Search This Blog

Tuesday, January 31, 2017

IBM Security Plans to Acquire Agile 3 Solutions to Help the C-Suite Manage Data Risk

From IBM:


IBM Security Plans to Acquire Agile 3 Solutions to Help the C-Suite Manage Data Risk

Expansion of Capabilities for IBM Guardium and Data Security Services
CAMBRIDGE, MA - 23 Jan 2017: IBM (NYSE: IBM) Security today announced plans to acquireAgile 3 Solutions, a developer of software used by the C-Suite and senior executives to better visualize, understand and manage risks associated with the protection of sensitive data. The addition of Agile 3 Solutions’ capabilities to IBM Security’s portfolio adds an intuitive tool to improve C-Suite decision making as businesses prepare to defend themselves against cybercrime.
As cybersecurity has become a board-level issue, there is a growing need for the C-suite and the Board to understand their security posture through the lens of business risk, not just the technical security data and metrics. Business leaders must be equipped to make risk-based decisions and prioritize investments toward the cybersecurity readiness and resilience. In fact, Gartner predicted that “by 2017, 80% of IT risk and security organizations will report metrics to non-IT executive decision makers; however, only 20% will be considered useful by the target audience.”[i]
Agile 3 Solutions, a San Francisco-based, privately held company, provides business leaders with a comprehensive, business-friendly dashboard and intuitive data risk control center to help uncover, analyze, and visualize data-related business risks, so they can take action to proactively protect their business. Financial terms were not disclosed and the transaction is expected to close within several weeks. Upon completion of the acquisition, IBM will offer Agile 3 Solutions’ technology through IBM Data Security Services and also plans to integrate Agile 3 Solutions’ capabilities into its industry-leading data protection software IBM Guardium.
"After thousands of client engagements, we've seen security move from the back office to the front office and now to the board room," said Marc van Zadelhoff, General Manager, IBM Security. "Adding Agile 3 Solutions to the IBM Security immune system of capabilities gives our team the ability to not only protect critical data, but demonstrate why it is at risk, and how to remediate that risk. Knowing what your crown jewel data is, and understanding its susceptibility to exploitation via external or insider threats, is an imperative for any organization."
“Having worked closely with IBM Security as a business partner, our team is excited by the opportunity to join the leader in enterprise security,” said Raghu Varadan, Founder and CEO of Agile 3 Solutions. “Our mission has been to bring the C-Suite into the security decision making process on their terms. Now with IBM Security, we’re bringing together the ability to not only influence decisions but to take action to protect business critical data.”
Agile 3 Solutions will augment the IBM Data Security Services portfolio of offerings, adding industry-leading technology and deep industry expertise to help clients around the world build, implement, and manage their critical data protection programs. The acquisition also builds on the growth of IBM's end-to-end Guardium data security and protection platform, which helps analyze the risk associated with sensitive data, monitor and protect sensitive data at rest and in motion, and easily adapt to changes in the IT environment – including adding new users, new technologies, and accommodating new volumes and types of data. IBM also announced its intent to acquire Ravy Technologies, a subcontractor of Agile 3 Solutions.
Agile 3 Solutions marks the 20th security-related company IBM has acquired as part of a series of investments to deepen its expertise as the world's largest enterprise security company. IBM Security has hired approximately 1,900 security experts since 2015, and has invested in innovative new programs to help the industry collaborate to battle cybercrime, including IBM's X-Force Exchange and the IBM Security App Exchange.
For more information about Agile 3 Solutions, go tohttp://www.ibm.com/security/announce/agile3/  
About IBM Security
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM X-Force® research, enables organizations to effectively manage risk and defend against emerging threats. IBM operates one of the world’s broadest security research, development and delivery organizations, monitors 20 billion security events per day in more than 130 countries, and holds more than 3,000 security patents. For more information, please visit www.ibm.com/security, follow @IBMSecurity on Twitter or visit the IBM Security Intelligence blog.
About Agile 3 Solutions
Agile 3 Solutions provides a comprehensive, business-friendly dashboard and intuitive data risk control center to help uncover, analyze, and visualize data-related business risks, so business leaders can take action to proactively protect their business. Learn more athttp://www.agile3solutions.com/
 
[i] Gartner: Develop Key Risk Indicators and Security Metrics That Influence Business Decision Making, July 31, 2015

Password-stealing security hole discovered in many Netgear routers

A security researcher has described how he uncovered a severe security hole in dozens of different Netgear routers, meaning that “hundreds of thousands, if not over a million” devices could be at risk of having their admin passwords stolen by hackers.



Password-stealing security hole discovered in many Netgear routers

Innovation Insights: Defining and Securing IoT

Fortinet Blog

Mellanox Introduces Data Center Packet Processing Platform Based on Company's New Indigo Network Processor (NASDAQ:MLNX)

Indigo IDG4400 Outstanding Packet Processing, Combined with Spectrum Ethernet Switch Systems, Offers Complete L1-L7 Network Solution for Deploying Cost Effective and Scalable Security and Network Applications in Data Centers



Mellanox Introduces Data Center Packet Processing Platform Based on Company's New Indigo Network Processor (NASDAQ:MLNX)

Cybersecurity: 5 basic lessons for everyone

Update: Get ready for the IT security threats and challenges ahead with ESET's 2017 trends and predictions report. Download now.
Recently we’ve had the opportunity  – quite a fun and interesting opportunity – to visit a number of information security and cybersecurity conferences. These conferences were flooded with relatively ‘new’ developments such as NextGen, the Internet of Things (IoT), IoT DDoS attacks, security intelligence platform, etc. The fact that some of these terms have become ‘hype’ is not in itself a problem, but we did begin to wonder whether the security world may be looking at things in the wrong way and thereby missing the demands that need to be addressed.


Cybersecurity: 5 basic lessons for everyone

Security professionals' skills shortage in the UK

Update: Get ready for the IT security threats and challenges ahead with ESET's 2017 trends and predictions report. Download now.
The skills shortage among IT professionals across the UK has caused increased competition among employers for the best candidates, with IT security at the forefront of demand.


Security professionals' skills shortage in the UK

Ransomware: Key insights from infosec experts

Update: Get ready for the IT security threats and challenges ahead with ESET's 2017 trends and predictions report. Download now.
Pause for a minute. 2017 has arrived before we even realized it was coming. And it’s brought with it an army of new buzzwords, fresh security threats and an even more switched-on world than 2016.


Ransomware: Key insights from infosec experts

Flokibot Invades PoS: Trouble in Brazil

Threat actors salivate at the thought of an increased volume of credit and debit card transactions flowing through endpoints they have compromised with card-stealing malware. While there are many distinct malware families that scrape unencrypted process memory to obtain cards, some of these malware capabilities overlap with generic information stealing trojans such as Flokibot that obtain and exfiltrate HTTPS GET and POST data and other materials from compromised machines.



Flokibot Invades PoS: Trouble in Brazil

Saudi Organizations Targeted by Resurfaced Shamoon Disk-Wiping Malware

Fortinet Blog

Austrian hotel experiences 'ransomware of things attack'

Update: Get ready for the IT security threats and challenges ahead with ESET's 2017 trends and predictions report. Download now.
Toward the end of 2016, ESET senior security researcher Stephen Cobb expressed concern about the possible mingling of three different types of system abuse: holding computer systems and data files hostage (ransomware); denying access to data and systems (DDoS); and infecting the Internet of Things (IoT) with malicious code.


Austrian hotel experiences 'ransomware of things attack'

Not Concerned About Web Application Attacks in Financial Services? Well, You Should Be

IT teams in the financial services industry have historically invested in, and deployed, web application firewalls (WAFs) to comply with Payment Card Industry Data Security Standards (PCI DSS). However, many of today’s data security professionals recognize that unprotected web applications have become attractive targets for cybercriminals looking for easy entry points into their networks.



Fortinet Blog

Some examples of vulnerable code and how to find them

I have previously recommended a course entitled Software Exploits by Open Security Training, and similarly, a book “called The Shellcoder’s Handbook: Discovering and Exploiting Security Holes. Using some of the examples presented in the book, I thought it would be a good idea to explore how the theory on real code vulnerabilities stands true.



Some examples of vulnerable code and how to find them

Sunday, January 29, 2017

An introduction to private browsing

Update: Get ready for the IT security threats and challenges ahead with ESET's 2017 trends and predictions report. Download now.
When we go online, we all leave a digital ‘trace’. Our IP addresses give us away and cookies collect our browsing habits. Our Internet Service Providers (ISPs) and employers theoretically have a log of what sites we visit and when. Even private browsing, otherwise known as incognito mode, is not totally safe from prying eyes.


An introduction to private browsing

Don't just worry about data privacy - own your online presence

“Who has access to my data?”
If you’ve asked yourself this question and can’t help but feel concerned, you are not alone. 


Don't just worry about data privacy - own your online presence

Saturday, January 28, 2017

PayPal users targeted in sophisticated new phishing campaign

Recent phishing scams targeted both Gmail and Yahoo, and now attackers have their sights set on PayPal with some very convincing bait. With fake websites and email campaigns that look real, it’s easy to be fooled, and potentially have your identity and money stolen by scammers. Here’s how it happens.



PayPal users targeted in sophisticated new phishing campaign

Deep Analysis of Android Rootnik Malware Using Advanced Anti-Debug and Anti-Hook, Part II: Analysis of The Scope of Java

In part I of this blog we finished the analysis of the native layer and got the decrypted secondary dex file. Here in part II we will continue to analyze it. For the sake of continuity, we will maintain continuous section and figure numbers from part I of the blog.



Fortinet Blog

Deep Analysis of Android Rootnik Malware Using Advanced Anti-Debug and Anti-Hook, Part I: Debugging in The Scope of Native Layer

Recently, we found a new Android rootnik malware which uses open-sourced Android root exploit tools and the MTK root scheme from the dashi root tool to gain root access on an Android device. The malware disguises itself as a file helper app and then uses very advanced anti-debug and anti-hook techniques to prevent it from being reverse engineered. It also uses a multidex scheme to load a secondary dex file. After successfully gaining root privileges on the device, the rootnik malware can perform several malicious behaviors, including app and ad promotion, pushing porn, creating shortcuts on the home screen, silent app installation, pushing notification, etc.  In this blog, I’ll provide a deep analysis of this malware.



Fortinet Blog

2017 Cybersecurity Predictions for Financial Services: What to Watch For

With 2016 in the books, we can take a look back and see that it was a banner year for cybercriminals. From the successful breach of the DNC to DDoS attacks that disrupted service for tens of millions of IP addresses, it seemed as though no industry or organization was completely safe from threats.



Fortinet Blog

Thursday, January 26, 2017

The Analysis of ISC BIND NSEC Record Handling DoS (CVE-2016-9147)

The latest patch for BIND from the Internet Systems Consortium (ISC) fixes a NESC record-related bug. Remote BIND recursive servers may crash when attempting to handle the specifically-crafted query response with NESC record sent by attackers, thereby causing a denial of service (DoS).



Fortinet Blog

RoT: Ransomware of Things

One of the trends that I found most worrying in 2016 was the willingness of some individuals to participate in the following three activities: holding computer systems and data files hostage (ransomware); denying access to data and systems (Distributed Denial of Service or DDoS); and infecting some of the devices that make up the Internet of Things (IoT).
Sadly, I think these trends will continue to evolve in 2017 and there is potential for cross-pollination as they do so. For example, using infected IoT devices to extort commercial websites by threatening a DDoS attack, or locking IoT devices in order to charge a ransom – something I like to call “jackware”.


RoT: Ransomware of Things

Yahoo faces SEC probe into record-breaking data breaches

Update: Get ready for the IT security threats and challenges ahead with ESET's 2017 trends and predictions report. Download now.
Internet giant Yahoo has confirmed it is to be investigated by the US Securities and Exchange Commission (SEC) in connection with two major data breaches discovered at the company last year.


Yahoo faces SEC probe into record-breaking data breaches

Lloyds Bank hit by distributed denial of service attack

Update: Get ready for the IT security threats and challenges ahead with ESET's 2017 trends and predictions report. Download now.
Lloyds Banking Group in the UK was subjected to a distributed denial of service attack, it has been revealed.


Lloyds Bank hit by distributed denial of service attack

Ricoh Embraces Brocade Fabric Technology to Transform Cloud Data Center (NASDAQ:BRCD)

DIGITAL IMAGING GIANT POSITIONED FOR DATA CENTER TRANSFORMATION



Ricoh Embraces Brocade Fabric Technology to Transform Cloud Data Center (NASDAQ:BRCD)

Apple issues security patches for ... just about everything

If you have a piece of Apple technology in your house or office, chances are that it’s time you updated it.
On Monday Apple issued security patches for all of its major operating systems – fixing vulnerabilities in iOS, macOS, watchOS, tvOS, the Safari browser, and iCloud for Windows.


