Pwn2Own 2017: Your stuff as mincemeat

They came from miles around to carry out a hallowed, decade-long mission: To eat your lunch. The security researchers assembled at the Pwn2Own 2017 hacking competition, sponsored by Trend Micro, and occasionally grouped together, then performed essentially zero-day exploits (at least by the rules, heretofore unknown) on your favorite stuff, such as Windows, MacOS and Linux. Smoldering pits in the screen were left, as teams collected cash prizes and creds. RELATED: How San Diego fights off 500,000 cyberattacks a day For giggles and grins, a Type 2 Hypervisor, VMWare Workstation was also left for shrapnel, one of the first times a hypervisor has been penetrated by a virtual machine in this way. It wasn’t a cascade effect, but rather a shot across the bow. I suspect there are more ways to penetrate a foundational hypervisor, too, but they haven’t been seen in captivity to my knowledge. To read this article in full or to leave a comment, please click here

FBI looks into Russian hack of US election, possible Trump involvement

The FBI is actively investigating Russia's attempts to influence the 2016 U.S. presidential election and possible cooperation from President Donald Trump's campaign, agency director James Comey confirmed.The existence of an investigation isn't a surprise, but Comey's announcement Monday is the first time the FBI has acknowledged an active case. The FBI typically does not comment on active investigations, but the Russian actions targeting the U.S. election represents an "unusual" case, he told members of the House of Representatives Intelligence Committee.Comey told lawmakers he couldn't comment more on the investigation, but he said the FBI is looking into possible contacts and cooperation between the Trump campaign and the Russian government. The FBI is looking into "the nature of any links" between the Trump campaign and the Russian government, he said.To read this article in full or to leave a comment, please click here

FBI looks into Russian hack of US election, possible Trump involvement

The FBI is actively investigating Russia's attempts to influence the 2016 U.S. presidential election and possible cooperation from President Donald Trump's campaign, agency director James Comey confirmed. The existence of an investigation isn't a surprise, but Comey's announcement Monday is the first time the FBI has acknowledged an active case. The FBI typically does not comment on active investigations, but the Russian actions targeting the U.S. election represents an "unusual" case, he told members of the House of Representatives Intelligence Committee. Comey told lawmakers he couldn't comment more on the investigation, but he said the FBI is looking into possible contacts and cooperation between the Trump campaign and the Russian government. The FBI is looking into "the nature of any links" between the Trump campaign and the Russian government, he said.To read this article in full or to leave a comment, please click here

IETF Journal Volume 12, Issue 3 Now Online

The latest issue of the IETF Journal (Volume 12, Issue 3) is now available online: https://www.ietfjournal.org/journal-issues/march-2017/

Our cover article is a manifesto of why Internet-enabled businesses should care about the open standards and open source communities. We present the first two of a series of interviews with IETF leadership, in this case outgoing IETF chair Jari Arkko and his successor Alissa Cooper.

Megan Kruse

INE’s CCIE Security v5 Content Updates

With the CCIE SCv5 blueprint now being live, we’re in the process of updating our Security product line in order to meet the new exam requirements. First of all, the following products will be released:

  1. Advanced Technologies Class
  2. Workbook

 

Advanced Technologies Class

The Advanced Technologies Class will run live online, starting 1st of May.  This course series is now available for preorder here, and the full schedule is shown on the product page.  The live course is also open to any All Access Pass subscriber.  Given the current blueprint, which includes pretty much all Cisco Security products, most probably this will be the biggest video series we have ever released so far across all CCIE tracks; expect more than 150 hours of CCIE level training.  First and most important, we’re going to deep dive into all core technologies:

  • EndFragment
  • ASA Firewall
  • IOS Firewall
  • FirePOWER
  • FirePOWER Threat Defense
  • FMC
  • WSA
  • ESA
  • AMP
  • IPsec VPN’s (IKEv1 and IKEv2)
  • SSL VPN’s
  • TrustSec
  • ISE
  • ACS

At the same time we’ll cover all the remaining topics (small but many), including technologies which will be tested mainly in the written exam (like CWS, SMA or Lancope). Oh….of course we’ll also Continue reading

