Tag Archives: oc pr agency

10Fold – Security Never Sleeps – 39

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider: Twelve Chicago area restaurants have been comprised by a malicious program installed on their payment processing devices. The security firm responsible for finding the ‘cesspit’ vulnerability on eBay’s global sales platform has released a statement saying eBay has yet to fix this vulnerability and makes no plan to in the near future. Melbourn Health Center is still struggling with the QBot that infiltrated the pathology department and drown the system forcing staff to do all processes manually. Lastly, a Forbes insider interview takes a look a what is happening to cybersecurity firm Norse.

12 Chicago Area Restaurants Affected by Massive Credit Card Data Breach – Publication: NBC – Reporter name: Staff

Secure credit card information was compromised at a dozen Chicago area restaurant locations during a massive data breach at Landry’s restaurants and Golden Nugget Casinos nationwide. Findings showed that hackers were able to install a program on payment card processing devices at certain restaurants, food and beverage outlets, spas, entertainment destinations, and managed properties.


Update: eBay ‘cesspit’ has ‘no plans’ to fix severe vulnerability – Publication: SC Magazine – Reporter name: Max Metzger

eBay will apparently not be fixing a ‘severe vulnerability’ on the company’s global sales platform. Check Point Software’s research team apparently disclosed details of just such a vulnerability in mid-December last year.  This ‘severe vulnerability’ allows the bypass of the global bidding platform’s code validation, from which point, any wilful attacker can manipulate the vulnerable code remotely and release malicious javascript code on users. If the vulnerability is left unpatched, Check Point told press in a statement “eBay’s customers will continue to be exposed to potential phishing attacks and data theft.”


Melbourne Health still grappling with Qbot malware – Publication: IT News – Reporter name: Allie Coyne

Melbourne Health is still working to contain a dangerous strain of malware that attacked its systems more than two weeks ago due to the virus’ ability to mutate and hide itself from discovery. On January 18 the health network revealed malicious software had infected Windows XP computers through Royal Melbourne Hospital’s pathology department. The malware downed the hospital’s pathology systems and forced staff into manual workarounds.


Norse Founder Doesn’t Know Whether His Cybersecurity Business Is Still Alive – Publication: Forbes – Reporter name: Thomas Fox-Brewster

The company website is down and a report claiming the firm is imploding might well have hammered down the final nail in the coffin for an information security startup that appeared to be on the up with more than $40 million in VC investment to date. Such is the chaos at Norse, even co-founder and current CTO Tommy Stiansen is in the dark, telling FORBES today he didn’t know whether the firm he set up in 2011 would continue to operate. When asked if the company was still alive, Stiansen responded: “I currently don’t have any view over what’s going on… I haven’t heard anything.”

10Fold – Security Never Sleeps – 33

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider: A company that supplies audio-visual and building control equipment to the US Army, the White House, and other security-conscious organizations built a deliberately concealed backdoor into dozens of its products that could be used to hack or spy on users. An Austrian airplane component maker for Boeing and Airbus said earlier this week a cybercrime-related fraud has caused $54 million in damages. Security experts are warning corporates to redouble their efforts to guard against the insider threat after federal prosecutors indicted five people including two scientist at GlaxoSmithKline on charges of stealing trade secrets. The battle between CISA and Safe Harbor continues as both governments debate whether a universal law could apply to both US and EU citizens. The European union is set to meet on Feb. 2nd to determine how data transfers to the US should continue, meanwhile the US government debates over what is actually considered personally identifiable information and what information they can legally collect.

Baffling ‘Batman’ Backdoor Busted In Comms Used By Global Governments

Researchers from Austrian firm SEC Consult have uncovered what they claim are deliberately hidden backdoors in products from AMX, a provider of conference room communications to private firms and government organizations the world over, including the White House and US military bodies. The researchers first became suspicious after encountering a function called “setUpSubtleUserAccount” that added an highly privileged account with a hard-coded password to the list of users authorized to log in. Unlike most other accounts, this one had the ability to capture data packets flowing between the device and the network it’s connected to.


Aircraft part manufacturer says cybercrime incident cost it $54 million

An Austrian airplane component maker for Boeing and Airbus said earlier this week a cybercrime-related fraud has caused $54 million in damages. It characterized the incident as an “outflow” of $54 million of “liquid funds.” The loss does not pose an economic threat to the company. FACC did say the attack did not affect its IT infrastructure, data security, or intellectual property rights, and its production and engineering units are operating normally.


Insider Threat Warning as Scientists Steal Pharma Secrets

Security experts are warning corporates to redouble their efforts to guard against the insider threat after federal prosecutors indicted five people including two scientist at GlaxoSmithKline on charges of stealing trade secrets. The two research scientists, Yu Xue and Lucy Xi, are said to have emailed and downloaded information on around a dozen products to co-conspirators who wanted to “market and sell” the trade secrets through a newly formed Chinese company they set up: Renopharma. Many of the products targeted were designed to treat cancer or other serious diseases.UK managing director at access management firm 8MAN, argued that managers need to exercise vigilance round-the-clock – especially in industries which generate valuable IP like pharmaceuticals.


