13.2 C
Tuesday, October 17, 2017
Home Tags Concert

Tag: concert

"Itrsquo;s almost like a lynch mob is forming," she says about the fallout from her post.
Lawsuit claims one arrestee was told it would cost $15k to have profile removed.
Would you wear an Android-based, pendant-like camera around your neck? See it for yourself.
As Apple's focus shifts to original video content for its services business.
Tell Pitchfork this is one concept album that delivered and deserved better than 6.8/10.
With the newest Docker Enterprise Edition, you can now have Docker clusters composed of nodes running different operating systems.Three of the key OSes supported by Docker -- Windows, Linux, and IBM System Z -- can run applications side by side in the same cluster, all orchestrated by a common mechanism.[ What is Docker? Linux containers explained. | Go deeper with InfoWorldrsquo;s beginnerrsquo;s guide to Docker. ]Clustering apps across multiple OSes in Docker requires that you build per-OS images for each app.

But those apps, when running on both Windows and Linux, can be linked to run in concert via Docker's overlay networking.To read this article in full or to leave a comment, please click here
Despite the lack of Dontnod, Before the Storm has all the charm of its predecessor.
Reliving my first rock concert four decades later.
Carbanak certainly has not sat idly by after years of advanced criminal campaigns targeting primarily financial institutions.

The outfit, alleged to have stolen from more than 100 banks worldwide, has popped up again with a new means of managing command and control over its malware and implants. Researchers at Forcepoint said Tuesday that an investigation into an active exploit sent in phishing messages as a RTF attachment led them to discover the group has been using hosted Google services for command and control. Services such as Google Forms and Google Sheets are being co-opted by the group, allowing Carbanak traffic to essentially hide in plain sight among Google traffic that is unlikely to be blocked by an organization. Forcepoint said that each time a victim is infected by the group’s malware, a Google Sheets spreadsheet is created along with a unique ID for the victim, which is used to manage interactions with the infected machine.

The attacker then manually goes into the spreadsheet, collects any data sent back from the target’s computer and loads the spreadsheet with commands and additional malware that is pulled to the compromised machine. Forcepoint said it was not aware of how many of these command and control channels were open on Google services, but said it is something that was privately disclosed to Google.

A request for comment from Google was not returned in time for publication. “The Carbanak actors continue to look for stealth techniques to evade detection,” Forcepoint said in its report published yesterday. “Using Google as an independent C&C channel is likely to be more successful than using newly created domains or domains with no reputation.” Researchers said their investigation was prompted in part by a new campaign disclosed by tr1adx, a scarcely populated website that has published four pieces of “intelligence,” primarily focusing on state-sponsored groups. On Jan. 1, it published a piece on a Carbanak campaign it was calling Digital Plagiarist.

The main tactic exposed in the report was the group’s use of tainted Office documents hosted on sites mirroring legitimate sites such as the U.S.

Food and Drug Administration, Department of the Treasury, Zyna, Atlantis Bahamas, Waldorf Astoria and many others across sectors such as manufacturing, hospitality, media and health care.

The group, which tr1adx calls the TelePort Crew, is likely Carbanak based on domains and malware used in this campaign that are similar to another disclosed by researchers at Trustwave last year. Forcepoint took a look at a RTF file previously used exclusively by Carbanak that includes crafted VBscript.

The document, Forcepoint said, contains an embedded OLE object disguised as an image asking the victim to click on it to view the attachment.

The image is hosting the VBscript, and if the victim clicks on the image, a dialogue box appears instructing the users to open the file, which executes the attack. “We decoded the script and found hallmarks typical of the Carbanak group’s VBScript malware, however we also found the addition of a new ‘ggldr’ script module,” Forcepoint said. “The module is base64 encoded inside the main VBScript file along with various other VBScript modules used by the malware. When we analyzed the script we noticed that it is capable of using Google services as a C&C channel.” Carbanak’s activities were exposed in 2015 by researchers at Kaspersky Lab who published an extensive report explaining was using advanced malware to attack more than 100 banks, stealing anywhere from $2.5 million to $10 million per bank, putting potential losses at $1 billion. Carbanak used spear phishing to infiltrate banks, laterally moving across compromised bank networks until they landed on the right system that allowed them to steal money. On some instances, Kaspersky Lab said, Carbanak would record video of system operators, which were used in concert with data obtained by implanted keyloggers to fully understand what the victim was doing on the infected machine. Kaspersky Lab said Carbanak would cash out in a number of ways: “ATMs were instructed remotely to dispense cash without any interaction with the ATM itself, with the cash then collected by mules; the SWIFT network was used to transfer money out of the organization and into criminals’ accounts; and databases with account information were altered so that fake accounts could be created with a relatively high balance, with mule services being used to collect the money.”
One of the toughest parts of being a computer security pro is trying to figure out what to hang your career on every two to five years. Which new buzzwords will stick to become a new paradigms, and which will disappear into the ether? Keeping up with the latest and greatest enterprise tech is part of my job, and no source does it better than InfoWorld, but some “new” trends still end up surprising me. In 2016, we learned that the emerging ecosystem of containers, microservices, and cloud scalability is not a fad.

