Topics pertaining to technology, especially as they pertain to business issues are discussed. Such topics include using tech to boost productivity, marketing with social media, cybersecurity, and numerous other topics.
Myanmar is a country currently engaged in an important political process. A pro-democracy reform took place in 2011 which has helped the government create an atmopshere conducive to investor interest. The country is resource rich, with a variety of natural resources and a steady labor supply. Despite recent progress, the country is subject to ongoing conflict with ethnic rebels and an ongoing civil war. Analysts suggest that both China and the United States are vying for greater influence in Myanmar, with China in particular having geopolitical interest due to sea passages, port deals, and fuel pipelines that are important to its goals. Geopolitical analysts have suggested that the United States may have its own interests that involve thwarting Chinese ambitions in the region.
APT groups from multiple countries – including China – have been known to target organizations of strategic interest with aggressive malware-based espionage campaigns. One of the malware families used in such a scenario is the well-known Remote Access Trojan PlugX, also known as Korplug, that enables full access to the victim’s machine and network.
Do you remember the time when “video game” referred to a simple platform in which we could only move within the same screen? Everything was there, at our sight, and we couldn’t pass through the limits.
Nowadays, things are very different because video games are actual stories that we are part of. We get involved with their characters and make them alive. The limits of the screen aren’t a barrier anymore and, being such an important part of our lives, games started to be profitable not only for developing companies but (sadly) also for cybercriminals.
Alienware today announced its highly-anticipated new portfolio of products, featuring the next generation Alienware X51 gaming desktop, updated Alienware 13, 15 and 17 notebooks, and, back for a limited time, the Alienware 18 notebook. The updated desktop and notebooks come on the eve of PAX Prime, one of the largest gaming events in North America, taking place August 28-31 in Seattle, Washington. The event will highlight some of the new solutions including the first look at the new Dell 27 Gaming Monitor, launching in late October.
British police have today announced the arrest of six people in connection with distributed denial-of-service (DDoS) attacks that attempted to bring down websites belonging to – amongst others – a national newspaper, a school and a number of online retailers.
The link between the attacks is that they all appear to have been conducted using the LizardStresser tool, a DDoS-on-demand service offered by the Lizard Squad hacking gang who managed to take down the XBox Live and PlayStation networks last Christmas.
You've invested in firewalls and your servers are patched. Clients are running updated anti-malware software and spam and phishing filters are turned up to 11 on your mail servers. Flash? Not running it. Role-based security measures? Implemented three years ago...of course. And BYOD? Only with approved AV and signed acceptable use and access policies. Your IT staff actually sleeps at night because you don't just have a security plan - You actually follow it.
It is one of the biggest data breaches in recent times and one of the most far-reaching, the full implications of which are yet to be understood. In fact, as the story continues to unfold, the Ashley Madison attack could become one of the most notable instances of cybercrime in 2015.
Here is a timeline of key events documenting the severity and seriousness of this event, which is now subject to a major, ongoing, multi-partner investigation.
ARMONK, N.Y. - 21 Aug 2015: IBM (NYSE: IBM) is announcing general availability and improvements to a set of services for IBM’s platform-as-a-service(PaaS), Bluemix, that enable developers to more seamlessly integrate Java-based resources into their cloud-based applications.
The new IBM Cloud tools are designed to help developers broaden the capabilities of their applications to give users a more robust cloud experience, by leveraging added security and flexibility to use a vast array of resources for their development. They include:
Liberty Buildpack updated the Liberty runtime to make available or preview the latest Java EE 7 Liberty features, and while IBM JRE 7.1 remains the default it is now possible to test and run applications in Bluemix with Java 8. Additionally, among other improvements, the jsp-2.3, el-3.0, and jdbc-4.1 Liberty features, previously in beta, are now available as production-ready.
XPages on IBM Bluemix brings the power of Domino XPages to the cloud, allowing developers to create feature-rich, responsive, and secure applications that can be quickly brought to market on Bluemix.
The developer-friendly, open-standards-based Bluemix catalog includes over 100 tools and services of the most prominent open-source technologies combined with IBM and third-party services that allow developers to build, run and manage cloud applications with more flexibility. IBM launched Bluemix via a $1 billion investment in 2014, rapidly becoming the largest Cloud Foundry deployment in the world, and was recently shown to be growing 10-times faster than the overall PaaS market by research firm ESG.
Combining Bluemix and IBM Design Thinking methodology, the Bluemix Garage network creates a bridge between the scale of enterprises and the culture of startups, by establishing physical collaboration spaces housed in the heart of thriving entrepreneurial communities around the world, including successful implementations in San Francisco,Londonand Toronto.
