President Barack Obama has ordered U.S. intelligence agencies to conduct a full review of the cyberattacks that allegedly tried to disrupt this year's election, as his successor Donald Trump casts doubt over Russia's possible involvement. Obama's homeland security advisor Lisa Monaco first mentioned the need for the review while speaking to reporters on Friday morning, according to Politico."We may be crossed into a new threshold, and it is incumbent upon us to take stock of that, to review, to conduct some after-action, to understand what this means, and to impart those lessons learned," Monaco reportedly said.To read this article in full or to leave a comment, please click here
The number of ransomware attacks targeting companies increased threefold from January to September, affecting one in every five businesses worldwide.According to a new report from security company Kaspersky Lab, the rate of ransomware attacks against businesses increased from one every two minutes to one every 40 seconds during that period. For consumers it was even worse, with the rate reaching one attack every 10 seconds in September.During the third quarter of the year, there were 32,091 new ransomware variations detected by Kaspersky Lab compared to only 2,900 during the first quarter. Overall, 62 new ransomware families appeared this year, the company said.To read this article in full or to leave a comment, please click here
Changes in the way we do business with banks are rarely initiated by banks themselves. Instead, banks are often forced to adapt because of technological advancements that are shifting social culture and customer expectations.
Just as mobile technology made selfies the norm, the introduction of new technologies is changing banking as we know it; paying by a social media app or on-demand lending are just the start.Keeping up with customers
Established banks have an array of touchpoints with their customers that generate valuable insights about who their customers are. Yet all too often, banks do not act on those insights and pass up the opportunity to create a great customer experience.To read this article in full or to leave a comment, please click here
Most people enjoy pets. Some enjoy them enough where they want to do things with them when they’re away from their house. That’s the idea behind the Petcube Play, an in-home camera that connects to your Wi-Fi network so you can watch your pets while you’re at work or not at home. In addition to the live camera feed, it includes a two-way audio speaker for speaking to your pet (“Max! Get off the couch!”) and a red laser-pointer that you can move around by pointing to locations on your smartphone’s display and hope that the cat or dog starts to chase it – hilarity ensues.The Petcube itself is a cube – it’s about the size of a slightly larger Rubik’s Cube puzzle game. It doesn’t have a battery, so the first thing you need to figure out when placing the Petcube Play is to make sure it’s close enough to a power adapter. The instructions warn about making sure your pet doesn’t chew the power cable. It also comes with a small tripod attachment that you can screw into the bottom of the Petcube if you’re looking to place it higher than a table or desk. Continue reading
So you think untangling your Christmas tree lights is tedious?A group of programmers from an ecommerce development company called Scandiweb spent two months building and testing a 412-step Rube Goldberg machine – a World Guinness Record -- that when finished with its 15 minutes of wackiness electrified the capital city of Riga’s Christmas tree.Fear not, you don’t have to watch all 15 minutes, as this slick video boils it all down to about three:
The most complicated way to light Christmas tree from Scandiweb on Vimeo.To read this article in full or to leave a comment, please click here
IoT, rotten home AP firmware, freaking Wi-Fi cameras: They’re all eating your lunch. Here’s an Advanced Persistent Threat notice: EVERYTHING AROUND YOU can give you a miserable day. It’s now entirely myopic, and hence irresponsible, to think there is such a topic as enterprise security because sadly video cams in Macedonia can give your hosting environment a DDoS headache. Poor TLS handshakes crack browsers open like an egg. Your router vendor had all of the hardening of a “fairy tap.” Remember those when you were a kid? A fairy tap was a gentle touch, designed to invade your space but do no damage. Now the damage is pOwn1ng your infrastructure. Or you business partner’s infrastructure. To read this article in full or to leave a comment, please click here
Microsoft’s $26.2 billion acquisition of LinkedIn has officially closed, and the CEOs at both companies are sharing some of the early plans for integration across product lines.The largest deal in Microsoft’s 41-year history will combine the “world’s leading professional cloud and the world’s leading professional network,” Microsoft CEO Satya Nadella wrote in a blog post. Both companies share a common mission to “help professionals transform how they work, realize new career opportunities and connect in new ways,” he added.During the coming months, LinkedIn and Microsoft say they will be integrating products, especially in areas where Microsoft’s scale can be an asset. Nadella and LinkedIn CEO Jeff Weiner spotlighted eight areas the companies are going to pursue immediately:● LinkedIn identity and network in Microsoft Outlook and the Office suite● LinkedIn notifications within the Windows action center● Enabling members drafting resumes in Word to update their profiles, and discover and apply to jobs on LinkedIn● Extending the reach of Sponsored Content across Microsoft properties● Enterprise LinkedIn Lookup powered by Active Directory and Office 365● LinkedIn Learning available across the Office 365 and Windows ecosystem● Developing a business news desk across our content Continue reading
