GIXtools project

Yahoo has blamed its massive data breach on a “state-sponsored actor.” But the company isn’t saying why it arrived at that conclusion. Nor has it provided any evidence.

The lingering questions are causing some security experts to wonder why Yahoo isn’t offering more details on a hack that stole account information from 500 million users.

“I think there’s a lot of fishiness going on here,” said Michael Lipinski, the chief security strategist at Securonix.

Yahoo didn’t respond to a request for comment. The company has protocols in place that can detect state-sponsored hacking into user accounts. In a December 2015 blog post, the company outlined its policy, saying it will warn users when this is suspected.

To read this article in full or to leave a comment, please click here

Microsoft’s servers are now powered by optimized custom chips that joined together to translate the entirety of Wikipedia in literally less than a blink of an eye.

In a demonstration at Microsoft’s Ignite conference on Orlando, Microsoft tapped what it called its “global hyperscale” cloud to translate 3 billion words across 5 million articles in less than a tenth of a second.

Microsoft helped custom-design the programmable logic components, or Field Programmable Gate Arrays (FPGAs), that it has added to each of its computing nodes. The company recognizes that smarter, more computationally intensive technologies will require more computing power on the back end, whether those technologies revolve around Microsoft’s own Cortana digital assistant—which can now intelligently reschedule your workout to meet your fitness goals—or something that can recognize a distracted drivers, as the automobile manufacturer Volvo is researching.

To read this article in full or to leave a comment, please click here

Use your smartphone to open this padlock from Master Lock. Share access, monitor access history and receive alerts if someone is tampering. Designed for outdoor use, its shackle offers 2 inch vertical clearance and is made of boron for maximum resistance to cutting and sawing. The lock features alternate methods of access for when Bluetooth isn’t available or the replaceable battery dies. Its typical list price of $89 has been reduced 34% to $59 (see on Amazon). An indoor version is available, also at a discount (28% off, $50 — See on Amazon).

To read this article in full or to leave a comment, please click here

As its name clearly states, Logitech’s K780 Multi-Device Wireless Keyboard promises to be the one keyboard to rule all your computing gizmos. Indeed, it’s fully compatible with Windows, Mac OS, Chrome OS, Android, and iOS—and more importantly, it provides fast and effortless switching between your computer, smartphone, and tablet.

This full-size, six row keyboard features a complete set of function keys and a number pad. Certain keys—such as Alt and Ctrl—will automatically change functions depending on which operating system you’re working in. Running the length of the keyboard is a rubberized tray that holds your mobile devices at the correct viewing angle.

To read this article in full or to leave a comment, please click here

Security researchers have found a new Mac OS X malware that appears to be targeting the aerospace industry.

The Trojan, called Komplex, can download, execute, and delete files from an infected Mac, according to security firm Palo Alto Networks. Interestingly, the Trojan will also save a PDF document to the infected system concerning the Russian space program.

The PDF document details planned Russian space projects from 2016 to 2025, but it acts as a decoy, Palo Alto Networks said in Monday blog post.

In reality, the Trojan is a package of tools that will attempt to secretly communicate with its creators’ command-and-control servers. This includes sending back data on the version, username, and process list running on the infected system. The Trojan can also receive instructions, and it will forward the results to the control servers.

To read this article in full or to leave a comment, please click here

Military-style data transportation. That’s how Corsair describes their Flash Survivor Stealth series of USB flash drives. Its anodized, aircraft-grade aluminum housing is waterproof to 200 meters, vibration-resistant, and shock-resistant while small enough to fit on your keychain. USB 3.0 offers read speeds up to four times faster than traditional USB 2.0 drives, so it’s fast enough to play most videos directly from it, without having to transfer to a hard drive first. The drive is backwards compatible to 2.0 as well. Just plug it in, and it works with Windows, Mac OS and Linux without any additional software or drivers. This product also comes with a limited 5 year warranty. It averages 4.5 out of 5 stars from over 170 people on Amazon (read reviews), many of which report it’s still alive after years of hard use. The 256GB model’s list price of $156 has been reduced 42% to $91.30. If 256GB is more storage than you need, they have a 32GB model that’s currently discounted 25% ($20.73 — See it on Amazon).

To read this article in full or to leave a comment, please click here

U.S. Sen. Mark Warner, D-Va., on Monday urged the U.S. Securities and Exchange Commission to investigate whether Yahoo met its legal obligations to keep the public and investors informed about a massive breach of 500 million Yahoo accounts.

In a letter to the SEC, Warner said Yahoo failed to file a Form 8-K disclosure to the public about the breach, and that the company said in a proxy statement on Sept. 9 that it had not experienced any breaches.

Warner said Yahoo knew about the breach as early as July but didn’t inform Verizon, which is in the process of acquiring Yahoo, until Sept. 20. Verizon said on July 25 it would buy Yahoo’s internet business for $4.8 billion.

To read this article in full or to leave a comment, please click here

Apple is expanding its partnership with Sonos by bringing in the company’s most popular Wi-Fi speakers to an Apple store near you.

Sonos announced that U.S. customers will be able to get the Play:1 and Play:5 on Apple.com by the end of Monday. These Sonos home speakers will also be coming to 468 Apple retail locations around the world starting October 5. And if you buy your Sonos speaker from Apple through December 31, you will receive a gift card to activate a free three-month trial of Apple Music.

“Our expanded collaboration with Apple is a great example of our ongoing work with our full ecosystem of partners to make it easier than ever to listen to music out loud at home,” President of Sonos Patrick Spence said in a statement. “Apple Music on Sonos is a powerful experience, one we’re proud to bring directly to Apple fans at Apple Stores worldwide.”

To read this article in full or to leave a comment, please click here

Security researchers have been warning for years that poor security for internet of things devices could have serious consequences. We’re now seeing those warnings come true, with botnets made up of compromised IoT devices capable of launching distributed denial-of-service attacks of unprecedented scale.

Octave Klaba, the founder and CTO of French hosting firm OVH, sounded the alarm on Twitter last week when his company was hit with two concurrent DDoS attacks whose combined bandwidth reached almost 1 terabit per second. One of the two attacks peaked at 799Gbps alone, making it the largest ever reported.

To read this article in full or to leave a comment, please click here

Today’s savvy bank robbers don’t break into vaults looking for gold or diamonds: They’re more likely to be hacking networks looking for access to the Swift payment system. Illusive Networks wants to catch them in the act.

In February, hackers exploited Bangladesh Bank’s access to the Swift fund transfer network to steal US$81 million — and almost got away with $951 million.

They had infiltrated the bank’s network, installing malware on the Swift Alliance Access server that exchanged messages with the gateway to Swift’s secure fund transfer system. They used the bank’s Swift credentials to order payments, while their malware interfered with the printing of confirmation messages, delaying the bank’s discovery of the electronic heist.

To read this article in full or to leave a comment, please click here

Today’s savvy bank robbers don’t break into vaults looking for gold or diamonds: They’re more likely to be hacking networks looking for access to the Swift payment system. Illusive Networks wants to catch them in the act.

In February, hackers exploited Bangladesh Bank’s access to the Swift fund transfer network to steal US$81 million — and almost got away with $951 million.

They had infiltrated the bank’s network, installing malware on the Swift Alliance Access server that exchanged messages with the gateway to Swift’s secure fund transfer system. They used the bank’s Swift credentials to order payments, while their malware interfered with the printing of confirmation messages, delaying the bank’s discovery of the electronic heist.

To read this article in full or to leave a comment, please click here