But it does present new security problems. Securing containers In 2015, I talked about securing containers, which were popularized by Docker, and are now used throughout the industry and supported by most industry players. Often inaccurately described as “micro-VMs,” containers hold packaged pieces of software that contain all the components (the software itself, system libraries, the file system) needed to run that software.

Containerized applications share a single instance of the OS, rather than running copies of an OS like VMs do. Since that 2015 article, a handful of companies have offered solutions to help you secure containers, including more default security and support from Docker itself. How hard is it to secure containers? The short answer: It depends on the scenario. Because applications can be abstracted from the operating system, it's easier to patch one without necessarily impacting the other.

At the same time, containers introduce an additional layer of complexity, so container deployments are harder to secure. For one thing, a great benefit of containers is that developers can create and share images much more easily than ever before -- raising the risks of propagating images containing flaws or malware.

Also, root access to the host OS provides an access to all containerized apps. Read this article by Amir Jerbi of Aqua Security for an excellent rundown of these issues. Securing microservices You need to add microservices to your security planning, too. Microservices are the modern method to create web and mobile applications: You break down functionality into separate mini-applications that are loosely coupled by RESTful APIs. Martin Fowler, one of the earliest proponents, describes microservices as “suites of independently deployable services.” Microsoft Azure CTO Mark Russinovich has a great article on microservices as well. You can think of microservices as an outgrowth of object-oriented coding, where each programming component is coded in such a way that, given the required inputs, it can function with any other component. Yet microservices are stand-alone services that, working in concert, power one or more applications. One of the best aspects of microservices is the ability to have multiple, redundant services, each of which can stand in for each other.

Administrators can remove, insert, stop, or start related microservices without impacting the whole application. You can patch or update one or more microservice components, and the larger supported application should hum along without a hiccup. Securing it all Let's review: We have physical computers and virtual machines. We have public and private clouds. We have containers and microservices.
It’s all running across physical and software-defined networks. Now imagine them all working in concert together to deliver a service or set of services.
In a full redundant model, you have containers running microservices in VMs in public clouds and/or on in your datacenter. How are computer security pros supposed to secure it all? You start by breaking it down into its individual components. You secure all the involved physical computers and networks as you have always traditionally done. You look at the threats along the OSI model and address your needs. Virtual machines have their own security issues (guest-to-guest, guest-to-host, and host-to-guest risks). Microservices are best handled using Security Development Lifecycle methods and tools.

At their base, microservices are simply software and should be treated like any software that needs to be securely programmed. Like VMs, containers have their own issues, but each container scenario demands a different security approach.

Be sure to check out the Docker security blog and the aforementioned InfoWorld article. The most important recommendation I can give you is that identity is the new security boundary.
I’m not talking user or device logon identities alone, though they play a major role.
I’m also talking about the identities and security contexts that run each of the individual components. Do they share the same namespace? If so, do multiple components run under the same shared identity? If they share different namespaces, do the involved identities still share common authentication credentials? That would be like someone using the same password across two different, completely unrelated websites. You have to know what libraries and components are shared by different microservices or containers.
If one of the subcomponents has a vulnerability, that means every dependent, upper-layer component has the same vulnerability.

Can you even patch the dependent subcomponent? Like the trials and tribulations of computer security people trying to patch Java clients, containers and microservices can open the door to the same patching hell. If you don’t know much about containers and microservices, start learning more about them today. Done right, containers and microservices can simplify security. Manage them poorly, and you're inviting another security nightmare.
Enlarge / Did they compete with the bots to get their tickets?Mat Hayward/Getty Images reader comments 94 Share this story Using software bots to buy concert tickets will soon be illegal, thanks to a bill passed by Congress yesterday. The Better Online Ticket Sales (BOTS) Act makes it illegal to bypass any computer security system designed to limit ticket sales to concerts, Broadway musicals, and other public events with a capacity of more than 200 persons. Violations will be treated as "unfair or deceptive acts" and can be prosecuted by the Federal Trade Commission or the states. Sen. Jerry Moran (R-Kansas), who sponsored the bill, told The Associated Press that he intends to "level the playing field" for people buying tickets. "The need to end this growing practice is reflected in the bill's widespread support," Moran said. The bill passed the Senate by unanimous consent last week, and the House of Representatives voted yesterday to pass it as well.
It now proceeds to President Barack Obama for his signature. Computer programs that automatically buy tickets have been a frustration for the concert industry and fans for a few years now.

The issue had wide exposure after a 2013 New York Times story on the issue. Earlier this year, the office of New York Attorney General Eric Schneiderman completed an investigation into bots.

