Lenovo software has a major security risk

Just as the dust has settled on the Superfish controversy, another piece of software installed on Lenovo PCs is causing problems. This time it's due to a major malware exploit.The problem is with Lenovo Solution Center (LSC) software, which the company describes as "a central hub for monitoring system health and security." LSC is supposed to monitor your system's virus and firewall status, update your software, perform backups, check battery health, and get registration and warranty information.Unfortunately, it also has a vulnerability that allows a malicious attacker to start the LSC service and trick it in to executing arbitrary code in the local system context, according to researchers at Trustwave SpiderLabs.To read this article in full or to leave a comment, please click here

Top 5 observations from EMC World 2016

Last week’s Interop conference in Las Vegas was filled with with news from different IT vendors trying to one up the competition—as is typically the case.Just a couple of miles down the Strip, though, a second conference took place: EMC’s annual user conference.EMC World happens annually, but this event was somewhat special because next year at this time EMC will be under the ownership of Dell. The conference is in the books now, and here are the most notable things I took away from it.1. Joe Tucci says goodbye. Joe Tucci and Michael DellTo read this article in full or to leave a comment, please click here

JUNOS Disable vs Deactivate interfaces

Confusing between disabling and deactivating interfaces on JUNOS is a common mistake that leads to all sorts of problems during implementing changes on live network boxes. Let’s look and clarify the differences quickly. Disabling an interface: Disabling an interface in JUNOS is equivlaent to interface shutdown in Cisco, it is going to take the interface …

The post JUNOS Disable vs Deactivate interfaces appeared first on Networkers-online.com.

More than Moore: IEEE Set to Standardize on Uncertainty

Several decades ago, Gordon Moore made it far simpler to create technology roadmaps along the lines of processor capabilities, but as his namesake law begins to slow on the rails, the IEEE is stepping in to create a new, albeit more diverse roadmap for future systems.

The organization has launched a new effort to identify and trace the course of what follows Moore’s Law with the International Roadmap for Devices and Systems (IRDS), which will take a workload focused view of the mixed landscape and the systems that will be required. In other words, instead of pegging a

More than Moore: IEEE Set to Standardize on Uncertainty was written by Nicole Hemsoth at The Next Platform.

How news was delivered aboard a cruise ship in 1998

Housecleaning yesterday unearthed this miniature 8-page publication called TimesFax, which was delivered to me by the New York Times aboard a cruise ship somewhere in the Caribbean on May 23, 1998. Measuring 7 by 8.5 inches, it was, as I recall, the only source of news available, and since it lacked a full-service sports section, meant I had to go without the box scores needed to follow my fantasy baseball team (unthinkable today). Such were the limitations of leisure travel in that primitive era, at least the manner of leisure travel that I could afford. While the form factor and delivery method were unusual by today’s standards, the headlines were certainly familiar, as the front page featured accounts of both a school shooting and a Clinton scandal, the latter involving the former president as opposed to the future one, of course. That skimpy sports section did include an Associated Press story about the Williams sisters, Serena and Venus, meeting in the final of the French Open, marking the first time they had ever met in the final of a professional tournament.To read this article in full or to leave a comment, please click here

How news was delivered aboard a cruise ship in 1998

Housecleaning yesterday unearthed this miniature 8-page publication called TimesFax, which was delivered to me by the New York Times aboard a cruise ship somewhere in the Caribbean on May 23, 1998. Measuring 7 by 8.5 inches, it was, as I recall, the only source of news available, and since it lacked a full-service sports section, meant I had to go without the box scores needed to follow my fantasy baseball team (unthinkable today). Such were the limitations of leisure travel in that primitive era, at least the manner of leisure travel that I could afford. While the form factor and delivery method were unusual by today’s standards, the headlines were certainly familiar, as the front page featured accounts of both a school shooting and a Clinton scandal, the latter involving the former president as opposed to the future one, of course. That skimpy sports section did include an Associated Press story about the Williams sisters, Serena and Venus, meeting in the final of the French Open, marking the first time they had ever met in the final of a professional tournament.To read this article in full or to leave a comment, please click here

Aruba fixes networking device flaws that could open doors for hackers

Wireless networking device manufacturer Aruba Networks has fixed multiple vulnerabilities in its software that could, under certain circumstances, allow attackers to compromise devices.The vulnerabilities were discovered by Sven Blumenstein from the Google Security Team and affect ArubaOS, Aruba's AirWave Management Platform (AMP) and Aruba Instant (IAP).There are 26 different issues, ranging from privileged remote code execution to information disclosure, insecure updating mechanism and insecure storage of credentials and private keys. However, Aruba combined them all under two CVE tracking IDs: CVE-2016-2031 and CVE-2016-2032.Common issues that are shared by all of the affected software packages have to do with design flaws in an Aruba proprietary management and control protocol dubbed PAPI.To read this article in full or to leave a comment, please click here

Aruba fixes networking device flaws that could open doors for hackers

Wireless networking device manufacturer Aruba Networks has fixed multiple vulnerabilities in its software that could, under certain circumstances, allow attackers to compromise devices.The vulnerabilities were discovered by Sven Blumenstein from the Google Security Team and affect ArubaOS, Aruba's AirWave Management Platform (AMP) and Aruba Instant (IAP).There are 26 different issues, ranging from privileged remote code execution to information disclosure, insecure updating mechanism and insecure storage of credentials and private keys. However, Aruba combined them all under two CVE tracking IDs: CVE-2016-2031 and CVE-2016-2032.Common issues that are shared by all of the affected software packages have to do with design flaws in an Aruba proprietary management and control protocol dubbed PAPI.To read this article in full or to leave a comment, please click here

