Archives by date

You are browsing the site archives by date.

Vulnerability exposes location of thousands of malware C&C servers

A vulnerability in a tool used by cyber-criminal gangs is now helping researchers expose the locations of thousands of malware command-and-control (C&C) servers. The vulnerability –now patched since the start of the year– affected Cobalt Strike, a legitimate penetration testing tool used by security researchers to emulate cyber-attacks. Cobalt Strike has been around for more than a decade, but for… Read more →

Singapore ramps up AI drive with inter-agency unit

Singapore is ramping up efforts to build up its skillsets in artificial intelligence (AI) and become a global hub where such applications can be tested and deployed. To help the country get there, a new unit comprising various government agencies will be set up this year to review how Singapore should develop AI as a strategic capability.  In the coming… Read more →

Microsoft’s new cloud security tools aim to reduce alert fatigue

Microsoft today unveiled a pair of new cloud-based security offerings aimed at helping large organizations cope with advanced security threats. The announcement comes ahead of the RSA Conference, where the two products will be showcased for security professionals. Azure Sentinel is a new service offering within Azure that Microsoft bills as a “cloud-native Security Information and Event Management (SIEM) tool.”… Read more →

These major scammers just switched focus to aim at schools, universities and charities

Agari threat researchers say the the fraudster group they call Scarlet Widow has switched from phishing large corporations to attacking “more vulnerable sectors such as school districts, universities, and non-profits, which tend to be more poorly defended”.  And instead of demanding bank drafts, it’s collecting money via Apple iTunes and Google Play gift cards before trading them for cash. Also: What… Read more →

IBM rolls out asset performance management tools to better target industrial IoT

IBM said it is rolling out a series of analytics and Internet of things tools to better target asset heavy industries such as manufacturers, oil and gas and utilities. The applications, which fall under the IBM Maximo Asset Performance Management (APM) banner, are aimed to make IBM more competitive with the likes of GE’s industrial IoT efforts as well as… Read more →

Targeted malware attacks against Elasticsearch servers surge

Unsecured Elasticsearch clusters are being targeted in a fresh wave of attacks designed to drop both malware and cryptocurrency mining software. This week, cybersecurity researchers from Cisco Talos warned of a spike in recent strikes against these systems, with six separate cyberattack groups believed to be involved. In particular, Elasticsearch servers using software versions 1.4.2 and lower are being targeted…. Read more →

Chuwi launches Indiegogo campaign for AeroBook 13-inch laptop

Chuwi AeroBook Chinese manufacturer Chuwi is no stranger to crowdfunding, having relied on Indiegogo for campaigns to promote its SurBook, HiGame, and other PCs over the last couple of years. Now it’s going back to the well with its new AeroBook, a thin-and-light laptop with a budget friendly price tag that gets even more enticing if you join the early… Read more →

Operator of eight DDoS-for-hire services pleads guilty

An Illinois man pleaded guilty today for running eight DDoS booter (stresser) services between August 2015 and November 2017. According to court documents obtained by ZDNet, Sergiy Usatyuk, 20, of Orland Park, Illinois, ran ExoStress.in, QuezStresser.com, Betabooter.com, Databooter.com, Instabooter.com, Polystress.com, Zstress.net, and Decafestresser, together with an unnamed Canadian co-conspirator. Authorities said Usatyuk ran these services on top of a botnet… Read more →

MariaDB CEO accuses large cloud vendors of strip-mining open source

At MariaDB Corp‘s user and developer conference MariaDB OpenWorks in Manhattan’s Financial District, MariaDB CEO Michael Howard pulled no punches at his company’s rivals: Big cloud, especially Amazon Web Services (AWS) and Oracle. Howard opened with saying big proprietary cloud were “strip-mining open-source technologies and companies,” he continued on the attack from there. “These companies, he continued, “You know they are… Read more →

Fitbit’s healthcare unit to deliver $100 million in revenue in 2019

Fitbit said that its Fitbit Health Solutions unit, which caters to healthcare providers and enterprises, will deliver $100 million in revenue in 2019. The company also plans to add more software and services features and launch paid premium service later this year. The company gave its first outlook on its healthcare unit, which has been built out over the last… Read more →

Google Chrome zero-day used in the wild to collect user data via PDF files

Image: Google A security firm said this week that it discovered malicious PDF documents exploiting a Google Chrome browser zero-day. The vulnerability allowed attackers to collect data from users who opened PDF files inside Chrome’s built-in PDF viewer. Exploit detection service EdgeSpot, the company that found these malicious files, says the PDF documents would contact a remote domain with information… Read more →

Box Q4 results mixed, Q1 guidance below estimates

Box https://www.businesswire.com/news/home/20190227005835/en/Box-Reports-Record-Revenue-608.4-Million-Fiscal mixed fourth quarter financial results on Wednesday and weak Q1 guidance that sent its stock down 18 percent after hours. The enterprise cloud company reported a net loss of $19.6 million, or 14 cents per share, compared to a net loss of $32.6 million the same quarter a year ago. On a non-GAAP basis, Box reported EPS of… Read more →