The New York AG's ticket sales report (PDF) found that the tens of thousands of tickets snatched up by bots were marked up by an average of 49 percent. "I want the thousands of tickets for shows, concerts, and sporting events that are now purchased by bots and resold at higher prices to go into the general market so that you have a chance to get them," wrote Lin-Manuel Miranda, creator of the hit musical Hamilton, in a New York Times op-ed in June. "You shouldn’t have to fight robots just to see something you love." The Senate took up the matter a few months ago, holding a September hearing at which Jeffrey Seller, the producer of Hamilton, testified.
Seller told legislators that bots quickly buy up tickets, which are then resold on platforms like StubHub and TicketsNow for big markups.
One of Windows 10's biggest internal changes is support for management and security APIs à la enterprise mobile management (EMM).
It uses APIs similar to those in iOS, Android, and MacOS.

But Windows 10's EMM policies are limited compared to what traditional Windows management tools can do.

Thus, a lot of what IT does to manage PCs today can't be done in Windows 10 via EMM, such as set up kiosk mode or enable local encryption.
Instead, old-school tools like System Center Configuration Manager (SCCM) must be used instead. EMM provider MobileIron has an answer: MobileIron Bridge, an add-on to its EMM tools that lets IT apply their familiar -- and often extensive -- group policy objects (GPOs) to Windows 10 PCs managed via EMM. Applying GPOs via EMM lets IT manage Windows 10 PCs using both legacy and modern techniques from one console (MobileIron's EMM), filling in the API gaps Windows 10 currently has. Some vendors let IT install listener apps on PCs to locally apply some GPOs, a technique that could be used with traditional Windows 10 tools in parallel with an EMM tool.

But MobileIron is the first to provide GPO support directly via EMM -- there's no local client app to install, and all the GPO settings go through the same channel as the other EMM policies. MobileIron Bridge's support of GPOs is done by supporting PowerShell, VBScript, and registry scripts.
IT can take existing scripts, as well as create new ones, and bundle them into policies that MobileIron Bridge then deploys like any EMM policy.  For example, Windows 10's EMM APIs can detect a PC where BitLocker encryption is disabled, rendering the PC noncompliant with corporate security policy.

But those APIs can't be used to enable BitLocker. With MobileIron Bridge, PowerShell-driven GPOs can be used to enable BitLocker remotely, so IT can detect noncompliant PCs, then turn them compliant -- all remotely. MobileIron Bridge lets IT run bundled scripts to implement group policy objects and other system management commands on Windows 10 PCs managed via EMM. Here, BitLocker encryption is enabled on a noncompliant PC. As another example, MobileIron Bridge can be used to run scripts to set up kiosk mode on Windows 10 PCs, which essentially locks a specified user to specified apps and can seal off their data from that of other people using the same PC.

A retailer might use kiosk mode for a shared Windows laptop or tablet, giving each employee a separate kiosk account and retiring the accounts as employees leave. Another scenario that MobileIron Bridge supports is setting up multiple user accounts on a PC, such as one used by contractors, for job-sharers, across shifts involving different departments in a "hoteling" workplace, or even by employees working from home on a personal PC. Working in concert with Azure Active Directory, IT can use MobileIron Bridge to remotely set up the multiple accounts, determine which accounts can share data with each other, and which accounts run in kiosk mode, then retire accounts as users leave. MobileIron Bridge also lets IT install .exe apps onto Windows 10 PCs; Microsoft's EMM APIs support installation only of .msi and .appx software, which means most legacy apps aren't supported for remote, policy-based installation. MobileIron comes with a graphical interface to install such .exe apps, but it also can install other binaries using a command-line interface, again using scripts as it does for GPO deployment. MobileIron Bridge can install legacy .exe apps onto Windows 10 PCs via EMM policies; example apps are highlighted here. Ojas Rege, MobileIron's chief strategy officer, notes that when iPhones entered the enterprise in the late 2000s, IT couldn't reuse any of the many policies they had painstakingly set up in BlackBerry Enterprise Service for their BlackBerrys.

Thus, they had to start from scratch. MobileIron Bridge's GPO support gives an IT an easier path to transition Windows 10 PCs from traditional management approaches to the EMM one used on other devices, he says. However, Rege suggests that IT shops not deploy all their existing GPOs as is on Windows 10 PCs; they should use the EMM transition to evaluate what policies they still really need -- BlackBerry shops soon realized they didn't need all 450 BES policies, for example -- and deploy those in a staged approach. "It should be done with a change-management process," he says. MobileIron Bridge will support Windows 10 Professional and Enterprise Editions, though some supported Windows 10 capabilities such as kiosk mode require the Enterprise Edition. Licenses will cost $3 per PC.
It's now in prerelease at some customers, and the company hopes to make it generally available by January 2017.