HubSpot is announcing that it has acquired Kemvi, a startup applying artificial intelligence and machine learning to help sales teams. A few months ago, Kemvi launched DeepGraph, a product that analyzes public data so that salespeople can identify the best time (say, after a job change or the publication of an article) to reach out to potential customers. It also proactively reaches out to… Read More
A new bug has been discovered that impacts both Android and iOS devices. If you use a smartphone that contains Broadcom Wi-Fi chips, and you probably do, the newly discovered exploit allows an attacker to execute malicious code on your device remotely with no input or action required by you.
The bug was discovered by the security firm Artenstein and reported to Google, but at this point, neither company has released any significant details about the issue. However, Google did release a security patch for it as of July 5.
Other security researchers have reverse-engineered Google’s patch to gain some insight as to exactly how the flaw works, and how it could be used.
It’s being called “Broadpwn,” and appears to be a stack overflow issue in Broadcom Wi-Fi chips. Exploitation can occur when the user’s device receives a WME (Quality of Service) element of malformed length from a network it’s connected to.
All you’d have to do to fall victim to this is walk into range of the attacker’s Wi-Fi network.
Given this, your best defense is to only connect to trusted networks and turn the autoconnect feature off of your phone, lest you risk giving a hacker unfettered control over your device.
Although it’s been patched, at least on the Android side, not everyone sets their devices up to automatically receive security updates. If yours is not set to do so, then take a few minutes to download this one.
This bug also underscores the importance of a growing problem. With Wi-Fi networks being so numerous and readily available these days, many, if not most people casually connect to any network in range without thinking or worrying about the potential downside. If you’re serious about data security, that practice needs to stop.
Restaurant owners have a lot of responsibilities and a wide array of skills to handle those responsibilities. That said, building a website isn’t usually within that skill-set. That’s where BentoBox comes in. The company, which helps restaurant owners quickly build full-featured websites for their restaurants, has just closed a $4.8 million Series A funding round. The round was led… Read More
Researchers at the security firm Check Point have uncovered a new strain of malware they’re calling CopyCat that has taken the internet by storm, infecting millions of Android devices in South and Southeast Asia, for now. This malware could easily break out into other parts of the world.
Best estimates are that some 14 million devices have been infected over the last two months, with 8 million of those having been rooted. Those same estimates indicate that the software has generated more than $1.5 million in revenue from fake ads over that time period.
Although it’s not at all clear who owns and controls the software, there’s strong circumstantial evidence that it’s’ being spread primarily via the Chinese advertising company, MobiSummer, because:
• CopyCat and MobiSummer operate on the same server
• CopyCat and MobiSummer use the same remote services
• CopyCat has so far avoided targeting Chinese consumers, even though more than half the victims reside in Asia
• CopyCat uses several lines of code that have been signed by MobiSummer
According to the researchers, “It is important to note that while these connections exist, it does not necessarily mean the malware was created by the company, and it is possible the perpetrators behind it used MobiSummer’s code and infrastructure without the firm’s knowledge.”
There’s no evidence that the app has a presence on the Google Play store, so its spread has been a consequence of downloads from third-party app stores.
Google has been notified and has already updated Play Protect to block the malware, but the rate of infection shows no signs of stopping, and it might be a while before this one burns itself out.
It should also be noted that while most of the infections are in Asia, there are some 381,000 infected devices in Canada, and another 280,000 in the US, so tread carefully, especially if you’re using an older, unpatched Android device.
We are pleased to announce the immediate availability of the SentinelOne Virtual Appliance for customers who prefer to have their security consoles running in their own data centers. SentinelOne has been serving the needs of these customers from our early days, but the new appliance cuts down the complexity in setting up the console on-premises.
Earlier, customers would set up the console on the right hardware (or on a VM with enough horsepower). They had to make sure that all the dependent libraries and toolchain were available on the OS, run the console installer, install the certificate and start the console service. This involved some pre-install prep and about an hour or two with a SentinelOne support engineer. This complexity limited our velocity and only the largest and most motivated customers would go through this process.
With the Virtual Appliance, we are now the first (and only) next-generation endpoint solution to offer the same functionality on-premises and in the cloud. The setup time is similar in both cases – within 15 minutes we will be able to get you to log into the console and start deploying to your systems.
