RAC Ontario Sections Bulletin for February 20th, 2021

1. Ham Radio in Friedrichshafen, Germany, Tentatively on for 2021

Ham Radio in Friedrichshafen, Germany, was canceled last year because of the pandemic.
Organizers for Europe’s International Amateur Radio Exhibition this week expressed
optimism that the 45th Ham Radio, sponsored by the Deutscher Amateur Radio Club (DARC),
will be able to take place June 25 – 27.

At the moment, we are assuming that we will be able to hold Ham Radio in accordance
with an extensive, tried-and-proven safety and hygiene concept and are looking forward
to seeing everyone again at Europe’s most important trade fair for amateur radio.
-- arrl news

2. ITU News Magazine Covers World Radio Day, Includes Articles on Ham Radio

The latest issue of the free publication ITU News Magazine highlights World Radio Day
(observed each year on February 13), featuring two articles on amateur radio.
Articles include the evolution of radio throughout the ages, ham radio and emergency
communications, and remarks by International Amateur Radio Union (IARU) President
Tim Ellam VE6SH, regarding why World Amateur Radio Day (celebrated each year
on April 18) is important to highlight crucial services.
-- arrl news



3. British Columbia Radio Amateur Copies Signal from Mars-Orbiting Satellite

As reported on Spaceweather.com, Canadian radio amateur Scott Tilley, VE7TIL,
has snagged another signal from deep space. His latest conquest has been to copy
the signal from China’s Tianwen-1 probe, which went into orbit around Mars on
February 10. Tilley said that the probe’s X-band signal was “loud and audible.”

“It was a treasure hunt,” Tilley told Spaceweather.com. He explained that while
the spacecraft did post its frequency with the International Telecommunication
Union, it was too vague for precise tuning (X band is between 8 GHz and 12 GHz).

Tilley uses a homemade 60-centimeter dish and relies on software-defined
radios (SDRs) to accomplish the task.

Radio amateurs have been listening for signals from space since the 1957 launch
of Sputnik 1, which transmitted at around 20 MHz.

-- arrl news

4. New phishing attack uses Morse code to hide malicious URLs

Starting Feb 2nd, a threat actor began utilizing Morse code to hide malicious URLs
in their phishing form to bypass secure mail gateways and mail filters.
BleepingComputer could not find any references to Morse code being used in phishing
attacks in the past, making this a novel obfuscation technique

The phishing attack starts with an email pretending to be an invoice for the company.
The mail includes an HTML attachment named in such a way as to appear to be an Excel
invoice for the company. When viewing the attachment in a text editor, you can see
that it includes JavaScript that maps letters and numbers to Morse code. The script
then calls a function to decode a Morse code string into a hexadecimal string.
This hexadecimal string is further decoded into JavaScript tags that are
injected into the HTML page. The injected scripts combined with the HTML attachment
contain the various resources necessary to render a fake Excel spreadsheet that
states their sign-in timed out and prompts them to enter their password again.
Once a user enters their password, the form submits the password to a remote site
where the attacker can collect the login credentials.
Phishing scams are becoming more intricate every day as mail gateways become better
at detecting malicious emails. As this phishing email uses attachments with double
-extension (xlxs and HTML), it is important to make sure that Windows file
extensions are enabled to make it easier to spot suspicious attachments.

-- Lawrence Abrams, BleepingComputer.com

Posted by: Paul Caccamo <va3pc @ rac.ca>