Posts

Data security and automation top IT projects for 2020, AI not a priority

Image
  Data security and automation are the top IT projects for 2020, while artificial intelligence projects are not in the top 10 for IT professionals, according to Netwrix. The online survey asked 1045 IT professionals worldwide to name their top five IT projects for the next year; they could pick from a predefined list or specify their own descriptions. The survey found no dramatic difference in IT priorities among organizations based on size or vertical. Top IT projects for 2020 74% of organizations named data security as their top IT priority for 2020 54% of respondents plan to focus on automating manual tasks 43% of organizations ranked data privacy among their top five priorities; 52% of them are subject to privacy regulations 33% of organizations intend to focus on digital transformation, integrating their existing solutions and performing  cloud migrations . These goals were mostly cited by larger organizations with more than 5,000 employees 20% of organizations plan to fo...

Thousands of hacked Disney+ accounts are already for sale on hacking forums

Image
  Hackers began hijacking accounts hours after Disney+ launched earlier this week. Hackers didn't waste any time and have started hijacking Disney+ user accounts hours after the service launched. Many of these accounts are now being offered for free on hacking forums, or available for sale for prices varying from $3 to $11, a investigation has discovered. A STREAM OF USER COMPLAINTS The Disney+ video streaming service launched this week, on November 12. The service, although being available only in the US, Canada, and the Netherlands, has already amassed more than 10 million customers in its first 24 hours. The Disney+ launch was marred by technical issues. Many users reported being unable to stream their favorite movies and shows. But hidden in the flood of complaints about technical issues was a smaller stream of users reporting losing access to their accounts. Many users reported that hackers were accessing their accounts, logging them out of all devices, and then changing ...

Microsoft describes its own DevOps journey

Image
  This is what DevOps looks like inside one of the world's biggest software factories. The goals: more collaboration, improved worklives. n this cloud-drenched era, software vendors have evolved from code-and-ship operations into 24x7 data center operators. So they, perhaps more than any other type of organization, need DevOps methodologies to keep development and operations efforts on track, pumping out releases with blinding frequency, while keeping teams in constant sync. For that reason, Microsoft, perhaps the world's largest software factory, takes DevOps very seriously. In a recent  post , Ori Zohar, senior product marketing manager for Microsoft Azure, describes the urgency for his companies to build and perfect its DevOps culture. "From Office, to Azure, to Xbox we also found we needed to adapt to a new way of delivering software," he explains. "The new era of the cloud unlocks tremendous potential for innovation to meet our customers' growing demand ...

Microsoft warns users to stay alert for more BlueKeep attacks

Image
  Microsoft: BlueKeep exploit will likely be used to deliver payloads more impactful and damaging than coin miners. Microsoft's security team believes that more destructive BlueKeep attacks are on the horizon and urges users and companies alike to apply patches if they've been lagging. The company's warning comes after security researchers detected the first-ever malware campaign that weaponized the BlueKeep vulnerability. The attacks, which were detected last weekend, used BlueKeep to break into unpatched Windows systems and install a cryptocurrency miner. Many security researchers considered the attacks underwhelming and not living up to the hype that was built around BlueKeep for the past six months. This was because Microsoft said BlueKeep could be used to build wormable (self-spreading) malware. However, the attacks that happened over the weekend did not deploy malware that could spread on its own. Instead, attackers scanned the internet for vulnerable systems and at...

The nastiest ransomware, phishing and botnets of 2019

Image
  Webroot released its annual Nastiest Malware list, shedding light on 2019’s worst cybersecurity threats. From ransomware strains and  cryptomining  campaigns that delivered the most attack payloads to phishing attacks that wreaked the most havoc, it’s clear that cyber threats across the board are becoming more advanced and difficult to detect. Ransomware Ransomware continued to see success by evolving a more targeted model initially adopted in previous years. SMBs remain a prime target as they struggle with limited security budget and skills. Whether its phishing attacks targeting employees or brute forcing unsecured RDP, ransomware is as effective as ever, cementing its place on our list for another year. The nastiest include: Emotet – Trickbot – Ryuk (“Triple Threat”)  – One of the most successful chains of 2019 in terms of financial damages. These strains have shifted their focus to more reconnaissance-based operations. They as...

Microsoft says it has come a long way since 'that' open source comment

Image
  Microsoft Australia's CTO told Red Hat Forum his company is committed to open source, and that the fundamental mission driven by Satya Nadella is best achieved through democratisation. Microsoft has copped a lot of flack over comments it has made regarding open source in the past; with one in particular made by its former CEO Steve Ballmer back in 2002 that described Linux and the General Public License as cancers. Highlighting the irony that Microsoft was presenting during Red Hat Forum 2019 in Melbourne on Tuesday, Redmond's Australian CTO Lee Hickin said the company has come a long way since those comments were made. "I recognise the irony of Microsoft here at an open source community event. I'm really proud to do that, and I'm humbled and privileged that we can be on the stage with Red Hat to share our story," Hickin said. Hickin has been with Microsoft on and off since 2005, saying that he's seen three leaders and three very different companies. ...

Workday intros new blockchain powered credentialing technology

Image
  The company also unveiled a slew of machine learning-based apps and features during its annual Workday Rising event in Orlando. Workday held its Workday Rising user conference on Tuesday, where co-founder and CEO Aneel Bhusri and a parade of executives converged in Orlando to showcase the company's vision for the future and  new products in the pipeline . Workday's key goal during the event seemed to center on telling customers that it can support their business during transformation. "We are focused on innovation that adds value to you, our customer," Bhusri said during his keynote, noting the pivotal role machine learning will play in Workday's products and platforms going forward. Bhusri continued to call machine learning "the foundational and disruptive technology of the next five years." As for the key announcements, Workday is introducing a blockchain based system for verifying worker credentials and identity called Workday Credentials. The syste...

Blockchain: Why the revolution is still a decade away

Image
  Blockchain has been a buzzword for a few years now, but the reality is that the technology is nowhere near ready for widescale adoption. From finance to fine art, the list of industries that blockchain could be applied is apparently never-ending – but in reality it could be another ten years before the technology actually starts delivering on its promises. Blockchain is currently going through what tech analyst Gartner describes as the 'trough of disillusionment', which occurs when a new technology's implementations fails and interest for it wanes. Gartner predicts that blockchain will only start recovering from its fall from 2021, and that it could take five to ten years before it starts transforming the way businesses operate. Or, as Gartner puts it, before it goes up the "Slope of Enlightenment". Avivah Litan, research vice-president at Gartner, doesn't see this happening before 2028, which is when she expects the technology to be fully scalable.  "T...

Docker is in deep trouble

Image
  In a leaked internal memo, Docker CEO reveals the troubled company is looking for more money. Docker, the technology, is the poster child for containers. But it appears  Docker , the business, is in trouble. In a leaked memo, Docker CEO Rob Bearden praised workers -- despite the "uncertainty [which] brings with it significant challenges" and " persevering in spite of the lack of clarity  we've had these past few weeks."  Lack of clarity about what? Sources close to the company say it's simple: Docker needs more money.  Indeed, Bearden opened by saying: "We have been engaging with investors to secure more financing to continue to execute on our strategy. I wanted to share a quick update on where we stand. We are currently in active negotiations with two investors and are working through final terms. We should be able to provide you a more complete update within the next couple of weeks." Docker has already raised $272.9 million , but the company h...

Microsoft: New Nodersok malware has infected thousands of PCs

Image
  New Nodersok malware installs Node.js to turn systems into proxies, perform click-fraud. Thousands of Windows computers across the world have been infected with a new strain of malware that downloads and installs a copy of the Node.js framework to convert infected systems into proxies and perform click-fraud. The malware, named Nodersok (in a  Microsoft report ) and Divergent (in a  Cisco Talos report ), was first spotted over the summer, distributed via malicious ads that forcibly downloaded HTA (HTML application) files on users' computers. Users who found and ran these HTA files started a multi-stage infection process involving Excel, JavaScript, and PowerShell scripts that eventually downloaded and installed the Nodersok malware. The malware itself has multiple components, each with its own role. There's a PowerShell module that tries to disable Windows Defender and Windows Update, and there's a component for elevating the malware's permissions to SYSTEM level. But...