Tagged: getting Toggle Comment Threads | Keyboard Shortcuts

  • jkabtech 4:17 am on December 14, 2017 Permalink | Reply
    Tags: , getting, , patching, pwned, scolds   

    Oracle scolds customers for not patching and getting pwned 

    While releasing another massive monthly critical patch update.

    Oracle has chided customers for failing to apply patches to its products in a timely manner and therefore falling victim to attackers.

    The enterprise IT vendor today said it continued to “periodically receive reports” of attempts by attackers to exploit vulnerabilities that it had already released fixes for.

    It said the attackers were occasionally successful because the targeted Oracle customers had failed to apply available patches.

    “Oracle therefore strongly recommends that customers remain on actively-supported versions and apply critical patch update fixes without delay,” the company said.

    It made its comments as part of an advisory about its critical patch update for October 2017.

    This quarter’s collection of security patches includes 252 fixes. The figure is down from the 308 patches Oracle released in July and the 300 that were provided in April, but is higher than January’s count of 209.

    However the October collection contains a high number of remote code execution flaws that don’t require user credentials to exploit.

    The RCEs were found in the likes of Oracle Siebel CRM, PeopleSoft, Fusion Middleware, E-Business Suite, JD Edwards and MySQL.

    This month’s patch update also fixes two critical flaws in Oracle’s Java application development framework and code runtime, within the Hotspot and Remote Method Invocation components.

    Both can be exploited remotely to run arbitrary code without user authentication on vulnerable systems.

    Security vendor ERPscan analysed the October 2017 bundle and singled out three critical vulnerabilites that had earned the full 10 out of 10 common vulnerability scoring system (CVSS) rating.

    The three flaws were found in Oracle’s Hospitality Reporting and Analytics software and have been labelled priority fixes.

    Oracle’s Siebel Apps – Field Service also has a 10 CVSS-rated flaw that can be exploited to completely take over the software.

    ERPscan founder and chief technical officer Alex Polyakov said the October patch update also contains “an alarming number of PeopleSoft fixes”. 

    Of the 23 PeopleSoft vulnerabilities in the bundle, 13 can be exploited remotely over networks without entering user credentials, Polyakov said.

    “Over 1000 PeopleSoft systems are discoverable on the internet simply by Google or Shodan.io scanning, therefore putting organisations at risk because of the recent vulnerabilities,” he said.

    View the Original article

    Advertisements
     
  • jkabtech 12:17 pm on August 27, 2017 Permalink | Reply
    Tags: , getting,   

    Now Getting Lost Items Back From Uber Could Cost You $15 

    Image credit: Pexels

    Next time you leave your umbrella, book bag, or phone in an Uber it could cost you $15 to get it back. Starting today, the ride-sharing company is allowing drivers nationwide to charge a flat fee for bringing your missing items back to you.

    A few years ago my friend Bob left his phone in an Uber we shared after a Giants game. We realized the error, got in touch with Uber who connected us with the driver, and a few hours later were reunited with our old driver and Bob’s phone. We tipped the driver close to $100 for the return. New phones are expensive, and we recognized that the time he spent coordinating and making a drop-off with us was time he wasn’t spending working. As it turns out, we were in the minority.

    Advertisement

    Most people don’t take the driver into consideration when asking for an item to be returned. While the driver is a contractor with Uber, they’re not an employee, which means when they’re delivering your item back that’s essentially a personal trip for them. You’re preventing them from picking up other fares and asking them to spend their time and gas money to do you, a person whom they just met for 10 minutes, a favor. It’s a big of a big ask for a stranger.

    Driver’s forums are littered with reports of people like us requesting the return of lost items, and when they’re returned not even offering so much as a

    View the Original article

     
  • jkabtech 4:17 am on August 17, 2017 Permalink | Reply
    Tags: , , , getting, grades, , ,   

    College students lost access to legal pot and started getting better grades 

    Turn off

    Get breaking news alerts from The Washington Post

    Turn on desktop notifications?

    Yes Not now It looks like you’ve previously blocked notifications. Please update your browser permissions to allow them.

    View the Original article

     
  • jkabtech 2:29 am on March 8, 2016 Permalink | Reply
    Tags: , , backers, , getting   

    Apple is getting backers for fight against FBI 

    Nick Wingfield and Katie Benner 10 Hours AgoThe New York Times

    Google, Amazon, Facebook, Microsoft and a parade of other technology companies filed a barrage of court briefs on Thursday, aiming to puncture the United States government’s legal arguments against Apple in a case that will test the limits of the authorities’ access to personal data.

    The extraordinary show of support for Apple from the tech companies, including many rivals, underscores how high the stakes are for the industry with the case, in which the authorities are demanding Apple’s help to break into an iPhone used by a gunman in a terrorist attack in San Bernardino, Calif., last year.

    Apple logo

    In all, around 40 companies and organizations, along with several dozen individuals, submitted more than a dozen briefs this week to the Federal District Court for the District of Central California, challenging every legal facet of the government’s case, like its free speech implications, the importance of encryption and concerns about government overreach.

