Soundtrap, from Sweden, which launched to the public in early 2015, rolled out an education version of its audio recording platform one... Source: RealWire
Bringing the Latest and Greatest on Technology Industry Issues from Artificial Intelligence to Cyber Security to the North West, for a Third Successful Year
London, 25 January 2017 – IP EXPO Manchester, part of Europe's number one enterprise IT event series, today launches its 2017 showcase, which promises to be the most insightful and topical yet.
IP EXPO Manchester Be Inspired
2017 is a year of opportunity for Manchester, with Prime Minister Theresa May allocating £130.1 million in investment for the Greater Manchester region. Manchester City Council will also invest an additional £4 million in two new tech hubs to support the Northern cities booming technology, science and digital industries.
With additional focus on development in AI, AR, VR and automation technologies, Manchester is well placed to continue to grow its international technology reputation and be at the forefront of overcoming industry issues and challenges.
Be it Brexit, changes in European legislation such as General Data Protection Regulation (GDPR), or the advancement of artificial intelligence, there is a vast landscape of new issues for IT professionals to navigate.
For its 2017 event, IP EXPO Manchester will address all these changes in the region by providing local organisations with access to an unprecedented group of influential speakers and brands across central themes of Cloud, Cyber Security, Networks and Infrastructure, DevOps, Open Source and a brand new topic combining AI, Analytics and IoT. Now in its third successful year, the two-day event will take place on 26-27 April 2017 at the Manchester Central, Manchester.
“2017 is shaping up to be one of the most transformative years ever with so many disruptive and exciting new technologies now mature and available.
Add to this the growing need for businesses to digitally transform to stay competitive and the continued growth of the cyber threat landscape there is a crucial need for information, expertise and advice. Our mission is to provide our attendees with rare access to the industry leaders and the world class experts that are creating and shaping these technologies.” comments Bradley Maule-ffinch, EMEA Portfolio Director for the IP EXPO Event Series.
He continues, “IP EXPO Manchester is our fastest growing event and easily the largest enterprise IT event in the North.
Artificial Intelligence, going serverless, DevOps and Cloud technologies are just some of the areas we’ll be covering as well as our cyber security content around GDPR, ransomware, social engineering, and threat protection.
IP EXPO Manchester aims to bring together the right people and brands under one roof to help IT professionals discuss, debate and discover more about the challenges and opportunities these issues bring to the region and beyond.”
2017 Programme highlights include:
- Panel debate on the ‘Future of Artificial Intelligence’ featuring Amy Nicholson, Tech Evangelist Microsoft UK
- Live hack demonstration from Ken Munro, Founder of Pen Test Partners
- Industry leading speakers such as:
- David Lewis – Global Security Advocate at Akamai Technologies
- James Akrigg – Head of Technology for Partners at Microsoft
- Paul J Taylor – Detective Constable for Cyber Crime at Greater Manchester Police
- Jenny Radcliffe – ‘The People Hacker’
For further information and to register free for IP EXPO Manchester 2017, please visit: www.ipexpomanchester.com.
Get involved on Twitter using #IPEXPOManchester
About IP EXPO Manchester
IP EXPO Manchester is part of Europe’s number one enterprise IT event series, IP EXPO.
The event series also includes IP EXPO Europe in London and IP EXPO Nordic in Sweden. Launched by organisers Imago Techmedia in 2015, the event now encompasses six events under one roof including Cloud, Cyber Security, Networks and Infrastructure, DevOps, Open Source and a brand new topic combining AI, Analytics and IoT.
Designed for those looking to find out how the latest IT innovations can drive and support their business and transition to a digital future
The event showcases brand new exclusive content and senior level insights from across the industry, as well as unveiling the latest developments in IT.
It covers everything you need to run a successful enterprise or organisation.
Gemma Smith / Vicky Muxlow
020 3176 4700
Speaker or exhibitor enquiries:
Sophie Barry / Keiran Prior
0203 841 8500
Cognosec AB (publ) (“Cognosec” or “The Company”), (Nasdaq: COGS), a leading supplier of cyber security solutions with operations in Europe, Africa and the Middle East, has signed an exclusive agreement with A-tek Distribution, a UK-based company specialising in the sale and digital distribution via innovative portal technologies of cyber security solutions, products and services.
The acquisition is in line with Cognosec’s strategy to expand business areas to cover the sale and distribution of software technologies over the internet.
This press release includes inside information of Cognosec AB (publ) (“Cognosec” or “The Company”) that has been subject to postponement of disclosure.
The disclosure of inside information was postponed on December 8, 2016 under Article 17 (4) of Regulation (EU) No 596/2014 (Market Abuse Regulation).
Cognosec AB today announces the signing of Heads of Terms of Agreement pursuant to the acquisition of A-tek Distribution, which is expected to close in Q1, 2017 subject to legal, financial and technology due diligence exercises.
A-tek Distribution was founded in 2009, and is a United Kingdom registered company.
The transaction will include the acquisition of 100% of outstanding shares for a consideration of approximately €275,000 comprised of €44,000 cash and €231,000 Cognosec AB new issue shares.
The transaction will be completed by Cognosec AB subsidiary, Credence Security.
There will be no other impact on Cognosec AB’s balance sheet.
A-tek Distribution is a specialist Digital Software Distribution Business, distributing cyber security solutions by portal and established by pioneers of digital software distribution who between them, possess over 85 man years of digital software distribution.
A-tek is positioned as a New Age Distribution Business, enabling global access to the vast SME markets with Pay-as-you-Use and Software-as-a-Service cyber security solutions.
The technology platform provides significant scalability and global advantages through innovative distribution methodologies.
A-tek Distribution recorded revenues of EUR101 510 2 in FY2016 and EBITDA of EUR 48 5602.
The acquisition of A-tek improves Cognosec’s competitive advantage for both vendors and customers alike.
This addition also expands Credence Security’s current product portfolio to incorporate cyber security solutions for secure operation centers, network operation centers, datacenters, mobile platforms, virtualised environments as well as providing critical fraud prevention solutions into the technology, media, telecommunications, financial and public sectors.
Commenting on the acquisition of the business by Cognosec AB, Robert Hall, A-tek Distribution’s Co-founder, says that - “It will allow the Company to fast track the overview above, whilst working together with a globally recognised provider of cyber security excellence to secure additional distribution agreements giving our current and future partners tremendous platforms for future growth, productivity and profitability."
Robert Brown, CEO of Cognosec AB commented – “We are delighted to broaden and deepen our business in line with our strategies through the acquisition of A-tek, a highly respected and experienced team.
Through A-tek, Cognosec will be extending its customer base with the addition of web-based digital distribution portals covering existing and new segments of this growing market.
Cognosec recognises the expansion of distribution of cyber security software through innovative portal solutions providing products and services with a strong emphasis on the SME markets as our strategic focus."
The transaction will complete in GBP so the approximation is for the GBP:EUR exchange rates which were taken at mid-market on 23rd January 2017, 1GBP=1.158EUR.
A-tek Distribution Limited uses GBP as reporting currency.
The approximation is for GBP:EUR exchange rates which were taken at mid-market on 23rd January 2017, 1GBP=1.158EUR.
Mangold Fondkommission AB is the Company’s Certified Adviser.
Telephone: +46 (0)8 5030 1550
FOR FURTHER INFORMATION, PLEASE CONTACT:
IR-contact, Cognosec AB
Aidan Murphy / Matthew Watkins
PR contacts, Finn Partners
Call: +44 (0)20 3217 7060
This information is information that Cognosec AB is obliged to make public, pursuant to the EU Market Abuse Regulation.
The information was submitted for publication, through the agency of the contact person set out above, on 24th January, 2017, at 15.00 CET.
Cognosec AB (publ) (Nasdaq: COGS) is engaged in the provision of cyber security solutions and conducts its operations through the Swedish parent company and through subsidiaries in South Africa, UK, Kenya, and the United Arab Emirates.
The Group delivers services and technology licences to enhance clients’ protection against unwanted intrusion and to prevent various forms of information theft.
The parent company is domiciled in Stockholm, Sweden.
Cognosec employs 110 people and had revenues of EUR 16.8 million in 2015. Please visit www.cognosec.se for more information.
'I don't pay a lot of attention to Mr. Assange's tweets,' President Obama said during his final press conference.
Is Julian Assange coming to the US? Probably not.
"I don't pay a lot of attention to Mr. Assange's tweets, so that wasn't a consideration" in deciding to commute the sentence of Chelsea Manning, President Obama said today during his final press conference in office.
Assange has been holed up in the Ecuadorian embassy in London since 2012 to avoid extradition to Sweden on sexual misconduct charges. In January, WikiLeaks—the site he founded—tweeted that "If Obama grants Manning clemency Assange will agree to US extradition despite clear unconstitutionality of DoJ case."
On Tuesday, President Obama did just that, commuting Manning's sentence to time served. She will be released in May after serving seven years in a military prison. She was sentenced to 35 years in 2013 for stealing documents from a classified Defense Department network and submitting them to WikiLeaks, which published the information.
Today, Obama defended the decision, arguing that Manning served her time.
"The notion that the average person who was thinking about disclosing vital classified information would think that it goes unpunished... I don't think would get that impression from the sentence that Chelsea Manning has served," the president said. "It has been my view that given she went to trial, that due process was carried out, that she took responsibility for her crime, that the sentence that she received was very disproportionate relative to what other leakers had received and that she had served a significant amount of time, that it made sense to commute and not pardon her sentence.
"I feel very comfortable that justice has been served," Obama added.
As for Assange, it does not look like the president will use his remaining time in office to get on the line with the exiled WikiLeaks founder. "I refer you to the Department of Justice" on that issue, he said today.
The DOJ has been investigating WikiLeaks over Iraq War data dumps.
For his part, Assange no longer appears ready to jump on a plane to the US:
Assange is still happy to come to the US provided all his rights are guarenteed despite White House now saying Manning was not quid-quo-pro.— WikiLeaks (@WikiLeaks) January 18, 2017
Assange's lawyer tells The Telegraph that Assange wanted the president to grant Manning clemency and release her immediately rather than commuting the sentence and releasing her in May.
As The Telegraph notes, the US has not requested extradition, but Assange believes it could happen if he makes his way to Sweden.
A VPN is typically a paid service that keeps your web browsing secure and private over public Wi-Fi hotspots.
VPNs can also get past regional restrictions for video- and music-streaming sites and help you evade government censorship restrictions—though that last one is especially tricky. The best way to think of a VPN is as a secure tunnel between your PC and destinations you visit on the internet. Your PC connects to a VPN server, which can be located in the United States or a foreign country like the United Kingdom, France, Sweden, or Thailand. Your web traffic then passes back and forth through that server.
The end result: As far as most websites are concerned, you’re browsing from that server’s geographical location, not your computer’s location. We’ll get to the implications of a VPN’s location in a moment, but first, let’s get back to our secure tunnel example. Once you’re connected to the VPN and are “inside the tunnel,” it becomes very difficult for anyone else to spy on your web-browsing activity.
The only people who will know what you’re up to are you, the VPN provider (usually an HTTPS connection can mitigate this), and the website you’re visiting. A VPN is like a secure tunnel for a web traffic. When you’re on public Wi-Fi at an airport or café, that means hackers will have a harder time stealing your login credentials or redirecting your PC to a phony banking site. Your Internet service provider (ISP), or anyone else trying to spy on you, will also have a near impossible time figuring out which websites you’re visiting. On top of all that, you get the benefits of spoofing your location.
If you’re in Los Angeles, for example, and the VPN server is in the U.K., it will look to most websites that you’re browsing from there, not southern California. This is why many regionally restricted websites and online services such as BBC’s iPlayer or Sling TV can be fooled by a VPN.
I say “most” services because some, most notably Netflix, are fighting against VPN (ab)use to prevent people from getting access to, say, the American version of Netflix when they’re really in Australia. For the most part, however, if you’re visiting Belgium and connect to a U.S.
VPN server, you should get access to most American sites and services just as if you were sitting at a Starbucks in Chicago. What a VPN can’t do While VPNs are an important tool, they are far from foolproof. Let’s say you live in an oppressive country and want to evade censorship in order to access the unrestricted web.
A VPN would have limited use.
If you’re trying to evade government restrictions and access sites like Facebook and Twitter, a VPN might be useful.
Even then, you’d have to be somewhat dependent on the government’s willingness to look the other way. Anything more serious than that, such as mission-critical anonymity, is far more difficult to achieve—even with a VPN. Privacy against passive surveillance? No problem. Protection against an active and hostile government? Probably not. HideMyAss A VPN service provider such as HideMyAss can protect your privacy by ensuring your internet connection is encrypted. The problem with anonymity is there are so many issues to consider—most of which are beyond the scope of this article. Has the government surreptitiously installed malware on your PC in order to monitor your activity, for example? Does the VPN you want to use have any issues with data leakage or weak encryption that could expose your web browsing? How much information does your VPN provider log about your activity, and would that information be accessible to the government? Are you using an anonymous identity online on a PC that you never use in conjunction with your actual identity? Anonymity online is a very difficult goal to achieve.
If, however, you are trying to remain private from prying eyes or evade NSA-style bulk data collection as a matter of principle, a reputable VPN will probably be good enough. Beyond surveillance, a VPN also won’t do much to keep advertisers from tracking you online. Remember that the website you visit is aware of what you do on its site and that applies equally to advertisers serving ads on that site. To prevent online tracking by advertisers and websites you’ll still need browser add-ons like Ghostery, Privacy Badger, and HTTPS Everywhere. How to choose a VPN provider There was a time when using a VPN required users to know about the built-in VPN client for Windows or universal open-source solutions such as OpenVPN. Nowadays, however, nearly every VPN provider has their own one-click client that gets you up and running in seconds.
There are usually mobile apps as well to keep your Android or iOS device secure over public Wi-Fi. Of course that brings up another problem.
Since there are so many services to choose from, how can you tell which ones are worth using, and what are the criteria to judge them by? First, let’s get the big question out of the way.
The bad news for anyone used to free services is that it pays to pay when it comes to a VPN.
There are tons of free options from reputable companies, but these are usually a poor substitute for the paid options.
Free services usually allow a limited amount of bandwidth usage per month or offer a slower service.
Some companies disallow torrents completely, some are totally fine with them, while others won’t stop torrents but officially disallow them. We aren’t here to advise pirates, but anyone looking to use a VPN should understand what is and is not okay to do on their provider’s network. Finally, does the VPN provider offer their own application that you can download and install? Unless you’re a power user who wants to mess with OpenVPN, a customized VPN program is really the way to go.
It’s simple to use and doesn’t require any great technical knowledge or the need to adjust any significant settings. Using a VPN You’ve done your due diligence, checked out your VPN’s logging policies, and found a service with a great price and a customized application. Now, for the easy part: connecting to the VPN. Here’s a look at a few examples of VPN desktop applications. TunnelBear, which is currently my VPN of choice, has a very simple interface—if a little skeuomorphic. With Tunnel Bear, all you need to do is select the country you want to be virtually present in, click the dial to the “on” position, and wait for a connection-confirmation message. SaferVPN works similarly.
From the left-hand side you select the country you’d like to use—the more common choices such as the U.S., Germany, and the U.K. are at the top. Once that’s done, hit the big Connect button and wait once again for the confirmation message. SaferVPN With SaferVPN, all you need to do is choose the country you wish to have a virtual presence in. HMA Pro is a VPN I’ll be reviewing in the next few days.