FBI arrests man for allegedly sending seizure-causing GIF to journalist

A man accused of sending an animated GIF of a strobe light to a reporter who has epilepsy was arrested and charged with criminal cyberstalking with the intent to kill or cause bodily harm.Back on Dec. 15, 2016, Twitter user @jew_goldstein tweeted a flashing image to Newsweek reporter Kurt Eichenwald along with the message: “YOU DESERVE A SEIZURE FOR YOUR POSTS.” Eichenwald, who has epilepsy, immediately suffered a seizure.After Eichenwald's wife found him on the floor and called 911, she replied to @jew_goldstein, telling him that the tweet caused a seizure. “I have your information and have called the police to report the assault,” she wrote.To read this article in full or to leave a comment, please click here

FBI arrests man for allegedly sending seizure-causing GIF to journalist

A man accused of sending an animated GIF of a strobe light to a reporter who has epilepsy was arrested and charged with criminal cyberstalking with the intent to kill or cause bodily harm.Back on Dec. 15, 2016, Twitter user @jew_goldstein tweeted a flashing image to Newsweek reporter Kurt Eichenwald along with the message: “YOU DESERVE A SEIZURE FOR YOUR POSTS.” Eichenwald, who has epilepsy, immediately suffered a seizure.After Eichenwald's wife found him on the floor and called 911, she replied to @jew_goldstein, telling him that the tweet caused a seizure. “I have your information and have called the police to report the assault,” she wrote.To read this article in full or to leave a comment, please click here

FBI arrested man for allegedly sending seizure-causing GIF to reporter

A man accused of sending an animated GIF of a strobe light to a reporter with epilepsy was arrested and charged with criminal cyberstalking with the intent to kill or cause bodily harm.Back on December 15, 2016, Twitter user @jew_goldstein tweeted a flashing image to Newsweek reporter Kurt Eichenwald along with the message: “YOU DESERVE A SEIZURE FOR YOUR POSTS.” Eichenwald, who has epilepsy, immediately suffered a seizure.After his wife found him on the floor and called 911, she replied to @jew_goldstein, telling him that the tweet caused a seizure. “I have your information and have called the police to report the assault.”On Friday, the FBI arrested 29-year-old John Rivello at his home in Maryland.To read this article in full or to leave a comment, please click here

14% off TP-Link Multicolor Dimmable Smart Wi-Fi 60W LED Bulb – Deal Alert

Control TP-Link's smart bulbs from anywhere with your tablet or smartphone, or with your voice via the Alexa service. Dim brightness, fine-tune light appearance from soft white to daylight, and choose from 16 million colors to set the mood. Set timers and countdowns, or create an on/off schedule. The bulb also features an "away" mode that randomly turns on/off to give the appearance you're home, when you're away. The 60W multicolor dimmable and tunable smart bulb from TP-Link averages 4 out of 5 stars from over 1,100 people on Amazon (read reviews), where its typical list price of $49.99 has been temporarily reduced 14%. See this deal on Amazon.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Digital transformation progress. Or not…

I go to a lot of conferences, and something I have noticed in the past year or two is that almost every conference will have a keynote speaker talking about digital transformation. Hell, people have even started calling it simply DT, and digital transformation keynoters have the usual suspects to call on for case studies—Uber, Airbnb etc.But every now and then I worry about how impactful the digital transformation story really is. I spend a reasonable amount of time with large organizations talking to them about their present and their future and helping them rethink what their business will look like in one, three or five years. Part of these conversations, obviously, center around digital transformation, since I am a firm believer that digital technologies will allow the agility and innovation with regards products, services and business models that these organizations need to survive.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Digital transformation progress. Or not…

I go to a lot of conferences, and something I have noticed in the past year or two is that almost every conference will have a keynote speaker talking about digital transformation. Hell, people have even started calling it simply DT, and digital transformation keynoters have the usual suspects to call on for case studies—Uber, Airbnb etc.But every now and then I worry about how impactful the digital transformation story really is. I spend a reasonable amount of time with large organizations talking to them about their present and their future and helping them rethink what their business will look like in one, three or five years. Part of these conversations, obviously, center around digital transformation, since I am a firm believer that digital technologies will allow the agility and innovation with regards products, services and business models that these organizations need to survive.To read this article in full or to leave a comment, please click here

Rough Guide to IETF 98: Internet of Things

The Internet of Things (IoT) is a buzzword around the Internet industry and the broader technology and innovation business. We are often asked what the IETF is doing in relation to IoT and in this short post I'd like to highlight some of the relevant sessions scheduled during the upcoming IETF 98 meeting in Chicago next week. Check out the IETF Journal IoT Category for more details about many of these topics.

Mat Ford

Possibly the worst mass invasion of internet privacy ever

In January, a bank in Edina, Minnesota, received a request for a $28,500 wire transfer from someone claiming to be local resident Douglas Junker. Though bolstered with a faked picture of a passport, the request later turned out to be fraudulent, and local cops were reportedly stymied on how to catch the thief. Until, that is, they came up with a novel idea: Hoping to find out how the fraudster got the picture, Edina Police Detective David Lindman applied for a search warrant to obtain the names, email addresses, account information and IP addresses of everyone in the entire town of 50,000 who had searched for any variation of the victim’s name between Dec. 1, 2016, and Jan. 7, 2017. To read this article in full or to leave a comment, please click here

Possibly the worst mass invasion of internet privacy ever

In January, a bank in Edina, Minnesota, received a request for a $28,500 wire transfer from someone claiming to be local resident Douglas Junker. Though bolstered with a faked picture of a passport, the request later turned out to be fraudulent, and local cops were reportedly stymied on how to catch the thief. Until, that is, they came up with a novel idea: Hoping to find out how the fraudster got the picture, Edina Police Detective David Lindman applied for a search warrant to obtain the names, email addresses, account information and IP addresses of everyone in the entire town of 50,000 who had searched for any variation of the victim’s name between Dec. 1, 2016, and Jan. 7, 2017. To read this article in full or to leave a comment, please click here

Minnesota police seek data on who Googled a victim’s name

Local police in Minnesota are trying to solve a bank fraud scheme by demanding Google give up data on people who looked up key search terms that may be related to crime.The warrant, issued to police in the city of Edina last month, is raising eyebrows among privacy advocates. It's a rare instance of U.S. law enforcement using mass data collection to solve a petty crime, said Nate Cardozo, an attorney with the Electronic Frontier Foundation.Edina police applied for the warrant to investigate a fraud case dealing with $28,500 that was wired out of a victim's bank account back in January.To read this article in full or to leave a comment, please click here

Credit-card breach hits another restaurant chain

Another sizeable payment card data breach has been discovered at a U.S. restaurant chain.In the latest example, several high-end eateries run by Select Restaurants in Cleveland were the victims of fraudulent cards used by customers at its restaurants, according to a report posted Thursday on KrebsOnSecurity, a reliable site written by reporter Brian Krebs. Krebs said he learned about the case from anti-fraud teams at multiple financial institutions investigating "a great deal of fraud on cards used at a handful of high-end restaurants around the country."To read this article in full or to leave a comment, please click here

Credit-card breach hits another restaurant chain

Another sizeable payment card data breach has been discovered at a U.S. restaurant chain.In the latest example, several high-end eateries run by Select Restaurants in Cleveland were the victims of fraudulent cards used by customers at its restaurants, according to a report posted Thursday on KrebsOnSecurity, a reliable site written by reporter Brian Krebs. Krebs said he learned about the case from anti-fraud teams at multiple financial institutions investigating "a great deal of fraud on cards used at a handful of high-end restaurants around the country."To read this article in full or to leave a comment, please click here

Get better sleep by adding more noise

The awesome 1980s girl band The Go-Go’s had a song about insomnia called “You Can’t Walk in Your Sleep (If You Can’t Sleep)” in which one lyric went “You can’t win you wonder why that sleep is one thing you can’t buy.” While technically true, you can buy something that will help you with your sleep. Several things, actually, as sleep technology continues to develop new ways to help us get our Zzzzzzs. In my case, I’ve discovered that while I’m a light sleeper, consistent noise like an air conditioner or fan help me sleep better than complete silence. So I was pleased to receive a sample of the Sound+Sleep SE (Special Edition, about $150) sound machine from ASTI (Adaptive Sound Technologies Inc.). The device offers 64 different non-looping sounds to help people fall asleep and stay asleep. In addition, an adaptive noise tech feature (optional for users) raises the volume of the sounds when it detects a disruptive noise, such as a person snoring or car horn. To read this article in full or to leave a comment, please click here

1 2,217 2,218 2,219 2,220 2,221 3,844