Apple, in rare reversal, pulls plug on wireless charging mat

Apple Inc on Friday said it is canceling the AirPower wireless charging mat that the company announced in 2017 on the same day as its iPhone X, a rare public retreat for the gadget maker known for splashy product launches.

from Reuters: Technology News https://ift.tt/2CV5mqP

Saudi's Kingdom Holding to invest Careem proceeds in Europe, Saudi: CEO

Saudi Arabian investment firm Kingdom Holding will put the proceeds from the sale of its stake in ride-hailing startup Careem toward $600 million in investments in the kingdom and Europe, its chief executive told Reuters on Friday.

from Reuters: Technology News https://ift.tt/2HWyX6e

VMware Releases Security Updates

Original release date: March 29, 2019

VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the VMware Security Advisories VMSA-2019-0004 and VMSA-2019-0005 and apply the necessary updates.

---

This product is provided subject to this Notification and this Privacy & Use policy.

from US-CERT: The United States Computer Emergency Readiness Team https://ift.tt/2OAbGIH

This Week in Security News: Cybersecurity Skills Gap and Legislature

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn how the cybersecurity skills gap is affecting organizations. Also, learn how a bipartisan bill is working to close the gap.

Read on:

What Hacker History Can Tell Enterprises About Future Attack Strategy

This report delves into nearly two decades of hacking and malicious activity, which can also help point IT admins and decision-makers in the right direction with their security strategies.

 

Bipartisan Bill Aims to Close Gap in Congressional Cybersecurity

A bipartisan bill aims to close what is regarded as a major gap in congressional cybersecurity and extend the government’s protections to senators and their staffers’ personal phones and computers.

Global Telecom Crime Undermining Internet Security: Cyber-Telecom Crime Report

Understanding the current threat landscape can help reduce the impact of crimes like telecom fraud and prepare us for future threats in the age of the IoT.

These 20-Something Hackers Won $375,000 and a Model 3 for Finding a Tesla Bug

Two hackers exposed a security bug in the Tesla Model 3 that allowed them to hack into the electric car’s internal web browser during hacking competition Pwn2Own, hosted by Trend Micro’s Zero Day Initiative.

Cybersecurity Skills Shortage a Problem for Nearly 50 Percent of Organizations

The skills shortage problem showcased in an Opinium survey showed nearly 50 percent of 1,125 CISO respondents shared that it is a cause for concern for their organizations.

New Research Reveals How Adversarial Attacks Can Subvert Machine Learning Systems

A research paper published in the journal Science warns of the prospect of advanced techniques being used to throw machine learning (ML) systems off.

Norsk Hydro Ransomware Incident Losses Reach $40 Million After One Week

A week after suffering a crippling ‘LockerGoga’ ransomware infection, Norwegian aluminum producer Norsk Hydro estimates that total losses from the incident have already reached $40 million.

‘Long-Term Security Risks’ From Huawei

The Chinese company Huawei has been strongly criticized in a report issued by the National Cyber Security Centre, the body overseeing the security of its products in UK telecoms. 

Astronomical Costs, Geopolitical Headaches: Telecom Fraud is Too Big to Ignore, Report Says

International telecommunications fraud — including activities like consumer scams and corporate ripoffs — costs around $33 billion per year, according to a report published by Trend Micro and Europol.

Do you think the new bipartisan bill will close the cybersecurity gap? Why or why not? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.

The post This Week in Security News: Cybersecurity Skills Gap and Legislature appeared first on .

from Trend Micro Simply Security https://ift.tt/2uzSemn

Daimler buys Torc Robotics stake for self-driving trucks

Daimler Trucks has agreed to buy a majority stake in self-driving truck software maker Torc Robotics as part of a broader push to develop autonomous vehicles.

from Reuters: Technology News https://ift.tt/2OwFmXe

Daimler buys Torc Robotics stake in self-driving trucks push

Daimler Trucks has agreed to buy a majority stake in autonomous truck software maker Torc Robotics as part of a broader push to develop self-driving vehicles.

from Reuters: Technology News https://ift.tt/2V7XQzW

Xero Transforms Their Security Culture With CloudGuard IaaS

by Moti Sagey, March 25th 2019

 

As businesses continue to move their workflow into the cloud, the need for multi-layered protection is critical. The dynamic nature of cloud infrastructure introduces a variety of new challenges, so implementing advanced protection beyond the traditional security approach will help your organization ward off the next storm.

Xero, a global online platform for small businesses and their advisors, identified key challenges within their cloud infrastructure. The company was spending an immense amount of time and resources controlling the environment rather than fully supporting product innovation. Xero were looking for a solution that extend their security management-as-a-service feature to the DevOps teams without slowing down product development.

“Security was the first thing we thought about,” said Aaron McKeown, Head of Security Engineering and Architecture, Xero. “We had to think about data encryption, inbound and outbound traffic connectivity, and protection against web-based attacks like DDoS, cross-site scripting, and SQL injection attacks.”