The virtual appliance is designed to run on all popular virtual infrastructure, scale with your deployment, hardened to protect against vulnerabilities and can be updated with the click of a button. The appliance can be run on VMware, HyperV or even VirtualBox (for evals). The default configuration can handle up to 1,000 devices and scaling to larger sizes involves adding more vCPUs, memory and disk. The appliance also comes with monitoring scripts to help you maintain uptime and upgrade scripts for patching and installing server updates.
We welcome all defense contractors, federal agencies, FiServs, foreign governments, lab rats and anyone interested to try out our new Virtual Appliance.
If you’re using a machine with a Skylake or Kaby Lake Intel processor, you should know that under certain conditions, it may be prone to crashing if hyperthreading is enabled.
The problem was never formally announced, mostly because what bug reports were released on the topic were spotty and inconsistent. So far, at least, no one seems to be able to pin down what the precise conditions are that cause the crash, resulting in a small subset of bug reports that are highly inconsistent and paint an unclear picture of exactly what the root of the problem is.
In any case, there are three things to note.
Linux users are in luck. Microcode updates are available that address the issue on those machines.
Windows 10 users are out of luck, at least so far. The latest Wintel Microcode updates don’t seem to include the fix, and there’s been no mention, at least to this point, of when that might change.
That brings us to the third major point. For the time being, if you’re using a Wintel machine with either of the processors mentioned above, the best way to ensure you don’t have to worry about the crash problem is to disable hyperthreading.
On the other hand, the crash bug has only happened in a few, widely scattered cases, as evidenced by the spotty and inconsistent bug reports surrounding the issue.
Because of this, many, if not most users will likely opt to simply do nothing and take their chances. In any case, being forewarned is bring forearmed. Even though the crash bug is quite rare, it’s better to know about it and know the decisive fix (at least until a more permanent, Microcode fix is release), so you can make an informed decision as opposed to being caught unaware.
Google today announced that TCP BBR, a new congestion-control algorithm is now available to its Cloud Platform users. The general idea here is to improve on the existing congestion-control algorithms for internet traffic, which have been around since the 1980s and which typically only take packet loss into account (when networking buffers fill up, routers will discard any new packets). Read More
Following its longstanding tradition of reporting quarterly earnings for its fourth financial quarter of the year in July, Microsoft today announced non-GAAP revenue of $24.7 billion and GAAP earnings per share of $0.83 (and non-GAAP earnings per share of $0.98) for the last three months. Operating income was $7.0 billion non-GAAP. Read More
The total number of ransomware attacks has seen a massive spike, with nearly 50 percent more attacks against PCs occurring this year than last year. In the same time period, ransomware attacks against mobile devices fell marginally from 137,000 by this point last year to 130,000 this year. However, those numbers are tiny compared to the number of PC-targeted attacks and do little to stem the rising tide.
While there are a number of factors driving the surge, the biggest of these is also one of the simplest: profit. Ransomware is increasingly easy to make, difficult to detect and even more difficult to defend against.
A significant percentage of those infected don’t have good, recent backups in place, and have little choice but to pay the piper and hope the hackers will play fair and restore their files. Even a modestly successful ransomware attack can net the hacker launching it thousands of dollars, and there’s very little in the way of risk or downside.
In addition, hackers are beginning to unite. They’re forming large organizations with tremendous bench strength and a wide range of skills that enable them to constantly improve their software, making attacks even more effective. This is a recipe for disaster guarantees that the number of such attacks will only continue to climb.
A single hacker would find it virtually impossible to launch a globe-spanning attack like the recent Wannacry, or the even more recent Petya attacks. This type of attack takes a robust organization, planning and coordination to pull off successfully, and is a sign of things to come.
Not to say that individual rogue hackers won’t continue to be a presence online, but more and more, attacks are being orchestrated by increasingly well-heeled organizations, and that could spell big problems as time goes by. It also virtually guarantees that next year will see even more attacks of all types (including ransomware attacks) than this year.
Big data analytics continues to be a key driver in how organisations utilise their vast quantities of information to run their businesses, and now a startup that has built a big data platform specifically focusing on data from the public sector has raised a round of funding.
LiveStories, a Seattle-based company that works with governments, education institutions and other public entities to… Read More
2415 E Camelback Rd
Suite 700, PMB 7019
Phoenix, AZ 85016