Russia claims it foiled a cyber attack from a foreign spy service

The Russian government claims to have foiled a "large-scale" cyber attack from foreign intelligence services meant to destabilize the country’s financial system.The government’s Federal Security Service made the statement on Friday without blaming a specific country, but said the attack was meant to be carried out on Dec. 5 against a number of major Russian banks.The hack would have also included the use of social media and SMS text messages to circulate posts claiming a crisis in Russia’s financial system. Several dozen cities in the country had been targeted, the Federal Security Service claimed, stating it had already neutralized the threat.To read this article in full or to leave a comment, please click here

Russia claims it foiled a cyber attack from a foreign spy service

The Russian government claims to have foiled a "large-scale" cyber attack from foreign intelligence services meant to destabilize the country’s financial system.The government’s Federal Security Service made the statement on Friday without blaming a specific country, but said the attack was meant to be carried out on Dec. 5 against a number of major Russian banks.The hack would have also included the use of social media and SMS text messages to circulate posts claiming a crisis in Russia’s financial system. Several dozen cities in the country had been targeted, the Federal Security Service claimed, stating it had already neutralized the threat.To read this article in full or to leave a comment, please click here

Is This A Server Slowdown, Or Increasing Efficiency?

If you happen to believe that spending on core IT infrastructure is a leading indicator of the robustness of national economies and the global one that is stitched, somewhat piecemeal like a patchwork quilt. From them, then the third quarter sales and shipments of servers is probably sounding a note of caution for you.

It certainly does for us here at The Next Platform. But it is important, particularly if we have in fact hit the peak of the X86 server market as we mused about three months ago, to not get carried away. A slowdown in spending

Is This A Server Slowdown, Or Increasing Efficiency? was written by Timothy Prickett Morgan at The Next Platform.

Intel’s silence on Optane SSDs raises questions about launch and focus

There's a lot of excitement about Intel's superfast Optane SSDs, but products won't be on shelves this year as the chipmaker had earlier promised.Intel is currently making Optane in a factory in China, and production will "ramp" up next year, said Stacy Smith, executive vice president of manufacturing, operations, and sales at Intel.Smith declined to comment on when Optane products will hit the market, maintaining a consistent pattern of silence among Intel executives on the topic. He spoke at the Credit Suisse 20th Annual Technology, Media, and Telecom conference in Scottsdale, Arizona this week.Intel CEO Brian Krzanich said sample Optane products will ship to more testers next year, and that "it’s really a 2018 ramp for that product," according to a transcript of an October earnings call, posted on Seeking Alpha.To read this article in full or to leave a comment, please click here

What it Takes to Build True FPGA as a Service

Amazon Web Services might be offering FPGAs in an EC2 cloud environment, but this is still a far cry from the FPGA-as-a-service vision many hold for the future. Nonetheless, it is a remarkable offering in terms of the bleeding-edge Xilinx accelerator. The real success of these FPGA (F1) instances now depends on pulling in the right partnerships and tools to snap a larger user base together—one that would ideally include non-FPGA experts.

In its F1 instance announcement this week, AWS made it clear that for the developer preview, there are only VHDL and Verilog programmer tools, which are very

What it Takes to Build True FPGA as a Service was written by Nicole Hemsoth at The Next Platform.

The NSA and Skilz: Turning spying on you into a video game

What could possibly be creepier than a government organization (such as the NSA) having nearly unlimited access to your private, personal information (including access to your webcam)? Turns out, the answer is: when it gets turned into a video game. And it appears, they have done this. On Dec. 1, 2016, Wikileaks released a collection of documents relating to the German parliament inquiry of the cooperation between the German foreign intelligence agency (the BND) and the United States’ NSA. One particular document (pdf) within that collection caught my attention. It appears to be a report from an official at the European Cryptologic Center (ECC) from April 13, 2012, detailing how they can improve usage of Xkeyscore (XKS) to collect information about people. To read this article in full or to leave a comment, please click here

The NSA and Skilz: Turning spying on you into a video game

What could possibly be creepier than a government organization (such as the NSA) having nearly unlimited access to your private, personal information (including access to your webcam)? Turns out, the answer is: when it gets turned into a video game. And it appears, they have done this. On Dec. 1, 2016, Wikileaks released a collection of documents relating to the German parliament inquiry of the cooperation between the German foreign intelligence agency (the BND) and the United States’ NSA. One particular document (pdf) within that collection caught my attention. It appears to be a report from an official at the European Cryptologic Center (ECC) from April 13, 2012, detailing how they can improve usage of Xkeyscore (XKS) to collect information about people. To read this article in full or to leave a comment, please click here

IDG Contributor Network: Solution to JIT-ROP cyber attacks: Scramble code quickly

A new software development technique promises to end destructive exploits from hackers. The concept is to continually, and repeatedly, rearrange the program’s code while it’s running—and do it very quickly. Doing that shuts down the hacker’s “window of opportunity” because he doesn’t know where to find bugs to hit with his poisonous attack. The scrambling occurs over milliseconds.Code reuse attacks are the kind of harmful exploits that can be stopped dead in their tracks, researchers say in an article on Columbia University’s website.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Solution to JIT-ROP cyber attacks: Scramble code quickly

A new software development technique promises to end destructive exploits from hackers. The concept is to continually, and repeatedly, rearrange the program’s code while it’s running—and do it very quickly. Doing that shuts down the hacker’s “window of opportunity” because he doesn’t know where to find bugs to hit with his poisonous attack. The scrambling occurs over milliseconds.Code reuse attacks are the kind of harmful exploits that can be stopped dead in their tracks, researchers say in an article on Columbia University’s website.To read this article in full or to leave a comment, please click here

Researchers find a way bypass the iOS activation lock

Two researchers claim to have found a way to bypass the activation lock feature in iOS that's supposed to prevent anyone from using an iPhone or iPad marked as lost by its owner.The first report came Sunday from an Indian security researcher named Hemanth Joseph, who started investigating possible bypasses after being confronted with a locked iPad he acquired from eBay.The activation lock gets enabled automatically when users turn on the Find My iPhone feature via iCloud. It links the device to their Apple IDs and prevents anyone else from accessing the device without entering the associated password.One of the few things allowed from the activation lock screen is connecting the device to a Wi-Fi network, including manually configuring one. Hemanth had the idea of trying to crash the service that enforces the lock screen by entering very long strings of characters in the WPA2-Enterprise username and password fields.To read this article in full or to leave a comment, please click here

Researchers find a way bypass the iOS activation lock

Two researchers claim to have found a way to bypass the activation lock feature in iOS that's supposed to prevent anyone from using an iPhone or iPad marked as lost by its owner.The first report came Sunday from an Indian security researcher named Hemanth Joseph, who started investigating possible bypasses after being confronted with a locked iPad he acquired from eBay.The activation lock gets enabled automatically when users turn on the Find My iPhone feature via iCloud. It links the device to their Apple IDs and prevents anyone else from accessing the device without entering the associated password.One of the few things allowed from the activation lock screen is connecting the device to a Wi-Fi network, including manually configuring one. Hemanth had the idea of trying to crash the service that enforces the lock screen by entering very long strings of characters in the WPA2-Enterprise username and password fields.To read this article in full or to leave a comment, please click here

6 Steps for a Successful E-rate Season

E-rate, a government funded program, allows schools and libraries to implement and update in-building network infrastructure. For most school districts, this funding is to make sure all students have reliable access to Wi-Fi to enable digital learning and improve student outcomes. However, the process to apply and receive funding can be a little tedious; therefore, many schools do not finish the process or submit forms incorrectly, leading to a loss in funding.

