Matt

Hackers have hit web registrar Network Solutions with a distributed denial-of-service (DDoS) attack, affecting its own and an unknown number of its customers' websites. Network Solutions confirmed the attack in a public statement, promising that it is working to get its customers' sites back online as soon as possible. "Some of you have posted about issues with your sites. Yesterday, some Network Solutions customer sites were compromised. We're investigating the cause of this situation, but our immediate priority is restoring your sites as quickly as possible," read the statement. "Unfortunately, cybercrime is a persistent threat in today's world. Despite our best efforts, no one is immune – including large providers like Network Solutions. We're always working to create a more secure and reliable internet environment for our customers. We appreciate your patience as we work to restore the affected sites." The number of sites affected remains unknown and at the time of publishing Network Solutions had not responded to V3's request for comment. The potential harm is high though, as Network Solutions currently manages over 6.6 million web domain names. The attack is the second to hit Network Solutions' hosted websites. Tech giant Cisco reported that hackers had managed to hijack and redirect 5,000 domain names registered with the company to name servers belonging to a Ztomy.com. The purpose of the new attack remains unknown. DDoS is a growing threat facing businesses of all sizes. The tactic is a common one, traditionally favoured by hacktivist groups such as Anonymous. Disturbingly CloudFlare chief executive Matthew Prince told V3 this is slowly changing and common criminals are increasingly using the tactic to extort money from businesses, threatening to mount DDoS attacks on their sites if they do not pay the "protection" fee. Sursa V3.co.uk

The UK government has confirmed it is to review Huawei's involvement in a cybersecurity centre. The news follows a report by parliament's intelligence committee which raised concerns that staff working at the base in Oxfordshire were employed by the Chinese firm. Part of their job is to test Huawei's own equipment for vulnerabilities. US politicians have claimed that the company posed a threat because of links to China's government and military. The allegations are based, in part, on the fact that the company's founder, Ren Zhengfei, was a former member of the People's Liberation Army. But Huawei has strongly denied having close ties to the Chinese state and has stressed that it is 98.6%-per-cent-owned by its employees. Although the firm has been prevented from bidding for many US infrastructure contracts, it has been active in the UK after striking a multi-billion pound deal to provide networking equipment to BT in 2005. A spokeswoman for Huawei highlighted the fact that the government has said it is confident that UK networks using the firm's equipment "operated to a high standard of security and integrity". She added that her company supported the decision to carry out a review. Trade links The UK's Intelligence and Security Committee (ISC) raised concerns about the company's involvement in the Cyber Security Evaluations Centre in Banbury, Oxfordshire, last month. "While we recognise that there are some benefits associated with the current staffing arrangements for the Cell, these do not, in our opinion, outweigh the risks of Huawei effectively policing themselves," its report read. It added that national security was potentially being put at risk by the government's fear of jeopardising trade links with Beijing and it said staff from intelligence agency GCHQ should take over work at the centre. A Cabinet Office spokesman said: "We take threats to our critical national infrastructure very seriously and need to be responsive to changes in a fast-moving and complex, globalised telecommunications marketplace. "We have robust procedures in place to ensure confidence in the security of UK telecommunications networks. "However, we are not complacent and as such we have agreed to the main recommendation of the report to conduct a review of Huawei's Cyber Security Evaluation Centre (the 'Banbury Cell') to give assurance that we have the right measures and processes in place to protect UK telecommunications." The Chinese firm said that it welcomed the decision. "Huawei shares the same goal as the UK government and the ISC in raising the standards of cybersecurity in the UK and ensuring that network technology benefits UK consumers," a spokeswoman said. "Huawei is open to new ideas and ways of working to improve cybersecurity." Sursa BBC.co.uk

