Monthly Archives: February 2016

Cryptic Microsoft post seems to indicate Windows 10 is being switched to ‘recommended’ status. It’s unclear how the update can be kept at bay.

A cryptic post from Microsoft seems to indicate that Redmond has stepped up its push to upgrade Windows 7 and Windows 8.1 users by moving Windows 10 to “recommended status.”

According to ZDNet’s Mary Jo Foley, about 5 p.m. ET on Monday, Microsoft dropped a small bombshell:

As was shared in late October on the Windows Blog, we are committed to making it easy for our Windows 7 and Windows 8.1 customers to upgrade to Windows 10. We updated the upgrade experience today to help our customers, who previously reserved their upgrade, schedule a time for their upgrade to take place,

Shortly after, Microsoft maven Paul Thurrott confirmed the message. Apparently this is Microsoft’s version of an official announcement.

Both Foley and Thurrott believe that the message signals the long-anticipated switch of the Windows 10 upgrade from “optional” to “recommended” in Windows Update. As a “recommended” update, the Windows 10 installer launches automatically on Windows 7 and 8.1 computers with default settings.

I took one look at the announcement and scratched my head. Read it again and again, and I still can’t make heads or tails of it — if you can, I’d sure like to hear from you.

The October Windows Blog post talked about the end of the Windows 10 Reservations process, wherein potential upgraders could “reserve” their Win10 bits in advance. At that point, everyone who had reserved a copy of Windows 10 had received their copy. Many people found that the upgrade didn’t work, but the point is that the reservation system was disbanded in October. In that blog post, Windows honcho Terry Myerson said:

We will soon be publishing Windows 10 as an “Optional Update” in Windows Update for all Windows 7 and Windows 8.1 customers. Windows Update is the trusted, logical location for our most important updates, and adding Windows 10 here is another way we will make it easy for you to find your upgrade. Early next year, we expect to be re-categorizing Windows 10 as a “Recommended Update”. Depending upon your Windows Update settings, this may cause the upgrade process to automatically initiate on your device. Before the upgrade changes the OS of your device, you will be clearly prompted to choose whether or not to continue. And of course, if you choose to upgrade (our recommendation!), then you will have 31 days to roll back to your previous Windows version if you don’t love it.

It’s now early next year, and we’re all expecting to see “recommended” Windows 10 upgrade entries in Windows Update. I haven’t seen one on any of my Windows 7 or 8.1 PCs. Looking around the Web early Tuesday morning, I can’t find anybody who’s seen one. I certainly can’t find anyone who’s “previously reserved their upgrade” and is now anxiously awaiting an opportunity to install it. The reservation system died in October.

This is more than a lousy marketing exercise. Shortly after that Windows Blog announcement last October, Microsoft started pushing the Windows 10 upgrade as a “recommended” update in Windows Update. It took them a week, but Microsoft ultimately reverted to “optional” status for the update, claiming the action was “accidental.” Heaven only knows how many people moved from Windows 7 or 8.1 to Windows 10 because they clicked OK in an official Microsoft prompt.

Microsoft continues to assure us that “customers remain in full control and can easily decline the upgrade if they choose,” but we have no idea how the choice will be presented. Clearly, Microsoft needs to get upgraders to approve a new EULA. But is that the only point at which a customer can decline? Windows users are accustomed to clicking through EULAs without even reading them. Imagine the uproar if clicking on a EULA is the only action required to install Windows 10.

We also don’t know what happens if a customer declines the EULA. Will the installer come back again? Will it leave the PC in a bizarre state, with 3GB to 6GB of unwanted files hanging around in a hidden folder? What happens when you reboot?

In that October Windows Blog post, Myerson promised us a new feature:

You can specify that you no longer want to receive notifications of the Windows 10 upgrade through the Windows 7 or Windows 8.1 settings pages.

What happened to the promised setting?

