, whereupon bad actors will presumably use them to commander their account. 'I haven't gone further to check,' Johnson noted. 3 Hackers trick people into inputting the credentials, which they then use to compromise their Gmail accounts. issaronow – Advertisement The correspondence was particularly insidious as it linked to a very convincing 'support portal' page. The cyberspoofers also used Google Sites — a free web-based platform for creating websites without needing coding skills — 'because they know people will see the domain is and assume it's legit,' said Johnson. To make things more confusing, the email originated from an official no-reply on Google's domain and was filed 'in the same conversation as other, legitimate security alerts,' the tech whiz warned. 3 In light of the incident, Johnson is calling on Google to disable scripts and arbitrary embeds in Sites to make Gmail less susceptible to phishing. Backcountry Media – Advertisement How did the hackers manage to fly under the radar? Johnson pointed to 'two vulnerabilities in Google's [infrastructure] that they have declined to fix.' He wrote that the legacy product dates back to 'before Google got serious about security,' and allows anyone to host content on a subdomain, including nefarious embeds and scripts such as the above. 'Obviously, this makes building a credential harvesting site trivial; they simply have to be prepared to upload new versions as old ones get taken down by Google's abuse team,' Johnson said. Fortunately, there are a few ways to suss out this masquerade. For one, while the header is signed by it is sent via and sent to the address 'me@blah,' the cybersecurity maven wrote. Also suspect, per Johnson is that there is 'a lot of whitespace' below the phishing message 'followed by 'Google Legal Support was granted access to your Google Account' and the odd me@… email address again.' Advertisement In light of the incident, Johnson is calling on Google to disable scripts and arbitrary embeds in Sites to make Gmail less susceptible to phishing. The Post has contacted Google for comment.
Arabian Post
29-04-2025
- Arabian Post
Gmail Users Exposed in Sophisticated DKIM Replay Phishing Attack
A recent and highly sophisticated phishing campaign has exposed a critical vulnerability within Google's infrastructure, placing Gmail users at significant risk. The attack, identified by Nick Johnson, lead developer of the Ethereum Name Service , demonstrates how cybercriminals can exploit Google's own systems to deliver deceptive emails that appear to originate from legitimate Google sources. Johnson received an email that seemed to be a standard security alert from Google, notifying him of a subpoena allegedly issued by law enforcement concerning his Google account. The email included a link directing him to a page hosted on which closely mimicked Google's official support portal. Upon closer inspection, Johnson noted that the URL should have been raising suspicions about the email's authenticity. The attackers leveraged Google's Sites platform to host these fraudulent pages, exploiting the trust users place in Google's domains. By using which allows any user to create web pages, the phishing pages appeared credible and bypassed many security filters. This tactic is particularly effective because the domain seems trustworthy to most users and can circumvent standard email authentication protocols. A critical component of this attack is the abuse of the DomainKeys Identified Mail protocol. DKIM allows the sending server to attach a digital signature to an email, verifying its authenticity. In this case, the attackers exploited a loophole where DKIM-signed messages retain their signature during replays, provided the email body remains unchanged. This means that if a malicious actor obtains a previously legitimate DKIM-signed email, they can resend it without modification, and it will still pass authentication checks. The attackers executed a multi-step process to exploit this vulnerability: 1. They created a Gmail account with an address starting with 'me@', making the email appear as if it was addressed to 'me,' a common shorthand in Gmail interfaces. 2. They registered a Google OAuth application, naming it to match the phishing link. 3. They granted the OAuth app access to their Google account, triggering a legitimate security warning from [email protected]. 4. This alert, containing the content of the phishing email embedded in the app name, had a valid DKIM signature. 5. They forwarded the message untouched, preserving the DKIM signature's validity. By embedding the entire phishing message in the application name and preparing a fake login site, the attackers created a convincing facade. Once the initial setup was complete, replicating the procedure became straightforward, even if a page was reported and taken down. Notably, reporting abuse on is not a simple process, further aiding the attackers. The phishing email's authenticity was bolstered by the fact that it passed all standard authentication checks, including DKIM, and appeared in the same conversation thread as legitimate security alerts from Google. This level of sophistication makes it challenging for users to discern the fraudulent nature of the email. Google initially responded to Johnson's bug report by stating that the system was 'Working as Intended.' However, after further consideration, Google acknowledged the issue and committed to addressing the OAuth bug. The company has since implemented measures to close this security loophole and recommends that users enable two-factor authentication and passkeys to enhance account security.
