Articles about Target

Handsome man has fuchsia-painted skin. Photo by Shutterstock

Google Fuchsia eyes non-Linux things

Google’s latest operating system project, Fuchsia, may be largely a mystery, but it reinforces a truth that the platforms vendors are having, grudgingly, to acknowledge: one operating system does not fit all. For a company which has put so much effort into making Android an OS for all purposes, Google has a remarkable number of …
Wireless Watch, 24 Aug 2016
Image composite bazzier and valeo5 http://www.shutterstock.com/gallery-761863p1.html http://www.shutterstock.com/gallery-1393552p1.html

Equation Group exploit hits newer Cisco ASA, Juniper Netscreen

Hungary-based security consultancy SilentSignal has ported a public exploit to newer models of Cisco's Adaptive Security Appliance (ASA). The firm expanded the attack range of the ExtraBacon Cisco hack hole revealed as part of the Shadow Brokers cache of National Security Agency-linked exploits and tools. The exploit was …
Darren Pauli, 24 Aug 2016
The road running through the PRATCHETT landing area

Veeam: You know what's not a disaster? Our software mega-update

The backup and disaster recovery firm Veeam has announced an updated Availability Suit, and the Veeam Availability Platform for the Hybrid Cloud. It's a bundle of VAS, VAL, VAM, VAO, VAC and VCC, as you will see. VAS - Veeam Availability Suite for virtualised servers* VAL - Veeam Agent for Linux for public clouds and …
Chris Mellor, 23 Aug 2016
man_from_uncle_648

Software-defined networking is dangerously sniffable

Software-defined networking (SDN) controllers respond to network conditions by pushing new flow rules to switches. And that, say Italian researchers, creates an unexpected security problem. The researchers were able to persuade their SDN environment to leak information that sysadmins probably don't want out in public, …
Millennials snap pics of their food with smartphones for Facebook/Twitter/instagram. Photo by shutterstock

Honor 8: Huawei targets millennials with high-spec cheapie. 3 words – Food pic mode

Hands on Huawei might be the third biggest smartphone seller on the planet but it has very little traction outside Asia. The Chinese firm is hoping the Honor 8 will change that. The handset, which was launched in the US last week and will be formally launched in Europe at an event in Paris on Wednesday, is being aimed firmly at the …
Iain Thomson, 22 Aug 2016

Google killing app format used only by The 1%

Chalk up another fail for Google, which has decided it's time to do away with Chrome apps on Windows, Mac OS and Linux. Chrome what? “Chrome packaged apps”, dear reader, an effort Google launched back in 2013 and suggested could offer a great way to package apps for multiple operating systems that launched from within Chrome …
Simon Sharwood, 22 Aug 2016
NSA

Snowden files confirm Shadow Brokers spilled NSA's Equation Group spy tools over the web

Documents from the Edward Snowden archive prove that the malware and exploits dumped on the public internet on Monday originated from the NSA. Among the files leaked by whistleblower Snowden in 2013 is a draft NSA manual on how to redirect people's web browsers using a man-in-the-middle tool called SECONDDATE. This piece of …
Iain Thomson, 19 Aug 2016

NASA to begin first asteroid sample mission: Seeks 'pristine' specimen

NASA is preparing for its first mission that will see a spacecraft retrieve a “pristine sample” of an asteroid so that it can be studied on Earth. The Origins, Spectral Interpretation, Resource Identification, Security-Regolith Explorer (OSIRIS-REx) spacecraft will be launched on 8 September 7:05pm EDT (12:05 am BST) from Cape …
Katyanna Quach, 18 Aug 2016

Oracle campaigns for third Android Java infringement trial

Oracle appears to have opened its campaign for a third trial over its claims its copyrighted Java core library code was ripped off in Google's Android. In May this year, a jury ruled in favor of Google, saying that Google's infringement of Oracle's copyright was fair use. Now the database software giant's lawyers are trying to …
Gavin Clarke, 18 Aug 2016

Nutanix has swallowed something. Cough once if you're OK, guys

We’ve been banging on about Nutanix buying PernixData. Now tech consultant Justin Warren has noticed this nugget in an amended Nutanix S1 filing to the SEC: Acquisition On August 5, 2016, the Company entered into a stock purchase agreement to purchase all shares outstanding of a technology company in exchange for 528,517 …
Chris Mellor, 18 Aug 2016
Bitcoin punch cards

