Hackers can abuse LTE protocols to knock phones off networks

When you travel between countries, the mobile operators that temporarily provide service to your phone need to communicate with your operator back home. This is done over a global interconnection network where most traffic still uses an ageing protocol, called SS7, that's known to be vulnerable to location tracking, eavesdropping, fraud, denial of service (DoS), SMS interception and other attacks.With the advance of Long-Term Evolution (LTE) networks, some roaming traffic is switching to a newer protocol, called Diameter, that's more secure than SS7 in theory, but which still allows for attacks if it's not deployed with additional security mechanisms.To read this article in full or to leave a comment, please click here

Hackers can abuse LTE protocols to knock phones off networks

When you travel between countries, the mobile operators that temporarily provide service to your phone need to communicate with your operator back home. This is done over a global interconnection network where most traffic still uses an ageing protocol, called SS7, that's known to be vulnerable to location tracking, eavesdropping, fraud, denial of service (DoS), SMS interception and other attacks.With the advance of Long-Term Evolution (LTE) networks, some roaming traffic is switching to a newer protocol, called Diameter, that's more secure than SS7 in theory, but which still allows for attacks if it's not deployed with additional security mechanisms.To read this article in full or to leave a comment, please click here

IDG Contributor Network: What’s with application monitoring? Another company picks up a monster funding round

An interesting thing is going on in the application and infrastructure monitoring space. A ton of money is being poured into the various vendors in the market, and all of those vendors are rapidly morphing their platforms to provide holistic monitoring functionality. No longer is it just about application monitoring or infrastructure monitoring in isolation. What is de rigueur today is combined monitoring that provides the often-talked about “single pane of glass” across all of an organizations assets.+ Also on Network World: Infrastructure monitoring products: Users pinpoint the best and worst features + It’s a fairly busy space—New Relic, DataDog, AppDynamics and a host of others compete. And to that list we must add Wavefront, a Silicon Valley company that recently scored an impressive $52 million by way of a Series B funding round. The company advises that their valuation increased four times compared to their Series A round—no down valuations for this player. It also scored top-shelf investors, existing investors Sequoia Capital and Sutter Hill Ventures were joined by new investor Tenaya Capital and other equity holders.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Tesco Bank breach causes 20,000 customers to lose money

The fine details are still murky, but news surfaced in the last day or two that Tesco Bank, a U.K.-based bank owned by the Tesco supermarket chain, suffered some sort of widespread fraud. The bank’s CEO, Benny Higgins, told Radio 4 that around 40,000 of the bank’s 7 million accounts had seen “some sort of suspicious transactions.” Of those, around 20,000 customers have actually lost money from their bank accounts. In the interview, the CEO told the BBC he was “very hopeful” that customers would be refunded the lost funds. What he didn’t say is that I am sure he is also “very hopeful” that once this all washes up he and his IT team will still have jobs.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Tesco Bank breach causes 20,000 customers to lose money

The fine details are still murky, but news surfaced in the last day or two that Tesco Bank, a U.K.-based bank owned by the Tesco supermarket chain, suffered some sort of widespread fraud. The bank’s CEO, Benny Higgins, told Radio 4 that around 40,000 of the bank’s 7 million accounts had seen “some sort of suspicious transactions.” Of those, around 20,000 customers have actually lost money from their bank accounts. In the interview, the CEO told the BBC he was “very hopeful” that customers would be refunded the lost funds. What he didn’t say is that I am sure he is also “very hopeful” that once this all washes up he and his IT team will still have jobs.To read this article in full or to leave a comment, please click here

New app for HoloLens targets architects

Architects have a new reason to pick up Microsoft's HoloLens, after the launch of an app aimed at helping them explore 3D models of buildings.Trimble launched its SketchUp Viewer app for Microsoft's headset on Monday, which will allow people to use the HoloLens's augmented reality capabilities for viewing models created in SketchUp. The app will have two modes: one that allows people to view a scaled-down version of the model using the HoloLens, and another that allows them to view what a building modeled in SketchUp would look like from the inside.Deploying a HoloLens with SketchUp Viewer will cost businesses a pretty penny. The app costs US$1,500, on top of the HoloLens's whopping $3,000 price tag. Still, it's a new and different way for people to visualize models in a way they couldn't before.To read this article in full or to leave a comment, please click here