This interface is slightly more complicated, but it’s far from difficult to understand.
If you want to select your desired virtual location click the Location mode tab, click on the location name, and then choose your preferred location from the list. Once that’s done click the slider button that says Disconnected. Once it flips to Connected,you’re ready to roll. There are numerous VPN services out there, and they all have different interfaces; but they are all similar enough that if you can successfully use one, you’ll be able to use the others. That’s all there is to using a VPN.
The hard part is figuring out which service to use. Once that’s done, connecting to a VPN for added privacy or to stream your favorite TV shows while abroad is just a click away. This story, "How—and why—you should use a VPN any time you hop on the internet" was originally published by TechHive.
For Assange to be extradited to the US, it would have to be signed off by authorities in Sweden and the UK, but no such request has been made. Assange has been holed up in cramped conditions at the Ecuadorian embassy in London since June 2012. He skipped bail after a European Arrest Warrant was issued in late 2010 by Scotland Yard cops on behalf of Swedish officials who sought the extradition of the 45-year-old Australian. Assange lawyer @themtchair on Assange-Manning extradition 'deal': "Everything that he has said he's standing by." — WikiLeaks (@wikileaks) January 18, 2017 On Tuesday, Obama—in one of his final acts as president—commuted the sentence of Manning.
The US army private was originally sentenced to serve a 35-year term for leaking a cache of classified military documents to WikiLeaks, but she will now be released in May. Last September, WikiLeaks tweeted: "If Obama grants Manning clemency, Assange will agree to US prison in exchange—despite its clear unlawfulness." On January 12, a similar tweet appeared.
It said: "If Obama grants Manning clemency Assange will agree to US extradition despite clear unconstitutionality of DoJ [Department of Justice] case." Following Manning's commutation of sentence, Assange was mocked on Twitter, with many calling on him to pack his bags and leave Flat 3B, No. 3, Hans Crescent—the Ecuadorian embassy's address in Knightsbridge, London. However, because the WikiLeaks chief breached his bail conditions back in 2012, it's highly likely that Assange will be arrested by Met police if and when he steps outside the embassy. In 2015, Scotland Yard said that it was ending round-the-clock "physical presence" of officers camped outside the embassy, but added that the Met would "make every effort to arrest" Assange.
In September last year, a Swedish court upheld an earlier decision to maintain its European Arrest Warrant against him. Assange, who has repeatedly denied any wrongdoing, initially sought political asylum nearly five years ago, after he was wanted for questioning over rape, coercion, and two counts of sexual molestation accusations brought against him by two women in Sweden.
The allegations surfaced after Assange visited the country in August 2010 to give a lecture. Swedish officials confirmed in 2015 that they would no longer be seeking answers from Assange over allegations of sexual molestation and coercion, due to a law of limitation that requires the cops to charge a suspect within a certain timeframe.
But the more serious allegation of rape remains in place until 2020. Assange has claimed that he would be extradited to the US to face espionage charges if he does leave the Ecuadorian embassy in London. On Wednesday, Assange's lawyer Barry Pollock said: Whistleblowers like Chelsea Manning serve the public interest.
She should never have been prosecuted and sentenced to decades in prison.
She should be released immediately. Likewise, publishers of truthful information serve the public interest, promote democracy, and should not be prosecuted. The war on whistleblowers should end now and should not be continued in the new administration [under Donald Trump].
For many months, I have asked the DoJ to clarify Assange's status.
I hope it will soon.
The department of justice should not pursue any charges against Mr Assange based on his publication of truthful information and should close its criminal investigation of him immediately. WikiLeaks also appeared to infer that Assange will receive better treatment from Trump.
It tweeted: "Assange is confident of winning any fair trial in the US. Obama's DoJ prevented public interest defence & fair jury." Ars sought comment from the Met on whether Assange would be re-arrested under section 7 of the Bail Act for breaching the terms of his bail, if he does indeed leave the embassy.