No Safe Harbor Is Coming — CISA Made Sure Of It

European Union privacy regulators will meet in Brussels Feb. 2, and hope to decide at that time whether and how data transfers to the United States should continue. The U.S. also didn’t improve matters when they delayed action this week on the proposed Judicial Redress Act, which would allow European citizens to sue the U.S. if law enforcement agencies misused their personal data. The US Attorney General and the Department of Homeland Security have been given 60 days from the passage of the law to issue more guidelines on how precisely cyber threat indicators must be shared. The details of those rules will provide a clearer picture of what data government agencies may and may not obtain.

10Fold – Big Data Business Insights – 17

Your daily digest of “All Things Big Data” gathered, collected and researched by your very own 10Fold Big Data Practice team.

Big Data

10 FOLD ICON 15x15 The Huffington Post compared the massive onslaught of data coming from digital sources to the Gold Rush, noting that as a result of this ever-expanding abundance of data, big data is increasingly the focus at most companies. International Data Corporation estimates that spending on big data technology and services will hit $125 billion in 2015, and is likely to experience double-digit growth for several years to come. Currently, firms are overwhelmed by the “big” in big data, and searching for ways to focus on “smart” data with tangible results.

10 FOLD ICON 15x15 China’s Alibaba Group Holding Limited is stepping up its efforts to take on Amazon Web Services and Microsoft Azure in the cloud with new multi-billion dollar partnership with Nvidia Corp. that will see  Alibaba’s AliCloud adopt Nvidia’s chips to run the new services. While AWS and Microsoft are unlikely to be concerned yet, they will surely start keeping tabs on AliCloud.

10 FOLD ICON 15x15 Syncsort, 250 prominent respondents including data architects, IT managers, developers, business intelligence and data analysts were surveyed by big data services provider, Syncsort, on big data trends to watch in 2016. The three biggest trends are: Apache Spark production deployments, Conversion from other platforms to Hadoop, and Leveraging Hadoop for advanced use cases.

 

The Big Data Gold Rush: Will Wall Street Be Left Behind? – Huffington Post

Nvidia to power AliCloud’s new Deep Learning and Big Data services – SiliconANGLE

New Hadoop survey makes big data predictions for 2016 – ZD Net

Hadoop

10 FOLD ICON 15x15 A new report by Forrester Research’s big data analysts say that adopting Hadoop is mandatory for any organization that wishes to do advanced analytics and get actionable insights on their data. With an estimated 60 % to 73% of enterprises’ data going unused for business intelligence and analytics, Forrester predicts that as many application developers and delivery professionals are already adopting Hadoop “en masse,” Hadoop adoption by large enterprises will eventually reach 100%. The research and analyst firm included Cloudera, Hortonworks, and MapR among the top tier vendors of Hadoop software, with IBM and Pivotal rounding out Forrester’s top five picks.

The top 5 Hadoop distributions, according to Forrester – Network World

IoT

10 FOLD ICON 15x15 RCR Wireless News examines the relationship between LTE and the Internet of Things, noting that IoT is not really one-size fits all. Because of this, LTE categorizes data rate transmissions by uplink and downlink speed (Category 0 caps both uplink and downlink at 1 megabit per second; Category 1 caps uplink speeds at 5.2 Mbps and downlink speeds at 10.3 Mbps). The article goes on to report that 3GPP is working on standards for three new cellular IoT technologies, and Nokia, Ericsson and Intel are working together to develop and bring to market the products needed for the commercialization of NB-IoT.

LTE and IoT – RCR Wireless

Advanced Analytics 

10 FOLD ICON 15x15 With assistance from Accenture, the U.S. Food and Nutrition Services has turned to advanced analytics software from SAS to spot possible fraud, such as trafficking Electronic Benefit cards and skimming cash, which typically occurs at smaller urban and rural stores. The agency’s Supplemental Nutrition Assistance (SNAP) has stepped up efforts to root out abusers by focusing on stores and individuals engaged in such fraudulent activity by sifting through tens of thousands of transactions per month and data mining them for patterns. Once abusers are caught, the FNS dispenses penalties ranging from a 12-month disqualification to permanent exclusion from the program, depending on the severity of the violation. Individuals can also receive penalties, including a loss of benefits.

USDA Uses Advanced Analytics to Fight Fraud – Baseline

Personalization

10 FOLD ICON 15x15  Growth marketing and user engagement platform, Iterable announced it has closed a $9.2 million Series A round of funding to help close the personalization gap between what consumers want and what marketers can deliver.  Research shows that personalization has a high return on investment, which brings a big opportunity to vendors to reach consumers, however 80% of consumer-facing companies don’t understand their customers beyond basic demographics and purchase history. With its new funding, Iterable also plans to accelerate growth, extend the functionality of its platform, and grow its team.

Iterable raises $8M to help marketers bridge the personalization gap – Venture Beat

OpenStack

10 FOLD ICON 15x15  A report issued by the OpenStack Foundation, “Accelerating NFV Delivery with OpenStack,” makes a case for using OpenStack to replace the costly, proprietary hardware often employed with NFV, both inside and outside of telecoms. The paper also shows how many telecom-specific NFV features — such as support for multiple IPv6 prefixes — are being requested or submitted by telecoms that are OpenStack users. The survey also lists network function virtualization as the second-largest OpenStack technology. To that end, even if OpenStack is a major force in NFV, the question is whether enterprises interested in NFV/SDN will adopt OpenStack as their solution.

OpenStack digs for deeper value in telecoms, network virtualization – Info World