Toy maker Maisto’s website pushed growing CryptXXX ransomware threat

Attackers are aggressively pushing a new file-encrypting ransomware program called CryptXXX by compromising websites, the latest victim being U.S. toy maker Maisto. Fortunately, there's a tool that can help users decrypt CryptXXX affected files for free.Security researchers from Malwarebytes reported Thursday that maisto.com was infected with malicious JavaScript that loaded the Angler exploit kit. This is a Web-based attack tool that installs malware on users' computers by exploiting vulnerabilities in their browser plug-ins.To read this article in full or to leave a comment, please click here

AI looms large in Google’s view of the future

AI technologies such as machine learning will play a key role in shaping the future, Google CEO Sundar Pichai said in the company's annual Founders' Letter to stockholders on Thursday."It’s what has allowed us to build products that get better over time, making them increasingly useful and helpful," wrote Pichai, who cited examples such as voice search, translation tools, image recognition and spam filters.The recent victory of DeepMind's AlphaGo software over legendary master Lee Sedol at the ancient game of Go is "game-changing," Pichai added. Far from portending humanity's downfall, however, the victory is ultimately one for the human race, he said.To read this article in full or to leave a comment, please click here

As iPhone sales slump, Apple again talks up Services revenue

For the second quarter running, Apple executives this week talked up the growth of the company's Services category in an attempt to highlight the earnings potential of the devices now in customers' hands."The Services business is powered by our huge installed base of active devices, which crossed 1 billion units earlier this year," said CEO Tim Cook during the Tuesday earnings call with Wall Street. "Those 1 billion-plus active devices are a source of recurring revenue that is growing independent of the unit shipments we report every three months."Cook's comments were an abbreviated version of the argument that Apple's CFO, Luca Maestri, made in January during that month's call about the December 2015 quarter. At the time, Maestri spent significant time delving into Services -- a category that included revenue from iTunes, the App Store, AppleCare, iCloud, Apple Pay, licensing and others -- and trumpeting Apple's ability to earn money from current customers.To read this article in full or to leave a comment, please click here

10 free tools for API design, development, and testing

10 handy no-cost tools for API developmentImage by PeteLinforth via PixabayThe rise of RESTful APIs has been met by a rise in tools for creating, testing, and managing them. Whether you’re an API newbie or an expert on an intractable deadline, you have a gamut of services to help you get your API up and running quick, and many of them won’t cost you a dime.To read this article in full or to leave a comment, please click here

Got ransomware? These tools may help

Your computer has been infected by ransomware. All those files -- personal documents, images, videos, and audio files -- are locked up and out of your reach. There may be a way to get those files back without paying a ransom. But first a couple of basic questions: Do you you have complete backups? If so, recovery is simply a matter of wiping the machine -- bye bye, ransomware! -- reinstalling your applications, and restoring the data files. It's a little stressful, but doable. Are they good backups? Even if you did the right thing, backups aren’t foolproof, as legions of traumatized users have discovered. Unfortunately, this may be hard to determine without a full restore, so be aware that the wipe-and-restore method carries some risk. [ Wait, is that fake ransomware or the real thing? Here's how to tell and what to do about it. | Make threat intelligence meaningful: A 4-point plan. | Discover how to secure your systems with InfoWorld's Security newsletter. ] If you answered no to either question, don’t throw in the towel and pay the ransom yet. Maybe -- maybe -- there's a decryption tool that can get you out of this Continue reading

How to tell if you’ve been hit by fake ransomware

Unlike most malware, ransomware is not stealthy. It's loud and obnoxious, and if you've been infected, the attackers will tell you so in no uncertain terms. After all, they want to be paid.“Your personal files are encrypted,” the message on the computer blares. “Your documents photos, databases, and other important files have been encrypted with strongest encryption and unique key, generated for this computer.” While the language may vary, the gist is the same: If you don’t pay the ransom -- typically within 48 to 72 hours -- your files are hosed.[ Oh no! Got real ransomware? Then one of these tools might help. | 4 reasons not to pay up in a ransomware attack. | Safeguard your data! The tools you need to encrypt your communications and Web data. ] Or are they? There is a slim possibility the perpetrators may be trying to fake you out and the files haven’t been encrypted. While not a common scenario, it does happen, according to industry experts. Rather than paying up, you can bypass the scary fake message and move on with your day.To read this article in full or to leave a comment, please click here