Accenture Launches Advanced Analytics Applications for the Telecommunications Industry
NEW YORK; August 20, 2015 – Accenture (NYSE: ACN) is launching five advanced analytics applications for the telecommunications industry, equipping users with customized analytics insights that can empower them to make smarter, data-driven decisions. Developed through the Accenture Analytics Applications Platform – a scalable platform that develops industry- and function-specific advanced analytics applications that are reusable, configurable and adaptable to meet the needs of each unique company and its individual users – the new analytics applications are designed to help telecommunications companies make more effective pricing, staffing, maintenance and planning decisions.
“Countless companies are vying to be the next big digital disruptor in the highly competitive global telecommunications industry,” said Marco Vernocchi, senior managing director, Accenture Communications, Media and Technology – Global Digital Lead. “One way to have a strong foot in this race is by turning data into an asset and using it to make insight-driven decisions. When data is put to work through advanced analytics applications and smarter decisions, a company can unlock new opportunities for themselves and their customers.” Accenture’s new advanced analytics applications for the telecommunications industry include:
Network Predictive Fault Management – Helps providers predict network incidents before they occur, allowing for pre-emptive maintenance and improved service assurance. Users receive insights detailing network vulnerabilities and recommendations for proactive maintenance of the network infrastructure.
Revenue Forecasting – Forecasts revenues in different areas – such as customer base, activations, cancellations, and traffic – to support revenue-generating business decisions.
Bundle Pricing – Supports the development of effective pricing strategies for offering bundles, such as bundling a handset and a connection. Insights on customer preferences enable pricing decisions that can support customer demands, optimize inventory management, achieve business objectives, and increase profitability.
Call Volume Forecaster – Improves the planning, staffing and management of contact centers by providing users with insights on forecasted call volumes and the right staffing resources needed to support the center. Through an analytics-driven management process, providers can improve customer service levels and increase customer satisfaction, loyalty and brand perception.
IT Governance – Helps providers to optimize and improve IT infrastructure efficiency, even when transitioning to virtualized environments. To support decision-making, users receive insights involving asset mapping, the impact of future application scenarios, and reporting that can validate decisions or inform new actions.
Accenture currently has a total of 25 advanced analytics applications available for the telecommunications, retail, financial services, and utilities industries. In addition to these ready-made applications developed through the Accenture Analytics Applications Platform, custom applications can also be created to meet a company’s specific needs. For each application, Accenture’s platform can be used to fully configure the advanced analytics applications with a company’s exact operational workflow process and precise user requirements – for example, greater granularity for data scientists and less data granularity for business users. Depending on the amount of customization needed, applications can be ready for use in approximately one week to 60 days. Accenture’s advanced analytics applications can be run on their own or through the Accenture Insights Platform. Launched last month, the Accenture Insights Platform is a cloud-based, end-to-end analytics-as-a-service solution comprised of an integrated suite of leading technologies, consumption-based commercial arrangements, and enterprise support. Additional details on the Accenture Analytics Application Platform and existing advanced analytics applications can be found here and videos can be found here. About Accenture Accenture is a global management consulting, technology services and outsourcing company, with more than 336,000 people serving clients in more than 120 countries. Combining unparalleled experience, comprehensive capabilities across all industries and business functions, and extensive research on the world’s most successful companies, Accenture collaborates with clients to help them become high-performance businesses and governments. The company generated net revenues of US$30.0 billion for the fiscal year ended Aug. 31, 2014. Its home page is www.accenture.com. Accenture Analytics, part of Accenture Digital, delivers insight-driven outcomes at scale to help organizations improve their performance. With deep industry, functional, business process and technical experience, Accenture Analytics develops innovative consulting and outsourcing services for clients to help ensure they receive returns on their analytics investments. For more information follow us @ISpeakAnalytics and visit www.accenture.com/analytics.
It might not have escaped your notice that I write quite a lot about support scams, an issue in which most commentators in the security industry take only sporadic interest and tend to regard as of only niche interest. (As when a scammer is damaging their brand or product in some way, for instance by claiming to represent them or that the victim needs his help because their product is inadequate or worse.)
Certainly if it was still all about scammers calling victims out of the blue to tell them they have a virus infection and wanting remote access to their PCs so that they can ‘fix it’, I wouldn’t have much to say about it all at this point. But it isn’t. And I’m not just talking about minor variations on the CLSID orEvent Viewer or Task Manager gambits, in which various legitimate utilities are misrepresented as ‘proving’ that your PC has a problem with malware. (Although we still see plenty of reports of such gambits in action: if you aren’t familiar with them, quite a few of them are described in articles and papers like this: My PC has 32,539 errors: how telephone support scams really work. (Is it really three years since we presented that paper? Apparently it is, and much longer since I first started writing about the topic.)