Botnets made up of hacked home routers were used to launch distributed denial-of-service attacks against the five largest financial organizations in Russia.The attacks occurred on Monday, Dec. 5, and were detected and mitigated by Rostelecom, Russia's state-owned telecommunications company. The attacks peaked at 3.2 million packets per second (Mpps) and the longest attack lasted for over two hours, Rostelecom reported Friday.The company did not provide a bandwidth measurement for the attacks, but 3.2Mpps is not that much. DDoS mitigation providers regularly see attacks that exceed 100 Mpps and a very large September attack against the website of cybersecurity blogger Brian Krebs peaked at 665Gbps and 143Mpps.To read this article in full or to leave a comment, please click here
The highly rated Chromebook C202 from ASUS features a 180-degree hinge, a spill-resistant keyboard, and a reinforced rubber wrapped frame that meets the daily rigors and intense usage that can happen in and outside the home or classroom. The ASUS Chromebook C202 uses a 360 degree WIFI antenna featuring latest generation 802.11a/b/g/n Wi-Fi which provides strong reception to minimize poor signal connection while you are on-the-go. With a built-in HDMI, USB ports, and a SD card reader, ASUS Chromebook C202 makes data transferring and sharing easy and fast. This model features an Intel Celeron N3060 Processor, 4 GB DDR3 RAM, Storage, 16GB Flash Storage, 11.6-inch HD 1366x768 Anti-Glare Display, and up to 10 hours of battery life on a charge. All for the currently discounted price of just $179. See the discounted ASUS Chromebook on Amazon.To read this article in full or to leave a comment, please click here
A very merry Christmas could give way to a not-so-happy New Year security hangover for enterprises, once a few million more Internet of Things (IoT) devices are unwrapped and migrate from homes into the workplace.So, a webinar this week hosted by The Security Ledger titled: “Who Let the IoT in?: Finding and securing wireless devices in your environment,” was designed to offer some advance advice on how to cope with it.Paul Roberts, founder and editor in chief of The Security Ledger, who moderated the event, began by framing part of the problem: Although the IoT is now well established, many of the legacy tools enterprises still use to identify and manage vulnerable devices were, “designed for the ‘Internet of Computers’ rather than the IoT.To read this article in full or to leave a comment, please click here
PowerShell is an enormous addition to the Windows toolbox that gives Windows admins the ability to automate all sorts of tasks, such as rotating logs, deploying patches, and managing users. Whether it's specific Windows administration jobs or security-related tasks such as managing certificates and looking for attack activity, there is a way to do it in PowerShell.To read this article in full or to leave a comment, please click here(Insider Story)
Not unlike any other threat analyst, Marc Laliberte's email inbox fills up minute by minute. Some of which has made its way past the spam filter. The WatchGuard employee decided to finally act upon a certain phishing attempt in hopes of teaching the bad guys a lesson. Spear phishing is a type of phishing attack in which the perpetrator customizes their attack to a particular individual or group of individuals. The attacker gathers information on the victim and then tailors the attack to be more likely to fool the target. The would-be attack arrived as an email appearing to come from the finance employee’s manager, requesting an urgent wire transfer.To read this article in full or to leave a comment, please click here
Sorry for the Daily Mail-like clickbait headline, but there's no simple way to say it. Chartered Trading Standards Institute, a U.K. group that's similar to the Consumer Product Safety Commission here in the U.S., issued a warning that 99 percent of the third-party Apple chargers do not meet proper shielding standards. The group tested 400 of these counterfeit Apple chargers and found only three of them were properly shielded to prevent a fatal electric shock or spark a fire Leon Livermore, CEO of Chartered Trading Standards Institute, told the BBC that shoppers should buy electrical goods only from trusted suppliers.To read this article in full or to leave a comment, please click here
Hiring is a challenge for CIOs, and it won’t get much easier in the coming year, particularly for IT departments that are trying to fill key security and networking roles.Two staffing and recruiting firms that specialize in IT – Robert Half Technology and TEKsystems – each released research this week that offers a glimpse of what’s expected on the hiring front in 2017. Here are some highlights from their respective reports.1. Don’t expect widespread salary gains
A majority of IT leaders – 63% – expect overall 2017 IT salaries to stay the same compared to 2016 rates, and 1% expect salaries to decrease in the coming year. Just 36% of IT leaders say they plan to increase overall IT salaries in 2017, according to TEKsystems’ annual IT Forecast.To read this article in full or to leave a comment, please click here
Georgia's secretary of state says the state was hit with an attempted hack of its voter registration database from an IP address linked to the federal Department of Homeland Security.
