Trump hotel chain fined over data breaches

Trump Hotel Collection has arrived at a settlement with New York Attorney General Eric T. Schneiderman over hacks that are said to have led to the exposure of over 70,000 credit card numbers and other personal data.The hotel chain, one of the businesses of Republican presidential candidate Donald Trump, has agreed to pay US$50,000 in penalties and promised to take measures to beef up its data security practices, according to the attorney general’s office.The chain is one of many hotels and retailers that have been hit recently by malware that skimmed payment card information.The key charges apparently against Trump Hotel Collection (THC) are that it didn’t have adequate protection and even after the attacks became known, did not quickly inform the people affected, in breach of New York law.To read this article in full or to leave a comment, please click here

Posted on: 26 September 2016 | 1:42 am

How to keep terrifying medical device hacks from becoming reality

While some of the scariest IoT hacks envisioned – those involving hijacked medical devices such as pacemakers and insulin pumps – have yet to surface in the real world, those in the medical and IT security fields are not letting down their guard. They’ve seen enough ransomware and other attacks on healthcare outfits of late to know they are major cyberattack targets.The reality is that more medical devices are becoming connected ones, and that’s increasing the security threat surface, said panelists this past week at the Security of Things Forum in Cambridge, Mass.To read this article in full or to leave a comment, please click here

Posted on: 26 September 2016 | 12:24 am

IDG Contributor Network: Podium Data wants to offer a complete data wrangling platform

News today from quiet 2-year-old startup Podium Data, which has raised $9.5 million by way of a series A funding round. The round comes from a syndicate of investors led by Malibu Ventures. The company was founded back in 2014, and since then it has quietly been going about building its offering.The founding team has broad experience within the big data industry, having wrangled data warehousing, advanced high-performance computing, systems integrations, business intelligence and database systems within Fortune 100 companies.+ Also on Network World: Data lakes: A better way to analyze customer data +To read this article in full or to leave a comment, please click here

Posted on: 25 September 2016 | 11:00 pm

KrebsOnSecurity moves to Project Shield for protection against DDoS attack censorship

Unless you are a bad guy intent upon nefarious schemes to exploit technology in order to make money, then you probably have a great amount of respect for security reporter Brian Krebs. The crimes, breaches and attacks he has exposed have been so stunning that it boggles the mind. If cyber thugs have a “most wanted” list, then Krebs is likely at, or very near, the top. Yet what kind of messed up world do we live in if criminals can exploit horribly insecure internet-of-things devices with such success that it can silence the voice of a journalist like Krebs?He most recently ticked off allies of vDOS; Krebs wrote about the DDoS-for-hire company and the two teenagers allegedly behind it were arrested. Although it’s nothing new for his site, KrebsOnSecurity, to come under attack, like it did after his vDOS exposé, nearly two weeks later, Krebs’ site was hit “with the largest DDoS the internet has ever seen. 665 Gbps” (gigabits per second). Some of the POST request attacks included the string “freeapplej4ck,” referring to one of the alleged teenage owners of vDOS.To read this article in full or to leave a comment, please click here

Posted on: 25 September 2016 | 10:52 am

Companies say IoT matters but don't agree how to secure it

A majority of enterprises say the internet of things is strategic to their business, but most still take a piecemeal approach to IoT security.Those results from a global IDC survey conducted in July and August reveal both the promise and the growing pains of IoT, a set of technologies that may help many industries but can’t simply be plugged in. The 27-country survey had more than 4,500 respondents, all from organizations with 100 or more employees.For 56 percent of enterprises, IoT is part of their strategic plans for the next two or three years, IDC analyst Carrie MacGillivray said on a webcast about the results. But the state of adoption varies widely among industries. Manufacturing companies are investing the most in the technology, with retail and financial services – especially insurance – also on the cutting edge.To read this article in full or to leave a comment, please click here

Posted on: 23 September 2016 | 7:34 pm

A robot fish is helping the Navy improve underwater movement

Oscar Curet is an assistant professor at Florida Atlantic University. For the past couple of years, he's studied the movement of the Knifefish, an animal native to the Amazon River, that uses a long ribbon fin to propel itself through the water and navigate its complex environment.  "As a engineer, we try to solve problems, and nature has solved some of the problems that we are facing, and one of them is mobility," Curet said. Curet, along with other researchers from Florida Atlantic University (FAU), has created a robot fish to identify the differences between engineering systems and what occurs in nature. The prototype is composed of 3D-printed materials, 16 motors, and a number of sensors. The team also recently received a grant from the U.S. Navy to equip their prototype with a Volumetric Particle Image Velocity System, or PIV. The system, which uses four cameras synchronized with a laser light to capture currents in three dimensions, will help researchers measure how fluid dynamics interact with the flexible propulsors the team has developed to make underwater vehicles more maneuverable. To read this article in full or to leave a comment, please click here