Aruba fixes networking device flaws that could open doors for hackers

Wireless networking device manufacturer Aruba Networks has fixed multiple vulnerabilities in its software that could, under certain circumstances, allow attackers to compromise devices.The vulnerabilities were discovered by Sven Blumenstein from the Google Security Team and affect ArubaOS, Aruba's AirWave Management Platform (AMP) and Aruba Instant (IAP).There are 26 different issues, ranging from privileged remote code execution to information disclosure, insecure updating mechanism and insecure storage of credentials and private keys. However, Aruba combined them all under two CVE tracking IDs: CVE-2016-2031 and CVE-2016-2032.Common issues that are shared by all of the affected software packages have to do with design flaws in an Aruba proprietary management and control protocol dubbed PAPI.To read this article in full or to leave a comment, please click here

Windows 10 free upgrade will not end July 29 for people with accessibility needs

After announcing that 300 million devices are running Windows 10, Microsoft said its free upgrade offer ends on July 29. If you want Windows 10 after that date, then you can purchase the $119 Windows 10 Home version or buy a new device running Windows 10.The free upgrade offer will not end, however, for Windows customers who have accessibility issues. The Microsoft Accessibility Blog wrote:To read this article in full or to leave a comment, please click here

Windows 10 free upgrade will not end July 29 for people with accessibility needs

After announcing that 300 million devices are running Windows 10, Microsoft said its free upgrade offer ends on July 29. If you want Windows 10 after that date, then Microsoft said you can purchase the $119 Windows 10 Home version or buy a new device running Windows 10.The free upgrade offer will not end for Windows customers with accessibility issues. The Microsoft Accessibility Blog wrote:To read this article in full or to leave a comment, please click here

Bangladeshi police accuse SWIFT technicians of leaving central bank vulnerable to hack

Technicians from the SWIFT global financial network connecting it to Bangladesh's central bank made it easier for hackers to attack the bank, Bangladeshi police and a bank official have told Reuters.The technicians worked on Bangladesh's Real-time Gross Settlement (RTGS) system, used to transfer money among Bangladeshi banks, three months before hackers attempted to steal US$951 million from the central bank. The work opened up "a lot of loopholes" in bank computer systems, said the head of the criminal investigation department leading the investigation.Bangladeshi police want to interview the SWIFT technicians to find out whether their actions were intentional or negligent, Mohammad Shah Alam told Reuters.To read this article in full or to leave a comment, please click here

Bangladeshi police accuse SWIFT technicians of leaving central bank vulnerable to hack

Technicians from the SWIFT global financial network connecting it to Bangladesh's central bank made it easier for hackers to attack the bank, Bangladeshi police and a bank official have told Reuters.The technicians worked on Bangladesh's Real-time Gross Settlement (RTGS) system, used to transfer money among Bangladeshi banks, three months before hackers attempted to steal US$951 million from the central bank. The work opened up "a lot of loopholes" in bank computer systems, said the head of the criminal investigation department leading the investigation.Bangladeshi police want to interview the SWIFT technicians to find out whether their actions were intentional or negligent, Mohammad Shah Alam told Reuters.To read this article in full or to leave a comment, please click here

Founder of Liberty Reserve virtual currency sentenced to 20 years in prison

The founder of now defunct virtual currency Liberty Reserve has been sentenced to 20 years in prison for using his company to run a huge money laundering scheme catering to cybercriminals.Arthur Budovsky, 42, was sentenced Friday in U.S. District Court for the Southern District of New York, with Judge Denise Cote also ordering him to pay a US $500,000 fine.In January, Budovsky pleaded guilty to one count of conspiring to commit money laundering.  During sentencing, Cote noted Budovsky ran an "extraordinarily successful" and "large-scale international money laundering operation."The long sentence shows that "money laundering through the use of virtual currencies is still money laundering, and that online crime is still crime," Leslie Caldwell, assistant attorney general for the U.S. Department of Justice's Criminal Division, said in a press release.To read this article in full or to leave a comment, please click here

Founder of Liberty Reserve virtual currency sentenced to 20 years in prison

The founder of now defunct virtual currency Liberty Reserve has been sentenced to 20 years in prison for using his company to run a huge money laundering scheme catering to cybercriminals.Arthur Budovsky, 42, was sentenced Friday in U.S. District Court for the Southern District of New York, with Judge Denise Cote also ordering him to pay a US $500,000 fine.In January, Budovsky pleaded guilty to one count of conspiring to commit money laundering.  During sentencing, Cote noted Budovsky ran an "extraordinarily successful" and "large-scale international money laundering operation."The long sentence shows that "money laundering through the use of virtual currencies is still money laundering, and that online crime is still crime," Leslie Caldwell, assistant attorney general for the U.S. Department of Justice's Criminal Division, said in a press release.To read this article in full or to leave a comment, please click here

Android’s Stagefright vulnerability hardened against exploits

Last week Google announced fixes to the widely reported Stagefright vulnerability. Fix might not be the right word, though, because as of April 19, 2016, when Google released the Android Security Year in Review for 2015, the company reported: “As of this writing, we have not observed, nor are we aware of, any successful attempts to exploit the Stagefright vulnerabilities against actual user devices.”The status of this exploit seems to contradict the many reports of the Stagefright vulnerability, dating to its announcement at the Black Hat security conference last summer. If all were true, Android phones could be expected to spontaneously combust at any moment.To read this article in full or to leave a comment, please click here

1 2,992 2,993 2,994 2,995 2,996 3,853