Flaw in popular Web analytics plug-in exposes WordPress sites to hacking

WordPress site owners using the WP-Slimstat plug-in installed should upgrade it to the latest version immediately in order to fix a critical vulnerability, security researchers warn.WP-Slimstat, a Web analytics plug-in for WordPress, has been downloaded over 1.3 million times and is highly rated by users. The plug-in allows site owners to track returning visitors and registered users, monitor JavaScript events, detect intrusions, analyze email campaigns and more.Researchers from Web security firm Sucuri found a vulnerability that stems from weak cryptographic key generation in WP-Slimstat versions 3.9.5 and lower. If attackers can determine the secret key used by the plug-in, they can launch blind SQL injection attacks that enable them to read sensitive information from the site’s database.To read this article in full or to leave a comment, please click here

What’s in my toolbag – Update 1 – Fluke LinkSprinter 200

A few years back some of us wrote on a common theme around our tools and tool-bags.  These posts turned out to be quite popular and informative to many in the community, including ourselves.  Since the original post back in 2011, I have added a few new toys tools to my tool-bag and figured it was […]

The post What’s in my toolbag – Update 1 – Fluke LinkSprinter 200 appeared first on Fryguy's Blog.

With no Google, Chinese app stores soar on high downloads

Chinese demand for smartphones is leading to a surge in app downloads from the country—so much so that five of the leading app stores in the world are now from China.Apple and Google still run two of the biggest app stores on the planet, but in China local app stores are pulling in billions of downloads, just by targeting the home market, according to Juniper Research.China itself accounted for 59 percent of all app downloads made last year, which in total reached close to 185 billion. In contrast, the U.S. market only accounted for 8 percent of all app downloads.To read this article in full or to leave a comment, please click here

Emerging enterprise techs to watch

New technologies affecting enterprise IT continue to be invented, commercialized and adopted. The latest batch of techs looming on the horizon, examined in greater detail below, include quantum computing, gamification, reactive programming, augmented reality, transient computing electronics and Named Data Networking.To read this article in full or to leave a comment, please click here(Insider Story)

Desktop virtualization review: VMware Workstation vs. Oracle VirtualBox

Few technologies have had a greater impact on business efficiency and IT productivity than virtualization. While most of the impact has been felt in the data center and in the cloud, virtualization has also transformed IT work on the desktop, where it retains an important role. Here I compare the two leading products in this category: VMware Workstation and Oracle VirtualBox.In executing tests on Workstation 11, I ran into almost no headaches, and in the few cases an item surprised me, I found useful information in the ample VMware documentation. Good documentation has for years been one of the hallmarks of VMware products. This continues to be true.To read this article in full or to leave a comment, please click here(Insider Story)

iOS vs. Android reaches stalemate and 7 other mobile development trends

Image by Roland TanglaoProgrammers seem to impact just about everything these days and mobile developers, in particular, are playing an ever-growing role in the world. The ubiquity of smartphones and tablets and the rise of the Internet of Things (IoT) make the people who are creating the apps and tools for all the smart devices in our lives all the more important. A new global survey helps to shed light on the trends among mobile developers and the mobile economy, in general.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Wednesday, February 25

Hewlett-Packard lowers outlook as its struggles continueHewlett-Packard reported another quarter of declining sales and profit on Tuesday, and blamed a strong dollar as it lowered its outlook for the current quarter and the year. Revenue was $26.8 billion, down 5 percent from a year earlier, while net profit was down 4 percent to $1.4 billion. Sales in the personal systems group were flat, but declined in both the printing and enterprise services divisions.Is Visa priming Europe for Apple Pay?To read this article in full or to leave a comment, please click here

5 Chromebook tips and tricks to fine-tune your productivity

While Chrome OS started life as a simple, stripped-down browser and little else, Google's operating system now has tons of tools, tweaks, and customizations that let you tailor your Chromebook to your specific workflow needs.Just like Windows or OS X, Google's built additional functionality into Chrome OS's app launcher, the taskbar-like shelf, window sizing, and other functions to help you stay productive. These tips will show you how to make the most of those tools and start getting stuff done on your Chromebook.Let's dig in!Arrange your shelf The shelf has many of the features you may know from the Windows taskbar. You can even relocate it to the left or right side of the screen, though not the top. Just right-click it and choose your desired location.To read this article in full or to leave a comment, please click here

AMD will skip Chromebooks until prices, features match better, CTO says

AMD microprocessors are relatively cheap and powerful, and they consume little power. So why aren’t they featured in the latest generation of low-cost computers, Chromebooks?The answer, according to AMD chief technical officer Mark Papermaster, is that they just aren’t worth it—yet.“You have to really look at the Chromebook, and what Google’s objective with it is,” Papermaster said, speaking with a small group of reporters on Monday evening during the ISSCC conference. “For us, it's just a business decision, when you need our type of CPU and graphics technology that can make a difference.” AMD Mark Papermaster, the chief technology officer at AMDTo read this article in full or to leave a comment, please click here

Gemalto says spies probably didn’t steal mobile phone encryption keys from it after all