Posted on: 23 September 2016 | 5:39 pm

Cisco, IBM may be interested in buying Imperva

Security vendor Imperva is shopping itself around and may be attractive to the likes of Cisco and IBM, according to Bloomberg.The Motley Fool reports that Imperva’s stock rose 20% today after Bloomberg’s report, which the Fool notes could actually drive buyers away because it would mean a more costly deal.Bloomberg named a number of other possible buyers including Forecpoint (owned by Raytheon and Vista Equity Partners), Akamai and Fortinet.To read this article in full or to leave a comment, please click here

Posted on: 23 September 2016 | 5:08 pm

Best Deals of the Week, September 19th - September 23rd - Deal Alert

Best Deals of the Week, September 19th - September 23rd - Deal AlertCheck out this roundup of the best deals on gadgets, gear and other cool stuff we have found this week, the week of September 19th. All items are highly rated, and dramatically discounted!1 Free Amazon Echo Dot When You Buy 5Echo Dot is a hands-free, voice-controlled device that uses Alexa to play & control music (either on its own, or through a connected speaker/receiver), control smart home devices, provide information, read the news, set alarms, and more. If you’re looking to buy them as gifts, or for different homes or rooms, Amazon will throw in a free one ($50 value) when you buy 5, or two free ones when you buy 10 (a $100 value). To take advantage of this limited time offer, select 6 or 12 in the quantity dropdown and add to your Shopping Cart. Enter promo code DOT6PACK or DOT12PACK at checkout where you will see the discount applied. The new Amazon Echo Dot comes in black, and now also white.  See the new Amazon Echo Dot now on Amazon.To read this article in full or to leave a comment, please click here

Posted on: 23 September 2016 | 4:05 pm

Global Forum sharpens focus on smart cities

Eindhoven, Netherlands -- The 25th Global Forum, an annual policy and strategy conference sometimes called “the Davos of ICT,” was held this week in Eindhoven, a smart city and technology hub with a rich industrial past.Eindhoven was the original home and de facto company town of Philips Electronics, one of the world’s leading technology giants. Then, under pressure from Asian and global competitors, Philips began a long process of exiting its historic lines of business.Eindhoven suffered an economic and psychological blow when in 1997 the company moved its headquarters to Amsterdam.The resulting economic and social disruption challenged Eindhoven to reinvent itself. The community focused on research and innovation (R&I), and built upon its Philips legacy to become the industrial design center of its country and the European region.To read this article in full or to leave a comment, please click here

Posted on: 23 September 2016 | 1:22 pm

The next target for phishing and fraud: ChatOps

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.Enterprise chat applications have surged in popularity, driven in large part by Slack, which now claims to serve more than three million users daily.  What’s more, the popularity of these apps has given rise to a new phenomenon known as ChatOps, which is what happens when these new messaging systems are used to automate operational tasks. The ChatOps term was coined by GitHub to describe a collaboration model that connects people, tools, processes and automation into a transparent workflow.  According to Sean Regan, Atlassian’s Head of Product Marketing for HipChat, this flow connects the work needed, the work happening and the work done in a consistent location staffed by people, bots and related tools.  Its transparent nature hastens the feedback loop, facilitates information sharing, and enhances team collaboration, but also ushers in a new set of challenges for securityand risk professionals.To read this article in full or to leave a comment, please click here

Posted on: 23 September 2016 | 1:21 pm

If you're not planning for IoT, you're already behind

Roughly half of the audience informally polled at last month’s CIO 100 event said they had attended an IoT event in the last 12 months. "So what were the other half [of you] doing on the most hyped word on the internet today?" asked Vernon Turner, senior vice president of enterprise systems & fellow for the internet of things at IDC.To read this article in full or to leave a comment, please click here(Insider Story)

Posted on: 23 September 2016 | 1:11 pm

Dollar Shave Club grooming AWS cloud services for smoother growth

If you asked a CIO to sketch the ideal modern IT architecture on a few cocktail napkins, it might resemble the system fashioned by of the Dollar Shave Club (DSC), the men's grooming ecommerce company that ascended from relative obscurity to prominence thanks to sound branding and this memorable YouTube clip.Running in a public cloud, the startup uses 22 custom applications to run sales and marketing campaigns and customer service, as well as a recommendation engine. The custom-cloud combination embodies the type of IT environment CIOs say they would build if they had a green field devoid of legacy architecture and technical debt.To read this article in full or to leave a comment, please click here

