Synack: Hackers wanted after firm gets $21.25M funding from Microsoft, HPE

Penetration testing provider Synack is getting an infusion of $21.25 million from the investment arms of Microsoft and HP, among others, and some of it will be used to hire more security analysts to fuel what it calls its hacker-powered intelligence platform.The investment is the Series C round of funding and is led by Microsoft Ventures, but also includes Hewlett Packard Enterprise and Singtel Innov8 to bring total investment in the company to $55 million.+More on Network World: 6 vulnerabilities to watch for on the factory floor+To read this article in full or to leave a comment, please click here

Shadow Brokers dump contained Solaris hacking tools

After the Shadow Brokers group opened up its archive of exploits allegedly stolen from the United States National Security Agency, security experts found a nasty surprise waiting for Solaris administrators.The Register reported that the dumped Shadow Broker files reference two programs, EXTREMEPARR and EBBISLAND, that would let attackers obtain root access remotely over the network on Solaris boxes running versions 6 to 10 on x86 and SPARC architectures.To read this article in full or to leave a comment, please click here

Shadow Brokers dump contained Solaris hacking tools

After the Shadow Brokers group opened up its archive of exploits allegedly stolen from the United States National Security Agency, security experts found a nasty surprise waiting for Solaris administrators.The Register reported that the dumped Shadow Broker files reference two programs, EXTREMEPARR and EBBISLAND, that would let attackers obtain root access remotely over the network on Solaris boxes running versions 6 to 10 on x86 and SPARC architectures.To read this article in full or to leave a comment, please click here

Worth Reading: Google’s TPU architecture

Four years ago, Google started to see the real potential for deploying neural networks to support a large number of new services. During that time it was also clear that, given the existing hardware, if people did voice searches for three minutes per day or dictated to their phone for short periods, Google would have to double the number of datacenters just to run machine learning models. —The Next Platform

The post Worth Reading: Google’s TPU architecture appeared first on rule 11 reader.

Worth Reading: Google’s TPU architecture

Four years ago, Google started to see the real potential for deploying neural networks to support a large number of new services. During that time it was also clear that, given the existing hardware, if people did voice searches for three minutes per day or dictated to their phone for short periods, Google would have to double the number of datacenters just to run machine learning models. —The Next Platform

The post Worth Reading: Google’s TPU architecture appeared first on 'net work.

Raspberry Pi roundup: Searching for Pi, steampunk laptops, Code Angels, and a visit to Competitor Corner

One of the first big stories about the Raspberry Pi when it hit retail shelves more than five years ago was that it didn’t actually hit most retail shelves. Availability was a serious issue at launch, as the Raspberry Pi Foundation didn’t yet realize what a hit it had on its hands, and initial supplies didn’t last long. Pis began popping up on eBay for substantially inflated prices.The situation has gotten a lot more reasonable these days, but, for those of you having Pi sourcing problems, never fear – Verona University computer science student Marco Della Valle has created an attractive, functional site that automatically checks major retailers for their supplies of the Raspberry Pi Zero and Zero W models.To read this article in full or to leave a comment, please click here

Major zero-day flaw found in Microsoft Word

McAfee security researchers are warning of a new zero-day vulnerability in Microsoft Word being exploited via attached .rtf files since at least January.The exploit allows a Word document to install malware onto your PC without you ever knowing it, giving the attackers full access to your machine. According to McAfee, the exploit works by connecting to a remote server controlled by the hackers, which will download a file that runs as a .hta file, a dynamic HTML file that is used in Word. Security firm FireEye also noted similar malicious .rtf files in its own alert. Both firms say the flaws are within Microsoft's Object Linking and Embedding (OLE) technology and affects all versions of Office, including Office 2016 for Windows 10.To read this article in full or to leave a comment, please click here

Major zero-day flaw found in Microsoft Word

McAfee security researchers are warning of a new zero-day vulnerability in Microsoft Word being exploited via attached .rtf files since at least January.The exploit allows a Word document to install malware onto your PC without you ever knowing it, giving the attackers full access to your machine. According to McAfee, the exploit works by connecting to a remote server controlled by the hackers, which will download a file that runs as a .hta file, a dynamic HTML file that is used in Word. Security firm FireEye also noted similar malicious .rtf files in its own alert. Both firms say the flaws are within Microsoft's Object Linking and Embedding (OLE) technology and affects all versions of Office, including Office 2016 for Windows 10.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Can Amazon be stopped?

Prime retail space is going vacant. The latest example of yet another retailer closing its doors is Payless Shoe Source. Payless has filed Chapter 11 and will be closing 400 stores. It’s ironic really, because their whole premise is Americans want to pay less for shoes, but the retailer can’t match the price or experience of online options. It’s one more example of the epidemic hitting brick-and-mortar retailers.Last year (and again this year), it was Radio Shack that prompted the headlines. Sears has been in decline for decades. The Limited is even more limited now that it has filed for bankruptcy and has begun closing 250 of its stores.RELATED: How Notre Dame is going all in with Amazon’s cloud Macy’s and Sears alone will be abandoning 28 million square feet of retail space. The loss of these anchor stores is what starts the dreaded domino effect at the mall. If the mall can’t back fill that space, reduced numbers of shoppers impact the demand for sunglasses, cinnamon rolls and all the other small businesses that survive on the other brands’ crowds. When they fall, so does the mall.To read this article in full or to leave a Continue reading