Apple issues security patches for ... just about everything

UK fraud and cybercrime figures show extent of these threats

Update: Get ready for the IT security threats and challenges ahead with ESET's 2017 trends and predictions report. Download now.
There were approximately 5.6 million incidents of fraud and cybercrime in the UK last year, new figures from the Office for National Statistics (ONS) have revealed.


UK fraud and cybercrime figures show extent of these threats

The Move to Consolidation and Integration: Simplifying Security in Financial Services

In meeting with large financial institutions, the single biggest thing we keep hearing about is the need to simplify and consolidate their security infrastructure. As Financial Services has evolved from person-to-person transactions to a fully digital business model, the industry’s networks have evolved as well, become increasingly complex and more difficult to defend. During this evolution, as new threats have emerged, financial organizations have gone out and purchased a host of different security products, often from different vendors, as part of their overall security infrastructure. There is a realization now but there may have been some over-purchasing. 



Fortinet Blog

Ficolo Achieves Rapid Growth with Network-as-a-Service from Brocade (NASDAQ:BRCD)

FINLAND'S FASTEST GROWING DATA CENTER COMPANY DELIVERS SCALABLE WHOLESALE COLOCATION SERVICES



Ficolo Achieves Rapid Growth with Network-as-a-Service from Brocade (NASDAQ:BRCD)

Sunday, January 22, 2017

Linux Gafgyt.B!tr Exploits Netcore Vulnerability

Over the past few months we have seen a lot of malware activity around the Netcore vulnerability, so we decided to take closer look at its exploitation. The following screen shot shows attack traffic captured through Wireshark.



Fortinet Blog

Saturday, January 21, 2017

Ransomware attack hits St Louis Public library

If you were trying to use the public computers at St Louis Public Library this week you may have experienced more than your fair share of problems.
The reason? A ransomware attack struck the library’s server, preventing some 700 PCs at 16 of library locations from working properly, and preventing the checking out of books.


Ransomware attack hits St Louis Public library

Analysis of ISC BIND TKEY Query Response Handling DoS (CVE-2016-9131)

Another TKEY record-related bug in BIND has been fixed with a patch from the Internet Systems Consortium (ISC) that was released just after the New Year. This bug may take down BIND recursive servers by sending a simple query response with TKEY record, thereby causing a denial of service (DoS).



Fortinet Blog

Thursday, January 19, 2017

Android Locker Malware uses Google Cloud Messaging Service

Last month, we found a new android locker malware that launches ransomware, displays a locker screen on the device, and extorts the user to submit their bankcard info to unblock the device. The interesting twist on this ransomware variant is that it leverages the Google Cloud Messaging (GCM) platform, a push notification service for sending messages to registered clients, as part of its C2 infrastructure. It also uses AES encryption in the communication between the infected device and the C2 server. In this blog we provide a detailed analysis of this malware.



Fortinet Blog

UK’s ICO releases new guidelines for becoming GDPR ready

Update: Get ready for the IT security threats and challenges ahead with ESET's 2017 trends and predictions report. Download now.
The Information Commissioner’s Office (ICO) in the UK has released a new set of guidelines aimed at ensuring companies are adequately prepared for the introduction of the General Data Protection Regulation (GDPR).


UK’s ICO releases new guidelines for becoming GDPR ready

Flashback Wednesday: Pakistani Brain

Update: Get ready for the IT security threats and challenges ahead with ESET's 2017 trends and predictions report. Download now.
In the early 1980s, with computer technology in its relative infancy and worldwide internet access a distant dream, the idea that computers sitting benign and beige on work desks could become infected with a virus was still, by and large, the stuff of science fiction.


Flashback Wednesday: Pakistani Brain

Tuesday, January 17, 2017

Fortinet Security Researcher Discovers Two Critical Vulnerabilities in Adobe Flash Player

Fortinet Blog

Accelerate 2017 Update General Sessions Overview – Day Two

Fortinet Blog

Ransomware: Should you pay up?

If you’re a victim of ransomware, cybercriminals will encrypt your data and documents and demand a fee for them to unlock it. Once your data is locked, you face a tough choice: whether or not to pay. If you pay, will you really get your data back anyway? Here, we look at some tips on what to do if it happens to you.



Ransomware: Should you pay up?

Monday, January 16, 2017

Are you with #TheSAS2017?

Security breach highlights importance of encryption

Fines by the UK’s Information Commissioner’s Office (ICO) for security breaches have been a matter of discussion for some time. For most, they seem fairly small; and if we think about the actual monetary value when compared to a large company’s earnings, they are.
The ICO is an independent authority set up to uphold information rights in the public interest. They have issued some fairly substantial fines that have included – but are not limited to – record fines of £400,000 for a telecoms company; £100,000 for a county council and £180,000 for an NHS trust in London – and that’s just 2016. As more and more companies are found to be negligent in their protection of our private data, these fines will have to rise to reflect the growing concern by the public on why they are not doing more.


Security breach highlights importance of encryption

Sunday, January 15, 2017

WhatsApp bug: Messages ‘can be intercepted and read’

Update: Get ready for the IT security threats and challenges ahead with ESET's 2017 trends and predictions report. Download now.
A WhatsApp ‘security issue’ has been identified, meaning third parties may be able to both intercept and read encrypted messages, according to new research.


WhatsApp bug: Messages ‘can be intercepted and read’

Forensic analysis techniques for digital imaging

Over the course of two days at last month’s Computer Security Congress, which was organized by la Coordinación de Seguridad de la Información/UNAM-CERT, researchers presented their work in various areas of security.
In the course of his participation, security specialist José Miguel Baltazar Gálvez presented a study entitled Identifying the Original Source of a Digital Image, a development of the Master’s Program in Security and Information Technologies of Mexico’s Instituto Politécnico Nacional, aimed at recognizing the make and model of a device used to create a digital photograph during the forensic analysis process.


Forensic analysis techniques for digital imaging

UK launches major cybersecurity inquiry

Update: Get ready for the IT security threats and challenges ahead with ESET's 2017 trends and predictions report. Download now.
The UK parliament has launched an inquiry into its cybersecurity defenses, as part of its five year cybersecurity strategy.

UK launches major cybersecurity inquiry

Windows 10 anniversary update: Security and privacy, hope and change?

You may recall that last year WeLiveSecurity presented a detailed white paper examining Windows 10 from a privacy and security perspective. Apparently, many readers found this helpful, particularly IT professionals contemplating enterprise upgrades to Windows 10 from earlier versions. With a number of analysts now predicting that 2017 will be the year most enterprises make the move to Windows 10, ESET is publishing a new Microsoft Windows 10 white paper that covers changes to security and privacy features in Windows 10 Anniversary Update (aka Build 14393, Redstone 1, Version 1607).



Windows 10 anniversary update: Security and privacy, hope and change?

KLA-Tencor Announces Live Webcast To Review Second Quarter Fiscal Year 2017 Results (NASDAQ:KLAC)

KLA-Tencor Announces Live Webcast To Review Second Quarter Fiscal Year 2017 Results (NASDAQ:KLAC)

Friday, January 13, 2017

Recognizing Fortinet’s Partner of the Year Winners

Fortinet Blog

Fast Flux networks: What are they and how do they work?

After dismantling the Avalanche network, we found that it was using a Fast Flux network … and this is not the first time that we’ve seen this kind of scenario either. This type of network has been around for several years now and is a real headache when it comes to dismantling a botnet built using this structure.
Let’s start at the beginning.


Fast Flux networks: What are they and how do they work?

Thursday, January 12, 2017

Accelerate 2017 Update General Sessions Overview – Day One

If anyone was unsure of Fortinet’s vision for the future of the digital world, or the impact they plan to have on the cybersecurity industry, the first day of Accelerate 2017 left no doubt in anyone’s mind.


Fortinet Blog

Avnet Expands PicoZed Product Family with Small Footprint PicoZed SDR 1x1

Avnet, Inc. (NYSE: AVT), a leading global technology distributor, today released the PicoZed™ Software-Defined Radio SDR 1x1, a rugged, low-power, system-on-module (SOM). Priced at $549, the PicoZed SDR 1x1 is cost-optimized for single-channel transmit and receive signal paths in the 70 MHz to 6.0 GHz range and is available to customers in the Americas, EMEA, Asia and Japan



Press Releases | Avnet Newsroom: In this section of the Avnet Newsroom, you'll find our press releases listed in chronological order and archived by year. Organize press releases with the dropdown menu or try the 'search newsroom' feature to search by keyword, date range and more.

Corporate Financial Data Theft and Customer Information Breaches: Top Two Cyber Concerns Plaguing Digital Enterprises According to 2nd Annual BMC and Forbes Insights Survey

HOUSTON — January 11, 2017 — BMC, the global leader in IT solutions for the digital enterprise, in association with Forbes Insights, the strategic research and thought leadership practice of Forbes Media, today released results from its second annual security survey revealing that 69% of senior security and IT executives say digital transformation is forcing fundamental changes to existing cybersecurity strategies. Financial and customer information, brand reputation, intellectual property, and employee information were also listed as critical assets to protect against security breaches. New business priorities and technologies also create challenges for IT and security teams, with 65% of respondents indicating that public clouds have the biggest security implications.



RSS Content - BMC Software

CES: IoT security comes of age

For years, IoT security seemed like solving a problem that didn’t exist. Not anymore. Even the consumer-oriented crowds at CES are asking about security. In an audience that focuses fanatically on the latest gadget features, they’re starting to ask about security in the same breath – how to keep it all safe.



CES: IoT security comes of age

Beware new WhatsApp scam offering “free internet without Wi-Fi”

It seems that the number of scams spreading through the messaging app WhatsApp keeps on increasing, with deceptive campaigns coming up with with novel ways of luring in victims. Today we will show you a new example of this.



Beware new WhatsApp scam offering “free internet without Wi-Fi”

Innovation Insights: Protecting A Hyperconnected World

People, things, and ideas, connected together by IoT and the cloud, are driving the new digital economy. This new hyperconnected world is not only changing how companies do business, but also how people work, live, and learn. It is changing the world at an unprecedented rate. 



Fortinet Blog

Cybercriminals 'should be punished with wifi jammers'

Update: Get ready for the IT security threats and challenges ahead with ESET's 2017 trends and predictions report. Download now.
Offenders of cybercrime should be punished for their actions by being fitted with Wi-Fi jammers rather than being sent to prison, according to a leading UK police officer.


Cybercriminals 'should be punished with wifi jammers'

Security scare over hackable heart implants

A US government probe into claims that certain heart implants are vulnerable to hacking attacks, has resulted in emergency security patches being issued for devices that cardiac patients have in their homes.



Security scare over hackable heart implants

Top 10 Interesting Microsoft Products for Small Businesses (Video)

Recently I visited the Microsoft headquarters in Redmond as part of its Small Business Ambassador tour (I’m one of the Small Business Ambassadors).  While there I learned about some new Microsoft products I’d never heard of, and got a deeper look at others I already knew about.
Here are 10 Microsoft products for small businesses (or individual or even larger businesses) that seemed very interesting and helpful.  See what you think and how they can benefit you, in the video above.  The products are also listed below for easy scanning.


Top 10 Interesting Microsoft Products for Small Businesses (Video)

Extending the Security Fabric: Refining the Security Operations Center

Monitoring, managing, and protecting the formless scope and scale of today’s highly distributed and dynamically changing digital enterprise network is a daunting task for IT and Security Operations Teams. The proliferation of IoT and mobile devices, the convergence of IT and OT, and adoption of cloud-based networking and services is making detection and response to threats increasingly difficult, if not impossible with today’s tools. When the network around you is constantly adapting to shifting demands, how do you effectively track and catalog the devices, elements, and infrastructure you are supposed to be protecting, or determining what baselines of “normal ”look like anymore? 



Fortinet Blog

Extending the Security Fabric: FortiOS 5.6 and Intent-Based Network Security

The financial potential of the new digital economy is driving the rapid evolution of today’s networks. For decades, the substructure of the network remained relatively unchanged: data traffic was routed from point A to point B over a predictable array of devices, cables, and ports using well established protocols and commands. Over the past couple of years, however, things have begun to change dramatically. Virtualization, Software Defined Networks (SDN), and the cloud have fundamentally changed where data is stored and how it is accessed. And the next milestone on the network evolutionary path, Intent-Based Networking (IBN), is set to radically change the nature of network design, connectivity, and productivity even further. 