    “These companies, which are often fierce competitors, have joined together to voice concern about the attempted government overreach in this case, which threatens the integrity and security of their products and privacy rights of consumers in general,” said Neal Katyal, a lawyer at Hogan Lovells for the tech companies and a former acting solicitor general of the United States.

    Edward J. McAndrew, a lawyer at Ballard Spahr who is not involved in the Apple matter, said it was highly unusual to see a flood of briefs by so many parties this early in a case. He called the outpouring “Supreme Court-level advocacy” and said the campaign was intended to have influence beyond the court with legislators and others.

    “This is a show of force,” said Mr. McAndrew, a former federal prosecutor who focused on online crimes. “This is a battle for public opinion.”

    Bruce Sewell, Apple’s general counsel, said on Wednesday that the company was “humbled by the outpouring of support.”

    The case between Apple and the government became public last month, when a federal magistrate judge in California ordered the company to bypass the security functions on the iPhone. Timothy D. Cook, Apple’s chief executive, opposed the order, arguing the case could have far-reaching implications for other devices and software, with governments everywhere able to demand more access to tech companies’ data.

    Several tech companies were initially careful and subdued in their support of Apple, with some privately debating whether the San Bernardino attack was the right case for challenging the government. Last week, some tech companies including Microsoft began to back Apple more forcefully, saying they planned to file briefs supporting it in court.

    In the brief on Thursday from Amazon, Microsoft and others, the tech companies said they shared the public’s outrage over the “heinous act of terrorism” in San Bernardino, but said they were united in the view that the government’s case exceeded the boundaries of existing law and would hurt Americans’ security.

    A collection of 17 Internet companies, including Twitter, Airbnb and LinkedIn, filed a separate brief objecting to the government’s use of the All Writs Act, a statute from 1789 that underlies many law enforcement requests for tech companies’ data, in the San Bernardino case. AT&T and Intel also submitted independent briefs backing Apple.

    In the filing from the group that includes Twitter and LinkedIn, the companies said the government “seeks unbounded authority to compel Apple to design software that does not currently exist and that will circumvent and undermine security measures intended to protect its users’ data.”

    “We’re facing a very big question as a country, industry and a world about what privacy will look like in the digital era,” said Aaron Levie, the chief executive of the data storage company Box, which signed on to the brief with Amazon, Google and others. “There is a global impact for these tech companies if we don’t land on the right side of having a strong framework for how companies deal with security and these kinds of requests in the digital age.”

    Apart from the tech companies, seven prominent security experts and 32 law professors signed on to joint briefs on Thursday. Several industry trade organizations and digital rights groups submitted their own filings this week.

    Some echoed Apple’s slippery slope argument that opening up one iPhone would lead to a domino effect from governments worldwide. The Media Institute, a nonprofit research foundation that focuses on communications policy, warned in its filing that the court’s order could be “be applied against media companies as government authorities seek to acquire access to confidential information stored on mobile devices used by journalists.”

    The support for Apple was a torrent compared with the stream of filings backing the Justice Department in the case. Among the staunchest supporters on the side of government were six people whose family members were killed in the California attack.

    “Broader questions about the fate of smartphone encryption and data privacy can be saved for another day and another forum,” the families wrote in a brief. “This case certainly presents the conditions — a mass murder by terrorists implicating national security interest — where requiring Apple’s technical assistance is at its apex.”

    Stephen G. Larson, the lawyer representing the victims’ families, said he was frustrated that Apple was drawing a line in the sand “over a phone that didn’t even belong to the terrorist and that they have permission to unlock.” The iPhone of the San Bernardino attacker, Syed Rizwan Farook, was issued by his employer.

    “So many of Apple’s arguments are red herrings because this is not about privacy more than any other search in a criminal investigation is about privacy,” Mr. Larson said. “That is scaremongering and that is false.”

    A handful of law enforcement groups also filed briefs supporting the government’s position, including a joint one from the Federal Law Enforcement Officers Association, the Association of Prosecuting Attorneys and the National Sheriffs’ Association.

    More from The New York Times:
    Giving an Android app permission to play
    Step-by-step fitness history on an iPhone
    An industry lines up behind Apple

    Those groups listed several instances when iPhone data was an essential piece of a criminal case, including child pornography and sex trafficking cases. They argued that criminals were moving to iPhones because of Apple’s refusal to help the government and that the company was making data extraction from its products impossible.

    “If Apple can refuse lawful court orders to reasonably assist law enforcement, public safety will suffer,” the trade groups wrote.

    Not all family members of San Bernardino victims sided with the government. This week, Salihin Kondoker, whose wife, Anies, was shot three times but survived the attack, wrote a letter to the court saying he thought there was little valuable information on the iPhone used by the gunman. Mr. Kondoker said Apple’s fight was about something bigger than one phone.

    “They are worried that this software the government wants them to use will be used against millions of other innocent people,” he wrote. “I share their fear.”

    SHOW COMMENTS Please add a username to view or add commentsPublic Username for Commenting

    View the original article here

     
c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
Reply
e
Edit
o
Show/Hide comments
t
Go to top
l
Go to login
h
Show/Hide help
shift + esc
Cancel
%d bloggers like this: