WebProNews

Category: ITProNews

ITProNews

  • Intel Willing to Work With Third Point Hedge Fund

    Intel Willing to Work With Third Point Hedge Fund

    Intel has signaled it is willing to work with Third Point hedge fund to improve its business.

    As we reported earlier today, Third Point’s CEO sent a letter to Intel’s chairman urging changes as the chipmaker lags behind rivals.

    “Without immediate change at Intel, we fear that America’s access to leading-edge semiconductor supply will erode, forcing the U.S. to rely more heavily on a geopolitically unstable East Asia to power everything from PCs to data centers to critical infrastructure and more,” CEO Daniel Loeb wrote.

    According to International Business Times, It appears Intel is open to discussion with Third Point in an effort to make changes.

    “Intel Corporation welcomes input from all investors regarding enhanced shareholder value,” the California tech giant said. “In that spirit, we look forward to engaging with Third Point LLC on their ideas towards that goal.”

  • Intel’s Troubles Mount As Hedge Fund Urges Action

    Intel’s Troubles Mount As Hedge Fund Urges Action

    Third Point LLC, an activist hedge fund, is urging Intel to make changes to address its falling status in the chipmaking industry.

    Once the undisputed leader in chipmaking, Intel’s processors were used in everything from mobile devices to PCs to servers. Unfortunately for the company, it failed to keep up with changes in the industry, especially with the rise of mobile processing.

    Designed by Arm Holdings, ARM chips are known for their outstanding performance to power consumption ratio. ARM-based chips power iPhones, iPads, Android devices and, most recently, computers. In the case of Apple’s Mac platform, the ARM-based M1 offers superior performance to comparable Intel chips while using a fraction of the energy. The result are machines that run cooler and have much longer battery life.

    Intel, in contrast, has struggled to offer that winning combination of performance and efficiency. The company struggled to move to 7nm processors, has had issues keeping up with demand and been plagued with “unfixable” security issues. The company has also lost some of its best engineers, including Jim Keller and Murthy Renduchintala.

    To make matters worse, AMD has been chipping away at some of Intel’s stronghold markets, especially with its Ryzen line of chips. The Ryzen 3000 took aim at the desktop, the 4000 series made headway in the mobile market and the 5000 is challenging Intel in the gaming market. Meanwhile, the Threadripper Pro is challenging Intel’s server dominance.

    Intel’s issues have reached the point where the company is even considering outsourcing its chip production.

    Third Point CEO Daniel Loeb wrote to Intel’s chairman, Omar Ishrak, urging the company to take action to address its issues, according to Reuters.

    “Without immediate change at Intel, we fear that America’s access to leading-edge semiconductor supply will erode, forcing the U.S. to rely more heavily on a geopolitically unstable East Asia to power everything from PCs to data centers to critical infrastructure and more,” Loeb wrote.

    One of the suggested remedies was “separating its chip design from its semiconductor fabrication plant manufacturing operations, according to the sources. This could include a joint venture in manufacturing, according to the sources.”

    It’s unclear if Intel will respond, although Third Point’s nearly $1 billion stake in Intel could make it hard to ignore. Either way, one thing is clear: Intel must figure out a way to turn its business around before it’s too late.

  • Oracle Behind Spate of Google Antitrust Lawsuits

    Oracle Behind Spate of Google Antitrust Lawsuits

    Google is under siege as it faces multiple lawsuits from the DOJ and coalitions of states, a situation it may have Oracle to thank for.

    Oracle and Google have been locked in a legal battle since the former bought Sun Microsystems and the Java platform. When Google developed its Android mobile operating systems (OS), it intentionally made Android compatible with the Java libraries.

    Google made the decision in an effort to jumpstart Android’s popularity by piggybacking on one of the most popular programming languages in history. The thinking was that programmers would welcome using a programming language they were already proficient in, as opposed to developing for the iPhone which required learning Objective-C, a language rarely used outside of Apple’s ecosystem.

    At the time, the move was met with enthusiasm, including from Sun Microsystems. CEO Jonathan Schwartz even offered his personal congratulations:

    “I just wanted to add my voice to the chorus of others from Sun in offering my heartfelt congratulations to Google on the announcement of their new Java/Linux phone platform, Android. Congratulations!

    Once Oracle purchased Sun Microsystems three years later, in 2010, the tune immediately changed. Oracle sued Google for infringing on Java copyrights the company now controlled. The case has continued for the past decade, with both sides chalking up victories, and ultimately leading to arguments before the Supreme Court in October. The ramifications of the case could have far-reaching consequences for the software and tech industry.

    It appears, however, that Oracle is simultaneously fighting a completely different battle with Google, helping push regulators toward the current antirust cases.

    According to Bloomberg, Oracle sent officials in at least twelve of the states currently suing Google a “black box” presentation that outlined Google’s data privacy practices. Specifically, the presentation showed how Google tracked users’ data, including their location, even when the users’ Android phones were not being used.

    Ken Glueck, Oracle’s top Washington lobbyist and the man behind the antitrust campaign against Google, was thrilled with the action the states were taking.

    “I couldn’t be happier,” said Glueck told Bloomberg. “As far as I can tell, there are more states suing Google than there are states.”

    Obviously, any campaign on Oracle’s part was not the sole motivating factor. Google was already under investigation by some individual states, and the company had been under fire for years over its privacy and monopoly practices. Many believed a major lawsuit was inevitable.

    Nonetheless, it’s clear that regulators and investigators had an ally in Oracle, and the company may have provided just the push some of those regulators and investigators needed to move forward.

  • Organizations Compromised in SolarWind Supply Chain Attack

    Organizations Compromised in SolarWind Supply Chain Attack

    FireEye has uncovered a sophisticated intrusion campaign against government and corporate organizations, using a supply chain attack.

    Supply chain attacks are one of the most sophisticated types of hacks in existence. While many hacks rely on convincing a target to download malicious software, a supply chain attack involves inserting malicious code in legitimate software before it’s distributed to customers, hence attacking the software supply chain.

    The attack in question uses a compromised update to SolarWind’s Orion IT monitoring and management software, with FireEye calling the compromised version “SUNBURST.” The trojanized version is incredibly sophisticated, using various methods to avoid detection, all the while communicating with third-party servers.

    “After an initial dormant period of up to two weeks, it retrieves and executes commands, called “Jobs”, that include the ability to transfer files, execute files, profile the system, reboot the machine, and disable system services,” writes FireEye’s team. “The malware masquerades its network traffic as the Orion Improvement Program (OIP) protocol and stores reconnaissance results within legitimate plugin configuration files allowing it to blend in with legitimate SolarWinds activity. The backdoor uses multiple obfuscated blocklists to identify forensic and anti-virus tools running as processes, services, and drivers.”

    The trojan has enabled hackers to monitor email communications at the US Treasury and Commerce departments, according to Reuters. FireEye says victims have also “included government, consulting, technology, telecom and extractive entities in North America, Europe, Asia and the Middle East.” Since the attack is actively in progress, FireEye suspects there will be additional victims as well.

    To mitigate the attack, “SolarWinds recommends all customers immediately upgrade to Orion Platform release 2020.2.1 HF 1, which is currently available via the SolarWinds Customer Portal. In addition, SolarWinds has released additional mitigation and hardening instructions here.”

    If an organization is not able to update, FireEye has outlined additional mitigation steps that should be taken.

  • Microsoft Using AI to Tackle Corruption

    Microsoft Using AI to Tackle Corruption

    Marking the 15th anniversary of the United Nations’ International Anti-Corruption Day, Microsoft has unveiled Anti-Corruption Technology and Solutions (ACTS).

    Corruption continues to be a significant problem for both governments and the private sector. While many different methods of combating corruption have been tried, Microsoft believes artificial intelligence may hold the key.

    “In the next decade, Microsoft ACTS will leverage the company’s investments in cloud computing, data visualization, AI, machine learning, and other emerging technologies to enhance transparency and to detect and deter corruption,” writes Dev Stahlkopf – Corporate Vice President and General Counsel. “We will endeavor to bring the most promising solutions to the broadest possible audience, using our partner networks, programs, and global employee base to scale solutions through careful consideration of their priorities, technical infrastructure, and capabilities.

    “Over the last six months, we have already begun to make investments in support of the Microsoft ACTS initiative, including a partnership with the Inter-American Development Bank to advance anti-corruption, transparency, and integrity objectives in Latin America and the Caribbean. Announced in July 2020, we are partnering with the IDB Transparency Fund to help bring greater transparency to the use of Covid-19 economic stimulus funds, building on the Mapa Inversiones platform developed by the IDB with Microsoft support and already adopted by many countries in the region. In the coming months and years, we look forward to additional partnerships, learning as we go, and empowering the work of others.”