How to tell if you’ve been hit by fake ransomware

Unlike most malware, ransomware is not stealthy. It's loud and obnoxious, and if you've been infected, the attackers will tell you so in no uncertain terms. After all, they want to be paid.“Your personal files are encrypted,” the message on the computer blares. “Your documents photos, databases, and other important files have been encrypted with strongest encryption and unique key, generated for this computer.” While the language may vary, the gist is the same: If you don’t pay the ransom -- typically within 48 to 72 hours -- your files are hosed.[ Oh no! Got real ransomware? Then one of these tools might help. | 4 reasons not to pay up in a ransomware attack. | Safeguard your data! The tools you need to encrypt your communications and Web data. ] Or are they? There is a slim possibility the perpetrators may be trying to fake you out and the files haven’t been encrypted. While not a common scenario, it does happen, according to industry experts. Rather than paying up, you can bypass the scary fake message and move on with your day.To read this article in full or to leave a comment, please click here

11 Excel tips for power users

Want to get more out of Excel? At Microsoft's inaugural Data Insights Summit last month, several experts offered a slew of suggestions for getting the most out of Excel 2016. Here are 10 of the best.(Note: Keyboard shortcuts will work for the 2016 versions of Excel, including Mac; those were the versions tested. And many of the query options in Excel 2016's data tab come from the Power Query add-in for Excel 2010 and 2013. So if you've got Power Query on an earlier version of Excel on Windows, a lot of these tips will work for you as well, although they may not work on Excel for Mac.)1. Use a shortcut to create a table. Tables are among the most useful features in Excel for data that is in contiguous columns and rows. Tables make it easier to sort, filter and visualize, as well as add new rows that maintain the same formatting as the rows above them. In addition, if you make charts from your data, using a table means the chart will automatically update if you add new rows.To read this article in full or to leave a comment, please click here

Microsoft locks down Cortana: Blocks integration with other browsers, search engines

Microsoft is tightening control over Cortana.  Only its Microsoft Edge browser and Bing search engine will work with searches initiated through Windows 10’s digital assistant, the company said Thursday.Microsoft isn’t prohibiting third-party browsers like Opera and Chrome from working with Windows 10, and you can still configure the operating system to launch those browsers by default, when, say, a coworker emails you a link to a Web page. But, if you launch a search via Cortana, only Edge and Bing will be used to complete it, Microsoft said in a blog post. To read this article in full or to leave a comment, please click here

IDG Contributor Network: WiGig reaches for 60GHz

The entrepreneur and financier Peter Thiel likes to ask, “What important truth do very few people agree with you on?” Many significant breakthroughs in technology are driven by the hope and optimism of a few in the face of mass indifference and disbelief. Only after success has been achieved can the rest of us recognize the brilliance of the original vision.Which brings us to the Wi-Fi Alliance and its foray into the 60GHz band with 802.11ad, known as WiGig. Years in the making, the WiGig certification should be launched by the end of 2016, and indeed some products are already available. As one might expect, there is a body of true believers who are certain that WiGig will transform communications, and there's a mass of skeptics doubting it will ever catch on. We should be able to see who is right by the end of 2017. In the meantime, it’s worth keeping an eye on WiGig.To read this article in full or to leave a comment, please click here