You might be familiar with Wix, a company known as a maker of drag-and-drop Web design tools for small businesses. But the company has expanded its services to also include CRM (Customer Relationship Management) tools.
Called MyAccount CRM solution, this service offers small business owners tools for collecting and managing contacts, managing email marketing campaigns, and more.
Marketing through social media is all the rage. And you know websites are important to business. But should you be tackling both for your business? If so, how do you do it so it makes sense? Read below for some tips on how to make both, or one, work for you.
Major vulnerabilities have been detected in Dolphin and Mercury Android browsers that could have provided cybercriminals with the opportunity to launch zero-day attacks.
This is considered to be a notable discovery. With both browsers growing in popularity – it is estimated that over 100 million downloads have been made between the two browsers – the fallout of a potential attack could be huge.
To say that digital marketers have to be jacks-of-all-trades is a considerable understatement. Marketers don’t often get the recognition they deserve for having to master so many different software tools, but if there’s one profession that requires knowledge of more tools than a Swiss army knife, online marketing is it.
Sydney, Australia –Avnet, Inc. (NYSE: AVT), a leading global technology distributor, today announced that it has signed a distribution agreement with EMC, the global leader in enabling businesses and service providers to transform their operations and deliver information technology as a service (ITaaS). Avnet was selected as a global distributor to bring EMC’s VSPEX BLUE to market in early 2015. The new agreement will see Avnet deliver the entire EMC portfolio to its network of resellers across Australia.
Whatever your views on the AshleyMadison.com website, the data breach it suffered earlier this year has increased the cybersecurity threat level for all organizations. That’s because a large amount of information stolen from the site was published on the Internet last week, all of which can be assumed to be sensitive, given the site’s infamous slogan: “Life is short. Have an affair.” In terms of IT security you should be taking action on several fronts. In this article I suggest four action items every organization should consider, but first I explain why a response plan is needed.
This is part two of our look at the User layer, which focuses on user authentication. If you missed it, make sure to read part 1 to find about how you can protect your network from your users’ own actions.
Also, you can catch up on the entire Layered Security series by either reading my past blog posts or checking out the PDF version, which will be updated to include the User Layer soon.
Hard to believe it but Windows 95 turned 20 this month. Not only was the launch of this operating system a landmark moment for Microsoft, but also, arguably, for the human species. As the theTelegraph reflected, it “redefined home computing and began a golden age for Bill Gates’ company”.
Here are some interesting facts about this seminal piece of software that has been so instrumental in shaping the modern, digital and internet-connected world that has come to characterise the opening decades of the 21st century.
The Federal Trade Commission (FTC) has the power to punish organizations that fail to invest in and deliver robust online security measures, according to ruling by the US Court of Appeals for the Third Circuit. Responding to the ruling, Edith Ramirez, chairwoman of the FTC, said that the decision “reaffirmed” the commission’s view on the matter. She went on to say: “It is not only appropriate, but critical, that the FTC has the ability to take action on behalf of consumers when companies fail to take reasonable steps to secure sensitive consumer information.”
It might still feel like summer, but school season is right around the corner. Young people are easy targets for both digital and physical theft, so it’s important to ensure your data and devices are secure at school and at home.
Previously my colleague Wayne talked about an interesting document exploit targeting CVE-2015-1641. In this post, we will talk about who might be behind the attack.
We start our correlation with the analysis of the exploit payload - a remote administration tool (RAT) with MD5 6bde5462f45a230edc7e7641dd711505 (detected as MSIL/Agent.QOO!tr). This RAT looks new to us; hence we suspected that it may either be a new RAT family or a custom RAT that was developed for a specific attacker (hacker). It is compiled with Microsoft Visual Basic .NET with the following backdoor commands listed in its code:
LG announced on Monday the next G Pad tablet model, the G Pad II 10.1. The company plans to give its newest tablet an official unveiling at IFA 2015 in Berlin next month. But for now LG is giving a peek at some of the G Pad II’s specs and features.
You won’t likely get the highest specs or super clear display out of the G Pad II. But what the tablet is promising is a large screen with long battery life at a decent price.
Dell today introduced Datacenter Scalable Solutions (DSS), a new line of business within Dell’s Enterprise Solutions organization designed to meet the specific needs of web tech, telecommunications service providers, hosting companies, oil and gas, and research organizations. These businesses often have high-volume technology needs and supply chain requirements in order to deliver business innovation. With a new operating model built on agile, scalable, and repeatable processes, Dell can now uniquely provide this set of customers with the technology they need, purposefully designed to their specifications, and delivered when they want it.