The allegation by Georgia Secretary of State Brian Kemp is one of the more bizarre charges to come up in the recent spate of alarms about voting-system hacks. He said in a Facebook post on Thursday that he had been made aware of the failed attempt to breach the firewall protecting Georgia's voter registration database. The attack was traced to an Internet Protocol address associated with DHS, he said.To read this article in full or to leave a comment, please click here
AMD has called its latest Crimson edition the GPU software update of the year and rightfully so. Called Crimson ReLive, it squeezes more horsepower out of the latest Polaris and older Fury GPUs and makes gaming and VR experiences more compelling.
The Crimson ReLive edition is a must-have for AMD GPU owners. Prominent games like Batman Arkham Knight and Deus Ex: Mankind will look and perform better, and VR images will look much sharper on headsets.
There are many new features in Crimson ReLive. An interesting feature is Radeon Chill, which keeps the GPU cool by cutting down on the excessive frame rate in games. Essentially, it analyzes the performance of games and adjusts the frame rate without affecting a game's visuals and performance.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. Every time I read the quarterly Cloud Adoption & Risk Report published by Skyhigh Networks, I come across some tidbit of information that truly surprises me. What is it in the Q4 2016 report that has me so astounded? Consider this: Fewer than half (42%) of cloud providers explicitly specify that customers own the data they upload to the service. The rest of the providers either claim ownership over all data uploaded, or don’t refer to data ownership at all in their terms and conditions, leaving it open to controversy if service is discontinued.To read this article in full or to leave a comment, please click here
Cisco’s Talos security group this week warned that a variant of trojan monster Zeus has begun to garner a following in the cyber-underworld as a hard-to-detect attack mechanism.“[Floki bot] is based on the same codebase that was used by the infamous Zeus trojan, the source code of which was leaked in 2011. Rather than simply copying the features that were present within the Zeus trojan ‘as-is’, Floki Bot claims to feature several new capabilities making it an attractive tool for criminals,” Talos wrote.+More on Network World: 20 years ago: Hot sci/tech images from 1996+To read this article in full or to leave a comment, please click here
The IEEE-USA intends to urge President-elect Donald Trump to quickly replace the random H-1B lottery with a system that gives priority to companies that pay the best wages.This proposal would also move large H-1B users to the back of the visa distribution line. For this to happen, all it would take is an executive order by the president, the engineering group says.Separately, the IEEE-USA also wants Trump to prod the U.S. Department of Justice to investigate what it claims is discrimination against U.S. workers by H-1B visa-using companies. This discrimination occurs when U.S. workers are replaced by visa-holding workers.To read this article in full or to leave a comment, please click here
In its simplest form, edge computing is basically about putting an extra layer of computing in the network between the end device and a centralized data center, which is commonly referred to as being located in the cloud. The “edge” moniker implies that this extra layer of computing is as close as possible to the end device.The primary reasons for deploying edge computing is to significantly reduce the network processing delay for time-critical applications, and to greatly reduce the amount of data that needs to be carried further upstream into the network.How it all started
The idea of having computing at the edge of the network, such as a gateway in a remote enterprise office, has been around for a long time. However, typically these have been for very specific use cases and in comparatively low volumes. It has only been more recently, driven by newer uses cases and enabling technologies, that edge computing has taken on more significance and added value in the networking world.To read this article in full or to leave a comment, please click here