Hybrid GozNym malware targets customers of 24 financial institutions

A group of cybercriminals have combined two powerful malware programs to create a new online banking Trojan that has already stolen millions of dollars from customers of 24 U.S. and Canadian banks.The new threat has been dubbed GozNym by researchers from IBM X-Force because it combines the stealthy Nymaim malware and the Gozi banking Trojan.The new computer Trojan targets 22 websites that belong to banks, credit unions and e-commerce platforms based in the U.S., and two that belong to financial institutions from Canada. Business banking services appear to be a top target for GozNym's creators, according to the IBM researchers.Nymaim is what researchers call a dropper. Its purpose is to download and run other malware programs on infected computers. It is usually distributed through Web-based exploits launched from compromised websites.To read this article in full or to leave a comment, please click here

Hybrid GozNym malware targets customers of 24 financial institutions

A group of cybercriminals have combined two powerful malware programs to create a new online banking Trojan that has already stolen millions of dollars from customers of 24 U.S. and Canadian banks.The new threat has been dubbed GozNym by researchers from IBM X-Force because it combines the stealthy Nymaim malware and the Gozi banking Trojan.The new computer Trojan targets 22 websites that belong to banks, credit unions and e-commerce platforms based in the U.S., and two that belong to financial institutions from Canada. Business banking services appear to be a top target for GozNym's creators, according to the IBM researchers.Nymaim is what researchers call a dropper. Its purpose is to download and run other malware programs on infected computers. It is usually distributed through Web-based exploits launched from compromised websites.To read this article in full or to leave a comment, please click here

8 cyber security technologies DHS is trying to commercialize

The Department of Homeland Security is publicizing eight new cyber security technologies developed under federal grants that are looking for private businesses to turn them into commercial products.In its fourth “Cyber Security Division Transition to Practice Technology Guide”, DHS outlines the eight technologies that range from malware analysis tools to behavior analysis platforms to randomization software that protects Windows applications.+More on Network World: IRS: Tax deadline looms, scammers get more frantic+To read this article in full or to leave a comment, please click here

8 cyber security technologies DHS is trying to commercialize

The Department of Homeland Security is publicizing eight new cyber security technologies developed under federal grants that are looking for private businesses to turn them into commercial products.In its fourth “Cyber Security Division Transition to Practice Technology Guide”, DHS outlines the eight technologies that range from malware analysis tools to behavior analysis platforms to randomization software that protects Windows applications.+More on Network World: IRS: Tax deadline looms, scammers get more frantic+To read this article in full or to leave a comment, please click here

IDG Contributor Network: 22 new concerns added to Docker security benchmark

Security has, and continues to be, an impediment to container adoption. Whether containers are less or more secure than their virtual machine counterparts is a topic of continued debate.Like any debate, there are merits to arguments on both sides with a bit of FUD interlaced. Many efforts have been undertaken within the container ecosystem to educate adopters and improve their comprehension of available tooling and security postures within platforms and offerings—be that in the form of static analysis (image scanning), runtime vulnerability detection, provenance (image signing), fine-grained authorization, cryptographic verification, etc.The breadth of need for improved security capabilities has provided an opportunity for emerging start-ups to focus specifically on the container security space and others to dedicate their company's mission to securing the Internet. Having spent time with most of the vendors in this space, I'll say that as you might expect, it's a quickly changing landscape. One thing is evident: open source communities and vendors at every layer—from hardware through operating system, container runtime, container image, host-to-cluster orchestrator, PaaS to CaaS—have significantly marshalled forward security-centered improvements in the past year.To read this article in full or to leave a comment, please click here

IDG Contributor Network: 22 new concerns added to Docker security benchmark

Security has, and continues to be, an impediment to container adoption. Whether containers are less or more secure than their virtual machine counterparts is a topic of continued debate.Like any debate, there are merits to arguments on both sides with a bit of FUD interlaced. Many efforts have been undertaken within the container ecosystem to educate adopters and improve their comprehension of available tooling and security postures within platforms and offerings—be that in the form of static analysis (image scanning), runtime vulnerability detection, provenance (image signing), fine-grained authorization, cryptographic verification, etc.The breadth of need for improved security capabilities has provided an opportunity for emerging start-ups to focus specifically on the container security space and others to dedicate their company's mission to securing the Internet. Having spent time with most of the vendors in this space, I'll say that as you might expect, it's a quickly changing landscape. One thing is evident: open source communities and vendors at every layer—from hardware through operating system, container runtime, container image, host-to-cluster orchestrator, PaaS to CaaS—have significantly marshalled forward security-centered improvements in the past year.To read this article in full or to leave a comment, please click here

Google could face EU antitrust charges over Android next week

After a year-long investigation, the European Commission appears ready to accuse Google of abusing its dominant position in the smartphone OS market.It could announce formal antitrust charges as early as next Wednesday, the Financial Times reported Friday.The Commission began its Android investigation on April 15, 2015, the same day that it announced formal antitrust charges against Google in another investigation, accusing the company of favoring its own comparison shopping service over that of rivals.To read this article in full or to leave a comment, please click here

I’m Leaving You


No. It’s not you.
It’s me. It’s always been me.

I remember the first time we met. It was early 2000.
I was young and just graduated from Mechanical Engineering.
I didn’t have any job.
I was desperate. That’s when I met you.
It was like love at first sight.
I spent sleepless nights just to know you.
And more and more I spent time with you, more and more I love you.

