Michael and Susan Dell have doubled down on the tech industry’s commitment to bail out Texas as it recovers from Hurricane Harvey. The couple pledged a whopping $36 million to the effort through their foundation today. The money, which represents the largest single contribution to date for the disaster, comes in the form of an $18 million seed contribution, followed by a dollar… Read More
Security researchers from firms around the web are warning of a new email exploit that hackers can use to modify the contents of an email, even after it has been sent and delivered.
Originally discovered by Francisco Ribeiro of the firm Mimecast, Ropemaker stands for “Remotely Originated Post-delivery Email Manipulation Attacks Keeping Email Risky,” and is accomplished by making creative use of Cascading Style Sheets (CSS) and simple HTML, both of which are foundational technologies that the whole of the internet is built around.
Since CSS is stored remotely, a hacker can access it and use it to alter the content of an email by making changes to the style sheet itself. Once this is accomplished, by all outward appearances, it’s a genuine, legitimate email, even though the content has been changed. No ordinary internet user would have any idea that what they were looking at wasn’t originated by the sender of record.
Hackers could use this exploit to do anything from prank-level activities such as causing trouble between spouses to exploits that could be incredibly damaging to a company’s brand. For instance, an official company email with a legitimate link to their website could be changed after sending, and a malicious link could be inserted. Then, it would appear that the company itself was sending out poisoned links to its customers.
Even worse, since these changes can be made after the email has been delivered, it means by definition that the email has already been scanned and let into the network by whatever software you’re using for that purpose. This exploit handily gets around your high-tech security system on that front, allowing the hackers to insert anything they want.
The best defense against an attack like this is to use web-based email systems such as Gmail and iCloud. Unfortunately, email clients like Apple Mail and Microsoft Outlook (both desktop and mobile) are vulnerable to Ropemaker-style attacks.
Add this to the list of threats to be worried about.
Cloud storage company Box reported second quarter earnings after the bell on Wednesday. And although the company beat expectations on revenue and losses, it wasn’t enough to please Wall Street. The stock fell almost 4% in after-hours trading.
It seems that part of the issue related to the company losing its cash flow positive status for the quarter, coming in at a negative $14.7 million. Read More
Salesforce and IBM are joining forces again as they attempt to deepen their alliance. The partnership began last March when they agreed to sell each other’s artificial intelligence products, Watson and Einstein. Today’s announcement is all about data integration. Salesforce will be adding the ability to include IBM weather data in Lightning apps, while IBM will enable customers… Read More
Facebook is planning to open source LogDevice, the company’s custom-built solution for storing logs collected from distributed data centers. The company made the announcement as part of its Scale conference. Read More
2415 E Camelback Rd
Suite 700, PMB 7019
Phoenix, AZ 85016