Trend Micro report: Ransomware booming

The profitability of ransomware made it the top cyber threat last year in two categories: the number of attacks and the amount of money generated for crooks, according to a Trend Micro lookback on data collected from customers.Not only is the ransomware business booming, it’s innovating, with Trend Micro researchers identifying 752 new families last year, up from 29 in 2015.Add to this the rise of ransomware as a service (RaaS) and payments made to anonymous bitcoin accounts, and the result is a booming criminal enterprise worth $1 billion last year, according to TrendLabs 2016 Security Roundup. Neophyte crooks are being drawn in because it’s so easy to set up a ransomware operation, the report says. “Since RaaS is available in the underground, the service provides fledgling cybercriminals the necessary tools to run their own extortion campaigns,” it says.To read this article in full or to leave a comment, please click here

AI scheduling startup launches subscription for businesses

Setting up meetings can be a pain, since they often require folks to send emails back and forth figuring out a time before finally sending off a calendar invitation to block everyone’s schedule. A New York startup called x.ai wants to simplify that with a helpful bot, and they just launched a product aimed at serving businesses.The service provides users with access to x.ai’s assistant, which can go by Andrew or Amy Ingram, to automatically set up meetings with people inside a company and help schedule time with folks who work elsewhere. It’s an extension of the company’s existing service, which is built for individuals.To read this article in full or to leave a comment, please click here

MediaTek will sit out the ARM race for Windows 10 PCs

Despite a turbulent past, Windows PCs with ARM are making a grand return later this year, but only with Qualcomm chips. Another big ARM chipmaker, MediaTek, is sitting out the opportunity to put its ARM-based chips in Windows PCs because the company sees it as a limited opportunity. MediaTek's chips are already used in Chromebooks, but ARM has had a turbulent history with Windows. That's another reason for the company to stay out. ARM getting into PCs is like Intel trying to get into smartphones -- it's a risky proposition, said Finbarr Moynihan, general manager of sales at MediaTek. PCs are dominated by x86 chips from companies like Intel and AMD. But Intel failed in its attempt to unseat a dominant ARM in smartphones, and ultimately quit making chips for handsets.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Can a PC support multiple users? A few suppliers say yes

We have all watched a major cultural shift in the world of IT, from optimizing the use of the computer to optimizing the use of the developer and user.This move makes a great deal of sense. At one time, the computer, its memory and its storage were the biggest costs of supporting an IT solution. Over time, that changed. The drastic improvement in processing power and memory capacity, combined with amazing decreases in system and component prices, changed the ratio so that people, communications and power were all more costly than the machines and their components themselves.These factors, along with users' desire for graphical user interfaces, changed the world of IT. It is not really clear, however, if all of the changes were beneficial.To read this article in full or to leave a comment, please click here

Sponsored Post: Aerospike, Loupe, Clubhouse, GoCardless, Auth0, InnoGames, Contentful, Stream, Scalyr, VividCortex, MemSQL, InMemory.Net, Zohocorp

Who's Hiring?

  • GoCardless is building the payments network for the internet. We’re looking for DevOps Engineers to help scale our infrastructure so that the thousands of businesses using our service across Europe can take payments. You will be part of a small team that sets the direction of the GoCardless core stack. You will think through all the moving pieces and issues that can arise, and collaborate with every other team to drive engineering efforts in the company. Please apply here.

  • InnoGames is looking for Site Reliability Engineers. Do you not only want to play games, but help building them? Join InnoGames in Hamburg, one of the worldwide leading developers and publishers of online games. You are the kind of person who leaves systems in a better state than they were before. You want to hack on our internal tools based on django/python, as well as improving the stability of our 5000+ Debian VMs. Orchestration with Puppet is your passion and you would rather automate stuff than touch it twice. Relational Database Management Systems aren't a black hole for you? Then apply here!

