Apparently, big bucks can be made selling stolen printer ink cartridges online.A dozen suspects are accused of pulling in more than US$12 million by selling the stolen cartridges and retail electronics on Amazon and eBay, New York Attorney General Eric Schneiderman said on Wednesday.Sixty-four-year-old Richard Rimbaugh allegedly led the operation for more than 20 years by recruiting people to steal the goods from retail stores across 28 states.Rimbaugh and his "theft crews" allegedly went out each week to steal new merchandise, which also included computer software, Schneiderman said.To read this article in full or to leave a comment, please click here
When you choose a productivity platform like Microsoft’s Office 365 or Google’s G Suite, the main focus is on the platform’s functionality: Does it do the job you need?That’s of course critical, but once you choose a platform, you have to manage it. That’s why management capabilities should be part of your evaluation of a productivity and collaboration platform, not only its user-facing functionality.You’ve come to the right place for that aspect of choosing between Office 365 and Google G Suite.[ InfoWorld’s deep look: Why (and how) you should manage Windows 10 PCs like iPhones. | The essentials for Windows 10 installation: Download the Windows 10 Installation Superguide today. ]
Admin console UI. Both the Office 365 and G Suite admin consoles are well designed, providing clean separation of management functions and clear settings labels, so you can quickly move to the settings you want and apply them.To read this article in full or to leave a comment, please click here(Insider Story)
One of the main reasons to buy insurance is to prevent the cost of an accident or other disaster from breaking the bank. But what if simply buying insurance threatens to break the bank?That scenario is starting to worry some organizations, for several reasons.First is the simple but powerful market force of supply and demand. More and more organizations, spooked by regular stories of catastrophic breaches – such as the compromise of more than 1.5 billion Yahoo! accounts, which took down its acquisition value by a reported $350 million – are seeking insurance. And when demand rises, the price tends to do so as well.To read this article in full or to leave a comment, please click here
Last month, reports came out that Apple accidentally installed a fake firmware patch on internal development servers. That's a lesson to all companies to be careful about where they get their patches.What may have happened is that an Apple employee installed a patch shared by the hardware vendor's employee, instead of using the official release of the patch, said Chris Nietzold, senior platform engineer at security appliance manufacturer MBX Systems."They procured the firmware from an unofficial source and didn't follow the official release schedule," he said.The firmware included a potential security vulnerability and Apple reportedly ended its relationship with the supplier, Super Micro Computer, as a result.To read this article in full or to leave a comment, please click here
Pwnie Express is adding a tool that ranks the risks its security service finds on customer networks and makes it easier to remediate them.The new feature of the company’s Pulse service assesses potential vulnerabilities that its sensors detect in customers’ networks and issues a grade in each of four categories. This Device Risk Scorecard points out problems, prioritizes them by urgency and tells how to fix them.The scorecard looks at wireless infrastructure configuration, client connection behaviors, network host configuration, and shadow IT and rogue devices and computes a grade for each. Customers can drill down to find what discoveries account for low scores and follow the remediation suggestions to fix the problems.To read this article in full or to leave a comment, please click here
In a rare move, the U.S. has indicted two Russian government agents for their suspected involvement in a massive Yahoo data breach. But what now?
Security experts say Wednesday’s indictment might amount to nothing more than naming and shaming Russia. That’s because no one expects the Kremlin to play along with the U.S. indictment.
“I can’t imagine the Russian government is going to hand over the two FSB officers,” said Jeremiah Grossman, chief of security strategy at SentinelOne.
"Even in the most successful investigations, state hackers are still immune from prosecution or retaliation," said Kenneth Geers, a research scientist at security firm Comodo.To read this article in full or to leave a comment, please click here
One mistaken click. That's all it took for hackers aligned with the Russian state security service to gain access to Yahoo's network and potentially the email messages and private information of as many as 500 million people.The U.S. Federal Bureau of Investigation has been investigating the intrusion for two years, but it was only in late 2016 that the full scale of the hack became apparent. On Wednesday, the FBI indicted four people for the attack, two of whom are Russian spies.Here's how the FBI says they did it:The hack began with a spear-phishing email sent in early 2014 to a Yahoo company employee. It's unclear how many employees were targeted and how many emails were sent, but it only takes one person to click on a link, and it happened.To read this article in full or to leave a comment, please click here
One mistaken click. That's all it took for hackers aligned with the Russian state security service to gain access to Yahoo's network and potentially the email messages and private information of as many as 500 million people.The U.S. Federal Bureau of Investigation has been investigating the intrusion for two years, but it was only in late 2016 that the full scale of the hack became apparent. On Wednesday, the FBI indicted four people for the attack, two of whom are Russian spies.Here's how the FBI says they did it:The hack began with a spear-phishing email sent in early 2014 to a Yahoo company employee. It's unclear how many employees were targeted and how many emails were sent, but it only takes one person to click on a link, and it happened.To read this article in full or to leave a comment, please click here
The U.S. Federal Bureau of Investigation has been investigating the intrusion for two years, but it was only in late 2016 that the full scale of the hack became apparent. On Wednesday, the FBI indicted four people for the attack, two of whom are Russian spies.
No wonder people from Massachusetts get called that name we all find kind of amusing but I still shouldn’t print on this website for networking professionals.
The Massachusetts State Police posted the above photo to Facebook a few hours ago, along with this admonishment:
Soooo..... this just happened.