Most of all, I’m curious to find out if Microsoft will honor the registry entry that it suddenly, silently documented in the Jan. 18, 2016, update to its Knowledge Base article “How to manage Windows 10 notification and upgrade options.” That article, KB 3080351, says:

To block the upgrade to Windows 10 through Windows Update, specify the following registry value:

Subkey: HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate

DWORD value: DisableOSUpgrade = 1

Which brings the description in line with what we had observed and published on Jan. 14.

Until we actually see a “recommended” Windows 10 update in the wild, it’s hard to say what Microsoft will do. Right now, if you’re content to stick with Windows 7 or 8.1 — after all, you still have six months left on the free upgrade offer — your best bet is to download and run Josh Mayfield’s GWX Control Panel. That’ll clean out the Get Windows X subsystem, reset the registry entries, and keep the hidden scheduled tasks from firing.

Whether GWX Control Panel will keep the “recommended” updates at bay — I have my fingers crossed.

Via: infoworld

Last week, luxury retailer Neiman Marcus Group (NMG) notified some customer’s attackers had gained unauthorized access to their online accounts.

According to the company, the incident dates back to on or around December 26, 2015, when intruders attempted various login and password combinations using automated attacks in an effort to access customers’ online accounts on the Neiman Marcus, Bergdorf Goodman, Last Call, CUSP and Horchow websites.

“We suspect this activity was due to large breaches at other companies (not the Neiman Marcus Group), where user login names and passwords were stolen and then used for unauthorized access to other accounts . . . where a user may use the same login name and/or password,” read the letter addressed to customers.

The attackers managed to access approximately 5,200 accounts, containing contact information, purchase history, and the last four digits of credit card numbers.

The retailer noted that sensitive information, such as Social Security numbers, dates of birth, full financial account numbers or PINs, were not visible through online accounts.

“At present, all indications are that the Neiman Marcus Group database of customer email addresses or passwords remain safe, and that our cyber defenses repelled more than 99% of the attacks,” the company said.

Hackers were able to make purchases on roughly 70 breached accounts, however, the retailer’s fraud team detected the unauthorized purchases and has since reimbursed affected customers.

Neiman Marcus is requiring impacted customers to change their account password the next time they log in.

Meanwhile, affected customers should also remain vigilant for suspicious activity on financial accounts, as well as credit reports.

In a data breach notice submitted to the California Office of the Attorney General, the company stated it has initiated a comprehensive response and investigation to understand the scope of the incident.

“It appears that our defense functioned as designed during the attack,” said the company. “Our team has taken significant steps to limit the ability of these individuals’ to access Neiman Marcus accounts.”

In January 2014, the retailer announced hackers used point-of-sale malware to steal the details of more than 1.1 million customer payment cards. After an investigation, the company said only about 350,000 cards had been affected.

Via: tripwire

The unencrypted drives held names, addresses, birthdates, Social Security numbers, member ID numbers and health information.

The healthcare provider Centene Corporation recently announced that it’s searching for six unencrypted hard drives that were unaccounted for in an inventory of IT assets.

The drives held the names, addresses, birthdates, Social Security numbers, member ID numbers and health information of approximately 950,000 people who received laboratory services between 2009 and 2015.

“While we don’t believe this information has been used inappropriately, out of abundance of caution and in transparency, we are disclosing an ongoing search for the hard drives,” Centene chairman, president and CEO Michael F. Neidorff said in a statement. “The drives were a part of a data project using laboratory results to improve the health outcomes of our members.”

All those affected are being offered free access to credit and healthcare monitoring services. “Centene is in the process of reinforcing and reviewing its procedures related to managing its IT assets,” the company said in a statement.

Hormazd Romer, head of product marketing at Accellion, noted by email that healthcare breaches keep occurring, despite the industry’s stringent compliance regulations. “Though the incident at Centene may not be linked to cybercrime, it still highlights the need for stronger security controls within highly regulated industries,” he said. “Unless the compromised data was encrypted, the individuals in possession of the hard drives now have access to very sensitive healthcare data, which is considerably more valuable on the black market than other forms of personally identifiable information.”

