Language Selection

English French German Italian Portuguese Spanish

Security: Equifax, Forrester, Akamai, Disqus, WhatsApp, FBI, Accenture

Filed under
Security
  • Equifax will give your salary history to anyone with your SSN and date of birth
  • Forrester Research Discloses Limited Website Data Breach

    At 6:17 ET PM on Oct.6, Forrester Research publicly admitted that it was the victim of a cyber-attack. According to the firm, the attack had limited impact, with no evidence that confidential client data had been stolen.

    According to Forrester Research's preliminary investigation, attackers were able to gain access to Forrester.com content that was intended to be limited exclusively to clients.

    "We recognize that hackers will attack attractive targets—in this case, our research IP," George F. Colony, chairman and chief executive officer of Forrester, stated.

    "We also understand there is a tradeoff between making it easy for our clients to access our research and security measures," Colony added. "We feel that we have taken a common-sense approach to those two priorities; however, we will continuously look at that balance to respond to changing cyber-security risk."

  • Akamai Reports Fast Flux Botnets Remain a Security Risk

    Attackers are continuing to benefit from the use many different technique to remain hidden. New research released Oct.10 by Akamai reveals that a botnet with over 14,000 IP addresses has been using the fast flux DNS technique to evade detection, while still causing damage to users and organizations.

    Fast Flux is an attacker technique that uses the Domain Name System (DNS) to hide the source of an attack. DNS operates by referring a domain name to a specific IP address

  • Disqus reveals data breach, but wins points for transparency

    Disqus has publicly announced that its user database leaked in 2012, exposing the usernames, email addresses, sign-up dates, and last login dates of more than 17 million users.

    In addition, the data included crackable SHA1-hashed passwords of “about one-third” of users. Presumably many accounts registered with the popular blog-commenting service do not have associated passwords due to many users signing-in using third-party social media accounts such as Google or Facebook.

    Quite how the security breach occurred is currently a mystery, and – frankly – despite their good intentions, Disqus may find it difficult to pinpoint exactly what happened five years after the event.

  • WhatsApp Exploit Can Allow Hackers To Monitor Your Sleep And Other Things
  • Multi-Layered Defenses Needed to Improve Cyber-Security, FBI Says
  • Hacking is inevitable, so it’s time to assume our data will be stolen

    If recent hacking attacks such as the one at Equifax, which compromised personal data for about half of all Americans, have taught us anything, it’s that data breaches are a part of life. It’s time to plan for what happens after our data is stolen, according to Rahul Telang, professor of information systems at Carnegie Mellon University.

    Companies are prone to understating the scale of hacks, which suggests that there needs to be better standards for disclosing breaches. Yahoo recently confessed that its data breach actually impacted 3 billion user accounts, three times what it disclosed in December. Equifax also boosted the number of people it says were affected by its hack.

  • 7 Security Risks User and Entity Behavior Analytics Helps Detect
  • UpGuard Reports Accenture Data Exposure, Debuts Risk Detection Service

    Security vendor UpGuard announced on Oct.10 that it discovered that global consulting firm Accenture had left at least four cloud-based storage servers publicly available. UpGuard alleges that the exposed cloud servers could have left Accenture customers to risk, though Accenture is publicly downplaying the impact of the cloud data exposure.

    "There was no risk to any of our clients – no active credentials, PII and other sensitive information was compromised," Accenture noted in a statement sent to eWEEK. "The information involved could not have provided access to client systems and was not production data or applications."

    Accenture added that the company has a multi-layered security model and the data in question would not have allowed anyone that found it to penetrate any of those layers.

More in Tux Machines

today's howtos

KDE/Qt: Qt Contributor Summit 2018, Integrating Cloud Solutions with Qt, FreeBSD, and Konsole

  • Qt Contributor Summit 2018
    One bit especially interesting is the graphics stack. Back in Qt 5.0, Qt took the liberty of limiting the graphics stack to OpenGL, but the world has changed since: On Windows the only proper stack is Direct3D 12, Apple introduced Metal and recently deprecated OpenGL and Vulkan is coming rather strong. It looks like embracing these systems transparently will be one of the most exciting tasks to achieve. From a KDE & Plasma perspective I don’t think this is scary, OpenGL is here to stay on Linux. We will get a Framework based on a more flexible base and we can continue pushing Plasma, Wayland, Plasma Mobile with confidence that the world won’t be crumbling. And with a bit of luck, if we want some parts to use Vulkan, we’ll have it properly abstracted already.
  • Integrating Cloud Solutions with Qt
    These days, using the cloud for predictive maintenance, analytics or feature updates is a de facto standard in the automation space. Basically, any newly designed product has some server communication at its core. However, the majority of solutions in the field were designed and productized when communication technology was not at today’s level. Still, attempts are being made to attach connectivity to such solutions. The mission statement is to “cloudify” an existing solution, which uses some internal protocol or infrastructure.
  • KDE on FreeBSD – June 2018
    It’s been a while since I wrote about KDE on FreeBSD, what with Calamares and third-party software happening as well. We’re better at keeping the IRC topic up-to-date than a lot of other sources of information (e.g. the FreeBSD quarterly reports, or the f.k.o website, which I’ll just dash off and update after writing this).
  • Konsole’s search tool
    Following my konsole’s experiments from the past week I came here to show something that I’m working on with the VDG, This is the current Konsole’s Search Bar. [...] I started to fix all of those bugs and discovered that most of them happened because we had *one* search bar that was shared between every terminal view, and whenever a terminal was activated we would reposition, reparent, repaint, disconnect, reconnect the search bar. Easiest solution: Each Terminal has it’s own search bar. Setuped only once. The one bug I did not fix was the Opening / Closing one as the searchbar is inside of a layout and layouts would reposition things anyway. All of the above bugs got squashed by just moving it to TerminalDisplay, and the code got also much cleaner as there’s no need to manual intervention in many cases. On the review Kurt – the Konsole maintainer – asked me if I could try to make the Search prettier and as an overlay on top of the Terminal so it would not reposition things when being displayed.

LibreOffice 6.0 Is Now Ready for Mainstream Users and Enterprise Deployments

LibreOffice 6.0.5 is here one and a half months after the LibreOffice 6.0.4 point release to mark the open-source office suite as ready for mainstream users and enterprise deployments. The Document Foundation considers that LibreOffice 6.0 has been tested thoroughly and that it's now ready for use in production, enterprise environments. Until now, The Document Foundation only recommended the LibreOffice 6.0 office suite to bleeding-edge users while urging enterprises and mainstream users to use the well-tested LibreOffice LibreOffice 5.4 series, which reached end of life on June 11, 2018, with the last point release, LibreOffice 5.4.7. Read more

LibreOffice 6.0 Is Now Ready for Mainstream Users and Enterprise Deployments

The Document Foundation informed Softpedia today about the general availability of the fifth point release of the LibreOffice 6.0 open-source and cross-platform office suite for all supported operating systems. LibreOffice 6.0.5 is here one and a half months after the LibreOffice 6.0.4 point release to mark the open-source office suite as ready for mainstream users and enterprise deployments. The Document Foundation considers that LibreOffice 6.0 has been tested thoroughly and that it's now ready for use in production, enterprise environments. Read more Direct: The Document Foundation announces LibreOffice 6.0.5