Posted on: 23 September 2016 | 1:10 pm

Court ruling puts future of H-1B lottery in doubt

The U.S. government's attempt to stop a lawsuit challenging the legality of the H-1B lottery was rejected Thursday by a federal court judge.The government tried to get this case dismissed on legal technicalities but failed. U.S. District Court Judge Michael Simon, in Oregon, denied the government's dismissal motion in a 24-page ruling.This case may now be decided quickly. The plaintiffs are seeking a summary judgment with oral arguments schedule in December. If the summary judgment is granted, the lottery could end -- the plaintiffs hope -- as early as next year.The case was brought by Tenrec Inc., a web development firm, and Walker Macy LLC, a landscape architecture, urban design and planning firm. Both firms filed petitions to hire a person who needed an H-1B visa, but lost the lottery.To read this article in full or to leave a comment, please click here

Posted on: 23 September 2016 | 1:08 pm

NY regulation aims to raise bank security standards

Next week, New York State will begin a 45-day public comment period on its new financial industry cybersecurity regulation -- and, so far, security experts have a favorable view of the proposal.Under the new regulations, banks and insurance companies doing business in New York State will need to establish a cybersecurity program, appoint a Chief Information Security Officer and monitor the cybersecurity policies of their business partners.According to New York Gov. Andrew Cuomo, this is the first such regulation in the country. "This regulation helps guarantee the financial services industry upholds its obligation to protect consumers and ensure that its systems are sufficiently constructed to prevent cyber-attacks to the fullest extent possible," he said in a statement.To read this article in full or to leave a comment, please click here

Posted on: 23 September 2016 | 1:07 pm

Largest DDoS attack ever delivered by botnet of hijacked IoT devices

Securing the internet of things should become a major priority now that an army of compromised devices – perhaps 1 million strong - has swamped one of the industry’s top distributed denial-of-service protection services.A giant botnet made up of hijacked internet-connected things like cameras, lightbulbs, and thermostats has launched the largest DDoS attack ever against a top security blogger, an attack so big Akamai had to cancel his account because defending it ate up too many resources.It wasn’t that Akamai couldn’t mitigate the attack – it did so for three days – but doing so became too costly, so the company made a business decision to cut the affected customer loose, says Andy Ellis the company’s chief security officer.To read this article in full or to leave a comment, please click here

Posted on: 23 September 2016 | 12:53 pm

Here's what you should know, and do, about the Yahoo breach

Yahoo's announcement that state-sponsored hackers have stolen the details of at least 500 million accounts shocks both through scale -- it's the largest data breach ever -- and the potential security implications for users.That's because Yahoo, unlike MySpace, LinkedIn and other online services that suffered large breaches in recent years, is an email provider; and email accounts are central to users' online lives. Not only are email addresses used for private communications, but they serve as recovery points and log-in credentials for accounts on many other websites.To read this article in full or to leave a comment, please click here

Posted on: 23 September 2016 | 12:26 pm

Well, I never! iOS 10's voicemail transcription has a potty mouth

Anyone who has looked at automatically-generated subtitles on YouTube can tell you that asking a computer to describe what a human says can lead to hilarious results. Now, Apple has brought that issue to iOS 10 with support for transcribing voicemails.It's a cool feature that makes it easy to know what your Aunt Matilda said about the gastrointestinal problems her dog is having, without actually having to listen to a three-minute-long, blow-by-blow description. But be careful about trusting it -- or reading the transcriptions around sensitive eyes.I learned that the hard way Thursday when someone left me a message about a reorder special on a wine club shipment. Except my iPhone didn't hear it that way, proudly telling me about "wearing your c**k s**t."To read this article in full or to leave a comment, please click here

Posted on: 23 September 2016 | 11:52 am

Cisco: New net management software lets users spot industrial Ethernet network problems quickly

Cisco has rolled out a Windows-based network management package that gathers Industrial Ethernet network events and alerts IT to the event for quick impact analysis and troubleshooting, the company said.+More on Network World: Ethernet: Are there worlds left to conquer?+The product, Industrial Network Director, builds an integrated topology of all network automation and assets and lets operators zoom in on specific devices for real-time monitoring of device status and traffic statistics, Cisco said. The system can integrate into other existing industrial asset management systems which lets customers and system integrators build dashboards customized to meet specific monitoring and accounting requirements.To read this article in full or to leave a comment, please click here

Posted on: 23 September 2016 | 11:51 am

Privacy groups urge US FTC to investigate WhatsApp promises

The U.S. Federal Trade Commission should stop mobile messaging service WhatsApp from sharing user data with parent company Facebook in violation of earlier privacy promises, several privacy groups said.The FTC should step in to stop WhatsApp from violating "commitments the company previously made to subscribers," the 17 groups said in a letter sent to the agency Thursday. WhatsApp has long billed itself as a secure and private messaging service. WhatsApp's recently released plan to share user data with Facebook as a way to target advertising could amount to an "unfair and deceptive" trade practice, said the groups, including the Center for Digital Democracy, Consumer Action, Consumer Watchdog, and Demand Progress.To read this article in full or to leave a comment, please click here

