Tagged: still Toggle Comment Threads | Keyboard Shortcuts

  • jkabtech 12:17 pm on December 26, 2017 Permalink | Reply
    Tags: , Finances, Habits, still   

    Habits That Give You Good Credit Can Still Be Bad For Your Finances 

    Kristin WongYesterday 1:00pmFiled to: creditcredit scoresEverything You Need to Know About Creditpersonal financemoney132EditPromoteShare to KinjaToggle Conversation toolsGo to permalink

    View the Original article

    Advertisements
     
  • jkabtech 8:17 pm on July 29, 2017 Permalink | Reply
    Tags: , , , , still,   

    You Can Still Install MS Paint After Microsoft's New Update 

    Image via Joel Lueders

    On Monday, we learned that Microsoft was killing off the iconic Microsoft Paint program after 32 years and replacing it with Paint 3D in its upcoming Windows 10 update. The news was tragic for fans of MS Paint, many of who publicly mourned the loss.

    In response, Microsoft decided to keep the app:

    View the Original article

     
  • jkabtech 6:17 am on July 16, 2017 Permalink | Reply
    Tags: , floored, infosec, , still   

    Some WA agencies still floored by simple infosec 

    Poor passwords, patching, and plain text.

    Several Western Australian agencies have been caught out by a review that uncovered easily-guessable passwords, unpatched systems, and unencrypted data stored on tape back-ups.

    The state’s auditor-general Colin Murphy declared he was frustrated at reporting “the same common weaknesses year after year”, many of which he said could be “easily addressed” at little cost.

    Murphy found common weaknesses in password security: specifically passwords that could be too-easily guessed, were a single character in length, were the default password set by the manufacturer, or were stored in plain text in documented IT policies.

    He said that in one instance last year, he used the credential ‘password’ to log into a system containing “thousands of sensitive documents”. The password still worked this year, but the documents had been removed.

    The Department of Racing, Gaming and Liquor had simple passwords protecting the databases underpinning its Navigate system, used to apply for and manage licenses and permits.

    “We identified high privilege (sys and system) database accounts with very easy to guess passwords. Examples include passwords such as ‘abcd’ and passwords only one character in length,” the auditor reported.

    The department accepted that it needed to change.

    The Chemistry Centre – a government lab services operator – also suffered from password problems.

    “The password policy, last reviewed in 2010, allows users to set simple passwords such as ‘password’ or ‘12345678’,” the auditor said.

    “In addition, the policy does not require stronger passwords for highly privileged network, database and application accounts.

    “As a result, we were easily able to guess passwords for the database system administrator account and for accounts within ForLIMS”, a system used to manage and report forensic science and medicine cases.

    The auditor said in another case, default credentials for “network switches, routers and remote management systems” had not been reset. As a result, the auditor was able to “log on to a remote system with full administrative privileges. This system was used for server hardware maintenance”.

    In addition to bad password management, many agencies ran systems that were well behind on their patch management.

    In some cases, patching was left to contractors or managed by software that had been poorly configured or otherwise was not working as intended. That left many systems and agencies exposed to – in at least one case – hundreds of publicly-circulating exploits.

    There also appeared to be common issues in the way data was shipped outside of the agency, either via the public internet or on tape drives being handled by third parties.

    WA Police, for example, was found to share traffic infringement data electronically “in an insecure manner” with a third party that printed and mailed out fines. It is now investing in more secure file transfer technology.

    The same data was backed up in an unencrypted state to tape that was picked up by a third party for transport to an offsite storage facility.

    The Department of Racing, Gaming and Liquor stored unprotected credit card data on its tape back-ups in violation of PCI standards. Its back-up tapes, handled by a third party operator, also weren’t encrypted.

    The Chemistry Centre’s tape back-ups were also unencrypted. The auditor said all three could face problems should tapes be mislaid or stolen.

    The auditor said that over the past nine years, about 60 percent of the state’s agencies have not lived up to the auditor’s standards for information security.

    View the Original article

     
  • jkabtech 6:17 am on July 14, 2017 Permalink | Reply
    Tags: , , , , remediate, still, struggling   

    TNT Express still struggling to remediate after Petya attack 

    Potentially “material” business impact.

