Weekly tech bulletin for week ending 2015-05-31. Windows 10 launch, IRS hacked an more.

Published: Sun, 31 May 2015 by Rad

1. Windows 10 to Launch on July 29

Published: May 31, 2015 software

Microsoft has just announced that the new Windows 10 will launch on July 29 for users across the world, so those on Windows 8.1 and Windows 7 will be allowed to upgrade to the new operating system starting the same day.

One year to update for free

Terry Myerson, head of the OS unit at Microsoft, has confirmed today that July 29 is the date for Windows 10, adding that anyone who purchases a computer running Windows 8.1 between today and late next month is already able to reserve the free upgrade to the new OS.

Starting June 1, Microsoft is displaying Windows 10 upgrade notifications on computers running Windows 7 and Windows 8.1, so users running any of these OS versions can reserve their free upgrade and will be notified when it becomes available.

According to leaked document Windows 10 will be available for purchase on August 31, according to a page on the Newegg site. Microsoft confirmed Monday that the company will sell Windows 10 at retail for the same price as Windows 8.1: $119 for Windows 10 Home, $199 for Windows 10 Professional, and $99 for a Windows 10 Pro Pack to jump from a licensed copy of Windows 10 Home to the Professional version.

Follow   news.softpedia.com to read more.

2. Russian hackers behind $50 million IRS scheme, report says

Published: May 29, 2015 security

The hackers used data stolen from the IRS to file fraudulent tax returns and received $50 million before they were caught, according to the report. The theft of critical information of more than 100,000 taxpayers from the Internal Revenue Service (IRS) database was the work of hackers in Russia.

A thorn in the side of US government agencies

The admission comes just days after the IRS announced that hackers acquired critical taxpayer information from over 100,000 people through its "Get Transcript" tool. The agency said that the hackers used information obtained from previous hacks, including names, Social Security numbers and intimate details on the individuals, to receive a transcript of past tax returns.

According to the Associated Press, over $50 million in tax refunds was handed to the hackers before the attack was discovered this month.

In all, about 200,000 attempts were made from questionable email domains, with more than 100,000 of those attempts successfully clearing authentication hurdles

So far, the key details in the attack have not followed other hacks from Russia. In the IRS case, hackers used the legitimate "Get Transcript" tool to access all the taxpayer information they needed to file fraudulent returns. Those hackers conducted targeted attacks with information they already had from a previous hack on a third-party service, the IRS said, without noting which hack may have caused the initial data breach.

Follow   www.cnet.com to read more.

3. Everything Google announced at Google I/O 2015 in one handy list

Published: May 28, 2015 software

That's a wrap on all things Google. In case you missed the keynote, here's a recap of all the highlights you may have missed. Google says apps will now also learn your sharing behavior to see who you share content with the most based on which app you're using.

Shortlist of most important announcements

The first new feature is "App permissions," simplifying what data users allow apps to access. In this new model, apps on Android M will no longer ask for a lengthy permissions list upon installation, but instead prompt the user for permission when the app needs to use a feature (i.e. camera or microphone).

Chrome Custom Tabs allows developers to add custom features that overlays on top of apps. For example, the Pinterest app can add custom transition animation to link to the Web, directly within the app. There's also a new app linking feature that will allow apps to verify links to switch from app to app quickly.

Battery - A new "dozing" feature is designed to help save battery life when the device's motion sensor is stagnant. Alarms and notifications will still push to the phone in this state, however.

Follow   thenextweb.com to read more.

4. NSA’s Data Harvesting Policy Makes Foreign Governments Cautious Guarding Secrets

Published: May 29, 2015 security

The Chinese Government intends to adopt a five-year cybersecurity program, part of a plan announced against cyber confrontation with the United States, while European decision makers are also reducing cooperation with NSA.

"The government will focus on strengthening the safety of software in the financial sector and for applications used by government departments and State-owned enterprises this year" ... "We are expecting to see breakthroughs in advanced domestic software development within the next five years."

Chen Wei, director of the software bureau at the ministry

Chinese software acquired by way of government procurement has seen steady growth

China's concern with cyber-security was given a powerful boost following the revelations of the former NSA contractor Edward Snowden about the universal surveillance capabilities of the US intelligence agencies undertaking questionable practices to intercept all kind of data over the World Wide Web and straddle international communication lines

The US National Security Agency reportedly spied on the major Chinese networking company Huawei during an intelligence campaign against China, as German press had previously reported. Chinese politicians such as former president Hu Jintao, the Trade Ministry, as well as banks and telecommunications companies were also targeted. Documents leaked by former NSA contractor Edward Snowden revealed the 2009 operation dubbed "Shotgiant" against Huawei, the major competitor of US-based Cisco.

Follow   www.hotforsecurity.com to read more.

5. Home Routers Being Targeted in DNS Hijacking Attack, Trend Micro Says

Published: May 29, 2015 security

Attackers attempting to steal sensitive data by diverting home router traffic to malicious domains, according security firm Trend Micro.

A malicious browser script being used to change DNS settings

Researchers at Trend Micro have discovered a malicious browser script being used to change DNS settings on home routers in some parts of the world in a bid to steal login credentials and other sensitive data from users of the devices. The campaign is another sign that DNS hijacking is becoming an increasingly popular attack method for criminal hackers.

In the latest instance, discovered by Trend Micro, nearly 88 percent of the victims of the latest campaign are based in Brazil, but infections have also been observed in the U.S. and Japan, according to Trend Micro.