IDT911 chairman and founder Adam Levin said a breach like this can put patients’ lives in jeopardy. “When thieves or their customers exploit drug prescriptions, seek treatment or obtain medical procedures using stolen identities, they drain insurance coverage — leaving victims stranded when they are most vulnerable and in the greatest need,” he said. “In addition, health records can be contaminated and falsified: blood types can change and allergies can appear or disappear. This could mean the difference between life and death in emergency situations.”

The U.S. Department of Health and Human Services’ fines for potential HIPAA violations like these can be significant — in 2014, New York Presbyterian Hospital and Columbia University Medical Center were fined $4.8 million for failing to secure 6,800 patients’ PHI; in 2013, WellPoint agreed to pay $1.7 million for leaving 612,402 people’s PHI exposed online; and in 2012, Alaska’s Department of Health and Social Services agreed to pay a $1.7 million fine in connection with the theft of a hard drive containing 501 people’s PHI.

Bitglass this week released its 2016 Healthcare Breach Report, which found that one in three Americans were victims of healthcare data breaches in 2015, a massive increase over the previous year.

Ninety-eight percent of record leaks, the report found, were due to large-scale breaches such as the Premera Blue Cross and Anthem hacks. In total, more than 111 million Americans’ data was lost due to hacking or IT incidents in 2015, a massive increase from 12.5 million in 2014.

Via: esecurityplanet

Although the bank says it ‘successfully defended against the attack,’ personal banking services were inaccessible for several hours.

HSBC’s Internet banking services were made unavailable for several hours on January 29, 2016 as the bank’s system came under a DDoS attack, BBC News reports.

“We are working hard to restore services after HSBC internet banking came under a denial of service attack on Friday 29 January, which affected personal banking websites in the UK,” the bank said in a statement. “HSBC has successfully defended against the attack, and your transactions were not affected.”

As the BBC notes, the attack was launched not only on payday for many customers, but also two days before the deadline for self-assessment tax returns to be submitted in the U.K.

“Where taxpayers need information from their HSBC account, and they are currently unable to access this they can include an estimate in their return in order to file by 31 January,” a spokesman for HM Revenue and Customs (HMRC) told the BBC. “They have 12 months from the date they file to amend this with the correct information.”

Lieberman Software vice president Jonathan Sander told eSecurity Planet by email that it’s hard to know at this point how concerned to be about the potential impact of the attack. “Often DDoS attacks like this are a distraction technique; bad guys hit you hard on the left so you’re too busy to see them sneak in on the right,” he said. “DDoS attacks where bad guys flood your website with so much work they fold under the pressure aren’t even strictly a security issue on their own. Unless the DDoS is part of a recipe to steal stuff, it’s a nuisance that is more about someone flexing their muscles than doing damage.”

Still, Dave Martin, security expert and director at NSFOCUS IB, said the disruption to online services can be as damaging as a breach. “Damage to brand, loss of revenue and loss of customers due to service disruption often make up the majority of costs when measuring the financial impact of DDoS attacks,” he said. “The costs and technical barriers to execute a DDoS attack continue to decline. And unfortunately, this trend shows no signs of slowing.”

AlienVault senior vice president Richard Kirk said the attack should serve as a reminder that it’s time for cyber security risk to become a regular board-level discussion. “I wonder if the HSBC board, or any bank for that matter, regularly discusses how it should approach preparing and responding to cyber attacks and the growing risk to the business,” he said.

Imperva recently released its Global DDoS Threat Landscape report for Q4 2015, which found a 25.3 percent increase over the previous quarter in the frequency of network layer attacks. U.S.-based websites were the target of 47.6 of all DDoS attacks in Q4 2015, followed by the U.K. at 23.2 percent.

“Most notably, the second half of 2015 saw a surge in the use of DDoS-for-hire services,” Imperva senior digital strategist Igal Zeifman wrote in a blog post examining the findings. “These services let anyone having a PayPal account launch DDoS attacks of medium-to-high volume lasting between 30 and 60 minutes.”

“DDoS-for-hire has been around for a while,” Zeifman added. “However, increased availability of these tools, coupled with media attention and lackluster regulation, recently put this segment on an accelerated growth path. This has led to a surge in the number of DDoS attacks.”