Bitcoin 'targeted by state sponsored attackers' says Bitcoin.org

Update Bitcoin.org is warning that the Bitcoin Core, the as-close-to-official-as-it-gets version of Blockchain consolidation software and Bitcoin wallets, may become the target for an attack. “Bitcoin.org has reason to suspect that the binaries for the upcoming Bitcoin Core release [version 0.13.0] will likely be targeted by state …
Simon Sharwood, 18 Aug 2016
Smilin' Marv

Cisco confirms two of the Shadow Brokers' 'NSA' vulns are real

It's looking increasingly likely that the hacking tools put up for auction by the Shadow Brokers group are real – after Cisco confirmed two exploits in the leaked archive are legit. The two exploits, listed in the archive directory as EPICBANANA and EXTRABACON, can be used to achieve remote code execution on Cisco firewall …
Iain Thomson, 17 Aug 2016
Lester firing an AR-15 assault rifle

Penetration tech: BAE Systems' new ammo for Our Boys and Girls

Interview BAE Systems is, for the first time in many years, offering new types of small arms ammunition to the armed forces. It all boils down to achieving better penetration and pleasing the customer. Famous as the home of British military ammunition production since its 20th century days as a state-owned Royal Ordnance Factory, Radway …
Gareth Corfield, 17 Aug 2016
'Mother' tattoo

Tech support scammers mess with hacker's mother, so he retaliated with ransomware

Vengeful security boffin Ivan Kwiatkowski has infected the computer of an Indian tech support scammer with the Locky ransomware. Kwiatkowski inflicted the virus on the scammers after they attempted to fleece his parents. The retaliatory strike was easy for the French malware analyst; during a phone call with the scammers he …
Darren Pauli, 17 Aug 2016
NASA engineering testing robotic ARM components

We're going to bring an asteroid fragment into Lunar orbit

NASA has pressed the “Go” button for its Asteroid Redirect Mission (ARM). During July, the project went through “Key Decision Point-B”, and it got the tick from management on August 15, meaning the agency is going to get busy on a “baseline mission design”. The plan, as we reported in March 2015, is to rendezvous with a …
china_future_648

Oh dear, Xiaomi: '$46bn' winner's phone shipments tumble 38%

Only nine months ago China’s Xiaomi was being touted as “the next Samsung” - a consumer electronics giant with the breadth and ambition to create platforms or "ecosystems". The markets valued Xiaomi at an astronomical $46bn, twice the valuation of BAE. But this year, Xiaomi forgot to do something quite basic: sell enough phones …
Andrew Orlowski, 16 Aug 2016
Right Shears cutting wire mesh

Excelero gets in a right non-volatile mesh over SSD-server connection

Analysis Excelero is working on its new NVMesh software to connect shared NVMe SSD storage with accessing servers and their applications. The aim is to deliver a centralised, petabyte-scale, block storage pool with local, directly-connected NVMe SSD access speeds, using commodity server, storage and networking hardware. The company …
Chris Mellor, 16 Aug 2016
Data_image_via_Shutterstock

Summer of Salesforce: CRM cloud swallows tiny pattern-recog firm

Salesforce has made its second acquisition of the month, and its fourth since June. The CRM-as-a-service player is buying business analytics provider BeyondCore for an undisclosed sum. BeyondCore examines data sets using pattern-recognition technology using a set of patented algorithms that combine machine learning and …
Gavin Clarke, 16 Aug 2016

White hat pops Windows User Account Control with log viewer data

The User Account Control feature in Windows has been popped by researcher Matt Nelson, without even having to plant a .DLL on the target machine. In this post (warning, it's pretty dense going), Nelson finds that the Windows Event Viewer (a local/remote event log viewer) can be exploited to hijack registry processes; start …

Shadow Broker hacking group auctions off claimed NSA online spy tools

A group calling itself the Shadow Brokers has started an online auction for top-of-the-range tools it claims were stolen from the Equation Group, a digital attack squad linked to the NSA. The Shadow Brokers posted up news of the auction saying (in broken English) that they had been monitoring the Equation Group's servers, had …
Iain Thomson, 15 Aug 2016