The Xero team worked with Check Point to integrate CloudGuard IaaS into their architecture. Check Point CloudGuard IaaS delivers automated, multi-layered, elastic security that scales with the dynamic AWS environment. This enabled traffic to be directed to a defined “security zone” for security scrubbing based on any number of attributes—regulatory requirements, policy, type of traffic, and others.

“Check Point and AWS have released Xero from the constraints of traditional management and security practices,” said McKeown. “Together we enable a strong, positive security culture across the business without limiting growth in any way.”

Thanks to the automated security solution, Xero was able to transform the company’s security culture across security engineering, DevOps, and partnerships. Xero moved 700,000 customers, 59 billion records, $1 trillion worth of transactions to a secure, fully managed AWS environment in nine months. For more information about how Xero integrated CloudGuard into their security infrastructure, read about their customer case study here.

The post Xero Transforms Their Security Culture With CloudGuard IaaS appeared first on Check Point Software Blog.

from Check Point Software Blog https://ift.tt/2FAWTtm

Commando VM — New Windows-based Distribution for Hackers and Pentesters

FireEye today released Commando VM, a first of its kind Windows-based security distribution for penetration testing and red teaming. When it comes to the best-operating systems for hackers, Kali Linux is always the first choice for penetration testers and ethical hackers. However, Kali is a Linux-based distribution, and using Linux without learning some basics is not everyone's cup of tea

from The Hacker News https://ift.tt/2FLFjE7

Here's the List of ~600 MAC Addresses Targeted in Recent ASUS Hack

EXCLUSIVE — While revealing details of a massive supply chain cyber attack against ASUS customers, Russian security firm Kaspersky last week didn't release the full list all MAC addresses that hackers hardcoded into their malware to surgically target a specific pool of users. Instead, Kaspersky released a dedicated offline tool and launched an online web page where ASUS PC users can search

from The Hacker News https://ift.tt/2V4IDPQ

Volkswagen, Siemens to collaborate on industrial cloud technology

Volkswagen has selected Siemens as its integration partner to help connect its 122 plants to Amazon's cloud in an effort to raise efficiency in production, the two German companies announced on Friday.

from Reuters: Technology News https://ift.tt/2FAA5de

Elliott hikes stake in German 3D printer SLM Solutions to 29 percent

Activist investor Elliott has hiked its stake in German 3D printing firm SLM Solutions to 29.8 percent and is bringing in new supervisory board members following a series of profit warnings and a slump in the company's share price.

from Reuters: Technology News https://ift.tt/2OxpOCu

China's top market regulator calls for crackdown on online ad content

China's top market regulator on Friday demanded online platforms police advertisements more closely, marking another effort from the government to clean up "illegal" web content.

from Reuters: Technology News https://ift.tt/2FIquCr

Critical Magento SQL Injection Vulnerability Discovered – Patch Your Sites

If your online e-commerce business is running over the Magento platform, you must pay attention to this information. Magento yesterday released new versions of its content management software to address a total of 37 newly-discovered security vulnerabilities. Owned by Adobe since mid-2018, Magento is one of the most popular content management system (CMS) platform that powers 28% of

from The Hacker News https://ift.tt/2JNaD9v

Huawei urges U.S. to drop 'loser's attitude' as carrier business revenue slips

China's Huawei Technologies called on Washington to drop the "loser's attitude" and once again rubbished U.S. allegations its gear could be used by Beijing for spying, as its network business weakened amid mounting global scrutiny.

from Reuters: Technology News https://ift.tt/2uw6Dji

Facebook removes online network in Philippines over 'inauthentic behavior'

Facebook Inc has removed a social media network in the Philippines for "coordinated inauthentic behavior", and took the unusual step of linking it to a businessman who said he had managed the president's online election campaign in 2016.

from Reuters: Technology News https://ift.tt/2HNZX8J

Ex-NSA Contractor Pleads Guilty to 20-Year-Long Theft of Classified Data

A former National Security Agency contractor—who stole an enormous amount of sensitive information from the agency and then stored it at his home and car for over two decades—today changed his plea to guilty. The theft was labeled as the largest heist of classified government material in America's history. Harold Thomas Martin III, a 54-year-old Navy veteran from Glen Burnie, abused his

from The Hacker News https://ift.tt/2HXVhMY

Facebook blocks 200 accounts in Philippines

Facebook Inc said on Thursday the company removed 200 pages, groups and accounts on Facebook and Instagram in the Philippines, citing "coordinated inauthentic behavior".

from Reuters: Technology News https://ift.tt/2HVjovG

Amazon Web Services to open infrastructure location in Colombia

Amazon Web Services (AWS), a unit of Amazon.com Inc, said on Thursday it will open a Latin America infrastructure location in Colombia and help train 2,000 students in cloud technology.

from Reuters: Technology News https://ift.tt/2FEYEp5

China's Huawei posts 25 percent rise in 2018 profit on smartphone sales

China's Huawei Technologies, the world's third-largest smartphone maker, reported a 25 percent jump in 2018 net profit, buoyed by a solid performance in its home market and a booming smartphone business.

from Reuters: Technology News https://ift.tt/2U0ZLcZ