Via: esecurityplanet

Starry is using millimeter wave technology to wirelessly deliver internet connectivity to homes. If successful, it could disrupt cable companies, telcos, and the broadband market.

Starry, a new startup by the founders of Aereo, wants to deliver faster internet access to your home wirelessly, and with no data caps or complicated contracts. Starry, a part of Project Decibel, announced its debut on Wednesday.

The technology works by leveraging what Starry claims is “the world’s first millimeter wave band active phased array technology for consumer internet communications.” Starry can deliver speeds up to one gigabit—comparable speeds to Google Fiber—using hardware that consumers can install themselves and get connected “in minutes.”

Typical Wi-Fi signals exist on the 2.4 GHz or 5 GHz radio bands. Millimeter waves, on the other hand, occupy what is sometimes referred to as the Extremely High Frequency (EHF) range from 30 GHz to 300 GHz. The EHF is traditionally used in fields such as radio astronomy and remote sensing, a geographical field.

Because these millimeters waves are a higher frequency than what is commonly used in Wi-Fi, and because they interact differently as they travel, they are better suited to transmit large amounts of data.

Gartner’s Akshay Sharma said to think of the millimeter waves like the sine waves in calculus.

“If you pack more ups and downs, or more cycles, per period of time, you’re actually packing in more data. So, you can think of them as zeroes and ones in a period of time,” Sharma said. “If you’ve got more zeroes and ones at the higher frequency, you’re going to have much higher data rates.”

And, the need for that extra data will be a reality very soon. Sharma mentioned that the May 2015 Cisco Visual Networking Index predicted that, by 2019, 80% of consumer internet traffic will be video. Additionally, the growing use of 4K and 8K video will create even greater strain.

Also, Sharma said, the technology is being experimented with for use in 5G connectivity as well. Samsung has trials in the higher frequency wave range and Nokia had trials above 70 GHz, he said. Millimeter wave frequency is not a requirement for 5G, but some feel that it’s the best option to push it forward.

Starry also makes use of orthogonal frequency-division multiplexing (OFDM), a technique that makes it easier to transmit data over a radio wave by splitting the signal into many, smaller sub signals. Additionally, it also leverages MU-MIMO (multiuser multiple input, multiple output) technology, which helps with bandwidth distribution and is currently being used in Wi-Fi and LTE.

Along with the new service, the company also announced a hardware product called the Starry Station, a Wi-Fi router that “provides users with a window into their home’s internet health and device connectivity.”

The 802.11ac Starry Station features a 3.8-inch capacitive touchscreen and has a built-in speed test, device finder, and parental controls. Additionally, users can get support directly through the Starry Station.

Small receivers stations are mounted outside of a user’s home and the signal is sent to the router by a WAN Ethernet connection. The speaks directly to what Sharma said would be the biggest challenge for properly leveraging millimeter wave tech in that higher frequency often “gives you worse in-building penetration if it’s an outdoor device.”

However, if the hardware is implemented correctly and the signal is routed properly, it seems like they could circumvent the issue with the current setup by having a power antenna outside the home connected by wire to a versatile router inside the home. Still, there are other challenges to using higher frequency bands in that line of sight is required most of the time and weather can interfere with the signal.

The Starry Station will cost $350 and interested users can reserve one on the company’s website until February 5, at which point they’ll be available for sale on Starry’s website and Amazon. Orders for the Starry Station are to begin shipping this March.

The Greater Boston area will be the first to get the Starry Internet beta this summer, but more cities will be announced as the year goes on. The company hasn’t released any details on pricing yet.

Top 3 takeaways

1. Starry will use millimeter wave band active phased array technology to deliver gigabit speed internet connection, wirelessly, to your home.
   
2. Starry also announced the $350 Starry Station, an 802.11ac Wi-Fi station that monitors your home network.
   
3. Starry presents an interesting option for SMBs and remote workers who need more speed and a fast implementation, and who don’t want to wait for fiber to be dug in their area.
   

Via: techrepublic