Apple allowed to put up bit barn in the Fields of Athenry

Apple has been granted permission to build a 220kVA data centre in County Galway, Ireland by the council, after the company faced objections over energy consumption and environmental disturbances. Plans to spend €850m (£658m) on the 24,550m2 data centre were submitted in 2015, but were delayed after locals voiced concerns …
Katyanna Quach, 15 Aug 2016
Balancing, image via Shutterstock

Amazon balances AWS application loads

Amazon has injected AWS with application-level load balancing, giving devs greater control over container-based apps and services. The giant has announced Application Load Balancing for AWS, a Layer 7 service that goes deeper than the existing Elastic Load Balancing (ELB), which is Layer 4. It is also cheaper than ELB – which …
Gavin Clarke, 15 Aug 2016
Stef Hoffer http://www.shutterstock.com/video/clip-4466882-stock-footage-istanbul-turkey-april-large-crowds-of-people-make-their-way-to-istiklal-avenue-one-of.html

Pen-test trio crafts 'Datasploit' tool for easy social engineering

Black Hat A security trio has brewed a toolset to help attackers find sensitive open source intelligence on human targets. Shubham Mittal of NotSoSecure, Nutan Kumar Panda of eBay, and Sudhanshu Chauhan of Octogence released their Datasploit toolset to help social engineers find phone numbers, email addresses, and account information of …
Darren Pauli, 15 Aug 2016
Oracle logo, image by GongTo via Shutterstock

Not an Oracle user? You're probably in an Oracle database anyway

You might have nothing to do with Oracle's databases, but you're probably in one: Big Red has announced it's selling a database of 400 million business profiles. Big Red calls this the “Oracle Data Cloud B2B audience solution” and labels it a “Data as a Service (DaaS) solution”. Oracle's fronting for other data-harvesters so …
Simon Sharwood, 15 Aug 2016
Person using a card reader

A Russian cyber-gang, the Oracle MICROS hack, and five more POS makers in crims' sights

When hackers, believed to be a Russian crime gang, broke into Oracle-owned payment terminal biz MICROS, it was assumed the crooks were snooping around other register makers, too. Well, assume no more: here's five other companies poked and prodded by the crew, with wildly varying degrees of success. Days after word broke that …
Shaun Nichols, 12 Aug 2016

DIY bank account raiding trojan kit touted in dark web dive bars

Cybercrooks are touting a new DIY financial crime kit that lets you roll your own ZeuS-like software nasty. The Scylex malware kit can be used to build malicious code that, once running on a victim's Windows PC, snoops on online banking passwords, intercepts web traffic and opens a backdoor granting full control over the …
John Leyden, 12 Aug 2016
E8 Array

Software-defined storage is glitzy, but E8 and Nimbus are still delivering hardware

Comment Despite all the recent noise around software-defined storage (SDS), vendors still keep coming to the market with new hardware solutions. Over the past weeks we’ve seen new products from Nimbus Data and emerging startup E8. Nimbus Nimbus Data has had what can only be called a ‘chequered’ history. My first introduction to the …
Chris Evans, 12 Aug 2016

Meet DDoSCoin, the cryptocurrency that pays when you p0wn

A curious proof-of-work project built on cryptocurrency has emerged that offers a means to prove participation in distributed denial of service (DDoS) attacks. University of Colorado assistant professor Eric Wustrow and University of Michigan phD student Benjamin VanderSloot create the platform that allows TLS web servers to …
Darren Pauli, 12 Aug 2016
Game of Thrones

Boffins' blur-busting face recognition can ID you with one bad photo

Scientists have found a way to accurately identify completely obscured faces using recognition systems trained on only a handful of well-lit photos. The work by Seong Joon Oh, Rodrigo Benenson, Mario Fritz, and Bernt Schiele of Max Planck Institute in Saarbrücken, Germany, finds faces can be recognised with up to 91.5 per cent …
Darren Pauli, 12 Aug 2016
Exploding Kitten Goal Cartoon