Trooper Paul Copponi just stopped this vehicle on the Massachusetts Turnpike in Weston. How little regard do you have to have for the lives and safety of your fellow citizens, not to mention your own life and safety, to do this?To read this article in full or to leave a comment, please click here
Microsoft's batch of security patches for March is one of the largest ever and includes fixes for several vulnerabilities that are publicly known and actively exploited.The company published 17 security bulletins covering 135 vulnerabilities in its own products and one separate bulletin for Flash Player, which has its security patches distributed through Windows Update. Nine bulletins are rated critical and nine are rated as important.The affected products include Windows, Internet Explorer, Microsoft Edge, Microsoft Office, Exchange, Skype for Business, Microsoft Lync, and Silverlight.To read this article in full or to leave a comment, please click here
Put aside the matter of Russian interference in our presidential election to instead consider this scenario: If Vladimir Putin ordered his government-employed hackers to plant spyware on your personal computer – stealing all your data and even recording your Skype calls – you would have no access to any legal remedy in the U.S. court system.
Preposterous, you say?
That’s the law, according to the United States Court of Appeals for the District of Columbia Circuit, which yesterday upheld a lower court decision denying even a day in court to an American citizen who moved here from Ethiopia 30 years ago and was victimized by that country’s government in the exact fashion described above.To read this article in full or to leave a comment, please click here
The U.S. Federal Bureau of Investigation has charged four people, including two Russian state intelligence agents, for their involvement in a massive hack of Yahoo that affected half a billion accounts.In September, Yahoo said hackers had managed to steal personal data on more than 500 million users during an attack in late 2014. The stolen data included names, email addresses, telephone numbers and hashed passwords. Blame for the attack was put on a "state-sponsored" group.On Wednesday, the FBI said that group was the Russian Federal Security Service, the FSB, and it identified agents Dmitry Dokuchaev and Igor Sushchin as leaders of the attack.To read this article in full or to leave a comment, please click here
The personal identifying information (PII)—names, email addresses, phone numbers, physical addresses, employers and job titles—for 33,698,126 Americans has been leaked online.The data, a 52.2GB CSV file, came from a commercial corporate database. Security researcher Troy Hunt determined that the breach came from NetProspex, a service provided by Dun & Bradstreet, which ironically was named as a 2017 world’s most ethical company.To read this article in full or to leave a comment, please click here
A vulnerability patched in the web-based versions of encrypted communications services WhatsApp and Telegram would have allowed attackers to take over accounts by sending users malicious files masquerading as images or videos.The vulnerability was discovered last week by researchers from Check Point Software Technologies and was patched by the WhatsApp and Telegram developers after the company privately shared the flaw's details with them.The web-based versions of WhatsApp and Telegram synchronize automatically with the apps installed on users' phones. At least in the case of WhatsApp, once paired using a QR code, the phone needs to have an active internet connection for WhatsApp messages to be relayed to the browser on the computer.To read this article in full or to leave a comment, please click here
Twitter Counter, a third-party analytics service, appears once again to have provided a gateway for hackers to post messages to high-profile Twitter accounts.An unlikely number of Twitter users suddenly learned to speak Turkish on Wednesday, posting an inflammatory message in the language replete with Nazi swastikas.Among those posting the message were the Twitter accounts of Forbes magazine, the Atlanta Police Department, and Amnesty International, one of the few hacked accounts one might expect to speak Turkish.Fears that these accounts had all been hacked were quickly allayed, when Twitter identified a third-party app as being to blame.To read this article in full or to leave a comment, please click here
With the onrush of connected internet of things (IoT) devices, distributed denial-of-service attacks are becoming a dangerous trend. Similar to what happened to DNS service provider Dyn last fall, anyone and everyone is in the crosshairs. The idea of using unprotected IoT devices as a way to bombard networks is gaining momentum.The advent of DDoS-for-hire services means that even the least tech-savvy individual can exact revenge on some website. Step on up to the counter and purchase a stresser that can systemically take down a company.To read this article in full or to leave a comment, please click here
An appeals court has barred an Ethiopian-born U.S. citizen from filing a civil suit against the African country, which allegedly infected his computer with spyware and monitored his communications.The U.S. Court of Appeals for the District of Columbia Circuit ruled Tuesday that foreign states are immune from suit in a U.S. court unless an exception to the Foreign Sovereign Immunities Act (FSIA) applies.The person, who is referred to in court documents by the pseudonym Kidane, was born in Ethiopia and lived there for 30 years before seeking asylum in the U.S. He lives in Maryland.To read this article in full or to leave a comment, please click here
In a massive data dump last week, WikiLeaks released thousands upon thousands of highly secretive and sensitive CIA documents that detail the extent of the government agency's spying tools. Aside from interesting tidbits regarding the CIA attempting to eavesdrop on targets via Samsung HD-TVs, the leaked documents also reference the CIA's efforts to hack into iOS devices.In fact, the CIA even has a specialized team devoted entirely towards coming up with security exploits for iOS devices, in particular the iPhone. Even though the iPhone only accounts for less than 15 percent of global smartphone marketshare, Apple's iconic smartphone attracts a disproportionate amount of attention because it's proven to be quite popular among "social, political, diplomatic and business elites."To read this article in full or to leave a comment, please click here
Microsoft today postponed the retirement of the security bulletins that for nearly two decades have described in detail the month's slate of vulnerabilities and accompanying patches.The bulletins' last stand was originally scheduled for January, with a replacement process ready to step in Feb. 14. Rather than a set of bulletins, Microsoft was to provide a searchable database of support documents dubbed the "Security Updates Guide" or SUG.But just hours before February's security updates were to be released, Microsoft announced that it was postponing the entire collection to March 14, citing "a last-minute issue" that might impact some customers. The Redmond, Wash. company never spelled out exactly what led it to decide on the unprecedented delay.To read this article in full or to leave a comment, please click here