Posted on: 23 September 2016 | 10:25 am

50% off Inateck USB 3.0 Dual-Bay Hard Drive Cloning Station - Deal Alert

This gadget from Inateck will duplicate any 2.5 inch or 3.5 inch SATA HDD/SSD drive quickly and automatically without the need for a computer, by just pushing a button. Once cloning has started, an LED indicator shows you 25%, 50%, 75%, and 100% completion status. Or don't kick off the cloning process, and the unit allows you to move files freely between drives as you would an external HDD/SSD. Built-in safeguards protect against overheating, overvoltage, current leaks, short circuits, peak voltage, and other disturbances to ensure safe data access and transfers. The unit currently averages 4.5 out of 5 stars on Amazon from over 530 customers (read reviews). With a typical list price of $69.99, this 50% off deal puts it at just $34.99. See the discounted Inateck HDD/SSD cloning station now on Amazon.To read this article in full or to leave a comment, please click here

Posted on: 23 September 2016 | 10:13 am

IDG Contributor Network: Mainframes 2026: What the future holds for big iron

For more than 50 years mainframes have powered thousands of organizations around the world, from banks to militaries to government agencies. Looking looking back at all that history makes me think about the critical role that big iron has played in the world, but it also gets me thinking about the future and what the next 10 years holds for the mainframe industry.+ Also on Network World: The future of virtualization: Don’t forget the so-called 'old' +What makes me so confident that mainframing even has a 2026 worth looking forward to? After all, hasn’t the cloud revolutionized data storage and processing and ushered in the end of mainframes? The truth is that not every disruptive development replaces what it disrupted—sometimes not immediately and sometimes not at all. Globalization did not kill American IT jobs, Metallica didn’t negate Van Halen, and the cloud won’t kill mainframes because mainframes have something that the cloud will need over the next decade: power.To read this article in full or to leave a comment, please click here

Posted on: 23 September 2016 | 8:23 am

23% off HDMI Cloner Box for Gaming or HD Video Stream Capture, No PC needed - Deal Alert

Here's a device any gamer or video enthusiast may want to have on hand. Connect a game console, DVD, or any video source to this gadget via its HDMI input, and with the push of a button it captures and saves the video stream to any attached USB flash drive, with no PC required. Advanced hardware H.264 encoding captures your live gameplay or video playback in 1080p Full HD, while keeping the file size low and capturing speeds high. Averaging 4 out of 5 stars on Amazon from over 170 customers (read reviews), the gadget's $129.99 list price has been reduced 23% to $99.99. With the unit you'll get a free 16gb USB stick to get you started (enough for several hours of video). See the discounted cloner box now on Amazon.To read this article in full or to leave a comment, please click here

Posted on: 23 September 2016 | 8:13 am

Impending cumulative updates unnerve Windows patch experts

Microsoft's decision to force Windows 10's patch and maintenance model on customers running the older-but-more-popular Windows 7 has patch experts nervous."Bottom line, everyone is holding their breath, hoping for the best, expecting the worst," said Susan Bradley in an email. Bradley is well known in Windows circles for her expertise on Microsoft's patching processes: She writes on the topic for the Windows Secrets newsletter and moderates the PatchMangement.org mailing list, where business IT administrators discuss update tradecraft.Bradley's anxiety stems from Microsoft's announcement last month that beginning in October it will offer only cumulative security updates for Windows 7 and 8.1, ending the decades-old practice of letting customers choose which patches they apply.To read this article in full or to leave a comment, please click here

Posted on: 23 September 2016 | 7:00 am

New Relic aims to be your dashboard of the future

In Lew Cirne's view, all companies are now software companies and understanding how your software is treating your customers is key to business success. Cirne is the founder and CEO of New Relic, a cloud-based provider of application management tools. In this CEO Interview Series conversation with IDG Chief Content Officer John Gallant, Cirne explained how New Relic gets IT and business execs on the same page in improving operations and customer experience, and he described the company's new tools for keeping highly virtualized private and public infrastructure in synch. He also talked about a 'unique' pricing scheme that recognizes the dynamic nature of computing today, and outlined why existing management tool vendors have a long way to go to catch up with New Relic.To read this article in full or to leave a comment, please click here(Insider Story)

Posted on: 23 September 2016 | 6:58 am

6 expert tips to better secure third-party network access

Third-party accessImage by Harris & Ewing Collection (Library of Congress)Earlier this year, the Soha Third-Party Advisory Group conducted a study that surveyed more than 200 enterprise IT and security C-Level executives, directors and managers about the daily challenges they face providing fast and secure third-party application access to their contractors and suppliers. The survey revealed that 98 percent of respondents do not consider third-party access a top priority in terms of IT initiatives and budget allocation. This is a huge concern, considering that third parties cause or are implicated in 63 percent of all data breaches.To read this article in full or to leave a comment, please click here

Posted on: 23 September 2016 | 6:57 am