Business users force Microsoft to back off Windows 10 PC kill plan

Microsoft has backed down on its plan to hustle owners of certain PCs to Windows 10 by crimping support options. Redmond revealed the plan last January, when it decreed that PCs running 6th-generation Core i5 or Core i7 CPUs and Windows 7 would only get limited security and stability support until mid-2017. By March it backed …
Simon Sharwood, 12 Aug 2016
Image by Lana839 http://www.shutterstock.com/gallery-2897530p1.html

Hilton hotels' email so much like phishing it fooled its own techies

Hilton hotels' HHonors loyalty program has shipped an email so similar to a phishing email it tricked its own IT shop into advising that it was a scam. The email was an attempt to get customers to confirm their contact details by logging into their accounts and revising their stored contact details. One user reported the …
Darren Pauli, 11 Aug 2016

Indian hacking gang goes on three-year Chinese phishing trip

Suspected hackers based in India have compromised thousands of computers, going about their business as far back as 2013. The group has been rumbled by three security firms over that time, but was until now considered to be several discrete entities. Now Forcepoint researchers Andy Settle, Nicholas Griffin, and Abel Toro say …
Darren Pauli, 11 Aug 2016

Patch your vBulletin forum – or get popped

If you've got a vBulletin forum, get patching – another security flaw has been found in the widely used web message board software. The patches address a pre-authentication server-side request forgery vulnerability (CVE-2016-6483) in vBulletin 3.8.9, 3.8.10 beta, 4.2.3, 4.2.4 beta, and 5.2.3. Attackers can exploit the bug to …
Linux hacking team

Linux security backfires: Flaw lets hackers inject malware into downloads, disrupt Tor users, etc

Analysis A flaw in the Linux kernel lets hackers inject malware into downloads and webpages, smash Tor connections, launch denial-of-service attacks, and more. This is a troubling security headache because Linux is used widely across the internet, from web servers to Android smartphones, tablets and smart TVs. The TCP/IP networking …
Iain Thomson, 10 Aug 2016

Mangstor tells IT managers: Hey SANshine, c'mon in, the fabric is fine

Mangstor says it has found a way to bring iSCSI and Fibre Channel SANs into the NVME over Fabrics array era – an era which kills their network latency access penalty. Paul Prince, Mangstor CTO, says: "Existing SANs based on FC or iSCSI have very high latencies which limit the performance of today’s high performance …
Chris Mellor, 10 Aug 2016
Woman looks out of office door at unseen thing/person in hallway. Photo by Shutterstock

Reactive? Serverless? Put to bed? What's next for Java. Speak up, Oracle

The future of Java Enterprise Edition is on many developers' minds. After the community came to the conclusion that the platform’s progress has come to a standstill, a plethora of initiatives has arisen with the goal of encouraging Oracle to pick up the work on Java EE 8 again. It's time to take inventory. The bone of …
Markus Eisele, 10 Aug 2016
The robotic proto-DESI

5,000 robots to build 3D map of the universe

Five thousand robots will get busy creating a 3D map of millions of galaxies in 2019. The Dark Energy Spectroscopic Instrument (DESI) has received US Department of Energy (DoE) approval to move from the design phase to construction, which will start next year. That includes building the 5,000 10 cm-long, finger-width robots …
Tape over mouth, image via Shutterstock

Rackspace CEO: Yes, Brexit has hit us, yes we sold our Cloud Sites biz

Rackspace execs confirmed the sale of its Cloud Sites hosting sub to Liquid Web but ignored the white elephant in the room that Apollo Global is reportedly in talks to slurp the entire organisation. The private equity house might well end up taking Rackspace private again in a deal valued at up to $4bn, buying the company time …
Paul Kunert, 09 Aug 2016
Mangstor NX6320

Mangstor has unleashed an NVMe TITAN over fabrics array software

The NVMe over fabrics array access wave is gathering strength. NVMe-over-fabrics array flasher Mangstor has introduced its TITAN NVMe over Fabric (NVMf) target software storage stack. It integrates NVMe SSDs with Remote Direct Memory Access (RDMA) Network Interface Cards (NICs) to deliver accelerated application response times …
Chris Mellor, 09 Aug 2016
Metropolitan police image via Shutterstock

London's Met Police has missed the Windows XP escape deadline

London’s Metropolitan Police has missed its deadline to dump Windows XP, with tens of thousands of copper still running the risky OS. The force, on the front line against terrorist threats and criminals in the capital city, is running Windows XP on around 27,000 PCs. At last count, in May 2015, the Met had a total of 35,640 …
Gavin Clarke, 09 Aug 2016