SNL for some reason spoofs 1984 Apple Macintosh ad in 2016

SNL over the weekend took advantage of super cool guest host Benedict Cumberbatch to star in a spoof ad about the next great toilet that's based on Apple's famous 1984 Macintosh computer commercial.Why exactly SNL decided to reach back for this classic commercial as inspiration for fresh fun poking at Apple isn't clear, but maybe Apple's latest drawn-out product introduction (MacBook Pros) put someone there over the edge. See the original ad and the SNL spoof below.MORE: Most memorable SNL tech skits and bitsTo read this article in full or to leave a comment, please click here

Microsoft adds Kubernetes support to Azure Container Service

Containers have become a major fixture of modern application development. Companies are turning to the technology because it helps them more easily create portable, scalable applications that can work in a wide variety of environments, including the public cloud.Microsoft is aiming to further capitalize on that trend with a set of updates announced Monday for its public cloud platform.Azure Container Service, Microsoft’s cloud-optimized container-hosting offering, now supports orchestration using the Kubernetes open-source platform. On top of that, Microsoft has upgraded the service to use DC/OS 1.8.4, which brings improvements like built-in job scheduling.To read this article in full or to leave a comment, please click here

The QuickBooks Platform

This is a guest post by Siddharth Ram – Chief Architect, Small Business. [email protected].

The QuickBooks ecosystem is the largest small business SaaS product. The QuickBooks Platform supports bookkeeping, payroll and payment solutions for small businesses, their customers and accountants worldwide. Since QuickBooks is also a compliance & tax filing platform, consistency in reporting is extremely important.. Financial reporting requires flexibility in queries – a given report may have dozens of different dimensions that can be tweaked. Collaboration requires multiple edits by employees, Accountants and Business owners at the same time, leading to potential conflicts. All this leads to solving interesting scaling problems at Intuit.

Solving for scalability requires thinking on multiple time horizons and axes. Scaling is not just about scaling software – it is also about people scalability, process scalability and culture scalability. All these axes are actively worked on at Intuit. Our goal with employees is to create an atmosphere that allows them to do the best work of their lives.

Background

Nyansa brings a new approach to end-user management

Legacy network and application management tools are significantly underpowered for today’s digital organizations. These old-school tools operate with a “bottoms-up” view of the IT environment, with each element having its own management tool.Gathering insights from these discrete platforms is very difficult, as it requires a tremendous amount of manual data collection, aggregation and analytics. If Spock happened to be the lead engineer, this might be fine, but assuming no one in the IT department went to the Vulcan Science Academy, it’s likely that most organizations struggle with this model.The big weakness of bottoms-up management is that it gives no real view of the end-user experience. It might be helpful in understanding if a certain element is down, but there’s no way to correlate that to the actual performance of an application, which is what the user is seeing.To read this article in full or to leave a comment, please click here

Security vendor demonstrates hack of US e-voting machine

A hacker armed with a US$25 PCMCIA card can, within a few minutes, change the vote totals on an aging electronic voting machine that is now in limited use in 13 U.S. states, a cybersecurity vendor has demonstrated.The hack by security vendor Cylance, which released a video of it Friday, caught the attention of noted National Security Agency leaker Edward Snowden, but other critics of e-voting security dismissed the vulnerability as nothing new.The Cylance hack demonstrated a theoretical vulnerability described in research going back a decade, the company noted.To read this article in full or to leave a comment, please click here

Security vendor demonstrates hack of US e-voting machine

A hacker armed with a US$25 PCMCIA card can, within a few minutes, change the vote totals on an aging electronic voting machine that is now in limited use in 13 U.S. states, a cybersecurity vendor has demonstrated.The hack by security vendor Cylance, which released a video of it Friday, caught the attention of noted National Security Agency leaker Edward Snowden, but other critics of e-voting security dismissed the vulnerability as nothing new.The Cylance hack demonstrated a theoretical vulnerability described in research going back a decade, the company noted.To read this article in full or to leave a comment, please click here

Worth Reading: DDoS’ing a Country

Bumping a small nation off the Internet map worries everybody, including those that are most friendly to the open nature of the Internet. These sort of actions will cause reactionary measures that lead to fragmentation, decrease the ability for permissionless innovation, and give rise to calls for measures that prevent any anonymous or privacy-protecting behaviour on the Internet. If bumping a nation from the Internet doesn’t worry enough Internet-friendly people in positions of power then another DDoS attacks with societal impact will. —The Internet Society

LinkedInTwitterGoogle+Facebook

The post Worth Reading: DDoS’ing a Country appeared first on 'net work.