A spokesperson at Scotland Yard said: "We couldn't possibly speculate." This post originated on Ars Technica UK
It also published mails from the account of John Podesta, chairman of Clinton’s campaign. U.S. government officials including from the Department of Homeland Security and the Office of the Director of National Intelligence have pointed a finger to Russia for orchestrating the leaks, though WikiLeaks has said it does not collaborate with states in the publication of documents. Last week, WikiLeaks had tweeted that if “Obama grants Manning clemency Assange will agree to US extradition despite clear unconstitutionality of DoJ case.” On Tuesday, WikiLeaks tweeted that Assange was confident of winning any fair trial in the US. “Obama’s DoJ prevented public interest defense & fair jury,” it added.
The new administration of President-elect Donald Trump takes charge on Friday. WikiLeaks also quoted Assange’s counsel Melinda Taylor as saying that Assange is standing by everything that he has said on the “Assange-Manning extradition ‘deal’.” Assange is holed in the embassy in London of the government of Ecuador as U.K. police say they will arrest him if he comes out, to meet an extradition request from Sweden where he is wanted for questioning in a sexual assault investigation. His supporters have expressed concern that if he he is sent to Sweden he could be extradited from there to the U.S. to face espionage charges. A wrinkle is that WikiLeaks claims it does not know of an extradition request sent by the U.S.
In a tweet on Tuesday, Taylor wrote that “US authories consistently affirmed is ongoing national security prosecution against him, but refused 2 affirm/deny sent extradition request.” She added that the U.K. also refuses “to affirm or deny that they have received an extradition request -not the same thing as there being no extradition request.” Government officials in both countries could not be immediately reached for comment after business hours. In a letter to Loretta E. Lynch, U.S.
Attorney General, Assange’s lawyer in the U.S., Barry J. Pollack, wrote in August that although the Department of Justice had publicly confirmed through court documents and statements to the press that it was conducting an on-going criminal investigation of Assange, the department did not provide him substantive information on the status of the investigation.
The letter was published online by WikiLeaks. The pending investigation into Assange, mentions of which are said to have been made in court documents in the Manning case, is plainly based on his news gathering and reporting activities, Pollack wrote.
Its intention was not to aid U.S. enemies or obstruct justice but to inform people about “matters of great public interest,” he added. In a statement on Obama’s decision to commute Manning’s sentence, Assange said that “in order for democracy and the rule of law to thrive, the Government should immediately end its war on whistleblowers and publishers” such as WikiLeaks and himself.
The statement did not refer to his promise to face extradition to the U.S. “Mr.
Assange should not be the target of any criminal investigation.
I would welcome the opportunity to discuss with the DOJ the status of its investigation, any request it wants to make for extradition, and its basis for such a request,” Pollack wrote in an email late Tuesday.
Destruction can happen quickly; look at what happened to Sony Pictures, Yahoo and dozens of other high-profile companies during the last few years.While we face technology job shortages and talent gaps, there are still plenty of opportunities for the U.S. to remain an innovation leader.
Silicon Valley certainly isn't going to shrink from these responsibilities, but it is also incumbent upon the federal and state governments to offer full-fledged support for these purposes whenever it is necessary.
This is all about protecting the public.To this end, eWEEK consulted with Lev Lesokhin, Executive Vice President for CAST.
CAST, based in New York and Paris, is a well-established independent software developer and an international market leader in enterprise software analysis, measurement and risk prevention. Here are Lesokhin's 10 policy suggestions for the new administration to improve the outlook for the U.S. tech sector in 2017 and beyond: Give the Federal Government's CTO More ResponsibilityWe need to more closely align the national chief technology officer with the U.S.
Cyber Security officer to increase visibility and transparency across the top leaders at the White House.
This will give the CTO a more visionary role and will ensure government technology adoption and advocacy is more secure and aligned with cyber policy.Appoint a Cyber Security Official Who Will Institute Effective PoliciesThese new policies should should always be based on industry best practices, such as CISQ (Consortium for IT Software Quality) standards.