Fortinet Blog

Mellanox Ethernet Solutions Selected to Accelerate Baidu's Machine Learning Platforms (NASDAQ:MLNX)

SUNNYVALE, Calif. & YOKNEAM, Israel--(BUSINESS WIRE)-- Mellanox Technologies, Ltd. (NASDAQ:MLNX), a leading supplier of high-performance, end-to-end interconnect solutions for data center servers and storage systems, today announced that Spectrum™ Ethernet 



Mellanox Ethernet Solutions Selected to Accelerate Baidu's Machine Learning Platforms (NASDAQ:MLNX)

Solutions - Multiphase 60V Synchronous Boost Controller Provides up to 97% Efficiency with Input & Output Protection

MILPITAS, CA – January 10, 2017 – Linear Technology Corporation announces the LTC3897, a multiphase synchronous boost DC/DC controller with input surge stopper and ideal diode controller. The boost controller drives two N-channel power MOSFET stages out-of-phase to reduce input and output capacitor requirements, enabling the use of smaller inductors versus the single-phase equivalent. Synchronous rectification increases efficiency, reduces power loss and eases thermal requirements. The input surge stopper, with adjustable clamp voltage, controls the gate of an N-channel MOSFET to protect against high input voltage transients of greater than 100V and provides inrush current control, overcurrent protection and output disconnect. The integrated ideal diode controller drives another N-channel MOSFET for reverse input voltage protection and voltage holdup or peak detection.



Solutions - Multiphase 60V Synchronous Boost Controller Provides up to 97% Efficiency with Input & Output Protection

Update Right Away or Wait it Out? Android’s Big Dilemma

If your employees are like most users, they most likely postpone updates for their OS. In other words, your company’s mobile fleet could be at risk. This is especially true if they are using Android devices. When the famous little green robot gives a notification of the update, a good deal of people wait for other users to try it first and then gauge their reaction.



Update Right Away or Wait it Out? Android’s Big Dilemma

Man pleads guilty to role in harassment scheme against senior US government officials

Update: Get ready for the IT security threats and challenges ahead with ESET's 2017 trends and predictions report. Download now.
Justin Liverman, a student from North Carolina, has admitted collaborating in a harassment scheme targeting US officials and their families.


Man pleads guilty to role in harassment scheme against senior US government officials

Wednesday, January 11, 2017

Welcome to Accelerate 2017

Happy New Year! And for those of you heading to Las Vegas, welcome to Accelerate 2017!!!



Fortinet Blog

Amazon Echo and the Alexa dollhouses: Security tips and takeaways

Warning: if you plan to read this article out loud in the vicinity of an Amazon Echo device you may want to turn off its microphone before doing so (for reasons that will become clear in a moment).
This article offers tips on securing the Alexa service on Amazon Echo devices; it is not about the security of dollhouses, although dollhouses do come into the picture, so to speak. The shorter version goes like this:


Amazon Echo and the Alexa dollhouses: Security tips and takeaways

Tuesday, January 10, 2017

Operator Of Unlawful Bitcoin Exchange Pleads Guilty In Multimillion-Dollar Money Laundering And Fraud Scheme

Department of Justice
U.S. Attorney’s Office
Southern District of New York

FOR IMMEDIATE RELEASE
Monday, January 9, 2017

Operator Of Unlawful Bitcoin Exchange Pleads Guilty In Multimillion-Dollar Money Laundering And Fraud Scheme

Three Guilty Pleas to Date in Bitcoin and Bribery Scheme

Preet Bharara, the United States Attorney for the Southern District of New York, announced that ANTHONY R. MURGIO pled guilty today before U.S. District Judge Alison J. Nathan to charges associated with operating Coin.mx, an internet-based Bitcoin exchange, through which MURGIO processed more than $10 million in illegal Bitcoin transactions. MURGIO also pled guilty to conspiring to obstruct an examination of the Helping Other People Excel Federal Credit Union (“HOPE FCU”) by the National Credit Union Administration (“NCUA”) in furtherance of the illegal Coin.mx scheme. To date, three individuals involved in the Coin.mx schemes have pled guilty. MURGIO is scheduled to be sentenced by Judge Nathan on June 16, 2017.

U.S. Attorney Preet Bharara said: “Anthony Murgio took a new age approach to an age-old crime of fraud. As he admitted in his guilty plea today, Murgio used Coin.mx, an internet-based Bitcoin exchange, to process over $10 million in Bitcoin transactions in violation of federal anti-money laundering laws, and then obstructed a regulatory examination to hide his scheme.”