Half of all the world's critical financial exchanges have suffered cyber attacks in the past year, a report has found. A joint investigation by the World Federation of Exchanges and? the International Organisation of Securities Commissions found that the attacks are increasingly aimed at destabilising markets, rather than making financial gains. The authors found that people at the very top of the world's economic system are nervous that a concerned online assault could cripple markets. Top bankers are increasingly aware of the possible threat but have little confidence in their ability to thwart attacks, with one quarter of respondents admitting their "current preventative and disaster recovery measures may not be able to stand up against a large-scale and coordinated attack". Just half of all exchanges believe their local laws are tough enough to deter hackers. The exchanges want to see more concerted international efforts to ensure that hackers have no chance to bring down critical systems. “Doubt over the effectiveness of these regimes generally appears to rest on the international nature of cyber crime, which creates a major obstacle in effective enforcement,” said Rohini Tendulkar, author of the report. However, even tighter laws might not stave off market Armageddon. Hackers have proved that they don't even need to target financial systems to move the markets. In April, stocks tumbled after the Syrian Electronic Army sent a false tweet from news agency AP's eponymous account claiming that the White House had been attacked and President Obama had been injured. Siobhan MacDermott, chief policy officer at anti-virus and security firm AVG, has previously warned that the world is already in the grip of a cyber war. As well as flogging anti-virus to punters, MacDermott advises officials from the US, EU, NATO and China. She told El Reg that even top generals are flummoxed when it comes to cyber security, which will not reassure nervous financial exchange bosses worried about hackers causing cataclysmic damage. "I sat down with a top-ranking general,” said MacDermott, “and I asked what kept him up at night. He told me that when he was in the military, warfare was simple. You stood on either side of a field, marched into the middle and fought. "It didn't get that different until the internet came along, he said, but now I'm holding underpowered weaponry and I just don't know where the shots are coming from... This totally changes the dynamic of how you protect assets. It's sort of like having a water pistol and going up against someone with a cyber weapon of mass destruction." The report said that cyber crime costs the world between $38bn and $1tn, although it is impossible to produce entirely accurate figures due to the indirect costs which are often left out of such calculations. ® Sursa TheRegister.co.uk

Samsung has developed its first NVMe-connected 3,000MB/s solid-state drive (SSD). And it is extending its three-bit-per-cell range of flash storage with a 1TB whopper. NVMe stands for Non-Volatile Memory Express, and is a standardised protocol for applications to access data stored on PCIe-connected SSDs via a software driver. Currently each PCIe SSD on the market has its own data access protocol and needs its own specific driver. By standardising on the NVMe protocol, only one host operating system driver is needed to access any manufacturer's NVMe-compliant SSD. Samsung's new XS1715 product reads data sequentially at 3GB/sec, six times faster than its previous high-end enterprise SSD storage. The Korean biz claims 740,000 random read IOPS for this NVMe product, not quite matching the 750,000 of Micron's P320h and P420m. It has three capacity points; 400GB, 800GB, and 1.6TB and comes as a 2.5in form factor PCIe-connected drive aimed at the enterprise market. Unsurprisingly, Samsung said it expects to develop even faster NVMe products over the next few years. Meanwhile, the new 840 EVO drive is an extension of Samsung's 840 line of three layer cell (TLC) flash storage. TLC flash is slower than two-bit MLC flash and has a decidedly shorter working life, attributes that need to be countered by controller technology and over-provisioning. But the stuff is the cheapest kind of flash so, if it can be given adequate speed and endurance, it will appeal to some as an alternative to hard disk drives. As reported in Storage Review, which was at the Samsung Global SSD Summit, the 840 EVO offers 120GB, 250GB, 500GB, 750GB and 1TB capacity points using 19nm NAND. The controller is Samsung's own multi-core MEX unit. The SSD provides up to 98,000/90,000 random read/write IOPS and 540MB/sec sequentially reading, 520MB/sec sequentially writing. These numbers vary with product capacity. It's intended as an affordable consumer-class SSD. At present there's no indication TLC flash can be made good enough for enterprise use. The amount of over-provisioning and complex controller tech needed for enterprise-class speed and reliability would probably nullify its raw cost advantage. There's no word on the 840 EVO's price and affordability. ® Sursa TheRegister.co.uk

Cauta un mail de contact si explica-le problema.