  • Contentful is looking for a JavaScript BackEnd Engineer to join our team in their mission of Continue reading

This tool can help you discover Cisco Smart Install protocol abuse

For the past few weeks attackers have been probing networks for switches that can potentially be hijacked using the Cisco Smart Install (SMI) protocol. Researchers from Cisco's Talos team have now released a tool that allows network owners to discover devices that might be vulnerable to such attacks.The Cisco SMI protocol is used for so-called zero-touch deployment of new devices, primarily access layer switches running Cisco IOS or IOS XE software. The protocol allows newly installed switches to automatically download their configuration via SMI from an existing switch or router configured as an integrated branch director (IBD).The director can copy the client's startup-config file or replace it with a custom one, can load a particular IOS image on the client and can execute high-privilege configuration mode commands on it. Because the SMI protocol does not support any authorization or authentication mechanism by default, attackers can potentially hijack SMI-enabled devices.To read this article in full or to leave a comment, please click here

This tool can help you discover Cisco Smart Install protocol abuse

For the past few weeks attackers have been probing networks for switches that can potentially be hijacked using the Cisco Smart Install (SMI) protocol. Researchers from Cisco's Talos team have now released a tool that allows network owners to discover devices that might be vulnerable to such attacks.The Cisco SMI protocol is used for so-called zero-touch deployment of new devices, primarily access layer switches running Cisco IOS or IOS XE software. The protocol allows newly installed switches to automatically download their configuration via SMI from an existing switch or router configured as an integrated branch director (IBD).The director can copy the client's startup-config file or replace it with a custom one, can load a particular IOS image on the client and can execute high-privilege configuration mode commands on it. Because the SMI protocol does not support any authorization or authentication mechanism by default, attackers can potentially hijack SMI-enabled devices.To read this article in full or to leave a comment, please click here

This tool can help you discover Cisco Smart Install protocol abuse

For the past few weeks attackers have been probing networks for switches that can potentially be hijacked using the Cisco Smart Install (SMI) protocol. Researchers from Cisco's Talos team have now released a tool that allows network owners to discover devices that might be vulnerable to such attacks.The Cisco SMI protocol is used for so-called zero-touch deployment of new devices, primarily access layer switches running Cisco IOS or IOS XE software. The protocol allows newly installed switches to automatically download their configuration via SMI from an existing switch or router configured as an integrated branch director (IBD).The director can copy the client's startup-config file or replace it with a custom one, can load a particular IOS image on the client and can execute high-privilege configuration mode commands on it. Because the SMI protocol does not support any authorization or authentication mechanism by default, attackers can potentially hijack SMI-enabled devices.To read this article in full or to leave a comment, please click here

Cisco Jasper grows Internet of Things reach, breadth

Nearly a year after it bought Jasper for $1.4 billion, Cisco this week strengthened the company’s Internet of Things reach by adding support for an emerging low-power WAN technology and expanding its partner programs further into automotive and healthcare. Cisco bought Jasper and its Control Center platform to firmly establish a hold in the IoT world. And indeed, it has. CEO Chuck Robbins noted in Cisco’s recent earnings call that “Jasper connects more than 40 million devices including over 12 million connected vehicles, and we're adding more than 1.5 million new devices per month. The number of enterprise customers utilizing data from the Jasper platform has grown from 4,000 a year ago to more than 9,000 this quarter,” Robbins said.To read this article in full or to leave a comment, please click here

Make the internet great again

I miss the Old Internet.Call me a fuddy-duddy. Call me nostalgic for ye olden days. But I’ll say it right now, and I’ll stand by it: The internet was (in almost every way) better 15-plus years ago than it is today. And I’m not talking about just “the World Wide Web” either. All of it. It’s getting downright crummy. Let’s walk this through step by step. System resource usage  If you go to CNN.com today, the front page of their website will take up just shy of 100 MB of RAM while it is loaded. By comparison, the same page from the year 2000 takes literally 1/10th that (thanks Archive.org). CPU usage is even worse. The idle CNN.com from the year 2000 just sits there. Happily eating just about 0% of even the slowest CPUs. Today’s version gobbles up a good 10% of the i7 sitting in front of me—while sitting idle. For a single page. Displaying a few news headlines. To read this article in full or to leave a comment, please click here