According to the allegations contained in the Superseding Indictment to which MURGIO pled guilty and statements made during the plea proceeding and other court proceedings:

The Unlawful Bitcoin Exchange

Between 2013 and July 2015, MURGIO knowingly operated Coin.mx, an unlawful internet-based Bitcoin exchange, in violation of federal anti-money laundering laws and regulations,including those requiring money services businesses like Coin.mx to meet state licensing and federal registration requirements set forth by the United States Treasury Department. MURGIO and his co-conspirators engaged in substantial efforts to evade detection of their unlawful Bitcoin exchange by operating through a phony front company called “Collectables Club.” MURGIO used Collectables Club to open bank accounts, through which Coin.mx operated, in order to trick financial institutions into believing the unlawful Bitcoin exchange was simply a members-only association of individuals who discussed, bought, and sold collectible items and memorabilia.

In addition to lying to banks to open accounts, MURGIO and his co-conspirators deceived financial institutions by deliberately misidentifying and miscoding Coin.mx customers’ credit and debit card transactions, in violation of bank and credit card company rules and regulations. MURGIO and his co-conspirators also instructed Coin.mx customers to mislead banks about the nature of the credit and debit card transactions the customers executed through Coin.mx. For example, MURGIO and his co-conspirators caused customers to falsely tell the banks that the transactions in which they engaged with Coin.mx were for collectibles items, when in reality they were for Bitcoins. Through the illegal Coin.mx scheme, MURGIO and his co-conspirators caused more than $10 million in Bitcoin-related transactions to be processed illegally through financial institutions.

The Federal Credit Union Scheme
In 2014, in an effort further to evade scrutiny from financial institutions about the nature of the business engaged in by Coin.mx, MURGIO and his co-conspirators gained control of HOPE FCU, a federal credit union in New Jersey with primarily low-income members. After making more than $150,000 in illegal bribes, MURGIO and his co-conspirators took control of HOPE FCU. MURGIO installed various co-conspirators on HOPE FCU’s Board of Directors and transferred Coin.mx’s banking operations to HOPE FCU.

In late 2014, MURGIO and his co-conspirators attempted to obstruct an examination of HOPE FCU by the NCUA in order to perpetuate MURGIO’s control of the credit union. In furtherance of this scheme, MURGIO and others caused numerous misrepresentations to be made to the NCUA, including misrepresentations about the headquarters of the Collectables Club, in an effort to convince the NCUA that the Coin.mx-affiliated board members were eligible to serve on HOPE FCU’s Board of Directors. HOPE FCU was operated as a captive bank by MURGIO and his co-conspirators until the end of 2014.

In October 2015, the NCUA placed HOPE FCU into conservatorship, and subsequently liquidation.

* * *

MURGIO, 33, of Tampa, Florida, pled guilty to one count of conspiracy to operate an unlicensed money transmitting business, which carries a maximum sentence of five years in prison; one count of conspiracy to commit bank fraud, which carries a maximum sentence of 30 years in prison; and one count of conspiracy to obstruct an examination of a financial institution, which carries a maximum sentence of five years in prison.

Two of MURGIO’s co-defendants have been convicted and are awaiting sentence. Jose M. Freundt pled guilty on October 13, 2016, to one count of conspiracy to operate an unlicensed money transmitting business, one count of operating an unlicensed money transmitting business, and one count of conspiracy to corruptly make payments to an officer of a financial institution, each of which carries a maximum sentence of five years in prison; and one count of corruptly making payments to an officer of a financial institution, one count of conspiracy to commit wire fraud, and one count of wire fraud, each of which carries a maximum sentence of 30 years in prison. Freundt is scheduled to be sentenced by Judge Nathan on April 13, 2017. Michael J. Murgio pled guilty on October 27, 2016, to one count of conspiracy to obstruct an examination of a financial institution, which carries a maximum sentence of five years in prison, and is scheduled to be sentenced by Judge Nathan on January 27, 2017.

The maximum potential sentences are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendants will be determined by the judge.

Trial for two additional co-defendants, Trevon Gross and Yuri Lebedev, is scheduled to begin on February 6, 2017. The description of the offense set forth in this release are merely allegations and Gross and Lebedev are innocent until proven guilty.

Mr. Bharara praised the outstanding investigative work of the FBI and the Secret Service. He also thanked the NCUA for its assistance with the investigation and prosecution.

The prosecution of this case is being overseen by the Office’s Complex Frauds and Cybercrime Unit. Assistant U.S. Attorneys Eun Young Choi, Daniel S. Noble, and Won S. Shin are in charge of the prosecution.