Google Docs phishing attack underscores OAuth security risks

Google has stopped Wednesday’s clever email phishing scheme, but the attack may very well make a comeback.One security researcher has already managed to replicate it, even as Google is trying to protect users from such attacks.“It looks exactly like the original spoof,” said Matt Austin, director of security research at Contrast Security.The phishing scheme -- which may have circulated to 1 million Gmail users -- is particularly effective because it fooled users with a dummy app that looked like Google Docs.To read this article in full or to leave a comment, please click here

Google Docs phishing attack underscores OAuth security risks

Google has stopped Wednesday’s clever email phishing scheme, but the attack may very well make a comeback.One security researcher has already managed to replicate it, even as Google is trying to protect users from such attacks.“It looks exactly like the original spoof,” said Matt Austin, director of security research at Contrast Security.The phishing scheme -- which may have circulated to 1 million Gmail users -- is particularly effective because it fooled users with a dummy app that looked like Google Docs.To read this article in full or to leave a comment, please click here

Snake cyberespionage malware is ready to bite Mac users

A sophisticated Russian cyberespionage group is readying attacks against Mac users and has recently ported its Windows backdoor program to macOS.The group, known in the security industry as Snake, Turla or Uroburos, has been active since at least 2007 and has been responsible for some of the most complex cyberespionage attacks. It targets government entities, intelligence agencies, embassies, military organizations, research and academic institutions and large corporations."Compared to other prolific attackers with alleged ties to Russia, such as APT28 (Fancy Bear) and APT29 (Cozy Bear), Snake’s code is significantly more sophisticated, it’s infrastructure more complex and targets more carefully selected," researchers from Dutch cybsersecurity firm Fox-IT said in a blog post Wednesday.To read this article in full or to leave a comment, please click here

Snake cyberespionage malware is ready to bite Mac users

A sophisticated Russian cyberespionage group is readying attacks against Mac users and has recently ported its Windows backdoor program to macOS.The group, known in the security industry as Snake, Turla or Uroburos, has been active since at least 2007 and has been responsible for some of the most complex cyberespionage attacks. It targets government entities, intelligence agencies, embassies, military organizations, research and academic institutions and large corporations."Compared to other prolific attackers with alleged ties to Russia, such as APT28 (Fancy Bear) and APT29 (Cozy Bear), Snake’s code is significantly more sophisticated, it’s infrastructure more complex and targets more carefully selected," researchers from Dutch cybsersecurity firm Fox-IT said in a blog post Wednesday.To read this article in full or to leave a comment, please click here

Extreme Expects 10,000 New Enterprise Customers from Its Acquisitions

Extreme's buying binge includes Zebra, Avaya, and Brocade assets.

Intel Xeon chips rebranded to sound like credit cards

After about half a decade, Intel is wiping the confusing E5 and E7 monikers off its Xeon chips and rebranding them to bring more clarity about the performance and features that come with the processors.Xeon chips are used in servers and workstations like Mac Pro. Xeon chips being released mid-year will be broken down into Platinum, Gold, Silver, and Bronze processors.The naming scheme -- derived from metals -- is a mix of Olympic medals and branding of credit cards from companies like Delta. A person familiar with Intel's plans earlier said the chips will likely be widely referred to as Xeon-P, Xeon-G, Xeon-S, and Xeon-B, with the P for Platinum, G for Gold, etc.To read this article in full or to leave a comment, please click here

Intel Xeon chips rebranded to sound like credit cards

After about half a decade, Intel is wiping the confusing E5 and E7 monikers off its Xeon chips and rebranding them to bring more clarity about the performance and features that come with the processors.Xeon chips are used in servers and workstations like Mac Pro. Xeon chips being released mid-year will be broken down into Platinum, Gold, Silver, and Bronze processors.The naming scheme -- derived from metals -- is a mix of Olympic medals and branding of credit cards from companies like Delta. A person familiar with Intel's plans earlier said the chips will likely be widely referred to as Xeon-P, Xeon-G, Xeon-S, and Xeon-B, with the P for Platinum, G for Gold, etc.To read this article in full or to leave a comment, please click here

Windows 10 S will lock you into the Edge browser and Bing

Now that the rumored cloud version of Windows 10 has been revealed, the facts are starting to come out, one of which may not sit very well with some users. Microsoft is all but locking users of Windows 10 S into its Edge browser. Windows 10 S is a locked-down version of the operating system that will only run apps from the Windows Store. When Microsoft tried this a few years back with Windows RT on the Surface tablet, it failed miserably due to a lack of apps.+ Also on Network World: Windows 10 adoption faster than any previous OS + However, with time and the switch from ARM to x86, there is a much larger app library from which to choose, and that includes third-party browsers. But while you can install Chrome from the Windows Store, there is a big catch—you cannot change the default browser. To read this article in full or to leave a comment, please click here

68% off Anker SoundCore Nano Bluetooth Speaker with Built-in Mic, Just $15.99 – Deal Alert

SoundCore nano is incredibly compact and has a battery that supplies up to 4 hours of continuous play. Stick it in a pocket or purse, or clip it to your backpack to party anywhere. Incredibly slim and compact, but pumps out crystal-clear sound via a 3W audio driver. Sleek aluminum-alloy shell is both elegant and resilient. Available in 4 finishes to perfectly match your phone. Right now its typical list price of $49.99 has been reduced by 50% on Amazon to $24.88, but if you enter the code MOMANK77 at checkout you'll activate another big price drop down to just $15.99. See the Anker SoundCore Nano speaker deal now on Amazon.To read this article in full or to leave a comment, please click here

Worth Reading: Domain names fade

The internet has changed and evolved ever since it’s ancestors first came to life in the late 1960’s. Some technology fades away and is forgotten; other aspects continue but are overlaid, like geological sediments, so that they are now longer visible but are still present under the surface. The Domain Name System — both the technology of DNS and the deployed naming hierarchy we all use — are among those aspects of the internet that, although they feel solid and immutable, are slowly changing underneath our feet. —CircleID

The post Worth Reading: Domain names fade appeared first on rule 11 reader.