38% off iClever Ultra Portable Tri-folding Bluetooth Keyboard With Touchpad – Deal Alert

Work more efficiently while on the go. Compact, versatile, durable and light, this new keyboard from iClever folds on two innovative hinges that double as grips to keep your board steady, while the grips on each end keep it from sliding around. It pairs quickly with up to 3 devices, switching with the push of a button, and features a high sensitivity touchpad for mouse functionality. When folded, it takes up roughly the same space as a smartphone. Compatible with not only IOS and Android, but also supports Windows/Mac/Linux-based tablets, Blackberry, Playstation, WebOS, and Sybian. Its list price is $79.99, but you can buy it right now on Amazon for 38% off, or just $49.99. See the discounted iClever folding keyboard on Amazon.To read this article in full or to leave a comment, please click here

821,000 user records exposed due to misconfigured MongoDB for smart stuffed toys

No one wants to learn that they have been hacked; if a company is not doing so well, then it might really be scared after it is breached. But burying your head in sand and hoping it will all go away if you ignore it for long enough is simply not going to make the breach disappear. In the case of CloudPets, owned by SpiralToys, it wasn’t the cute and huggable smart stuffed toys hackers were hugging, but the data. Here it is:- Toy captured kids voices- Data exposed via MongoDB- 2.2m recordings- DB ransom'd- And much more...https://t.co/HvePnZleXRTo read this article in full or to leave a comment, please click here

821,000 user records exposed due to misconfigured MongoDB for smart stuffed toys

No one wants to learn that they have been hacked; if a company is not doing so well, then it might really be scared after it is breached. But burying your head in sand and hoping it will all go away if you ignore it for long enough is simply not going to make the breach disappear. In the case of CloudPets, owned by SpiralToys, it wasn’t the cute and huggable smart stuffed toys hackers were hugging, but the data. Here it is:- Toy captured kids voices- Data exposed via MongoDB- 2.2m recordings- DB ransom'd- And much more...https://t.co/HvePnZleXRTo read this article in full or to leave a comment, please click here

Review: Portal goes where no Wi-Fi router has gone before

The Portal router is a new class of Wi-Fi router, utilizing frequency bands not seen in other Wi-Fi products, whether a more traditional Wi-Fi router or some of the newer Wi-Fi mesh products. It’s still a dual-band (2.4 GHz and 5 GHz) router, but includes additional spectrum within the 5GHz space (designated as part of the Unlicensed National Information Infrastructure).The Portal router has the permission of the FCC to share some of the spectrum normally reserved for radar (U-NII-2 and U-NII-23). This gives Portal 15 extra channels to work with, in the frequency ranges from 5.260 to 5.700 GHz, where other routers in the U-NII-1 and UNII-3 space can operate across 9 channels in the 5.180-5.240 GHz range and 5.745-5.825 range. Because those ranges are also unlicensed, Portal can make use of those too, so in essence you would get 24 channels across the entire 5.180 through 5.825 GHz range.To read this article in full or to leave a comment, please click here

AMD Researchers Eye APUs For Exascale

Exascale computing, which has been long talked about, is now – if everything remains on track – only a few years away. Billions of dollars are being spent worldwide to develop systems capable of an exaflops of computation, which is 50 times the performance of the most capacious systems the current Top500 supercomputer rankings and will usher in the next generation of HPC workloads.

As we have talked about at The Next Platform, China is pushing ahead with three projects aimed at delivering exascale systems to the market, with a prototype – dubbed the Tianhe-3 – being prepped for

AMD Researchers Eye APUs For Exascale was written by Jeffrey Burt at The Next Platform.