Nutanix introduces two new tools in quest to simplify hybrid cloud management

 Nutanix began as a storage company, but always had a broader view of the computing world. As company president Sudeesh Nair told me, they started with storage because they believed legacy storage was holding back data center transformation. Today the company made another step beyond that initial vision, introducing two new products that they see as part of a larger hybrid cloud operating system. Read More

Petya/NotPetya Ransomware: What you need to know

Our SentinelOne research team is actively monitoring the Petya/NotPetya ransomware outbreak and we will update this blog post as more technical information about this attack is discovered. SentinelOne is proactively protecting customers against this latest strain. All SentinelOne customers using SentinelOne Enterprise Protection Platform are proactively protected against this outbreak.* Customers should also ensure that all machines have installed the latest Windows updates.

As with all cyber attacks that spread as quickly as what we have seen today, there is always much speculation in the initial phases of the attack as researchers quickly come up to speed on the technical nuance of what the attack is and how it is spreading.


What we know right now:

  • We have found that the outbreak is using the EternalBlue exploit to spread laterally.
  • We have also confirmed that it spreads through SMB using the psexec tool.
  • This attack does appear to be using a similar method of collecting Bitcoin ransom that WannaCry had used, using only a small number of wallet address. The ransom demand is ~$300 USD.
  • The email address used in the ransom request has since been shut down. This means that anyone that chooses to pay the ransom, may have difficulty retrieving their decryption key.
  • Unlike WannaCry, we have yet to see if this outbreak has a kill switch, though we have found that once executed, it overwrites the Master Boot Record and is then allowed to spread for an hour before forcing the machine to reboot.
  • In addition, this outbreak has similar characteristics as Petya, such as infecting the MBR and encrypting files on the drive;** however, it is not clear yet that this is a Petya variant. Some reports are indicating that this is an entirely new form of ransomware, hence NotPetya.

Please stay tuned for more information as it becomes available.

*UPDATE: 6/28/17 – 07:05 PDT: Removed “version .8.2.2570 and later are protected” from an earlier draft; all customers are proactively protected.

**UPDATE: 6/27/17 – 15:20 PDT: An earlier draft indicated that Petya could infect the MBR and encrypt the entire drive; in fact, it encrypts files on the drive.

The post Petya/NotPetya Ransomware: What you need to know appeared first on SentinelOne.

‘Choose Your Own Adventure’ Shows Make TV Watching Interactive

It’s a trend that has been flitting at the edges of the entertainment industry for a few years now: the idea of interactive storytelling in TV and movies.

The concept was born of deeply immersive video games in which the players drive the narrative, but getting that concept to translate well into TV/movie programming has proved to be elusive. Until now, that is.

Netflix has already released a test show, “Puss in Book,” aimed at children, which allows the viewer to make up to a dozen decisions about what the characters do, with those decisions driving the shape and direction of the episode.

If you recall reading those “choose your own adventure” books as a child, this is very similar to that, except rendered on your Smart TV.

In some ways, it’s a radical concept, but in others, it represents a natural progression and a logical next step. After all, with the advent of apps and smartphones, just about everything is interactive, so why not TV shows too?

Of course, creating a TV show with a decision tree and multiple possible endings per episode is no trivial task, which is why we haven’t seen one until now. Netflix is pursuing the idea because they hope to create a strategic advantage, seeing that they are now facing fierce competition from Amazon Prime, a resurgent Hulu and others.

If they can nail interactive TV storytelling, they’ll have a compelling advantage that the other guys lack, and one that will be very expensive to replicate.

Note that the new format will only work properly on certain brands of smart TVs, where the decisions can be selected via the interface device for those products. If you watch the show on some other device (your computer monitor, smartphone, etc.) then after a set amount of time, the system will simply select a default choice for you in order to allow the story to proceed.

It’s unknown at this point whether the idea will catch fire, but Netflix is betting big that it will. Interesting times are ahead.

Used with permission from Article Aggregator

Sumo Logic lands $75 million Series F, on path to IPO

 Sumo Logic, the cloud-based log analysis platform, announced a $75 million round today, as the seven year old company could be entering the home stretch before an IPO. While CEO Ramin Sayar was not ready or willing to commit to an IPO timeline, he did admit it was the next logical step for the company, and that the size of the investment gives him the capital to build toward that event.… Read More

Box deepens partnership with Microsoft and turns its attention to AI and machine learning

 Surely Box is of sufficient size with enough data running through its systems to take advantage of machine learning. Today, the company announced a deepening relationship with Microsoft in which Box will take advantage of Redmond’s pure go-to-market clout, its data centers (via Box Zones) and, yes, its AI and machine learning algorithms. Read More

Majority Of Businesses Aren’t Prepared For IT Risks

Does your IT staff include personnel who are dedicated to compliance or cybersecurity? How confident are you that your team is prepared to take today’s security threats head on? How likely are you to be able to ward off a determined attack?

If you don’t have dedicated staff for the positions mentioned above, and you’re not terribly confident about your team’s prospects when it comes to solid cybersecurity defense, then you’re not alone. According to a recent report issued by Netwrix, a staggering 74 percent of companies say that they are ill prepared to beat the most common IT security threats today.

In fact, 89 percent of companies report that they are only using the most basic IT security solutions, even though more advanced and robust options are available.

Department heads report that the two biggest obstacles in terms of shoring up their digital security are money (57 percent) and a lack of time (54 percent). As to those aforementioned dedicated personnel to handle cybersecurity and compliance, only 35 percent of companies have them, which means that if you don’t, you’ve got plenty of company.

The problem is that the threat matrix is only increasing in its complexity, and basic tools just don’t have the stopping power to get the job done. Add to that the fact that in the absence of having a dedicated cybersecurity team, your IT staff likely doesn’t have the necessary level of expertise to even properly evaluate incoming threats, much less respond to them effectively.

There are no easy answers here, and no simple solutions. Every company faces budgetary constraints, and agonizing choices have to be made. Unfortunately, to this point, most companies are simply choosing to invest their available dollars in other areas, and that doesn’t appear to be changing anytime soon. This leaves IT staff undersized, and lacking in the tools and expertise necessary to truly protect a company and its data.

Used with permission from Article Aggregator

Amazon said to be working on translation services for AWS customers

 Amazon is working on an offering that would allow developers building apps and websites using AWS to translate their content to multiple languages, CNBC reports. The machine translation tech used to provide the multi-lingual versions of client products would be based on tech Amazon uses across its own products, the report claims. Translation services are a key competitive offering for Amazon… Read More

Facebook, Microsoft, YouTube and Twitter form Global Internet Forum to Counter Terrorism

 Today Facebook, Microsoft, YouTube and Twitter collectively announced a new partnership aimed at reducing the accessibility of internet services to terrorists. The new Global Internet Forum to Counter Terrorism adds structure to existing efforts by the companies to target and remove from major web platforms recruiting materials for terror groups. Read More

Can Your Car Be Hacked Just With A USB Stick?

Jay Turla has been a very busy man since purchasing his new Mazda vehicle. He’s been spending time researching hacks to his car’s infotainment system, and as with most other “smart” products on the market today, he’s finding the system incredibly easy to break into.

He’s not alone. In fact, a whole online community has grown up around the idea of hacking various models of Mazda cars.

A variety of security researchers have confirmed what the online community has known for more than three years. Mazda’s infotainment system contains a raft of bugs that make it incredibly easy to hack the system. In fact, the online community has even built an app that automates the process.

Turla started with the app and began making tweaks and changes to see exactly what he could accomplish in terms of hacking his car. His key finding? All he had to do was plug a USB stick into the car. Once that was done, the scripts would execute automatically and begin making changes.

On the surface of it, that sounds pretty bad, and it certainly underscores the ongoing problem with today’s smart devices – they’re incredibly easy to hack and very few product manufacturers have expressed much interest in providing better security for the devices they make. Mazda is a classic example of this very phenomenon; remember, these bugs have been well-known for more than three years!

From a practical standpoint, though, the ability to easily hack the car’s infotainment system isn’t as bad as it could be. You can’t, for example, use these hacks to auto-start the car, or change any of the critical settings…at least not yet.

While Mazda insists that it’s not possible to impact anything but the car’s infotainment system, the hacking community isn’t convinced. Neither is Turla, who says he plans to continue his research to see just how far he can take his automated hacks.

This is certainly no reason not to buy a Mazda, but it’s something to keep in mind, and here’s hoping that at some point, manufacturers of smart devices start taking security more seriously.

Used with permission from Article Aggregator

Headstart wants to better analyze candidates to fit them with the best jobs

 Nicholas Shekerdemian has a pretty typical startup story: he dropped out of college, met up with a technical co-founder and then ended up starting a company. But Shekerdemian, who at the time was helping match English teachers with Chinese citizens, wanted to start a company that would solve his own problem: actually getting a job at a cookie cutter company where everyone else applies. So… Read More