    International courier giant TNT Express is still struggling to make deliveries in Australia and all over the world almost a week on from the globally destructive Petya malware attack.

    The cyber attack – which has been dubbed everything from Petya to NotPetya and GoldenEye – took out computers across an estimated 60 countries early last week. 

    FedEx-owned TNT Express was hit hard by the malware, which ravaged its business-critical systems globally.

    The disruptions mean TNT has had to fall back to unspecificed “contingency plans” to continue operating, albeit at a reduced capacity.

    Customer deliveries are delayed, the myTNT user portal is not operational, nor are the company’s internal communications networks functioning.

    “To mitigate the impact of a virus that affected TNT IT systems globally last week, TNT continues to implement contingency plans,” a spokesperson said.

    “Teams are making solid progress on remediating systems and methodically bringing business critical systems and services back online.” 

    It warned that customers may experience service delays and restrictions “in the short term”.

    “We regret any inconvenience this may cause and ask for their understanding,” the spokesperson said.

    The company did not provide an estimated time of restoration, nor detail on the extent to which its IT environment had been impacted.

    Some TNT Express customers have sympathised with the company’s situation, but are growing frustrated at the ongoing problems. Others have expressed anger over a lack of communication from the courier.

    “It would be nice to have an update on the situation considering it’s now 3 July. I too am waiting for a parcel to be delivered which is affecting my business but I do realise how serious the cyber attack was,” one customer wrote on its Facebook page.

    “Also I understand that your phone lines are probably getting absolutely flogged right now so I won’t bother to ring. An update on the situation would be awesome. I’m just worried my parcel is floating around somewhere in the world completely untracked and unaccounted for. Best of luck on getting the systems back up and running.”

    “No update, no change in the tracking service, HUGE delays in shipping and absolutely no communication and info,” another said.

    “I understand that you have been under serious IT attack but it should not be the reason for this amateur handling of the situation.”

    TNT Express upgraded to Windows 7 prior to its acquisition by FedEx in August 2015. It is unclear what version of the Microsoft system is currently in use. The company has been contacted for detail.

    FedEx has indicated the financial impact of the malware could be “material”. TNT Express claims to deliver almost one million packages across the globe every day.

    FedEx said all other group companies were unaffected. The business temporarily suspended trading of its shares on the New York Stock Exchange for about an hour last Wednesday following the initial attack.

    Security researchers suspect the malware that attacked TNT Express and many others masquerades as ransomware – victims aren’t actually able to restore their files if they pay the US$300 demand – to hide its true intention of destruction.

    Ukraine has gone as far as to blame Russia for the malware, which the country claims is part of an ongoing series of attacks designed to spread destruction and fear, and install malware for future sabotage, amidst political tensions.

    The virus – which appears to be almost identical to the GoldenEye variant of the Petya malware that surfaced last year – uses similar exploits to the WannaCry malware to crash and reboot computers after rewriting the hard disk master boot record.

    Unlike Petya, however, it overwrites the first 25 sector blocks of a victim PC’s hard disk to do “permanent and irreversible damage”, meaning files can’t be decrypted after the ransom is paid.

    The exploits target vulnerable computers that run the Windows System Message Block (SMB) version 1 file sharing protocol.

    View the Original article

     
  • jkabtech 5:21 am on April 29, 2016 Permalink | Reply
    Tags: , , , , still   

    Can Apple still claim its iPhones are secure? 

    Getty ImagesApple CEO Tim Cook (left) and FBI Director James Comey.

    Has Tim Cook’s biggest fear been realized?

    For weeks, Apple’s CEO said the company wouldn’t comply with a court order to help the FBI crack an iPhone tied to the San Bernardino terror attack in December. Creating a backdoor, Cook argued, would open the way for any bad guys who wished to enter.

    “In the wrong hands, this software

    View the Original article

     
c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
Reply
e
Edit
o
Show/Hide comments
t
Go to top
l
Go to login
h
Show/Hide help
shift + esc
Cancel
%d bloggers like this: