Lost thumb drives bedevil US banking agency

A U.S. banking regulator says an employee downloaded a large amount of data from its computer system a week before he retired and is now unable to locate the thumb drives he stored it on.The Office of the Comptroller of the Currency, which is a part of the Department of the Treasury, said the loss represented "a major information security incident" as it reported the case to Congress on Friday.The data was taken in November 2015, but its loss was only discovered in September this year as the agency reviewed downloads to removable media devices in the last two years.The employee in question used two thumb drives to store the information, both of which he is unable to locate, the agency said.To read this article in full or to leave a comment, please click here

Lost thumb drives bedevil US banking agency

A U.S. banking regulator says an employee downloaded a large amount of data from its computer system a week before he retired and is now unable to locate the thumb drives he stored it on.The Office of the Comptroller of the Currency, which is a part of the Department of the Treasury, said the loss represented "a major information security incident" as it reported the case to Congress on Friday.The data was taken in November 2015, but its loss was only discovered in September this year as the agency reviewed downloads to removable media devices in the last two years.The employee in question used two thumb drives to store the information, both of which he is unable to locate, the agency said.To read this article in full or to leave a comment, please click here

Best Deals of the Week, October 24th – October 28th – Deal Alert

Best Deals of the Week, October 24th - October 28th - Deal AlertCheck out this roundup of the best deals on gadgets, gear and other cool stuff we have found this week, the week of October 17th. All items are highly rated, and dramatically discounted.66% off KMASHI 15000mAh External Battery Power BankKMASHI's 15,000mAh power bank can charge any 2 smartphones, tablets or USB devices simultaneously at high speed, and several times over without needing to be recharged. It currently averages 4 out of 5 stars on Amazon from over 7,700 customers (read reviews). With the current 66% discount you can buy it on Amazon for just $17. See it now on Amazon.To read this article in full or to leave a comment, please click here

Microsoft to launch low-end VR headset in December

Apparently Microsoft is not done with hardware introductions. The company plans to bring new low-cost mixed-reality headsets to market through its Windows Holographic platform for as little as $299. The details came out at the big Surface launch event in New York earlier this week, but the news site Polygon got more details from Microsoft Technical Fellow and head of the HoloLens program Alex Kipman.To read this article in full or to leave a comment, please click here

Worth Reading: Seven (more) deadly sins of microservices

It seems like the development community is quite excited about microservices these days, but at OSCON Europe, Daniel Bryant, who is chief scientist at OpenCredo, continued to point out some of the mistakes that architects and administrators routinely make while adopting to this new “Loosely coupled service oriented architecture with bounded contexts,” as Adrian Cockcroft described microservices. —The New Stack

LinkedInTwitterGoogle+Facebook

The post Worth Reading: Seven (more) deadly sins of microservices appeared first on 'net work.

Companies complacent about data breach preparedness

The likelihood that companies will experience a security incident continue to rise every year. While most organizations have put a data breach preparedness plan in place to combat such incidents, most executives aren't updating or practicing the plan regularly, according to study released earlier this month."When it comes to managing a data breach, having a response plan is simply not the same as being prepared," Michael Bruemmer, vice president at Experian Data Breach Resolution (which sponsored the study) said in a statement. "Unfortunately many companies are simply checking the box on this security tactic. Developing a plan is the first step, but preparedness must be considered an ongoing process, with regular reviews of the plan and practice drills."To read this article in full or to leave a comment, please click here

Companies complacent about data breach preparedness

The likelihood that companies will experience a security incident continue to rise every year. While most organizations have put a data breach preparedness plan in place to combat such incidents, most executives aren't updating or practicing the plan regularly, according to study released earlier this month."When it comes to managing a data breach, having a response plan is simply not the same as being prepared," Michael Bruemmer, vice president at Experian Data Breach Resolution (which sponsored the study) said in a statement. "Unfortunately many companies are simply checking the box on this security tactic. Developing a plan is the first step, but preparedness must be considered an ongoing process, with regular reviews of the plan and practice drills."To read this article in full or to leave a comment, please click here

After DDOS attack, senator seeks industry-led security standards for IoT devices

Last week’s massive distributed denial-of-service attack has prompted an urgent focus on the need for industry-led cybersecurity standards for internet of things devices.U.S. Sen. Mark Warner, (D-Va.) said Thursday that he favors an industry-based approach before seeking some form of government regulation of IoT security.“Last week’s attack does reveal a new level of vulnerability, and I’m trying to make it clear ... that this is not a problem that the government ought to be the first actor in solving,” he said in a telephone interview.To read this article in full or to leave a comment, please click here

After DDOS attack, senator seeks industry-led security standards for IoT devices

Last week’s massive distributed denial-of-service attack has prompted an urgent focus on the need for industry-led cybersecurity standards for internet of things devices.U.S. Sen. Mark Warner, (D-Va.) said Thursday that he favors an industry-based approach before seeking some form of government regulation of IoT security.“Last week’s attack does reveal a new level of vulnerability, and I’m trying to make it clear ... that this is not a problem that the government ought to be the first actor in solving,” he said in a telephone interview.To read this article in full or to leave a comment, please click here

FBI to probe new emails related to Clinton’s private server

The FBI has uncovered new emails related to Hillary Clinton's use of a private email server, prompting federal authorities to investigate them. The FBI discovered the emails as part of an "unrelated case," FBI Director James Comey said in a letter to a congressional committee that was later tweeted on Friday. These emails "appear to be pertinent" to the FBI's original investigation into Clinton's private server use, which the agency wrapped up back in July, Comey said. Clinton, now the Democratic nominee for U.S. president, used the privacy server while she served as secretary of state.To read this article in full or to leave a comment, please click here

FBI to probe new emails related to Clinton’s private server

The FBI has uncovered new emails related to Hillary Clinton's use of a private email server, prompting federal authorities to investigate them. The FBI discovered the emails as part of an "unrelated case," FBI Director James Comey said in a letter to a congressional committee that was later tweeted on Friday. These emails "appear to be pertinent" to the FBI's original investigation into Clinton's private server use, which the agency wrapped up back in July, Comey said. Clinton, now the Democratic nominee for U.S. president, used the privacy server while she served as secretary of state.To read this article in full or to leave a comment, please click here

Coca-Cola headlines a fast-turning CIO carousel

The Coca-Cola Company yesterday said that it has promoted Barry Simpson to CIO. Simpson, who will oversee the company’s global IT strategy, services and operations, had served as interim CIO since July, when he replaced the late Ed Steinike. Coca-Cola CompanyCIO Barry Simpson. “Given the significant amount of change under way as we transform our business for the future, it’s important that we have an IT function positioned to protect our information technology and accelerate our growth around the world,” said Coca-Cola President and COO James Quincey in a statement.To read this article in full or to leave a comment, please click here

Microsoft’s $300 Windows VR headsets: 6 things we know (and 1 big question)

Everybody expected mixed-reality technology to play a part in Microsoft’s big Windows 10 event on Wednesday—but nobody expected what we got. Rather than showing yet another HoloLens demonstration, Microsoft instead announced a small army of virtual reality headsets unlike anything available today, and they’re all powered by the forthcoming Windows 10 Creators Update.The demo raised more questions than it supplied answers, but there was still plenty of info to glean if you were paying attention. Here’s everything we know about Microsoft’s Windows 10 VR headsets—and one massive question spurred by their mere existence.To read this article in full or to leave a comment, please click here

New Windows code injection method could let malware bypass detection

Security researchers have discovered a new way that allows malware to inject malicious code into other processes without being detected by antivirus programs and other endpoint security systems.The new method was devised by researchers from security firm Ensilo who dubbed it AtomBombing because it relies on the Windows atom tables mechanism. These special tables are provided by the operating system and can be used to share data between applications."What we found is that a threat actor can write malicious code into an atom table and force a legitimate program to retrieve the malicious code from the table," Ensilo researcher Tal Liberman said in a blog post. "We also found that the legitimate program, now containing the malicious code, can be manipulated to execute that code."To read this article in full or to leave a comment, please click here

New Windows code injection method could let malware bypass detection

Security researchers have discovered a new way that allows malware to inject malicious code into other processes without being detected by antivirus programs and other endpoint security systems.The new method was devised by researchers from security firm Ensilo who dubbed it AtomBombing because it relies on the Windows atom tables mechanism. These special tables are provided by the operating system and can be used to share data between applications."What we found is that a threat actor can write malicious code into an atom table and force a legitimate program to retrieve the malicious code from the table," Ensilo researcher Tal Liberman said in a blog post. "We also found that the legitimate program, now containing the malicious code, can be manipulated to execute that code."To read this article in full or to leave a comment, please click here

IDC to Samsung: Put Note7 fiasco to rest by focusing on Galaxy S8

Market research firm IDC says the best thing Samsung can do to put the fiery Note7 recall behind it is to come out with a really great Galaxy S8 smartphone next year.Samsung indeed has already started to tease that new Android phone, including during an analyst call this week in which the company detailed the big financial hit it has suffered from recalling the Note7 due the phablet's overheating battery issues (See also: "Samsung issues elaborate fireproof boxes for Note7 returns")To read this article in full or to leave a comment, please click here

1 2,338 2,339 2,340 2,341 2,342 3,616