Posts

Showing posts with the label #2017

Digital transformation spend to reach $57 billion in LatAm by 2020

Image
Organizations in the region are under pressure to increase their digital portfolios, says IDC research. Spending related to digital transformation in Latin American markets should reach $57 billion within the next two years, according to research by analyst firm IDC. This represents about 40 percent of all information technology spend, as companies in the region accelerate the delivery of projects related to digitizing products, services and back-office functionality. Noteworthy progress will be seen in the retail, banking and insurance sectors, whereas the public sector will be lagging behind. In terms of specific technologies that will be commonly seen in the digital transformation projects led by Latin firms, about a third of such initiatives will be using artificial intelligence (AI) technology, says IDC, with half of all apps powered by AI. In addition, customer service bots will deal with more than half of all consumers in the region, according to the research. A

​Windows 10 face unlock can be tricked using printed headshot

Image
Near-infrared image trickery can allow an attacker to bypass Window 10 Hello face authentication. Security researchers are urging Windows 10 users to update their systems to prevent attackers from using a printed headshot to bypass Windows Hello facial authentication. Researchers from German pen-testing firm SYSS reported that Windows 10 systems that have not yet received the recent Fall Creators Update are vulnerable to a "simple spoofing attack using a modified printed photo of an authorized person". The attack works against multiple versions of Windows 10 and different hardware.The researchers tested the spoofing attack against a Dell Latitude with a LilBit USB camera and against a Surface Pro 4 running various versions of Windows 10, going back to the one of the first releases, version 1511. SYSS claims the spoofing attack was successful on a Surface Pro 4 running version 1607 of Windows 10, the Anniversary Update rolled out in summer 2016, even with Microsoft'

Google shutting down Project Tango in March 2018

Image
Google will turn its attention to ARCore that doesn't require special hardware. Google  announced  Friday it will stop supporting Project Tango, its first augmented reality platform for developers, on March 1, 2018. The end of Project Tango comes as Google focuses on ARCore to build AR apps and games for Android devices. "As we focus on bringing augmented reality to the entire Android ecosystem with ARCore, we're turning down support of Tango. We thank the incredible community of developers who made such progress with Tango over the last three years. We look forward to continuing the journey with you on ARCore," a Google spokeswoman. Project Tango was launched in 2014 to enable mobile devices to detect their position relative to their world around them without using GPS. A developer phone and tablet were launched by Google to spur app development for 3D mobile sensing experiences. Lenovo also launched a Project Tango-based phone, including a sensor an

Austrac gets the legal nod to monitor Bitcoin, Ethereum exchanges

Image
Both Houses have passed legislation extending anti-money laundering and counter-terrorism financing regulation to digital currency exchanges. The Australian Transaction Reports and Analysis Centre (Austrade) will be monitoring cryprocurrency exchanges after the Australian Senate passed the  Anti-Money Laundering and Counter-Terrorism Financing Amendment Bill 2017  on Thursday. The amendment bill, which was introduced in August, was approved by the House of Representatives on Wednesday, and took the Senate one day to pass. Under the amended legislation, digital currency exchange providers will be required to enroll with Austrac and register on the Digital Currency Exchange Register, the government agency now maintains. Exchanges will also need to adopt and maintain a program to identify, mitigate, and manage the money laundering and terrorism financing risks they may face. Similar to a bank, the exchange must also identify and verify the identities of their customers; and r

Mozilla releases dataset and model to lower voice-recognition barriers

Image
The browser maker has collected nearly 500 hours of speech to help voice-recognition projects get off the ground. Mozilla has released its Common Voice collection, which contains almost 400,000 recordings from 20,000 people, and is claimed to be the second-largest voice dataset publicly available. The voice samples in the collection were obtained from Mozilla's  Common Voice  project, which allowed users via an iOS app or website to donate their utterances. It is hoped that creating a large public dataset will allow for better voice-enabled applications. "One reason so few services are commercially available is a lack of data," Mozilla senior vice president of emerging technologies Sean White said in a  blog post . "Startups, researchers, or anyone else who wants to build voice-enabled technologies need high-quality, transcribed voice data on which to train machine-learning algorithms. Right now, they can only access fairly limited data sets." At