5 things you need to know about virtual private networks

A virtual private network is a secure tunnel between two or more computers on the internet, allowing them to access each other as if on a local network. In the past, VPNs were mainly used by companies to securely link remote branches together or connect roaming employees to the office network, but today they're an important service for consumers too, protecting them from attacks when they connect to public wireless networks. Given their importance, here's what you need to know about VPNs:VPNs are good for your privacy and securityOpen wireless networks pose a serious risk to users, because attackers sitting on the same networks can use various techniques to sniff web traffic and even hijack accounts on websites that don't use the HTTPS security protocol. In addition, some Wi-Fi network operators intentionally inject ads into web traffic, and these could lead to unwanted tracking.To read this article in full or to leave a comment, please click here

5 things you need to know about virtual private networks

A virtual private network is a secure tunnel between two or more computers on the internet, allowing them to access each other as if on a local network. In the past, VPNs were mainly used by companies to securely link remote branches together or connect roaming employees to the office network, but today they're an important service for consumers too, protecting them from attacks when they connect to public wireless networks. Given their importance, here's what you need to know about VPNs:VPNs are good for your privacy and securityOpen wireless networks pose a serious risk to users, because attackers sitting on the same networks can use various techniques to sniff web traffic and even hijack accounts on websites that don't use the HTTPS security protocol. In addition, some Wi-Fi network operators intentionally inject ads into web traffic, and these could lead to unwanted tracking.To read this article in full or to leave a comment, please click here

5 things you need to know about virtual private networks

A virtual private network is a secure tunnel between two or more computers on the internet, allowing them to access each other as if on a local network. In the past, VPNs were mainly used by companies to securely link remote branches together or connect roaming employees to the office network, but today they're an important service for consumers too, protecting them from attacks when they connect to public wireless networks. Given their importance, here's what you need to know about VPNs:VPNs are good for your privacy and securityOpen wireless networks pose a serious risk to users, because attackers sitting on the same networks can use various techniques to sniff web traffic and even hijack accounts on websites that don't use the HTTPS security protocol. In addition, some Wi-Fi network operators intentionally inject ads into web traffic, and these could lead to unwanted tracking.To read this article in full or to leave a comment, please click here

Steve Ballmer explains why he and Bill Gates drifted apart

One of the reason's behind Microsoft's recent resurgence has been the company's somewhat surprising and ongoing commitment towards making their own hardware. This new strategy was on full display two weeks ago when the company introduced the Surface Studio, a 28-in. desktop/tablet hybrid that left many tech observers beyond impressed.While Microsoft's foray into the world of hardware began with Steve Ballmer at the helm, the company's hardware strategy was kicked up a notch once Satya Nadella assumed CEO duties in February of 2014.To read this article in full or to leave a comment, please click here

Android Auto 2.0 for phones—No more excuses for distracted driving

Google just released a new self-contained version of Android Auto that runs on an Android smartphone without a specially equipped head unit. The term “head unit” is auto industry jargon for car stereo or infotainment system. Android Auto 2.0 locks the smartphone and changes the user interface (UI) controls to voice and large icons that the driver can interact within about the time that it takes to change a radio station. It is the safest way to drive and use a smartphone to because it reduces driver distraction. In 2015, 2,357 more people died in traffic accidents due to distracted driving after a five-decade trend of declining fatalities, according to the Department of Transportation. Though everyone condemns texting, selecting playlists and checking Facebook Messenger while driving, most succumb to the temptation of smartphone notifications while driving and cannot resist looking at their smartphone screens—which for some, are fatally long looks.To read this article in full or to leave a comment, please click here

1 2,465 2,466 2,467 2,468 2,469 3,763