Ia uitati ce raspuns da cacatu' de Ponta : Ponta sus?ine ascultarea telefoanelor: "Cartelele pre-pl?tite pot fi folosite de terori?ti

An old malware trick is being given new life as an infection targeting OS X users, according to researchers. Security firm Malwarebytes said that it had spotted a new crop of OS X 'ransomware' attacks which attempt to extort money out of users. Posing as an FBI piracy notification, the malware locks a user's system and demands that a 'fine' be paid through an online payment system. The ransomware technique is a tried and true extortion method for cybercriminals. Often using the guise of law enforcement or anti-piracy notifications, the infection will lock off access to the target system and demand that users pay a fee in order to regain access to their systems. Though the FBI and other government agencies have never delivered official notifications through unsolicited emails or browser notifications, malware writers continue to extort payments from users worried or embarrassed about having their online activities uncovered. For OS X users, the attack will demand that a $300 payment be made via a re-loadable payment card service. Attempting to navigate away from the page will trigger a series of alerts which will prevent users from closing or leaving the site. “The bad guys know there is a growing market of Apple consumers who, for the most part, feel pretty safe about browsing the Internet on a Mac without the need for any security product,” wrote Malwarebytes researcher Jerome Segura. “Cyber-criminals, well known for not re-inventing the wheel, have ‘ported’ the latest ransomware to OS X, not by using some complicated exploit but rather leveraging the browser and its ‘restore from crash’ feature.” The company said that users can navigate away from the phony notification page by resetting Safari to clear out cache and history, preventing the page from auto-loading when the browser is restarted. Sursa V3.co.uk

Compania Onapsis va lansa luna viitoare un instrument care testeaza daca sistemele SAP au fost corect configurate pentru utilizarea dispozitivului mobil. Avand in vedere faptul ca SAP investeste puternic in domeniul mobil, o companie de testare a securitatii va lansa luna viitoare un instrument care sa se asigure ca sistemele SAP accesibile mobil nu sunt vulnerabile in fata hackerilor. Onapsis va lansa un nou modul pentru pachetul sau de securitate X1, un produs care efectueaza automat evaluarile de securitate, teste de penetrare si audit de conformitate pentru software-ul SAP ERP (enterprise resource planning), a declarat Mariano Nunez, CEO Onapsis. Modulul se va concentra, in parte, pe platforma mobila SAP, cunoscuta anterior ca Sybase Unwired Platform Development Center, care ajuta dezvoltatorii sa construiasca aplicatii mobile SAP pentru diferite dispozitive si platforme. De asemenea, modulul se va concentra si asupra NetWeaver Gateway, un server SAP care leaga dispozitivele de sistemele back-end, a explicat Nunez. Expunerea acestor sisteme back-end este complicata, iar companiile se pot confrunta cu riscul de atacare a sistemelor care sunt configurate gresit sau carora nu li se aplica patch-uri actualizate. SAP se concentreaza pe accesul mobil, managementul dispozitivului si securitate, pe masura ce tot mai multe companii imbratiseaza politici bring-your-own-devine. SAP suporta dispozitivele iPhone, Android si Blackberry. Sanjay Poonen, seful diviziei mobile SAP, a declarat, in cadrul conferintei Sapphire Now, organizata in luna mai, faptul ca SAP are peste 1000 de angajati care lucreaza la proiecte mobile in domenii precum retailm bancar si pachete de bunuri de larg consum. Anul trecut, SAP a raportat peste 293 milioane dolari in ceea ce priveste venituri din licente ale afacerii sale mobile, un flux de venituri care nu exista in urma cu doi ani si jumatate, a precizat Poonen. Potrivit declaratiei lui Nunez, companiile se confunta cu riscuri daca, spre exemplu, un sistem CRM (customer relationship management) este incorect configurat pentru acces de pe dispozitivele mobile, deschizand o usa pentru hackerii care utilizeaza instrumente de atac pentru serviciile web. Modulul de securitate mobila X1 se axeaza pe functiile si procesele expuse in sistemele back-end si nu pe aplicatia mobila in sine, a relevat Nunez, precizand ca acesta alerteaza utilizatorii asupra vulnerabilitatilor de securitate si le indica modalitatea de rezolvare a problemelor. Modulul este programat spre a fi lansat luna viitoare si va fi gratuit abonatilor X1. Onapsis va prezenta, de asemenea, doua workshop-uri de securitate SAP in cadrul conferintei de securitate Black Hat, care se va desfasura la Las Vegas, incepand cu data de 27 iulie. Workshop-urile, care nu sunt concentrate pe produs, vor pune in discutie securitatea SAP, dintr-o perspectiva academica, a explicat Nunez. Sursa: Computerworld - IT news, features, blogs, tech reviews, career advice

Tehnologia "Made in Germany" a eliminat toate programele malware din testul comparativ Virus Bulletin efectuat pe sisteme cu Microsoft Windows Server 2012 Protejarea infrastructurii IT de atacurile de spionaj este cruciala pentru companii. Bazele de date cu clienti, planurile de proiectare sau planurile de business sunt foar-te cautate de infractorii online si de agentiile straine de spionaj. Pe ce solutie de protectie a retelei se pot baza, intr-adevar, companiile? In cea mai recenta comparatie, furnizorul german de securitate IT a impresionat in testele efectuate de Virus Bulletin: G Data AntiVirus Business 12 nu a lasat nicio sansa programelor malware. Solutia de business "Made in Germany" a stralucit cu o rata de detectie de 100% si niciun rezultat fals pozitiv. Datorita acestor rezultate excelente si a fiabilitatii dovedite, Virus Bulletin a premiat G Data AntiVirus Business cu prestigiosa distinctie VB 100. "Odata cu premiul din partea Virus Bulletin, primim si dovada ca munca noastra si efici-enta tehnologiilor dezvoltate sunt apreciate la cel mai inalt nivel. Acest test a relevat adevarata calitate a solutiilor Made in Germany," noteaza Frank Heisler, membru in conducerea G Data Software AG. Cu privire la recentul scandal de spionaj in care a fost implicat Prism, Frank Heisler vede semne bune pentru securitatea Made in Germany si spune: "Este esential ca solutiile de securitate IT sa ofere protectie eficienta impotriva oricaror riscuri – nu trebuie sa se faca distinctie intre evaluarea riscurilor provenite din surse criminale si cele venite din directia agentiilor de spionaj. Compania noastra este pionier in ceea ce priveste interesul clientilor, semnand in mod voluntar, inca din 2011, un angajament TeleTrusT corespunzator." Conducerea G Data este de opinie ca firmele ar trebui sa fie in mod special foarte atente atunci cand isi aleg solutiile de securitate si ar trebui sa se increada mai mult in programele furnizorilor germani. Verdictul expertilor de la Virus Bulletin: "Ca intotdeauna, rata de detectie a fost fantastica si toate programele malware din test au fost detectate si eliminate fara niciun efort. Drept urmare, G Data a primit, inca o da-ta premiul VB 100." Detalii ale testului: Numarul solutiilor de business testate: 31 - inclusiv G Data AntiVirus Business (prezen-tata in raport ca G Data Security Client) Numar de fisiere malware utilizate: 820.000 Test efectuat de: Virus Bulletin – Virus Bulletin : Independent Malware Advice Organizatia consumatorilor de pe intreg globul a fost impresionata de IT Security Made in Germany Solutiile de securitate G Data au impresionat si in testele independente Stiftung Warentest inca din 2005. De sase ori G Data a demonstrat cea mai buna detectie, dovedind ca protectia "Made in Germany" ofera utilizatorilor cea mai buna protectie impotriva atacurilor de pe Internet. Calitatea solutiilor G Data nu au fost dovedite numai in Germania sau Marea Britanie – publicatii independente de pe tot globul au recunoscut G Data InternetSecurity ca fiind cel mai bun pachet de securitate antivirus: Australia, Austria, Belgia, Franta, Italia, Olanda, Spania si USA, printre altele. Companiile sunt protejate eficient impotriva programelor malware si a altor pericole G Data AntiVirus Business 12 este o solutie de securitate usor