Fragmented, disorganized IT systems thwart feds ability to track visas

The technology issues involved in supporting about 27 distinct DHS information systems and databases hinder the effort by U.S. Immigration and Customs Enforcement (ICE) to track people who overstay their visas.That was the chief conclusion of a scathing Department of Homeland Security (DHS) Office of Inspector General (OIG) report on the status of ICE’s ability to track visa overstays.+More on Network World: DHS warns on immigration spoofing scam+To read this article in full or to leave a comment, please click here

Fragmented, disorganized IT systems thwart feds ability to track visas

The technology issues involved in supporting about 27 distinct DHS information systems and databases hinder the effort by U.S. Immigration and Customs Enforcement (ICE) to track people who overstay their visas.That was the chief conclusion of a scathing Department of Homeland Security (DHS) Office of Inspector General (OIG) report on the status of ICE’s ability to track visa overstays.+More on Network World: DHS warns on immigration spoofing scam+To read this article in full or to leave a comment, please click here

Fragmented, disorganized IT systems thwart feds ability to track visas

The technology issues involved in supporting about 27 distinct DHS information systems and databases hinder the effort by U.S. Immigration and Customs Enforcement (ICE) to track people who overstay their visas.That was the chief conclusion of a scathing Department of Homeland Security (DHS) Office of Inspector General (OIG) report on the status of ICE’s ability to track visa overstays.+More on Network World: DHS warns on immigration spoofing scam+To read this article in full or to leave a comment, please click here

Boring old enterprise vendors pay interns well

Snagging an internship at Amazon, Apple, Facebook or Google is certainly reason for celebration, but interns can also fare pretty darn well at enterprise-oriented vendors such as Juniper Networks, VMware and Salesforce.com.The latest report from online jobs site Glassdoor on highest paying internships features at least 15 tech companies in the top 25, depending upon how you define a tech company.Facebook is No. 1 on the list with median monthly pay of $8K, not to mention lots of perks, from free food to housing accommodations in some cases.Amazon and Apple both have median intern pay of $6,400 per month, and Google follows close behind with $6K per month.To read this article in full or to leave a comment, please click here

Boring old enterprise vendors pay interns well

Snagging an internship at Amazon, Apple, Facebook or Google is certainly reason for celebration, but interns can also fare pretty darn well at enterprise-oriented vendors such as Juniper Networks, VMware and Salesforce.com.The latest report from online jobs site Glassdoor on highest paying internships features at least 15 tech companies in the top 25, depending upon how you define a tech company.Facebook is No. 1 on the list with median monthly pay of $8K, not to mention lots of perks, from free food to housing accommodations in some cases.Amazon and Apple both have median intern pay of $6,400 per month, and Google follows close behind with $6K per month.To read this article in full or to leave a comment, please click here

New Windows build adds two significant features

Microsoft has released a new build for Windows Insiders as part of testing for the upcoming Redstone 3 update due in September, and it adds two major new pieces of functionality users have been waiting for. The two new features in Windows 10 Insider Preview Build 16184 are centered around social experiences, which may or may not be part of a theme. The first is the My People feature, which Microsoft first considered for a Creators Update release but pulled it because it was not ready in time. My People is all about the people you care about, according to Microsoft. It’s meant to be a central place for all your communication and interaction with contacts. To use it, make sure you have the latest versions of Skype, Mail and People apps. In its current form, My People has three basic features:To read this article in full or to leave a comment, please click here

Verizon Open Source White Box ‘Coming Soon,’ VP Says

Expect an ‘Android’ model, as opposed to AT&T’s ‘Apple' model.

Oracle to Migrate AT&T Databases to Cloud Platform

Oracle deal linked to AT&T Indigo plans.

Financial cybercrime group abuses Windows app compatibility feature

When Microsoft made it possible for enterprises to quickly resolve incompatibilities between their applications and new Windows versions, it didn't intend to help malware authors as well. Yet, this feature is now abused by cybercriminals for stealthy and persistent malware infections.The Windows Application Compatibility Infrastructure allows companies and application developers to create patches, known as shims. These consist of libraries that sit between applications and the OS and rewrite API calls and other attributes so that those programs can run well on newer versions of Windows.Shims are temporary fixes that can make older programs work even if Microsoft changes how Windows does certain things under the hood. They can be deployed to computers through Group Policy and are loaded when the target applications start.To read this article in full or to leave a comment, please click here

Financial cybercrime group abuses Windows app compatibility feature

When Microsoft made it possible for enterprises to quickly resolve incompatibilities between their applications and new Windows versions, it didn't intend to help malware authors as well. Yet, this feature is now abused by cybercriminals for stealthy and persistent malware infections.The Windows Application Compatibility Infrastructure allows companies and application developers to create patches, known as shims. These consist of libraries that sit between applications and the OS and rewrite API calls and other attributes so that those programs can run well on newer versions of Windows.Shims are temporary fixes that can make older programs work even if Microsoft changes how Windows does certain things under the hood. They can be deployed to computers through Group Policy and are loaded when the target applications start.To read this article in full or to leave a comment, please click here