To compromise routers the threat actors behind the campaign first lure victims to websites containing the malicious script. When someone lands on such sites, the browser script performs a brute-force attack on the underlying home router to try and gain access to its administrative interface.

Follow   www.darkreading.com to read more.

6. Study: Average cost of data breach is $6.5M

Published: May 27, 2015 security

An annual study from the Ponemon Institute and IBM released on Wednesday found that the average cost per capita cost in a data breach increased to $217 in 2015 from $201 in 2014. Plus, the average total cost of a data breach increased to $6.5 million from $5.8 million the prior year. The U.S. looked at 62 companies in 16 industry sectors after they experienced the loss or theft of protected personal data and then had to notify victims.

62 companies in 16 industry sectors analyzed

The cost per record takes into account indirect costs, such as abnormal turnover or churn of customers, as well as direct costs caused by the breach itself, including technology investment and legal fees. Only $74 was attributed to direct costs.

The study also noted, however, that not all records are seen as equal when stolen. Health records have an average cost of $398 each, whereas retail records cost $189 each.

Having an incident response plan and team in place, for example, decreased the average cost to $193.2 million. On the other hand, third party breaches increased the average cost to $246 million.

Follow   www.scmagazine.com to read more.

7. Box nails big customer win with US Department of Justice

Published: May 28, 2015 tech

Cloud storage provider Box has announced that it is working with the US Department of Justice (DOJ) to deliver secure file sharing and collaboration to its employees. The move represents a major customer win for the firm, who now has more than 40 federal customers on its books.

"Innovative government agencies, like DOJ, are deeply committed to leveraging emerging cloud technologies to better serve the American people, while ensuring the security and privacy of sensitive information,"

Aaron Levie, Box CEO

The DOJ will be employing Box for three main reasons:

  • to simplify internal and external collaboration between component agencies and third party organisations
  • seamlessly support mobile and offline access to content for employees
  • and reduce the complexity of infrastructure by eliminating fragmented content

Box's play into federal government has been relatively recent. In March, the company announced the arrival of Sonny Hashmi, former CIO of the General Services Administration, to help lead the company's efforts in the space. The firm also continues to pursue FedRAMP security compliance, as can be seen here, but suffered a setback when competitor Huddle beat it to the punch in March.

Follow   www.cloudcomputing-news.net to read more.

8. Amazon Prime launches free same-day delivery in 14 cities

Published: May 28, 2015 e-commerce

Amazon Prime's list of benefits grew one bigger on Thursday, as the $99/year subscription service now includes free same-day shipping—and same-day delivery—for certain parts of the United States. Should an Amazon Prime member live in one of 14 qualifying metropolitan areas—including the company's home base of Seattle, along with the Bay area, New York City, Washington, DC, Atlanta, Baltimore, and Boston.

Applies to qualifying orders $35 and up

Qualifying same-day orders that cost less than $35 will be charged an additional $5.99 for same-day speed, as Prime customers had already paid up until today. Meanwhile, should an order be placed too late in the day, Prime customers will still enjoy free one-day shipping.

Orders must be placed before the Same-Day Delivery order cutoff time (typically noon) to qualify; orders placed after the cutoff qualify for FREE One-Day Shipping.

Follow   arstechnica.com to read more.

9. Steve Wozniak: Edward Snowden is 'a hero' to me

Published: May 26, 2015 security

Steve Wozniak reaffirmed his staunch support for digital privacy in an interview over the weekend in which the Apple co-founder called National Security Agency whistleblower Edward Snowden "a hero."

Gave up his own life... to help the rest of us.

"Total hero to me; total hero," Steve Vozniak for ITP.com . "Not necessarily [for] what he exposed, but the fact that he internally came from his own heart, his own belief in the United States Constitution, what democracy and freedom was about. And now a federal judge has said that NSA data collection was unconstitutional."

Two years ago, Wozniak favorably compared Snowden to Pentagon Papers leaker Daniel Ellsberg. Last year, Wozniak also told reporters that he briefly met Snowden at a small event in Moscow, where the former NSA employee is currently living.

Wozniak has expressed some regret in the past for the role technology has played in allowing the government to expand its surveillance efforts.

Follow   fortune.com to read more.

10. Silk Road Creator Ross Ulbricht Sentenced To Life In Prison

Published: May 29, 2015 crime

Ross Ulbricht, the convicted mastermind behind the Silk Road, was sentenced to life in prison without parole in a New York courtroom on Friday. During the 2.5 hour-long session, the court heard Ulbricht's voice for the very first time as he pleaded for leniency, alongside the voices of parents whose children allegedly died of Silk Road-related drug overdoses.

Spending the rest of life in prison.

A year and a half after he was arrested in a San Francisco library - and four years after he first created the online drug marketplace Silk Road -U lbricht is now looking at spending the rest of his life in prison.

In court, Ulbricht expressed remorse and asked for a lenient sentence, echoing a letter he had submitted days earlieir. "I wish I could go back and convince myself to take a different path," he told Judge Katherine Forrest

A jury found Ulbricht guilty of seven charges at the end of his trial in early February 2015. His sentencing brings an end for now to the courtroom battle over a man seen by some as a drug lord and by others as a hero. The defense says, however, that they will appeal.

In addition to life in prison, Ulbricht also owes the government almost $200 million, as outlined in a memo filed by the prosecution on Thursday. The $183,961,921 accounts for all illegal drug and fake ID sales in Bitcoin on the Silk Road.

Follow   www.forbes.com to read more.

Our previous bulletins stories

<< Back   Back to list of weekly bulletins