de instalat si de adminis-trat in mod centralizat. Poate fi utilizata in interiorul si in afara companiei, indiferent de numarul de utilizatori. Solutia pentru retea se distinge prin multitudinea de premii primite pentru calitatea tehnologiilor incluse, managementul centralizat si protectia automata a serverelor de fisiere, statiilor de lucru si a laptop-urilor, ca si a dispozitivelor mobile cu sistem de operare Android, precum si a telefoanelor inteligente si tabletelor. In plus, tehnologia BankGuard integrata face ca platile online sa fie protejate. Caracteristici ale G Data AntiVirus 12 Business Protectie maxima prin folosirea a doua scanere de virusi Interfata mobila de administrare: control de la distanta din orice locatie MobileManagement: interfata centralizata pentru toate dispozitivele cu An-droid folosite in interes de serviciu, cu raportari despre virusii detectati si despre starea securitatii G Data BankGuard integrat, pentru tranzactionarea in siguranta a platilor online Modul de raportare: analize detaliate si rapoarte cu situatia malware-ului din retea Complet functional chiar si in afara retelei, pentru echipele de vanzari dotate cu laptop-uri sau alte dispozitive mobile Registrii software si hardware pentru toti clientii, pentru gestionarea clientilor din retea prin afisarea unui inventar detaliat Despre G DATA Software AG G Data Software AG, cu sediul central in Bochum, este o companie cu o expansiune software inovativa si rapida care se concentreaza pe solutiile de securitate IT. Drept specialist in securitate pe Internet si pionier in domeniul protectiei antivirus, compania fondata in 1985 in Bochum, a produs primul program antivirus acum mai bine de 20 de ani si in 2010 si-a aniversat cei 25 de ani de activitate. G Data este printre primele companii dezvoltatoare de software de securitate din lume. De mai mult de cinci ani, nici un alt producator european de software de securitate nu a castigat mai multe premii internationale. Gama de produse cuprinde solutii de securitate atat pentru consumatori casnici, cat si pentru companii mici, medii si mari. Solutiile de securitate G Data sunt disponibile in mai mult de 90 de tari din intreaga lume. Mai multe informatii despre companie si solutiile G Data sunt disponibile pe International - G Data Software AG Despre AV Security Software Distribution AV Security Software Distribution este o companie tanara, infiintata la inceputul anului 2011 pentru a deveni distribuitor oficial G Data Software in Romania, din dorinta unor tineri si ambitiosi profesionisti de a demonstra ca pot sa creasca imaginea unui brand de nivel mondial, pe piata din Romania, la nivelul pe care acesta il are in Germania si in restul lumii. Oferta de parteneriat include solutii software antivirus de inalta calitate si este adresata resellerilor, integratorilor de sistem si retailerilor. Beneficiile oferite de so-lutiile „Made in Germany“ dezvoltate de G Data sunt: profitabilitate, performanta, pro-ductivitate marita, usurinta in exploatare, cel mai bun raport calitate-pret de pe piata. Mai multe despre companie si distributia solutiilor G Data in Romania gasiti pe site-ul AV Security Software Distribution - Distribuitor autorizat G Data Romania Sursa: AV Security Software Distribution - Distribuitor autorizat G Data Romania