    With UN estimates placing the cost of corruption at $3.6 trillion dollars a year, Microsoft ACTS will likely see widespread adoption. The technology illustrates yet another way in which AI can be put to good use.

  • Microsoft and SAP Partner to Improve Supply Chain and Industry 4.0

    Microsoft and SAP Partner to Improve Supply Chain and Industry 4.0

    Microsoft has announced an expansion of its partnership with SAP to improve supply chain and Industry 4.0 solutions.

    SAP is one of the leading enterprise software providers, and the two companies are expanding their partnership “to help customers design and operate intelligent digital supply chain and Industry 4.0 solutions.” The two companies are also working together to promote interoperability in the industry.

    The partnership will allow customers to run SAP’s Digital Supply Chain solutions on Microsoft Azure. The solution will run as software-as-a-service (SaaS) on Azure, giving customers the ability to scale as needed and reap the benefits of the cloud.

    SAP is excited to bring our proven and innovative solutions to Microsoft Azure for our manufacturing and digital supply chain customers. This partnership gives our customers the ability to subscribe to our digital supply chain and manufacturing solutions in the cloud and enhances our offerings for Industry 4.0. Building on this, SAP solutions will soon be available at the edge in factories, plants, and automated warehouses in close proximity to sensors, machines, and control systems. —Franz Hero, SAP Senior Vice President for Digital Supply Chain Solutions.

    The partnership should be a big win for both Microsoft and SAP customers.

  • Security Firm FireEye Details Hack, State-Sponsored Attack

    Security Firm FireEye Details Hack, State-Sponsored Attack

    Security firm FireEye is the latest victim of a cyberattack, and likely the victim of a state-sponsored attack.

    FireEye is one of the leading cybersecurity firms, providing consulting, services, software and hardware to customers. The company has been involved in detecting and fighting multiple high-profile attacks. Its history and expertise make the news it was attacked all the more concerning.

    CEO Kevin Mandia outlined the attack in a blog post:

    Based on my 25 years in cyber security and responding to incidents, I’ve concluded we are witnessing an attack by a nation with top-tier offensive capabilities. This attack is different from the tens of thousands of incidents we have responded to throughout the years. The attackers tailored their world-class capabilities specifically to target and attack FireEye. They are highly trained in operational security and executed with discipline and focus. They operated clandestinely, using methods that counter security tools and forensic examination. They used a novel combination of techniques not witnessed by us or our partners in the past.

    Mandia says the attackers used some of the company’s Red Team tools that FireEye uses to test its customers’ security. As a result, FireEye is releasing the necessary information for customers to mitigate the threat those tools now pose.

    We are not sure if the attacker intends to use our Red Team tools or to publicly disclose them. Nevertheless, out of an abundance of caution, we have developed more than 300 countermeasures for our customers, and the community at large, to use in order to minimize the potential impact of the theft of these tools.

    FireEye is working with the FBI and Microsoft to investigate the incident. Nonetheless, the fact that the attackers are using methods the company has never seen before is not very encouraging for the cybersecurity industry.

  • Cloudflare, Apple and Fastly Create Improved, Private DNS

    Cloudflare, Apple and Fastly Create Improved, Private DNS

    Engineers from Cloudflare, Apple and Fastly have worked together to create an improved DNS protocol that protects user privacy.

    DNS is the backbone of the internet, responsible for mapping domain names (such as WebProNews.com) to the IP addresses where the site and its content resides. Unfortunately, because the internet was conceived and designed at a time when security was not a big concern, DNS queries are sent in clear text. This means it is relatively easy to intercept DNS traffic and see what site a person is trying to reach, as well as the IP address of the device they’re using.

    There have been attempts to address this security issue, including DNS over HTTPS (DoH) and DNS over TLS (DoT). Both of these upgrades, however, rely on an ISP, or similar company, responsible for resolving the DNS queries. As a result, there is still a potential trust issue, as the DNS resolving entity can still see the DNS queries.

    This is where Cloudflare, Apple and Fastly’s work comes into play. The three companies have announced the creation a new protocol: Oblivious DNS over HTTPS (ODoH). This new protocol is designed to separate the client from the DNS resolver, providing total privacy and anonymity.

    “ODoH is a revolutionary new concept designed to keep users’ privacy at the center of everything,” says Michael Glynn, Vice President, Digital Automated Innovation, PCCW Global. “Our ODoH partnership with Cloudflare positions us well in the privacy and ‘Infrastructure of the Internet’ space. As well as the enhanced security and performance of the underlying PCCW Global network, which can be accessed on-demand via Console Connect, the performance of the proxies on our network are now improved by Cloudflare’s 1.1.1.1 resolvers. This model for the first time completely decouples client proxy from the resolvers. This partnership strengthens our existing focus on privacy as the world moves to a more remote model and privacy becomes an even more critical feature.”

    ODoH is an important step forward in privacy and security, and will hopefully see fast and widespread adoption.

  • Sophos Suffers Data Exposure Incident

    Sophos Suffers Data Exposure Incident

    Security firm Sophos has informed customers it suffered a data breach as a result of a misconfigured database.

    According to ZDNet, customers’ personal information was exposed, including names, emails and phone numbers. The company informed impacted customers via email, which ZDNet got a copy of.

    On November 24, 2020, Sophos was advised of an access permission issue in a tool used to store information on customers who have contacted Sophos Support.

    The company confirmed the breach to ZDNet, saying that only a “small subset” of its customers were impacted. Nonetheless, this is the second major security issue this year for Sophos, a major source of embarrassment for a company in the business of providing computer security to its customers.

    The company tried to assure customers it was doing everything it could to address the issue.

    At Sophos, customer privacy and security are always our top priority. We are contacting all affected customers,” the company said. “Additionally, we are implementing additional measures to ensure access permission settings are continuously secure.

  • IBM Set to Layoff 10,000 Employees

    IBM Set to Layoff 10,000 Employees

    IBM is preparing for a massive round of layoffs in Europe, impacting some 10,000 employees.

    According to Bloomberg, IBM announced the layoffs earlier in November in a meeting with labor representatives. The source remained anonymous, as the talks are still private.

    “Our staffing decisions are made to provide the best support to our customers in adopting an open hybrid cloud platform and AI capabilities,” an IBM spokeswoman said in an emailed statement to Bloomberg. “We also continue to make significant investments in training and skills development for IBMers to best meet the needs of our customers.”

    The bulk of the cuts are in IBM’s legacy business. The company announced in October it is planning on splitting the company in two. The core will continue under the IBM name and focus on hybrid cloud and AI, while the legacy business will be spun off into a separate company.

    It appears the UK and Germany will be hardest hit, with Belgium, Italy, Poland and Slovakia also slated to experience some layoffs as well.

  • AWS Network Firewall Unveiled to Help Protect VPCs

    AWS Network Firewall Unveiled to Help Protect VPCs

    AWS has unveiled the AWS Network Firewall in an effort to help customers protect their cloud-based virtual networks.

    AWS is currently the top cloud platform, with 31% of the cloud computing market. One of AWS’ biggest strengths is the breadth and depth of services the platform offers.

    The company is building on that with its latest announcement, AWS Network Firewall, “a high availability, managed network firewall service” for virtual private clouds (VPC). The new service complements the other firewall capabilities AWS currently provides, such as “Security Groups to protect Amazon Elastic Compute Cloud (EC2) instances, Network ACLs to protect Amazon Virtual Private Cloud (VPC) subnets, AWS Web Application Firewall (WAF) to protect web applications running on Amazon CloudFront, Application Load Balancer (ALB) or Amazon API Gateway, and AWS Shield to protect against Distributed Denial of Service (DDoS) attacks.”

    The AWS Network Firewall can be setup with just a few clicks, and the company touts its ability to scale as needed, eliminating the need to manage additional infrastructure.

    “With AWS Network Firewall, you can implement customized rules to prevent your VPCs from accessing unauthorized domains, to block thousands of known-bad IP addresses, or identify malicious activity using signature-based detection,” writes Channy Yun is a Principal Developer Advocate for AWS. “AWS Network Firewall makes firewall activity visible in real-time via CloudWatch metrics and offers increased visibility of network traffic by sending logs to S3, CloudWatch and Kinesis Firehose. Network Firewall is integrated with AWS Firewall Manager, giving customers who use AWS Organizations a single place to enable and monitor firewall activity across all your VPCs and AWS accounts. Network Firewall is interoperable with your existing security ecosystem, including AWS partners such as CrowdStrike, Palo Alto Networks, and Splunk. You can also import existing rules from community maintained Suricata rulesets.”