I spent time with several others, but my mind and heart were always be with you.
I knew I have to get to you, at any cost.
Even if I had to sacrifice.
Even if I had to leave my home in Dubai.
Even if I had to leave all my friends behind.

Finally in 2006 we were officially together.
I remember it was November, in Singapore.
I couldn’t describe how happy I was.

I traveled many countries in Asia Pacific for you.
I never asked questions. I was a very happy man.
And you invited me several times to visit your home in California.
I was living my dream.

You asked me to move back to Dubai with you in 2008.
A request that I didn’t Continue reading

Why AI still needs us: To build quantum computers

We humans may still be licking our wounds following AI's victory at the ancient game of Go, but it turns out we still have something to be proud of: We're doing a lot better than machines are at solving some of the key problems of quantum computing.Quantum mechanics are notoriously mind-bending because so-called "qubits" -- the atomic-scale building blocks of quantum computers -- can inhabit more than one physical state at once. That's known as superposition, and it's what gives the prospect of quantum computers their exciting potential.To read this article in full or to leave a comment, please click here

Catastrophic cyber attack on U.S. grid possible, but not likely

Warnings about U.S. critical infrastructure’s vulnerabilities to a catastrophic cyber attack – a cyber “Pearl Harbor” or “9/11” – began more than 25 years ago. But they have become more insistent and frequent over the past decade.Former Defense Secretary Leon Panetta warned in a 2012 speech of both a “cyber Pearl Harbor” and a “pre-9/11 moment.”They have also expanded from within the security industry to the mass media. It was almost a decade ago, in 2007, that the Idaho National Laboratory demonstrated that a cyber attack could destroy an enormous diesel power generator – an event featured in a 2009 segment on the CBS news magazine “60 Minutes.”To read this article in full or to leave a comment, please click here

Catastrophic cyber attack on U.S. grid possible, but not likely

Warnings about U.S. critical infrastructure’s vulnerabilities to a catastrophic cyber attack – a cyber “Pearl Harbor” or “9/11” – began more than 25 years ago. But they have become more insistent and frequent over the past decade.Former Defense Secretary Leon Panetta warned in a 2012 speech of both a “cyber Pearl Harbor” and a “pre-9/11 moment.”They have also expanded from within the security industry to the mass media. It was almost a decade ago, in 2007, that the Idaho National Laboratory demonstrated that a cyber attack could destroy an enormous diesel power generator – an event featured in a 2009 segment on the CBS news magazine “60 Minutes.”To read this article in full or to leave a comment, please click here

Obama announces computer science initiatives

Computer science is a fundamental skill in the modern economy, President Obama declared on Tuesday as the White House announced a series of initiatives aimed at advancing education in the STEM fields of science, technology, engineering and mathematics.That includes a $200 million investment from Oracle to extend computer science education to 125,000 U.S. students, along with a host of commitments from federal agencies, schools and other groups to promote STEM training.[ Related: Obama expands STEM education and training efforts ]To read this article in full or to leave a comment, please click here

Intel claims storage supremacy

Intel wants you to know just how real and just how fast its game-changing Optane storage technology is, so it demonstrated how its new pervasive memory technology leaves a conventional NAND SSD in the dust.The demo, the first public one using a traditional desktop environment, took place Wednesday morningat the company’s annual developer forum in Shenzhen, China. Intel executive Rob Crooke showed identical desktop computers performing a simple file copy.+ MORE INTEL: What's happening with the Intel executive turnover? +To read this article in full or to leave a comment, please click here

Shortest Path Bridging (SPB) and Avaya Fabric on Software Gone Wild

A few months ago I met a number of great engineers from Avaya and they explained to me how they creatively use Shortest Path Bridging (SPB) to create layer-2, layer-3, L2VPN, L3VPN and even IP Multicast fabrics – it was clearly time for another deep dive into SPB.

It took me a while to meet again with Roger Lapuh, but finally we started exploring the intricacies of SPB, and even compared it to MPLS for engineers more familiar with MPLS/VPN. Interested? Listen to Episode 54 of Software Gone Wild.

Listen to the podcast

It’s Here: ‘Network Virtualization For Dummies’

Today, just about all enterprise data centers have virtualized a significant portion of their server resources, and a large percentage are moving to virtualize their storage resources as well.

 

That’s because the majority of IT organizations are realizing the payoff that comes with virtualization—things like better utilization of resources, increased IT agility, and lower capital and operational costs. Organizations have not yet virtualized their network resources, meanwhile, are leaving a lot of money on the table—in terms of potential capital and operational cost savings, increased data center security, and greater business and IT agility.

 

But could that payoff be even bigger? That’s the question asked in the new reference book “Network Virtualization for Dummies,” which explores the benefits of network virtualization in depth. Published by Wiley and sponsored by VMware, the book offers a crash course on the new, virtualized approach to the network, which is a key building block for the software-defined data center.

 

In simple, straightforward language, “Network Virtualization For Dummies” explains the fundamentals of network virtualization, including its core concepts, key technology components, use cases, and business and IT benefits. Spend a little time with the book—and a little time is really all you’ll Continue reading

Declaring IPv6 an Internet Standard

At the recent IETF meeting the topic of making IPv6 an Internet Standard came up. What is perhaps a little surprising is that it is not an Internet Standard already. Equally surprisingly, strictly speaking it is probably not quite ready to be an Internet Standard. And I think that's a good thing!
1 3,046 3,047 3,048 3,049 3,050 3,849