Singapore CIOs believe machine learning can improve speed, security ops

Image
Some 87 percent of IT decision makers in Singapore say machine learning will speed up decision-making process as well as facilitate automation in security operations. Just 32 percent of organisations in Singapore currently tap machine learning, although 52 percent believe such tools' ability to make complex decisions is imperative to the success of their business. A further 87 percent said greater automation brought about by machine learning would speed up decision-making process, while 80 percent said it would improve accuracy of such decisions, revealed a  survey by ServiceNow . Conducted by Oxford Economics, the study polled 500 CIOs across 11 countries, including 91 from three Asia-Pacific markets: Singapore, Australia, and New Zealand. Ten percent of the global sample were from Singapore. ServiceNow touted machine learning as software that analysed and improved its own performance without direct human intervention, enabling it to make increasingly complex decisions

​Linux totally dominates supercomputers

Image
It finally happened. Today, all 500 of the world's top 500 supercomputers are running Linux. Linux rules supercomputing. This day has been coming since 1998, when Linux first appeared on the TOP500 Supercomputer list . Today it finally happened:  All 500 of the world's fastest supercomputers are running Linux . The last two non-Linux systems, a pair of Chinese IBM POWER computers running AIX, dropped off the  November 2017 TOP500 Supercomputer list . Overall, China now leads the supercomputing race with 202 computers to the US' 144. China also leads the US in aggregate performance. China's supercomputers represent 35.4 percent of the Top500's flops, while the US trails with 29.6 percent. With an anti-science regime in charge of the government, America will only continue to see its technological lead decline. When the  first Top500 supercomputer list was compiled in June 1993 , Linux was barely more than a toy. It hadn't even adopted Tux as its masc

Cisco patches DoS vulnerability in IOS XE

Image
Exploiting the vulnerability can lead to denial-of-service (DoS) attacks. Cisco   has patched a vulnerability in IOS XE which if exploited can corrupt data and force denial-of-service (DoS) attacks. Last week, the tech giant said the bug,  CVE-2017-12319 , is found in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE, a network operating system designed for the enterprise. In  a security advisory , Cisco said the medium-risk bug could be harnessed by attackers to "cause the device to reload, resulting in a denial of service (DoS) condition, or potentially corrupt the BGP routing table, which could result in network instability." The bug exists due to changes made between IOS XE software releases, and the implementation of  BGP MPLS-Based Ethernet VPN RFC (RFC 7432) , in particular, was at fault. "When the BGP Inclusive Multicast Ethernet Tag Route or BGP EVPN MAC/IP Advertisement Route update packet is receive

WordPress patches SQL injection bug in security release

Image
Webmasters should update immediately to prevent website takeovers. A bug discovered in WordPress allows attackers to trigger an SQL injection attack leading to complete website hijacking. The vulnerability was discovered in the WordPress content management system (CMS) versions 4.8.2 and below. On Tuesday,  WordPress announced  the launch of version 4.8.3 as a security release which mitigates the security flaw. The CMS provider "strongly encourage[s] you to update your sites immediately." The vulnerability,  CVE-2017-14723 , occurs as WordPress versions 4.8.2 and earlier mishandles certain characters, which can lead to $wpdb->prepare() creating "unexpected and unsafe queries" which can lead to potential SQL injection attacks. "WordPress core is not directly vulnerable to this issue, but we've added hardening to prevent plugins and themes from accidentally causing a vulnerability," WordPress says. The vulnerability was reported by se

Google Docs lockout: It's fixed, Google says, but users fret over 'creepy monitoring'