40% off Corsair Waterproof Shockproof 256GB USB 3.0 Flash Drive – Deal Alert

Military-style data transportation. That's how Corsair describes their Flash Survivor Stealth series of USB flash drives. Its anodized, aircraft-grade aluminum housing is waterproof to 200 meters, vibration-resistant, and shock-resistant while small enough to fit on your keychain. USB 3.0 offers read speeds up to four times faster than traditional USB 2.0 drives, so it's fast enough to play most videos directly from it, without having to transfer to a hard drive first. The drive is backwards compatible to 2.0 as well. Just plug it in, and it works with Windows, Mac OS and Linux without any additional software or drivers. This product also comes with a limited 5 year warranty. It averages 4.5 out of 5 stars from over 210 people on Amazon (read reviews), many of which report it's still alive after years of hard use. The 256GB model's list price of $157 has been reduced 40% to $94.62. To read this article in full or to leave a comment, please click here

IDG Contributor Network: Levi’s Stadium uses IoT to enhance 49ers’ fan experience

The San Francisco 49ers are my home football team. They aren't doing too well in the NFC West standings these days. On the plus side, though, they do have a great stadium.Levi's Stadium is about 40 miles south of San Francisco in Santa Clara, California. It seats more than 65,000 spectators in two bowl-like structures. The logistics are daunting for a stadium that big. Consider the issues involved with getting thousands of fans to their seats quickly and securely in time to enjoy the game. Parking—Purchasing parking passes digitally and providing turn-by-turn directions to the visitor's assigned lot Navigation—Helping fans quickly and easily find their seats Security—Mitigating risks and enabling fans to be the eyes and ears of the stadium and report any security issues that may occur. Refreshments—Ensuring fans get the food and beverages they want, when they want them. Beacons, IoT sensors and sophisticated mobile apps have elevated the experience for 49ers fans and changed the game for venue operators.To read this article in full or to leave a comment, please click here

Stuff The Internet Says On Scalability For December 2nd, 2016

Hey, it's HighScalability time:

 

A phrase you've probably heard a lot this week: AWS announces...

 

If you like this sort of Stuff then please support me on Patreon.

  • 18 minutes: latency to Mars; 100TB: biggest dynamodb table; 55M: visits to Kaiser were virtual; $2 Billion: yearly Uber losses; 91%: Apple's take of smartphone profits; 825: AI patents held by IBM; $8: hourly cost of a spot welding in the auto industry; 70%: Walmart website traffic was mobile; $3 billion: online black friday sales; 80%: IT jobs replaceable by automation; $7500: cost of the one terabit per second DDoS attack on Dyn; 

  • Quotable Quotes:
    • @BotmetricHQ: #AWS is deploying tens of thousands of servers every day, enough to power #Amazon in 2005 when it was a $8.5B Enterprise. #reInvent
    • bcantrill: From my perspective, if this rumor is true, it's a relief. Solaris died the moment that they made the source proprietary -- a decision so incredibly stupid that it still makes my head hurt six years later.
    • Dropbox: it can take up to 180 milliseconds for data traveling by undersea cables at nearly the speed of Continue reading

Remote management app exposes millions of Android users to hacking

Poor implementation of encryption in a popular Android remote management application exposes millions of users to data theft and remote code execution attacks.According to researchers from mobile security firm Zimperium, the AirDroid screen sharing and remote control application sends authentication information encrypted with a hard-coded key. This information could allow man-in-the-middle attackers to push out malicious AirDroid add-on updates, which would then gain the permissions of the app itself.AirDroid has access to a device's contacts, location information, text messages, photos, call logs, dialer, camera, microphone and the contents of the SD card. It can also perform in-app purchases, change system settings, disable the screen lock, change network connectivity and much more.To read this article in full or to leave a comment, please click here

Remote management app exposes millions of Android users to hacking

Poor implementation of encryption in a popular Android remote management application exposes millions of users to data theft and remote code execution attacks.According to researchers from mobile security firm Zimperium, the AirDroid screen sharing and remote control application sends authentication information encrypted with a hard-coded key. This information could allow man-in-the-middle attackers to push out malicious AirDroid add-on updates, which would then gain the permissions of the app itself.AirDroid has access to a device's contacts, location information, text messages, photos, call logs, dialer, camera, microphone and the contents of the SD card. It can also perform in-app purchases, change system settings, disable the screen lock, change network connectivity and much more.To read this article in full or to leave a comment, please click here

1 2 3 1,299