    The news is a welcome addition to AWS’ cybersecurity services and will help customers keep their VPCs even safer.

  • GoDaddy In Hot Water After Employees Help Hackers

    GoDaddy In Hot Water After Employees Help Hackers

    GoDaddy is once again in the news for all the wrong reasons after employees were tricked into helping hackers take over domains.

    This latest attack targeted a number of cryptocurrency services, and relied on “social engineering” to convince GoDaddy employees to hand over control of the target companies’ domain names. Mike Kayamori, CEO of Liquid, described the attack:

    On the 13th of November 2020, a domain hosting provider “GoDaddy” that manages one of our core domain names incorrectly transferred control of the account and domain to a malicious actor. This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts. In due course, the malicious actor was able to partially compromise our infrastructure, and gain access to document storage.

    Kayamori said the company believes all client funds and digital wallets are secure, although personal information was compromised, including names, emails and encrypted passwords.

    Although there does not appear to be any statement on GoDaddy’s website acknowledging the breach, the company issued a statement to Engadget, confirming that a “limited number” of its employees had fallen for “social engineering” tactics resulting in unauthorized changes to customers accounts and domains.

    This is a huge embarrassment for GoDaddy, especially since the company was victim of a similar attack that impacted Escrow.com back in March.

  • Companies Estimate Five Days to Recover From Unpaid Ransomware

    Companies Estimate Five Days to Recover From Unpaid Ransomware

    Some 66% of companies believe it would take them at least five days to recover from an unpaid ransomware attack, according to a new survey.

    Ransomware has become one of the most popular and lucrative types of cyber attacks in recent years, with companies of all types and sizes falling victim. Government, non-profits and healthcare organizations have increasingly been in the crosshairs as well. In fact, the first confirmed ransomware death occurred when a hospital in Germany was hit in September.

    One of the biggest challenges many organizations face is the whether to pay or try to recover on their own from an attack. According to data firm Veritas’ 2020 Ransomware Resiliency Report, 66% of companies estimate it would take at least five days to recover from an attack if they chose not to pay the ransom.

    As ransomware attackers continue to deploy more effective and potentially devastating means of holding companies’ data and workloads ransom, the time for enterprises to act is now. They need to immediately assess their resiliency approach and make their backup and disaster recovery processes more robust, no matter where their data and applications are hosted, so they can more confidently pursue their hybrid multicloud strategy.

    The full report is worth a read, and illustrates the need for companies to continue to improve their ransomware resiliency.

  • Microsoft Unveils Pluton: A New Security Chip For Windows PCs

    Microsoft Unveils Pluton: A New Security Chip For Windows PCs

    Microsoft has unveiled Pluton, a new security chip designed to improve the security of Windows PCs.

    As threats from hackers and bad actors increase, and as more companies rely on remote work and cloud-based technologies, companies are working harder than ever to secure devices and systems. Microsoft’s latest announcement is a big step in that direction.

    The company has announced its new security chip, Pluton, that applies lessons from Xbox and Azure Sphere, bringing them to the Windows PC. The new chip was designed in cooperation with AMD, Intel and Qualcomm.

    This chip-to-cloud security technology, pioneered in Xbox and Azure Sphere, will bring even more security advancements to future Windows PCs and signals the beginning of a journey with ecosystem and OEM partners.

    The new chip is a substantial improvement over the existing Trusted Platform Module (TPM). Because the TPM is a separate hardware component, hackers have been targeting communication between the TPM and the CPU. Pluton addresses that by being integrated directly into the CPU.

    The Pluton design removes the potential for that communication channel to be attacked by building security directly into the CPU. Windows PCs using the Pluton architecture will first emulate a TPM that works with the existing TPM specifications and APIs, which will allow customers to immediately benefit from enhanced security for Windows features that rely on TPMs like BitLocker and System Guard. Windows devices with Pluton will use the Pluton security processor to protect credentials, user identities, encryption keys, and personal data. None of this information can be removed from Pluton even if an attacker has installed malware or has complete physical possession of the PC.

    Pluton promises to be a substantial step toward increased security for Windows PCs, and will hopefully see rapid deployment.

  • Cisco Quarterly Results Beat Expectations on Services and Security

    Cisco Quarterly Results Beat Expectations on Services and Security

    Cisco has announced its quarterly results, beating analyst estimates thanks to strong services and security.

    Cisco reported revenue of $11.9 billion, with net income coming in at $2.2 billion. The company’s $0.76 earnings per share was higher than consensus forecasts of $0.70.

    “Cisco is off to a solid start in fiscal 2021 and we are encouraged by the signs of improvement in our business as we continue to navigate the pandemic and other macro uncertainties,” said Chuck Robbins, chairman and CEO of Cisco. “Our focus is on winning with a differentiated innovative portfolio, long-term growth and being a trusted technology partner offering choice and flexibility to our customers. We see many great opportunities ahead as every company in every industry is accelerating its digital-first strategy.”

    In particular, the company has been working to transform its business to more of a service-oriented approach, thereby insulating it from pandemic-like situations. Service revenue was up 2%, while Security was up 6%, leading Product revenue.

    “Our Q1 results reflect good execution with strong margins in a challenging environment,” said Kelly Kramer, CFO of Cisco. “We continued to transform our business through more software offerings and subscriptions, driving 10% year over year growth in remaining performance obligations. We delivered strong growth in operating cash flow and returned $2.3 billion to shareholders.”

  • Financial Network, Inc. Leaves Oracle In Favor Of MariaDB SkySQL

    Financial Network, Inc. Leaves Oracle In Favor Of MariaDB SkySQL

    Financial services firm Financial Network, Inc. (FNI) is leaving Oracle’s platform in favor of MariaDB SkySQL.

    MariaDB was forked from MySQL when Oracle acquired the database engine in 2009. Developers were concerned about the future of MySQL under Oracle, and wanted a version of the database that would remain independent of Oracle, while at the same time maintaining full compatibility.

    MariaDB Corporation pairs the database with SkySQL for “the first and only database-as-a-service (DBaaS) to bring the full power of MariaDB Platform to the cloud, combining powerful enterprise features and world-class support with unrivaled ease of use and groundbreaking innovation.”

    SkySQL is offered as a DBaaS on Google Cloud Platform, and MariaDB is used by Google, Mozilla, Deutsche Bank, DBS Bank, Nasdaq, Red Hat, ServiceNow, Verizon and Walgreens. Now, FNI is leaving Oracle in favor of MariaDB and SkySQL.

    “MariaDB has been a true collaborative partner for us in our journey to the cloud,” said Bryan Bancroft, lead database administrator at FNI. “With SkySQL, we don’t have to bother with containers or managing the database, that’s left to the database professionals at MariaDB. We also have the option of easily expanding our applications to leverage blended transactions and analytics when the time is right. Moving to MariaDB from Oracle was a key strategic business decision for us and has ultimately saved us up to 80% in database costs – allowing us to reinvest the savings into delivering new, critical solutions for our customers.”

    The announcement is a big win for MariaDB and a loss for Oracle, just as the company is doubling down in an effort to take on its bigger cloud rivals.

  • Are Big Physical Tech Conferences Dead?

    Are Big Physical Tech Conferences Dead?

    One of the many huge ramifications from pandemic lockdowns has been the advent of large physical conferences converted to virtual conferences. This has been especially true for enterprise software events. Box CEO Aaron Levie says that their annual conference last week held entirely virtual saw higher engagement with customers and much lower costs than last years San Francisco event held at Moscone Center.

    CEOs around the country and the world are debating whether they should abandon expensive physical conferences altogether once the pandemic restrictions are lifted.

    Aaron Levie, CEO of Box, discussed this new reality, asking the question, how does this look in the future when you can actually have physical conferences? Do you still rely on a virtual first environment or do you have a bit of a hybrid conference?:

    Box Virtual Conference Last Week Was A Huge Success

    We did just have our virtual conference last week. We saw somewhere between four and five times the scale of registrations that we would normally see in one of our physical conferences. We saw higher engagement in a lot of areas than normally we would see. Overall, great levels of attendance and engagement on our keynotes and product updates. Certainly, as you can imagine, a much lower cost and much easier way to get this content out to our customers.

    There are a lot of benefits to a virtual conference. We’re able to hit demographics of our customer base who previously wouldn’t have been able to fly out to San Francisco and come to Moscone for a two or three-day conference. There are real benefits of the scale of impact of customers we can interact with and engage with. There is a difference in terms of being able to have conversations one-on-one with customers. So it’s a different experience from that standpoint. But we were able to make do with the environment of having to move to virtual.

    Now we’re really asking the question, how does this look in the future when you can actually have physical conferences? Maybe it’s next year or maybe it’s the year after. Do you still rely on a virtual first environment? Do you have a bit of a hybrid conference? These are some open questions that the industry’s going to have to ask. But overall, we were very happy with the success of the event.

    Are Big Physical Tech Conferences Dead?
  • FBI: Hackers Exploited SonarQube to Steal Government and Commercial Source Code

    FBI: Hackers Exploited SonarQube to Steal Government and Commercial Source Code

    The FBI has warned that hackers have been accessing proprietary source code from government agencies and businesses by exploiting SonarQube.

    SonarQube is a code inspection platform that currently supports 27 programming languages and helps developers write cleaner, more secure, bug-free code. SonarQube integrates with a number of third-party services and platforms, including GitHub, GitLab, LDAP, Active Directory, BitBucket, Azure DevOps and more.

    Unfortunately, according to the FBI (PDF), it appears a number of organizations using SonarQube left the default parameters in place, opening themselves up to security issues and code theft.

    In August 2020, unknownthreat actors leaked internal data from two organizations through a public lifecycle repositorytool. The stolen data was sourced from SonarQube instances that used default port settings and admin credentials running on the affected organizations’ networks. This activity is similar toa previous data leak in July 2020, in which an identified cyber actor exfiltrated proprietary source code from enterprises throughpoorly secured SonarQube instances and published the exfiltrated source codeon a self-hosted public repository.

    During the initial attack phase, cyber actorsscan theinternetfor SonarQube instances exposed to the open Internet using the default port (9000) and a publicly accessible IP address. Cyber actors then use default administrator credentials (username: admin, password: admin) to attempt to access SonarQube instances.

    The FBI recommends following basic security protocols that, quite frankly, organizations should have implemented from the beginning. This includes, changing the default admin username and password, the default port through which SonarQube is accessed, putting SonarQube behind a login screen, checking for unauthorized users and keeping the platform behind the company firewall.

  • Windows 10 Upgrade May Cause Lost Certificates

    Windows 10 Upgrade May Cause Lost Certificates

    Microsoft has acknowledged that a Windows 10 upgrade is losing security certificates under certain circumstances.

    The issue was first reported by Borncity, when users started noticing problems after updating to the latest Windows 10 upgrade. According to the blog, “after installing cumulative October 2020 updates, various Windows 10 versions forget their certificates when upgrading to a higher Build.”

    Microsoft has now acknowledged the issue exists when upgrading from Windows 10 version 1809 to a newer version.

    System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when managed devices are updated using outdated bundles or media through an update management tool such as Windows Server Update Services (WSUS) or Microsoft Endpoint Configuration Manager. This might also happen when using outdated physical media or ISO images that do not have the latest updates integrated.

    For impacted systems, Microsoft recommends using the uninstall window to roll back to a previous version of Windows using these instructions. Impacted users will then need to wait until a fix is released before upgrading again.

  • Intel CEO: Decision On Outsourcing Chipmaking ‘In The Next Couple of Months’

    Intel CEO: Decision On Outsourcing Chipmaking ‘In The Next Couple of Months’

    Intel has had a rough couple of years, leading the company to consider what would have once been unthinkable: outsourcing its chipmaking.

    The company has had issues with its 10nm and 7nm processes, has been struggling to keep up with demand, and has been plagued with security issues, some of which have been labeled “unfixable.”

    As a result, Intel has seen its dominating lead chipped away by AMD. To make matters worse, it is losing once of its most high-profile customers, with Apple’s announcement that it will be switching the Mac to the same ARM-based chips that power the iPhone and iPad. Even Microsoft is moving ahead with plans to fully support Windows on ARM.

    These problems have led the company to open the door to the possibility it might outsource chip manufacturing, something executives would never had considered during the company’s hedey.