Image
A Google Docs glitch reminds users that the cloud's convenience can come at the expense of privacy and control. Google has fixed a glitch in Docs that triggered panic for some who could no longer access or share files because Google's systems had ruled they violated its terms of service. The problem left affected Google Docs users baffled when attempting to open files only to be told by Google that the item had been "flagged as inappropriate and can no longer be shared". Others were told they couldn't access the file, while some reported deleted files. Around 100 users reported the  issue on the Google Docs help forum  and for several hours were anxiously awaiting a response and fix from Google. National Geographic reporter Rachel Bale was surprised that her draft of a story about wildlife crime would be locked for a violation of Google's terms of service. After hearing that others experienced the same problem, she figured it was a glitch -- ra

WPA2 security flaw puts almost every Wi-Fi device at risk of hijack, eavesdropping

Image
Security experts have said the bug is a total breakdown of the WPA2 security protocol. A security protocol at the heart of most modern Wi-Fi devices, including computers, phones, and routers, has been broken, putting almost every wireless-enabled device at risk of attack. The bug, known as "KRACK" for Key Reinstallation Attack, exposes a fundamental flaw in WPA2, a common protocol used in securing most modern wireless networks. Mathy Vanhoef, a computer security academic,  who found the flaw , said the weakness lies in the protocol's four-way handshake, which securely allows new devices with a pre-shared password to join the network. That weakness can, at its worst, allow an attacker to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream. In other words: This flaw, if exploited, gives an attacker a skeleton key to access any WPA2 network without a password. Once they're in, they can eavesdrop on

Cisco updates ACI for customers moving to a multi-cloud strategy

Image
The new features should simplify network management and improve security across complex environments. Cisco on Thursday announced updates to its software-defined networking (SDN) offering, Application Centric Infrastructure (ACI), with the intent of simplifying network management for the growing number of customers adopting complex, multi-cloud strategies. The latest release (ACI 3.0) offers improved security and simplified management for any combination of workloads in containers, virtual machines, and bare metal for private clouds and on-premise data centers. "By automating basic IT operations with a central policy across multiple data centers and geographies, ACI's new multi-site management capability helps network operators more easily move and manage workloads with a single pane of glass - a significant step in delivering on Cisco's vision for enabling ACI Anywhere," Ish Limkakeng, SVP for data center networking at Cisco, said in a statement. Cisco

Cloud vulnerabilities are being ignored by the enterprise

Image
RedLock's latest cloud security report suggests that organizations are failing in the most basic security practices. The enterprise is still ignoring the most basic security precautions when using cloud services, researchers claim. On Thursday, RedLock released its annual   cloud security report , which suggests that vulnerabilities in the cloud are being outright ignored, with poor database security and key leaks commonplace. After analyzing customer environments, the cloud security firm said that roughly 38 percent of organizations in the enterprise have user accounts active which have potentially been compromised, and 37 percent of company databases allow inbound connections from the web, which is generally a poor security practice to implement. In addition, seven percent of these databases are permitting requests from suspicious IP addresses, which suggests they have been compromised. Throughout their research, the RedLock team discovered that at least 250 org

Microsoft tries to stem its self-made collaboration-tool confusion

Image
Microsoft is using this week's Ignite conference to try to help clarify its collaboration-tool strategy. Here's how SharePoint, Teams and Yammer figure in the mix. Choice is good. But too much choice, especially when it comes to collaboration tools, has been a problem for Microsoft. This isn't news to customers, partners or Microsoft execs themselves. But at the company's Ignite IT Pro conference in Orlando this week, Microsoft execs took a step to try to clarify the company's strategy and messaging in this area. Microsoft Office 365 Marketing chief Ron Markezich kicked off the conference this week with a slide entitled "Microsoft 365 Teamwork: Where to Start a Conversation." That slide attempts to do what  Microsoft initially attempted with a 60-plus-page whitepaper : Clarify which collaboration tools customers should use when. The slide, which features SharePoint -- and its files, sites and content storage at the center -- is broken down into t