In business, going for the lowest price is not always the best move. In fact, sometimes it’s counterproductive. When choosing Internet service, as with any product or service, price is important, but it’s far from the only thing to consider.
There are a number of factors to look at when choosing an Internet service for your small business. You need to make sure you can meet the requirements for up-time, speed, bandwidth and more.
In this new age of wearable tech, biometrics and multi-factor authentication, your face is increasingly becoming your digital ID for authenticating who you are online. But how does facial recognition software work and what are the caveats?
A lot of business magazines celebrate the past exploits of billionaire businessmen, like Mark Zuckerberg and Bill Gates.
The stories of how they acquired and built their businesses becomes the stuff of entrepreneurial legend. Yet, with all of this information, only a little information goes into how these leaders prepare for a complicated future.
Dell will release its Fiscal 2016 Q2 financial results to current holders of Dell’s debt securities and prospective qualified institutional debt investors Sept. 3, 2015. The company reports results to this group confidentially on a quarterly basis.
Dell also will conduct a confidential conference call for debt investors Sept. 3 at 11 a.m. CDT to provide management’s perspective and respond to questions regarding the results.
Recently, we came across an unknown document exploit which was mentioned in a blogpost by the researcher @ropchain. As part of our daily routines, we decided to take a look to see if there was something interesting about the document exploit. The sample’s SHA1 used in the analysis is FB434BA4F1EAF9F7F20FE6F49C4375E90FA98069. The file we’re investigating is a Word document called amendment.doc.
Is your child an internet security genius? If cybersecurity is their thing and you think it could be their future livelihood, here’s what you can do to harness that potential for a career that is exciting and financially lucrative.
Since launching Windows 10 across the globe last month, Microsoft has issued two cumulative updates. The most recent, issued on 14th August, offers users little by way of detail as to what impact this will have.
This ambiguity has been questioned by commentators and news providers, with The Register, for example, querying the tech giant’s silence on the matter.
Whenever small businesses see their website bounce rate, it’s always a source of panic.
Maybe you’ve heard that website bounce rate doesn’t matter, or maybe you’ve heard that it matters for some things and not for others, or maybe you’ve been taught to believe that your bounce rate is one of the most important metrics for a website.
The internet is arguably the new frontier for communication, collaboration and business but, with criminals also using it for ill-gotten gains, it does have its bad parts too. And this is making life difficult for parents struggling to keep up with their child’s technology obsession.
In bygone eras, parents’ concerns over their children were relatively simple: they worried if they were healthy, happy and socially adept at school and other challenging environments. As they got older, they considered too the challenges of new relationships, new careers and living quarters.
More than 120 Partners, Distributors and Fortinet Staff came together last week in Sydney and Melbourne at Fortinet’s first ever "Fast and Secure" event in ANZ. With a full-day of speakers, attendees heard about the latest Fortinet offerings that embed security capabilities in every aspect of Managed Services Provision. The message is clear: we have moved on from Managed Security Service Provision (MSSP) because, simply put, security is an integral component of every "As a Service" offering from managed email and firewalls to full-blown cloud-based enterprise computing.
Last month I attended my first Campus Technology conference, in Boston. I think it’s fair to say that while computer security was not the focus, it certainly was prevalent and appreciated by attendees. In fact, CIO ranked the cybersecurity topics and panels as one of the “6 Best Things” at Campus Tech. To demonstrate this further, the closing Keynote was from William Perry on “The How, Why and What of Cyber Security,” which presented just about as comprehensive a high-level view as possible in a 50-minute slot.
Cybercriminals have reportedly released personal information belonging to Ashley Madison users on the dark web, a month after it was first revealed that its system had been compromised.
Various reputable media outlets, including Wired, the Guardian and the BBC, note that sensitive details of up to 37 million users of the self-confessed “most famous name in infidelity and married dating” are now available online.
Researchers at FortiGuard Labs recently discovered another heap overflow vulnerability in the Adobe Flash Player. The vulnerability, CVE-2015-5129, is similar to a larger group of security issues found in Flash Player, all of which could be exploited to allow remote code execution on the host system.
Although FortiGuard has not observed active exploits for this particular vulnerability in the wild, we did find multiple products that incorporate Flash with the vulnerability. This includes the Google Chrome browser. Additionally, the vulnerability could affect mobile developers on both Android and Apple iOS if Adobe AIR SDK & Compiler188.8.131.52 has been used. Perhaps more importantly, many active exploits have been developed for similar vulnerabilities, making future exploit development more straightforward.