Oare nu a incercat sa scoata banii intai? Ce-o fi zis , ba daca tot sunt atat de multi poate ma lasa sa iau si eu un milion

US drivers are being tracked to an unprecedented extent thanks to a system fattened by federal grant money and spurred by the rush to market private automobile data, according to a report by the ACLU. After analyzing 26,000 pages of documents from police departments spread across the USA, along with information about private companies, the American Civil Liberties Union has produced a report highlighting the large amounts of data public and private companies are storing on drivers, and the poor retention policies that go along with it. The You Are Being Tracked report was released on Wednesday, and argues that "the implementation of automatic license plate readers poses serious privacy and other civil liberties threats". Automatic license plate readers have proliferated across the US due to a fall in the cost of underlying storage and interception technology, and some $50 million dollars in federal grant money distributed to under-funded law enforcement departments that otherwise couldn't afford it. Though US law enforcement tends to have data retention policies that limit the time this information can be retained, data sharing agreements with other agencies and private companies can prolong the time that data is kept. Automated license readers scoop up vast amounts of data on innocent individuals along with the minuscule bits of information about "hot" vehicles or tagged cars. Readers controlled by law enforcement agencies in the state of Maryland performed 29 million reads in the first five months of 2012, but only one in 500 license plates scanned were associated with a hit – "any crime, wrongdoing, minor registration problem, or even suspicion of a problem". Of these hits, 97 per cent were for a suspended or revoked registration, or for violating Maryland's Vehicle Emissions Inspection program. This makes for a vanishingly small number of hits on vehicles any right thinking person could conceivably want a distributed robotic state to be tracking. The report is chock full of examples like this, which all show mass data slurping for a tiny hit rate. But how long agencies store this data on civilians and tagged vehicles is variable, with some agencies deleting all "non-hit" information immediately, but others retaining the information from anywhere from 14 days, to 30 days, to several years. Many of these agencies may feed this data into local state "fusion centers" that pool IT assets for use by various enforcement agencies, the report notes. So even if data is being deleted locally it is still being stored somewhere. "If not properly secured, license plate reader databases open the door to abusive tracking," write the ACLU. Private companies also track vehicles, and these organizations such as MVTrac or Digital Recognition Network slurp huge amounts of license plate information from readers deployed by private companies into centralized databases. DRN's national database, for example, contains over 700 million data points, the ACLU says. These companies will re-sell access to their data to law enforcement agencies, which can search through the images other data associated with the license plates when investigating a crime. In an impressive feat of understatement, the ACLU notes: "These private databases raise serious privacy concerns". Given the lack of regulation around how long data is kept on file, the different policies used by private and the public sector, and the potential for massive abuse, the ACLU report concludes with several pleas for restraint in the gathering and storage of this data. But, given the recent revelations around PRISM and other data slurping schemes, this vulture thinks it unlikely that the public sector will hesitate at collecting this data. And as for the private sector? Well, after surreptitiously scooping up information on Wi-Fi points for years via Street View vans Google was hit by a probe from UK watchdog the ICO, but was merely ordered to delete the data and faced no fine. Sursa TheRegister.co.uk

A public relations boss briefly became the world's first quadrillionaire after a PayPal slip-up made him the richest man on the planet. Chris Reynolds, from Delaware, opened up his monthly PayPal statement and was astonished to find he had suddenly been handed a whopping $92,233,720,368,547,800 - roughly 1000 times as much as the GDP of the entire world, which was a relatively paltry $84.97 trillion in 2012, according to the CIA World Factbook. Somewhat ironically, Reynolds told the Philadelphia Daily News the error made him feel "like a million bucks", after he overcame his initial jitters. "At first, I thought that I owed quadrillions. It was quite a big surprise," he said. Reynolds said he had generally used his PayPal account to buy vintage car parts, but the quadrillionaire quickly planned what to spend his newfound wealth on. “I’m a very responsible guy,” he said. “I would pay the national debt down first," he told the local paper. "Then I would buy the Phillies*, if I could get a great price.” Although his fortune would have made him 1,268,689 times richer than Bill Gates, who's worth about $72.7bn, Reynolds' time as the richest man in the known universe was shortlived. He logged into his account excitedly and was disappointed to see that his account registered only a big fat zero. Now it's back to work for Reynolds, who runs a PR firm that boasts clients including the Kennel Club of Philadelphia and the Pennsylvania Land Title Association. Paypal has not commented on the mistake, saying it does not discuss individual customers' accounts for privacy reasons. However, the payment service did write back to the PR guy and father-of-three. "The sad part is that I got word that they still need me to renew the credit card that's attached to this account," he said. "So, even though I have 90 quadrillion dollars, they still don't trust me." ® Sursa TheRegister.co.uk