It's clear that our administration needs to better understand cyber risks that lurk at home and abroad while developing effective strategies and practices for combating them.Create and Enforce Policy for Anyone Selling Software CommerciallyThis is needed so that commercial software no longer remains a black box full of potential threats but also that we know that the components inside are not dangerous.
This will become increasingly important as the Internet of Things and Machine to Machine communication grows. More connected devices mean more opportunity for disaster. We label our food to describe "what's inside"; why not do this with software? Bad software causes the U.S. government alone millions on reworking. Lead by ExampleDepending on the sector and the budget, a significant portion of government programs still run on legacy systems, holding the sector down in slow and outdated services. Why should public sector lag behind the technology industry it regulates? Our government must conduct system-level analysis and modernize its core systems to provide better services to tax payers and stay current on the biggest technology risks and challenges. Tax ReformThis is to encourage the technology companies with significant offshore income--including companies such as Apple, Microsoft and Google--to bring money back into the U.S., so they can carry out activities such as M&A to advance the state of tech in our country. Without reducing the negative financial consequences of repatriating money to the U.S., offshore cash levels will continue to rise and investment declines. Open Up More Visas for Top Technology Developer TalentWe also need to invest in more STEM (science, technology, engineering, mathematics) education and training to get young people interested in technology careers and comfortable with the complexity of the systems and tools.
The talent shortage is hurting America productivity, and visas are needed to keep the U.S. moving forward. With the shortage of tech workers, the need for foreign skilled workers will increase. Collaborate with Other Countries Leading in InnovationThese include countries such as Sweden, Germany, Finland and others.
The U.S. also needs to work closer with the world's biggest and fastest growing economies, such as China, India and the EU to establish effective learning opportunities and create coalitions that support talent sharing and the acceptance of global quality standards.
This will bring best practices to the home front while leaving the door open for IT sourcing agreements where it makes sense. Offer New Tax Incentives for Tight SecurityThese would be identified as those who institute a two-pronged technology security program: both perimeter and application security.
This will require companies to invest more in application security (to combat risks from cyber-attacks driven by digital business and IoT) while effectively maintaining their external defenses. Reform Regulation and Reporting RequirementsThis is necessary for enterprises to keep up with today's technology issues, putting a greater focus on cyber risk--both security and reliability.
The latter of which is estimated to cost the U.S. economy nearly $100 billion per year.
It's widely considered that the banking industry's position on security is still too reactive. Listed companies should be required to show that their most mission-sensitive IT systems are engineered according to the best-known standards of software practice in order to prevent security-related risks. Improve Software Engineering Education, CertificationSoftware engineering is the civil engineering of the 21st century.
It's one thing to train computer scientists, but the best engineering talent continues to be snapped up elsewhere, leaving the majority of the U.S. industry with moderately skilled workers. Much like civil engineers need to have P.E. (professional engineer) certification to design and supervise construction, software engineers who work on mission-critical systems should also be certified as competent on the latest standards of software engineering.
But creating an exploit by overwriting memory wasn't necessary because FileVault passwords were stored in cleartext and were not evicted from memory once the disk was unlocked. Obtaining the disk password was simply a matter of connecting the PCILeech device to a Mac and rebooting it, Frisk explains. "Once the Mac is rebooted, the DMA protections that macOS previously enabled are dropped," said Frisk in a blog post on Thursday. "The memory contents, including the password, [are] still there though.
There is a time window of a few seconds before the memory containing the password is overwritten with new content." Frisk discovered the vulnerability in July and presented details in August at Def Con 24.
The presentation also described attacks on Linux and Window systems. Youtube Video Apple was subsequently notified and requested that Frisk delay public disclosure until it could deal with the issue, which it has done through its software update. Frisk says it is no longer possible to access memory prior to the boot process on an updated Mac, making it one of the most secure platforms against this specific type of attack, at least with regard to publicly disclosed vulnerabilities. ® Sponsored: Want to know more about PAM? Visit The Register's hub