    CEO Bob Swan joined CNBC’s “Squawk Alley,” where he was asked how much of an impact the decision would have on margins.

    First, as we play a larger and larger role in the success of our customers, with the investments we’ve been making, with that comes a responsibility,” Swan replied. “And that responsibility for us is to provide a predictable cadence of leadership products for our customers.”

    So for us, we have a wonderful product roadmap for ’20, ’21 and ’22. And when we look into ’23, we have a decision to make, about whether to build that next generation of product on Intel’s manufacturing footprint, on third-party manufacturing footprint, or on a mix of both. And we’ve been designing our product to have the inherent flexibility to make those decisions over time.

    So in the next couple of months, we’ll be looking at what’s the right decision for 2023 products, and we’ll be evaluating a series of criteria.

    Schedule predictability—very important for our customers. Second, product performance—process matters, but so do a lot of other things, like software. And third, how do we retain some of the essential benefits of designing and making stuff for ourselves, in the event we take things outside with the relationships that we have with our third-party foundry partners. So we’re going through that assessment now.

    If Swan’s statement is any indication, the next couple of months will have long-last impacts on Intel’s future, as well as the future of the semiconductor industry in the US.

  • Accenture: Cybercriminals Becoming More Brazen

    Accenture: Cybercriminals Becoming More Brazen

    “The biggest takeaway from our research is that organizations should expect cybercriminals to become more brazen as the potential opportunities and pay-outs from these campaigns climb to the stratosphere,” says Josh Ray, who leads Accenture Security’s cyber defense practice globally.

    “Since COVID-19 radically shifted the way we work and live, we’ve seen a wide range of cyber adversaries changing their tactics to take advantage of new vulnerabilities,” said Accenture’s Josh Ray. “In such a climate, organizations need to double down on putting the right controls in place and by leveraging reliable cyber threat intelligence to understand and expel the most complex threats.”

    Sophisticated adversaries mask identities with off-the-shelf tools

    Throughout 2020, Accenture CTI analysts have observed suspected state-sponsored and organized criminal groups using a combination of off-the-shelf tooling — including “living off the land” tools, shared hosting infrastructure and publicly developed exploit code — and open source penetration testing tools at unprecedented scale to carry out cyberattacks and hide their tracks.
     
    For example, Accenture tracks the patterns and activities of an Iran-based hacker group referred to as SOURFACE (also known as Chafer or Remix Kitten). Active since at least 2014, the group is known for its cyberattacks on the oil and gas, communications, transportation and other industries in the U.S., Israel, Europe, Saudi Arabia, Australia and other regions. Accenture CTI analysts have observed SOURFACE using legitimate Windows functions and freely available tools such as Mimikatz for credential dumping. This technique is used to steal user authentication credentials like usernames and passwords to allow attackers to escalate privileges or move across the network to compromise other systems and accounts while disguised as a valid user.
     
    According to the report, it is highly likely that sophisticated actors, including state-sponsored and organized criminal groups, will continue to use off-the-shelf and penetration testing tools for the foreseeable future as they are easy to use, effective and cost-efficient.

    Ransomware feeds new profitable, scalable business model

    Ransomware has quickly become a more lucrative business model in the past year, with cybercriminals taking online extortion to a new level by threatening to publicly release stolen data or sell it and name and shame victims on dedicated websites. The criminals behind the Maze, Sodinokibi (also known as REvil) and DoppelPaymer ransomware strains are the pioneers of this growing tactic, which is delivering bigger profits and resulting in a wave of copycat actors and new ransomware peddlers.
     
    Additionally, the infamous LockBit ransomware emerged earlier this year, which — in addition to copying the extortion tactic — has gained attention due to its self-spreading feature that quickly infects other computers on a corporate network. The motivations behind LockBit appear to be financial, too. Accenture CTI analysts have tracked cybercriminals behind it on Dark Web forums, where they are found to advertise regular updates and improvements to the ransomware, and actively recruit new members promising a portion of the ransom money.
     
    The success of these hack-and-leak extortion methods, especially against larger organizations, means they will likely proliferate for the remainder of 2020 and could foreshadow future hacking trends in 2021. In fact, Accenture CTI analysts have observed recruitment campaigns on a popular Dark Web forum from the threat actors behind Sodinokibi.

    Accenture-2020-Cyber-Threatscape-Full-ReportDownload