If all goes to plan, the next few weeks will bring a revolution in communication with spacecraft, with two space-based laser communications demonstrations due to take to the skies. The European Space Agency's Alphasat – also the largest telecommunications satellite built in Europe – is due to launch on July 25. While the Astrium-built, 3.5 tonne dry mass satellite will primarily serve the Inmarsat network, the experiments it carries include an optical communication terminal. The TDP 1 broadband data relay project has been on the drawing board since 2008, and if all goes well, it will take a 300 Mbps data stream from Germany's Tandem-X satellite, using binary phase shift keying to achieved a planned bit error rate of 10-8 on an optical channel capable of 2 Gbps operation. The Tandem-X data will then be relayed to Earth on a conventional Ka-band channel. Laser comms payload due for launch aboard ESA's Alphasat July 25 NASA's more ambitious project, due to lift during August, will use optics not for space-to-space communications, but for broadband space-to-ground communications – all the way to the moon. Travelling on the upcoming LADEE (Lunar Atmosphere and Dust Environment Explorer) spacecraft, the laser communications system uses a 30cm telescope to direct what NASA hopes will be a 622 Mbps communications stream from lunar orbit to Earth. The ground segment has four 15 cm telescopes to act as transmitters and four 40 cm reflective telescopes as receivers. NASA's LLCD laser communications experiment integrated onto LADEE As Nature notes, the point of all this is that as their data collection capacity approaches levels of petabytes per year, they're also running into the constraints of the radio channels they currently use. In addition, spectrum regulation limits what frequencies satellites can use. Laser overcomes the downlink capacity challenges, and for now at least, sidesteps spectrum regulation. Yes, this stuff is exotic. But history tells us it's eminently foreseeable that these experiments will one day be put to work in more prosaic terrestrial applications. Sursa TheRegister.co.uk

M-ai facut sa zambesc . Dupa ce ti-am citit post-ul m-am gandit imediat la asta The.Legend : Montesquieu: „Nu râde?i de pro?ti, fiindc?-?i vor închipui c? au umor.“

4. Unele categorii au regulament intern. Verific? dac? exist? un regulament sticky înainte de a posta într-o anumite categorie. În special categoriile "CERERI"(minim 10 posturi de CALITATE), "AJUTOR"(minim 10 posturi de CALITATE) sau "Bloguri ?i Bloggeri"(minim 50 posturi CALITATE).

SRS, despre interceptarea cartelelor Prepay: Îl suspectez pe Ghi?? de deficit de inteligen?? Uite si un raspuns.

Tu vorbesti de atitudine ? Tu care cu o seara inainte "iubeai RST-ul" si a doua zi te-ai dus sa plangi pe Filelist ca am incercat noi sa le spargem filmele porno la baieti ? De ce nu vine unul nevinovat ca comenteze ? De ce vin doar astia care sunt banati pentru prostie sau pentru ce alte cacaturi si arunca in useri , moderatori cu vorbe ?

Am inteles acum.Tu esti d4rkjm3nar. Am editat postul pentru ca mi-am dat seama ca am gresit.Tu daca erai baiat destept imi dadeai report in timpul acela. Dupa ce am editat postul nu ti-am mai zis nimic si ai sarit cu gura la mine. My bad , your bad.

Te rog sa citesti cu atentie apoi sa arunci acuzatii. // Spune si numele vechi ca sa stiu cu cine stau de vorba.

Eu cand calc pe bec nu ma rog niciodata de vreun moderator sau admin sa nu ma baneze.Am luat warn pentru lucruri mai marunte gen am pus " inutil " sau pentru ca l-am facut fraier pe unul intr-un topic. Voi va plangeti de Moderatori ca va baneaza prostia din thread-urile voastre de cacat.Foarte bine fac.