Here’s why analytics is eating the supply chain

A peculiar thing happens in northern Florida every year in the springtime. That's harvest season on the many fern farms scattered across the region, and it's also the time when demand for rattlesnake antivenom skyrockets there. That's no coincidence. Rattlesnakes like to form dens under fern crops, it turns out. That means trouble for those who harvest the plants, and it puts urgent pressure on local hospitals and healthcare providers, which must come up with the highly perishable antivenom on demand. "A lot of times you never really know how much you're going to need," said Kyle Pudenz, senior director of purchasing for pharmaceutical wholesaler H. D. Smith. "But you also can't stock up and leave it on the shelf."To read this article in full or to leave a comment, please click here

IDG Contributor Network: Rip up the script when assembling a modern security team

The advanced threats companies face require security teams have different characteristics than the backgrounds analysts typically have. However, most businesses hire security practitioners who have similar professional backgrounds and capabilities. Analysts usually have IT backgrounds, are taught to quickly resolve threats and work in an environment that doesn’t embrace speaking out when there’s a security incident.The adversaries, meanwhile, have a more evolved perspective on how to carry out hacking campaigns. Attack operations often include people who have a range of experiences. For example, to hack a bank, attackers will hire hacking experts as well as someone with deep knowledge about the financial services industry. Hacking teams often employ experts who have various technical capabilities to help them approach attacks in different ways and switch gears if one tactic isn’t working. Hackers realize that a more diverse team—and the mindset it brings—increases the likelihood of the attack’s success.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Rip up the script when assembling a modern security team

The advanced threats companies face require security teams have different characteristics than the backgrounds analysts typically have. However, most businesses hire security practitioners who have similar professional backgrounds and capabilities. Analysts usually have IT backgrounds, are taught to quickly resolve threats and work in an environment that doesn’t embrace speaking out when there’s a security incident.The adversaries, meanwhile, have a more evolved perspective on how to carry out hacking campaigns. Attack operations often include people who have a range of experiences. For example, to hack a bank, attackers will hire hacking experts as well as someone with deep knowledge about the financial services industry. Hacking teams often employ experts who have various technical capabilities to help them approach attacks in different ways and switch gears if one tactic isn’t working. Hackers realize that a more diverse team—and the mindset it brings—increases the likelihood of the attack’s success.To read this article in full or to leave a comment, please click here

Phishing apps posing as popular payment services infiltrate Google Play

Google's efforts to police the Android app store -- Google Play -- are far from perfect, with malicious apps routinely slipping through its review process. Such was the case for multiple phishing applications this year that posed as client apps for popular online payment services.Researchers from security firm PhishLabs claim that they've found 11 such applications since the beginning of 2016 hosted on Google Play, most of them created by the same group of attackers.The apps are simple, yet effective. They load Web pages containing log-in forms that look like the target companies' websites. These pages are loaded from domain names registered by the attackers, but because they are loaded inside the apps, users don't see their actual location.To read this article in full or to leave a comment, please click here

Phishing apps posing as popular payment services infiltrate Google Play

Google's efforts to police the Android app store -- Google Play -- are far from perfect, with malicious apps routinely slipping through its review process. Such was the case for multiple phishing applications this year that posed as client apps for popular online payment services.Researchers from security firm PhishLabs claim that they've found 11 such applications since the beginning of 2016 hosted on Google Play, most of them created by the same group of attackers.The apps are simple, yet effective. They load Web pages containing log-in forms that look like the target companies' websites. These pages are loaded from domain names registered by the attackers, but because they are loaded inside the apps, users don't see their actual location.To read this article in full or to leave a comment, please click here

IDG Contributor Network: School district repurposes buses as Wi-Fi hotspots

A poverty-stricken school district in Southern California has come up with a novel way to alleviate the lack of internet access for kids in its catchment area. It’s repurposing school buses as internet hotspots.The school buses are parked overnight in impoverished areas where hard-wired broadband Internet access isn’t usually available and students aren’t able to access the internet. Most of the school district’s students reside in stone-broke rural areas and/or reservations.All of the children in the vast, 1,220-square-mile school district qualify for reduced-priced or free meals, says the Office of Educational Technology (OET). And almost half of the students are English-language learners.To read this article in full or to leave a comment, please click here

1 3,002 3,003 3,004 3,005 3,006 3,840