SIM card maker Gemalto has dismissed recent reports that U.K. and U.S. spies obtained encryption keys protecting millions of mobile phones by hacking its network.Secret documents revealed last week suggested that spies from the U.S. National Security Agency and the U.K. Government Communications Headquarters had stolen SIM card encryption keys from Gemalto, allowing them to intercept the conversations of millions of mobile phone users. The GCHQ documents, dating from 2010, were among those leaked by former NSA contractor Edward Snowden.To read this article in full or to leave a comment, please click here

Gemalto says spies probably didn’t steal mobile phone encryption keys from it after all

SIM card maker Gemalto has dismissed recent reports that U.K. and U.S. spies obtained encryption keys protecting millions of mobile phones by hacking its network.Secret documents revealed last week suggested that spies from the U.S. National Security Agency and the U.K. Government Communications Headquarters had stolen SIM card encryption keys from Gemalto, allowing them to intercept the conversations of millions of mobile phone users. The GCHQ documents, dating from 2010, were among those leaked by former NSA contractor Edward Snowden.To read this article in full or to leave a comment, please click here

Uber’s loyalty deal with Starwood Hotels could boost global growth

Uber likes to promote its service as an easy way to get from point A to point B with a smartphone. Now the company wants to reward you for making one of those points a hotel.The ride-hailing service is teaming up with Starwood Hotels & Resorts to boost the use of its app among the well-traveled crowd. Through the partnership, members of Starwood’s guest loyalty program can link their accounts with Uber accounts and earn Starwood credits whenever they take an Uber ride. They’ll earn more credits if they take the ride while staying in one of the hotel company’s 1,200 properties in 100 countries.The arrangement goes into effect Wednesday, marking Uber’s first partnership of this sort with a hotel operator.To read this article in full or to leave a comment, please click here

Google scraps annual Pwnium bug-hunting contest

Google is scrapping Pwnium, its annual bug hunting event, and folding it into an existing year-round program in part to reduce security risks.The company held Pwnium annually at CanSecWest, a security conference in Vancouver, to find security problems in its Chrome OS, Chrome browser and affiliated applications.But Tim Willis of the Chrome Security Team wrote in a blog post that the annual event isn’t best for either researchers or the company.To read this article in full or to leave a comment, please click here

Anthem’s latest breach estimate says 78.8 million were affected

The Anthem data breach may have exposed 78.8 million records, according to a more finely tuned estimate by the health insurance company, but Anthem is still investigating exactly how many records hackers extracted from a database.Hackers accessed a database at Anthem that contained customer and employee records with names, birth dates, Social Security numbers, addresses, phone numbers, email addresses and member IDs, the health insurance company said on Feb. 4. Some records included employment information and income levels, but no financial information was compromised, it said.It marked one of the largest data breaches to affect the health care industry, adding to a string of recent attacks that have shaken large companies, including retailers Home Depot, Target and Michaels.To read this article in full or to leave a comment, please click here

Initial Post with GitHub and Jekyll

Over the past several months, I’ve found myself holding back on writing posts simply because my blog platform does not support the ability to embed code or even change fonts to resemble code, CLI, or working on a terminal. Screen shots are good, but offering the ability to copy and paste is nice, plus it just looks cleaner. This is unacceptable.

Additionally, I have been doing much more with GitHub and markdown. So, after reading what Scott Lowe had done with his migration to Jekyll and GitHub pages, it seemed like that was a great idea. Not only should I be able to improve what I can write, I should be able to decrease the time it takes to write a post. Awesome. The journey shall begin.

Rather than harp on my existing blog platform and that it does not have an export option, I’ve decided not to prolong the process and make this a gradual migration. Going forward, I will be posting the full blog posts at jedelman8.github.io along with ONLY the excerpt at jedelman.com. When you go to continue reading from the excerpt, you’ll then be redirected to the new site. Over time, I really Continue reading

NetSfere promises enterprise messaging with end-to-end security

If all the well-publicized hacks over the past year or so have had any effect on the corporate world, it’s been to make enterprises more worried than ever about security. Throw in the bring-your-own-device trend, and that concern gets compounded considerably.Such issues were part of the motivation for the recent launch of the Confide app for confidential enterprise messaging, and they’re also a big piece of the thinking behind the NetSfere messaging service that Infinite Convergence rolled out on Tuesday.Though Infinite Convergence launched its cloud-based messaging service for enterprises on a trial basis last fall, the security-minded offering just became globally available. Device-to-device encryption and administrative controls are among the service’s key features, which add up to end-to-end secure messaging capabilities, the company says.To read this article in full or to leave a comment, please click here

NetSfere promises enterprise messaging with end-to-end security

If all the well-publicized hacks over the past year or so have had any effect on the corporate world, it’s been to make enterprises more worried than ever about security. Throw in the bring-your-own-device trend, and that concern gets compounded considerably.Such issues were part of the motivation for the recent launch of the Confide app for confidential enterprise messaging, and they’re also a big piece of the thinking behind the NetSfere messaging service that Infinite Convergence rolled out on Tuesday.Though Infinite Convergence launched its cloud-based messaging service for enterprises on a trial basis last fall, the security-minded offering just became globally available. Device-to-device encryption and administrative controls are among the service’s key features, which add up to end-to-end secure messaging capabilities, the company says.To read this article in full or to leave a comment, please click here