Microsoft Word exploit linked to cyberspying in Ukraine conflict

A previously unknown Microsoft Office vulnerability was recently used to deliver spyware to Russian-speaking targets, in a possible case of cyberespionage.Security firm FireEye noticed the intrusion attempt, which taps a critical software flaw that hackers are using to craft malicious Microsoft Word documents.On Wednesday, FireEye said it uncovered one attack that weaponized a Russian military training manual. Once opened, the malicious document will deliver FinSpy, a surveillance software that’s been marketed to governments.To read this article in full or to leave a comment, please click here

Microsoft Word exploit linked to cyberspying in Ukraine conflict

A previously unknown Microsoft Office vulnerability was recently used to deliver spyware to Russian-speaking targets, in a possible case of cyberespionage.Security firm FireEye noticed the intrusion attempt, which taps a critical software flaw that hackers are using to craft malicious Microsoft Word documents.On Wednesday, FireEye said it uncovered one attack that weaponized a Russian military training manual. Once opened, the malicious document will deliver FinSpy, a surveillance software that’s been marketed to governments.To read this article in full or to leave a comment, please click here

6 vulnerabilities to watch for on the factory floor

 Industrial control systems (ICS) that run the valves and switches in factories may suffer from inherent weaknesses that cropped up only after they were installed and the networks they were attached to became more widely connected. FireEye iSIGHT Intelligence Sean McBride The problems are as far ranging as hard-coded passwords that are publicly available to vulnerabilities in Windows operating systems that are no longer supported but are necessary to run the aging gear, says Sean McBride, attack-synthesis lead analyst at FireEye iSIGHT Intelligence and author of “What About the Plant Floor? Six subversive concerns for industrial environments.”To read this article in full or to leave a comment, please click here

6 vulnerabilities to watch for on the factory floor

 Industrial control systems (ICS) that run the valves and switches in factories may suffer from inherent weaknesses that cropped up only after they were installed and the networks they were attached to became more widely connected. FireEye iSIGHT Intelligence Sean McBride The problems are as far ranging as hard-coded passwords that are publicly available to vulnerabilities in Windows operating systems that are no longer supported but are necessary to run the aging gear, says Sean McBride, attack-synthesis lead analyst at FireEye iSIGHT Intelligence and author of “What About the Plant Floor? Six subversive concerns for industrial environments.”To read this article in full or to leave a comment, please click here

On the ‘net: Why a new routing stack?

In late 2016, several companies worked together to fork Quagga—that is, to pull the code based into a new Git repository, and hence into a separately maintained project. This new open source routing stack has been dubbed Free Range Routing (FRR). There is current participation in the project from Cumulus, 6Wind, LinkedIn, and others; the project is aligned with the Linux Foundation, and available on GitHub. —LinkedIn

The post On the ‘net: Why a new routing stack? appeared first on rule 11 reader.

On the ‘net: Why a new routing stack?

In late 2016, several companies worked together to fork Quagga—that is, to pull the code based into a new Git repository, and hence into a separately maintained project. This new open source routing stack has been dubbed Free Range Routing (FRR). There is current participation in the project from Cumulus, 6Wind, LinkedIn, and others; the project is aligned with the Linux Foundation, and available on GitHub. —LinkedIn

The post On the ‘net: Why a new routing stack? appeared first on 'net work.

BlackBerry wins $815 million in overpaid royalty to Qualcomm

BlackBerry said Wednesday it has been awarded US$815 million in an arbitration decision for excess royalties it had paid to chip company Qualcomm.Qualcomm and BlackBerry had entered into an agreement in April last year to arbitrate a dispute over whether Qualcomm's agreement to cap certain royalties applied to payments made by BlackBerry under a license agreement between the two companies.Qualcomm has faced charges of excessive royalty rates by regulators as well as other companies. Apple filed a lawsuit in January in a U.S. federal court in California against Qualcomm, objecting, among other things, to the chip company charging a royalty on the selling price of phones rather than on the value of the specific baseband chipset supplied for the iPhone.To read this article in full or to leave a comment, please click here

Why you should (sometimes) let software run your business

Changing your business processes to match your software sounds like a classic case of the tail wagging the dog. After all, business leaders are responsible for deciding how their company is run, and software is supposed to support that, helping the company run as efficiently as possible.Yet this is exactly what is happening in 82 percent of enterprises, according to a survey by TrackVia, maker of a low-code software development platform. These companies report changing a part of their business operations or processes to match the way their software works.Is allowing corporate software to dictate how a company is run an abrogation of management's duty to manage, or can it sometimes be the best way to manage a company?To read this article in full or to leave a comment, please click here

How IoT helps insurers mitigate the risks of climate change

Insurance companies are on the front lines when it comes to exposure to the financial risks of climate change. The internet of things (IoT) is shaping up to be a key component in mitigating those risks."Insurance companies rely upon historical loss records to guide their underwriting and set their prices," Washing Insurance Commission Mike Kreidler and California Insurance Commission Dave Jones wrote in the forward of Insurer Climate Risk Disclosure Survey Report & Scorecard: 2016 Findings & Recommendations by nonprofit organization Ceres. "More and more frequently, the climate is behaving in ways that we can't predict. Weather patterns are shifting, and the severity and breadth of damage are intensifying, resulting in more costly disasters than we've ever seen. There is no basis in historical data for events like Hurricane Sandy, the Joplin, Missouri tornado, the Oso landslide in Washington state and record-breaking landslides in Western states. In 2016 alone, 31 major disaster declarations were reported to the Federal Emergency Management Agency (FEMA) by the end of August."To read this article in full or to leave a comment, please click here

1 2,102 2,103 2,104 2,105 2,106 3,793