GozNym Trojan turns its sight on business accounts at major US banks

A hybrid Trojan program created for financial fraud has started redirecting users of four large U.S. banks to rogue websites in order to hijack their accounts.GozNym is a relatively new threat, first discovered in April, and is based on the Nymaim malware dropper and the Gozi banking Trojan. Like most banking Trojans, GozNym can inject rogue code into banking websites displayed in local browsers in order to steal credentials and other sensitive information.However, in addition to this old technique, the cybercrime gang behind it has also built the necessary infrastructure to host rogue copies of banking websites, and they've started to redirect victims there.To read this article in full or to leave a comment, please click here

GozNym Trojan turns its sight on business accounts at major US banks

A hybrid Trojan program created for financial fraud has started redirecting users of four large U.S. banks to rogue websites in order to hijack their accounts.GozNym is a relatively new threat, first discovered in April, and is based on the Nymaim malware dropper and the Gozi banking Trojan. Like most banking Trojans, GozNym can inject rogue code into banking websites displayed in local browsers in order to steal credentials and other sensitive information.However, in addition to this old technique, the cybercrime gang behind it has also built the necessary infrastructure to host rogue copies of banking websites, and they've started to redirect victims there.To read this article in full or to leave a comment, please click here

Battle lines are drawn: IBM prepares Power9 to take on Intel and ARM

IBM has many goals with its upcoming Power9 chip, and one is to challenge the dominance of Intel's x86 chips in the data center.The company wants chips based on Power architecture to take a double-digit server chip market share by 2020, Doug Balog, general manager for Power Systems at IBM, said in an interview.It'll be a three-way battle between x86, Power, and ARM, which has a similar goal of a double-digit market share in the next four years. IBM's Power is off to a better start in terms of socket share, Balog said. IBM already is being used in servers, while ARM server processors are largely still being tested.Intel dominates the data center server chip market with a 90-plus percent market share. But IDC has predicted that Intel's share will shrink as ARM-based chips and AMD's x86-based Zen take away some of that lead.To read this article in full or to leave a comment, please click here

Detail of a Tapestry

The post Detail of a Tapestry appeared first on 'net work.

154 million American voters’ records exposed thanks to unsecured database

154 million U.S. voters’ records were exposed due to a misconfigured CouchDB instance, according to MacKeeper security researcher Chris Vickery. “It was configured for public access with no username, password, or other authentication required.”Vickery determined the leaky database was on Google’s Cloud services and traced it back to a client of L2, a company which claims to be the country’s “most trusted source for enhanced voter” data.The database included fields for addresses, age, congressional as well as state senate districts, education, estimated income, ethnic, name, gender, languages, marital status, phone, voting frequency, presence of children, and if the voter was a gun owner.To read this article in full or to leave a comment, please click here

154 million American voters’ records exposed thanks to unsecured database

154 million U.S. voters’ records were exposed due to a misconfigured CouchDB instance, according to MacKeeper security researcher Chris Vickery. “It was configured for public access with no username, password, or other authentication required.”Vickery determined the leaky database was on Google’s Cloud services and traced it back to a client of L2, a company which claims to be the country’s “most trusted source for enhanced voter” data.The database included fields for addresses, age, congressional as well as state senate districts, education, estimated income, ethnic, name, gender, languages, marital status, phone, voting frequency, presence of children, and if the voter was a gun owner.To read this article in full or to leave a comment, please click here

DockerCon Thoughts – Secure, Sufficient Applications

I got to spend a couple of days this week at DockerCon and learn a bit more about software containers. I’d always assumed that containers were a slightly different form of virtualization, but thankfully I’ve learned my lesson there. What I did find out about containers gives me a bit of hope about the future of applications and security.

Minimum Viable App

One of the things that made me excited about Docker is that the process isolation idea behind building a container to do one thing has fascinating ramifications for application developers. In the past, we’ve spent out time building servers to do things. We build hardware, boot it with an operating system, and then we install the applications or the components thereof. When we started to virtualize hardware into VMs, the natural progression was to take the hardware resource and turn it into a VM. Thanks to tools that would migrate a physical resource to a virtual one in a single step, most of the first generation VMs were just physical copies of servers. Right down to phantom drivers in the Windows Device Manager.

As we started building infrastructure around the idea of virtualization, we stopped migrating physical boxes Continue reading

Is this the end for Kinect?

The recent E3 show saw Microsoft break with game console tradition. Normally when a console is released, the vendor does not change the specs for its lifespan (traditionally five to seven years). This way, developers will always have one hardware spec to target when creating games. That kind of certainty helps in game development and keeps the amount of patching down compared with PC games.But just three years after the release of the Xbox One, Microsoft gave its console a massive upgrade in the form of the Xbox One S, a console that will be 40 percent smaller than the Xbox One but will have six times the compute power. The Xbox One has around one teraflop of compute power, the S will have six teraflops, which means 4K video and virtual reality, according to Microsoft.To read this article in full or to leave a comment, please click here

Look who’s coming for the CEO role

Digital is the way of the marketplace today. One look at our hyper-connected, data-driven ways of working, and it’s clear that digital is also the way of the future. In the midst of rewiring business models, mindsets and mechanisms for the digital age, it’s important to ask about leadership. Who has the skills and experience to take on the challenging job of digital transformation today and tomorrow? Who from across the senior leadership ranks is best equipped to be CEO? Will it be COOs or CFOs? CMOs or CIOs?Because digital technologies touch all areas of the business, the best candidates for CEO roles will have experience associated with all of the major C-level roles—operational (COO), financial (CFO), marketing, sales, customer engagement (CMO) and information technology (CIO and CTO). Few senior executives could claim substantial experience in all of those areas until the recent emergence of the CDO (Chief Digital Officer) role. CDOs, tasked with leading and delivering digital transformation across all areas of the business, are gaining broad and varied business experience and skills. That diverse experience is one reason that leading candidates for the CEO roles of tomorrow may well be the CDOs (Chief Digital Officers) of today. Continue reading

IBM Watson/ XPrize open $5 million AI competition for world-changing applications

IBM and the XPrize organization have opened registration and set guidelines to competing for a $5 million purse to those interested in building advanced AI-based applications that could address the world’s biggest issues – everything from clean water to better energy resources.According to IBM and XPrize, the four-year competition aims to “accelerate adoption of AI technologies, and spark creative, innovative and audacious demonstrations of the technology that are truly scalable and solve societal grand challenges.+More on Network World: Cisco: IP traffic will surpass the zettabyte level in 2016+To read this article in full or to leave a comment, please click here

IBM Watson/ XPrize open $5 million AI competition for world-changing applications

IBM and the XPrize organization have opened registration and set guidelines to competing for a $5 million purse to those interested in building advanced AI-based applications that could address the world’s biggest issues – everything from clean water to better energy resources.According to IBM and XPrize, the four-year competition aims to “accelerate adoption of AI technologies, and spark creative, innovative and audacious demonstrations of the technology that are truly scalable and solve societal grand challenges.+More on Network World: Cisco: IP traffic will surpass the zettabyte level in 2016+To read this article in full or to leave a comment, please click here

AWS, Microsoft cloud win US government security approval

Three vendors, including Microsoft and Amazon Web Services, have won a key U.S. government authorization that allows federal agencies to put highly sensitive data on their cloud-computing services.The AWS GovCloud, Microsoft's Azure GovCloud, and CSRA's ARC-P IaaS have received provisional authority to offer services under the high baseline of the government's Federal Risk and Authorization Management Program (FedRAMP), a set of security standards for cloud services.The FedRAMP high baseline, including more than 400 security controls, allows federal agencies to use AWS for highly sensitive workloads, including personal information, AWS said Thursday.To read this article in full or to leave a comment, please click here

AWS, Microsoft cloud win US government security approval

Three vendors, including Microsoft and Amazon Web Services, have won a key U.S. government authorization that allows federal agencies to put highly sensitive data on their cloud-computing services.The AWS GovCloud, Microsoft's Azure GovCloud, and CSRA's ARC-P IaaS have received provisional authority to offer services under the high baseline of the government's Federal Risk and Authorization Management Program (FedRAMP), a set of security standards for cloud services.The FedRAMP high baseline, including more than 400 security controls, allows federal agencies to use AWS for highly sensitive workloads, including personal information, AWS said Thursday.To read this article in full or to leave a comment, please click here

Worth Reading: Does more data really lead to better decision?

There is a popular adage within many quarters of the “big data” world that the more data you have, the more accurate your decision making will be. Is this really true? Or, as I’ve pointed out in the past, are our analyses less representative than ever before? -Forbes

The post Worth Reading: Does more data really lead to better decision? appeared first on 'net work.

Location of images on Junos Space after upload

Just a note for my own reference really –

The images you upload via the GUI to upgrade Space end up on the filesystem in /var/cache/jboss/jmp/<imageversion> directory.  In that directory is the actual image, plus a file called appVersionListFile.txt – this file seems to tell the system what other Space apps it is compatible with.

It seems to upload the image into this directory, and then extracts all the various .rpm files from it into /var/cache/jboss/jmp/payloads/<imageversion> directory.

I confirmed this by performing an ‘rm -rf <imageversion>’ on both the above directories, then uploading another image via the GUI again.  Both directories re-appeared.  I doubt this is recommended by TAC though, so do this at your own peril.

The number of corporate users hit by crypto ransomware is skyrocketing

The prevalence of ransomware programs, both those that encrypt data and those that don't, has exploded over the past two years, with companies being increasingly targeted.Based on an analysis by security vendor Kaspersky Lab, more than 2.3 million users encountered ransomware between April 2015 and March, a jump of almost 18 percent over the previous 12 months.This includes programs that only lock the computer's screen to prevent its use as well as those that hold the data itself hostage by encrypting it -- the so-called cryptors. The rise of cryptors in particular has been significant, accounting for 32 percent of all ransomware attacks last year compared to only 7 percent the year before, according to Kaspersky Lab.To read this article in full or to leave a comment, please click here

The number of corporate users hit by crypto ransomware is skyrocketing

The prevalence of ransomware programs, both those that encrypt data and those that don't, has exploded over the past two years, with companies being increasingly targeted.Based on an analysis by security vendor Kaspersky Lab, more than 2.3 million users encountered ransomware between April 2015 and March, a jump of almost 18 percent over the previous 12 months.This includes programs that only lock the computer's screen to prevent its use as well as those that hold the data itself hostage by encrypting it -- the so-called cryptors. The rise of cryptors in particular has been significant, accounting for 32 percent of all ransomware attacks last year compared to only 7 percent the year before, according to Kaspersky Lab.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Ad blocking rapidly escalating, says researcher

Large parts of the internet may need to quickly adopt alternative revenue methods to thwart a massive surge in ad blocking.Ad blocking is not going away, says eMarketer, a research firm that has just published startling projections. In fact, the digital marketing expert says more than a quarter of U.S. internet users will use ad blockers to perform ad-free web browsing in 2016. A double digit (34 percent) increase will lead to 69 million ad blocker users this year, eMarketer predicts.And it’s going to get worse. The researcher says that number will be closer to 86 million ad blocking internet users in 2017. That’s growth of another 24 percent and will mean that almost a third (32 percent) of all internet users will use the barriers next year.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Ad blocking rapidly escalating, says researcher

Gartner’s top 10 security predictions

Forward looking IT security pros need to better address known risks, monitor closely the value of shadow IT devices and solve the inherent weaknesses introduced by the internet of things, Gartner says.The consulting firm has taken a look at five key areas of security concern that businesses face this year and issued predictions on and recommendations about protecting networks and data from threats that will likely arise in each.The areas are threat and vulnerability management, application and data security, network and mobile security, identity and access management, and Internet of Things security. Gartner’s findings were revealed at its recent Security and Risk Management Summit by analyst Earl Perkins.To read this article in full or to leave a comment, please click here