US.gov to open-source made-to-order software, allow contributions

United States chief information officer Tony Scott and chief acquisition officer Anne E Rung have issued a joint memo decreeing that henceforth all government agencies need to consider open-sourcing any bespoke software they commission. The memo (PDF), issued on Monday, notes some code-sharing across government but says it is …
Simon Sharwood, 09 Aug 2016
Credit card fraud

UK tops European charts ... for carder fraud

The United Kingdom has copped the largest jump in credit card fraud of all European countries with an 18 per cent rise resulting in £88m ($114m, A$150m) of additional losses. Blighty outpaced fraud growth in Greece and Denmark where fraud increased by five percent according to Euromonitor International data mapped out by big …
Darren Pauli, 09 Aug 2016
Cash register, photo via Shutterstock

Big Red alert: Oracle's MICROS payment terminal biz hacked

Hackers infected hundreds of computers within Oracle, infiltrated the support portal for its MICROS payment terminals division, and potentially accessed sales registers all over the world. The miscreants installed malware on the troubleshooting portal to capture customers' usernames and passwords as they logged in. These …
Shaun Nichols, 08 Aug 2016
Fish hook in a clear light blue tropical ocean. Photo by Shutterstock

'Nigerian scammer' busted after he infected himself with malware

The ancient-in-internet-years “Nigerian email” scam remains popular and profitable for its operators ... when they don't shoot themselves in the foot. Some scam operators infected themselves with their own malware, and SecureWorks has been discussing the outcome of that: the massive own goal meant researchers like Joe Stewart …
MBR malware

Classic Shell hackers: We infected FossHub so ransomware couldn't (and yeah, also for fun)

The hacking group credited for compromising FossHub and briefly infecting downloads of Audacity and Classic Shell says the fallout from the website's insecurity could have been far worse had they not got there first. In a conversation with El Reg, a member of the Peggle Crew group said the security breach – in which the …
Shaun Nichols, 05 Aug 2016
Fish hook in a clear light blue tropical ocean. Photo by Shutterstock

Phisherfolk phlock to Rio for the Olympics

Criminals are ramping up their online presence in Rio de Janeiro, where the Olympic Games will open on Friday, August 5 – with IBM and Fortinet reporting new banking trojans and cyber crime activity in Brazil. Big Blue has reported a variant of the Zeus trojan has emerged on crime forums targeting local banks and exploiting …
Darren Pauli, 05 Aug 2016
image by Leonardo Gonzalez http://www.shutterstock.com/gallery-650461p1.html

Hackers unleash smart Twitter phishing tool that snags two in three users

Black Hat Twitter scammers have a new weapon with the release of an effective spear phishing tool that lands a victim almost two thirds of the time, dwarfing the usual five-to-fifteen-per-cent-open-rate for spam tweets. The SNAP_R machine learning spear phishing Twitter bot is a data-driven menace unleashed at the Black Hat security …
Darren Pauli, 05 Aug 2016

Ofgem sets up database so energy companies can spam Brits

The UK's energy regulator is creating a database service that farms out information on Britons' energy tariffs to rival companies for the sake of ensuring a “competitive market”. Earlier this year the Competition and Market Authority (CMA) published a mammoth 1,423-page report (PDF) followings its two-year investigation into …
Baby tries to drink from a water hose. Photo by Shutterstock

Ready for the Internet of Things big data firehose?

Today’s cities, transportation networks and even theme parks are filling up with wireless sensors designed to sniff, hear and feel what’s going on in their environment. They’re generating an unprecedented amount of data on everything from temperature to rainfall, vibration and location, and they’re sending it all back to central …
Danny Bradbury, 04 Aug 2016
spy_eye_648

Users of secure chat app Telegram popped after possible nation-state attack

Black Hat An attack group known for rudimentary phishing scams and having operational security so bad their servers were popped by Check Point has compromised a dozen Telegram accounts and gained phone numbers for a further 15 million, possibly with state assistance. Telegram is a well-regarded end-to-end encrypted chat client used by …
Darren Pauli, 04 Aug 2016