EIGHTEEN third-party researchers reported vulns, says security bod Oracle has pushed out a quarterly patch batch of 89 updates that mean almost all of its enterprise software products need updating for one reason or another. Craig Young, a security researcher at Tripwire, noted that most of the vulnerabilities were picked up by third-party researchers. “The constant drumbeat of critical Oracle patches is more than a little alarming particularly because the vulnerabilities are frequently reported by third parties who presumably do not have access to full source code," he said. "This month’s Critical Patch Update credits 18 different researchers coming from more than a dozen different companies." Sysadmins and database administrators would be well to patch internet-accessible systems first, according to Wolfgang Kandek, CTO at cloud security firm Qualys. Updates to the Oracle Database; Fusion Middleware; the Oracle and Sun Systems Product Suite - including the Solaris OS; and MySQL ought to be patching priorities since vulnerable systems are easier to attack. Oracle's Critical Patch Update (CPU) for July 2013 covers six bulletins for Oracle's flagship database software, one of which is remotely exploitable. The XML parser vulnerability, which is remotely accessible but requires authentication, has the highest CVSS (Common Vulnerability Scoring System) severity score of all Tuesday's releases, hitting a peril factor of 9.0. Databases are typically firewalled from the internet, which ought to provide at least some protection. A total of 18 vulnerabilities in Oracle’s MySQL database were lanced, including two that are remotely accessible. There are also 16 updates for Sun Solaris servers, eight of which cover flaws that might be targeted by hackers across the internet. "If you have Sun Solaris servers in your organisation, review these patches and start with the machines on your perimeter and DMZ (De-Militarised Zone)," Kandek advises. Oracle’s Fusion Middleware gets patches to address a total of 21 vulnerabilities - a whopping 16 of which are remotely exploitable. The software includes many components that are typically found on the web, such as the Oracle HTTP server. A quick query on Shodan shows more than 500,000 machines with Oracle’s HTTP are accessible across the internet. The software giant's patch batch also includes updates for Oracle's Peoplesoft, E-Business and Virtualization enterprise software products. Young told The Register: "It’s also noteworthy that there every Oracle CPU release this year has plugged dozens of vulnerabilities. By my count, Oracle has already acknowledged and fixed 343 security issues in 2013," he added. Scheduled updates for Java are handled on a separate four-month release cycle, so don't appear in the July patch batch. Oracle is planning to align the two releases together starting with its next Critical Patch Update in October 2013. Earlier this week Oracle published a study arguing IT security spending is misplaced, despite increased investment. Databases and applications - not networks - should be focus of information security programs, Oracle concludes. Veteran IT analyst Clive Longbottom disagreed with Oracle's assessment and said that enterprises would do better to focus on protecting information. "It is the information that matters - [focusing on] network, app or database misses the point," he told El Reg. ® Sursa TheRegister.co.uk

Google Glass was silently patched by the internet giant last month after a flaw was discovered that could have allowed hackers to capture user data sent from the device, mobile security firm Lookout has revealed. Having worked with Google to find and repair the vulnerability, Lookout said in a blog post today that it reported the bug on 16 May before it was quickly fixed by Google on 4 June, with the update pushed out to all devices. Google took advantage of Glass' ability to read printed text and QR codes to create an easy way for a user to configure their Glass device without needing a keyboard. Discovered by Lookout Mobile Security principal security researcher Marc Rogers, the vulnerability that Google patched last month exploited QR codes configured to tell Glass to connect to WiFi Networks or Bluetooth devices. "We analysed how to make QR codes based on configuration instructions and produced our own 'malicious' QR codes," Rogers said. "When photographed by an unsuspecting Glass user, the code forced Glass to connect silently to a 'hostile' WiFi access point that we controlled. "That access point in turn allowed us to spy on the connections Glass made, from web requests to images uploaded to the Cloud." Lookout said that the exploit also allowed it to divert Glass to a webpage on the access point containing a known Android 4.0.4 vulnerability that hacked Glass as it browsed the webpage. Google's patch updated the Glass software so that the camera will only identify QR codes when the user specifically triggers scanning through the settings. Here's a nifty video made by Lookout to sum up the vulnerability. Sursa TheInquirer.net

Asta e maxima.

E gata fratilor , daca vor ajunge sa ne asculte si cartele cumparate .. vom trai ca pe vremea lui Ceausescu. Totul e de fatada nu se doreste decat controlul asupra informatiilor si asupra noastra , sa nu cumva sa stie Gheorghe ceva despre deputatul X si sa nu il salte..