BlogHotel.orgAccueil | Créer un blog | Imprimer la page Imprimer | Blog hasard Au hasard | Chercher des blogs Rechercher | Entrer dans le chat du blog Chat | | Jeux Jeux | Adminitration et édition du Blog Manager

12/12/2017 - Lenovo IdeaPad U460 Battery www.all-laptopbattery.com

“CYOD makes for faster and more informed decisions. Some customers of ours at a dinner in Mexico City needed information from their server to prove a point."If they had used their laptops and waited to boot up, negotiate VPN connections and search servers the moment was lost. But they used Acronis Access on their tablets to open the documents they needed in seconds.”The bottom line is that corporate data must remain safe. BYOD holds many attractions, including slashed procurement costs, but the complexity of managing employee-owned devices increases security risks.CYOD brings benefits for three distinct groups. The business can offer finite product lists that allow competitive technology procurement in volume, while knowing that employees are equipped with devices that meet compliance standards.IT teams can stop trying to herd myriad employee-owned devices and instead provide managed access to a known population of tested and approved kit.And end-users get to use devices that deliver the consumer experience they crave while providing access to all the company stuff they need.

Organic BYOD has been criticised for exposing corporate data to breaches and security attacks. CYOD policies are sometimes bashed for restricting devices to safeguard business-critical information.For some companies the risks are worth taking but for others security is still prized more highly than employee satisfaction.Security arguments against first-generation BYOD principles are frequently countered by claims that letting people use their own technology saves money – a convincing consideration for smaller enterprises.But expanding the choice of CYOD devices to make users happier can cost more than many anticipate. HP highlights the costs of having to support multiple operating systems and hardware platforms, and device manufacturers could also have a problem with CYOD.“Insight has spoken to more than 100 providers concerned that they would lose control over the buying cycle and lose their position on the supply chain, and that end-users might even go to consumer stores to buy low-grade products rather than the professional equipment manufacturers would provide,” says Cornum.A Russian research team has found vulnerabilities in millions of the world's SIM cards, and separate flaws in common 4G modem platforms. Together, the bugs could allow attackers to send crafted SMS text messages to gain access to critical systems and install malware on connected computers.

In one dramatic and hypothetical example, the research team of six from outfit SCADA StrangeLove showed how track switching mechanisms in the European Rail Traffic Management System could be altered by remote attackers targeting computers and devices on trains and tracks.They found what fellow SRlabs researcher Karsten Nohl estimated was 'millions' of the world's SIM cards that could be impersonated by attackers who captured the users' Temporary International Mobile Subscriber Identity and decryption key (Kc), numbers that were designed to stop eavesdropping between devices and phone towers.It built on Nohl's research last year that revealed SIM flaws could allow attackers to intercept calls and target wireless NFC applications like contactless payments through crafted text messages.He found telcos had done little in the two months to September to fix the flaws. They now face further attack vectors in SIMs and mobile 4G dongles.Attackers would need four flaws to align to take advantage of the remote Kc disclosure, including as Nohl explained to Vulture South:

"Only if all four hold, can a decryption key (Kc) be queried remotely," Nohl explained of the work. "Given that there are billions of SIMs out there, the attack still affects many millions of them."It was unknown if Australian SIMs were affected but antipodean modems were thought to be susceptible due to shared platforms, Gordeychik said."Vulnerabilities in modern SIM cards allows attackers to obtain important information which is enough to spoof a victim's identity – or 'clone' a phone in a network – or to decrypt traffic by two special crafted SMS messages," Gordeychik said in an email.Attackers could also cause mass denial of service by entering incorrect PINs and PUKs on targeted SIM cards.The SCADA StrangeLove team were further able to remotely install malicious applications on 4G modem cards to then update firmware, change passwords on the web management portal, and even gain access to the internal networks of telcos.

They found crafted text messages sent to vulnerable 4G modems could allow attackers to install bootkits on machines connected using modem dongles by reprogramming the devices to serve as storage and human interface devices (HIDs)."Advanced attacks allow attackers to reprogram 4G modems remotely, sometimes via SMS, making them act as a HID and storage device to emulate key presses, reboot connected laptop and install bootkits," Gordeychik said.Separate findings included 550 GPRS Tunnelling Protocol hosts, mostly gateway GPRS support nodes, connected to the internet that allowed attackers to emulate serving GPRS support nodes to establish GPRS connections over the internet.The attacks were presented at security conferences PacSec and ZeroNights, and are to be explained in an upcoming paper affected a host of systems including supervisory control and data acquisition (SCADA) machines, ATMs and various Internet of Things devices.

Attackers could use tools including the modified open source software Osmocombb, Calypso based phones (pdf) or online SMS gateways.Fixing the vectors was not simple. Gordeychik said telcos were the only entities that could push vendors to fix vulnerable SIMs and modems by following secure coding practice, while CERTs were responsible for internet infrastructure issues like the GPRS Tunneling Protocol.The research team of Gordeychik; Alexey Osipov; Timur Yunusov; Alexander Zaitsev; Gleb Gritsai; Kirill Nesterov, and Dmitry Sklyarov tested more than 100 SIM cards and 'dozens' of 4G USB modems purchased across Europe, the Middle East and the US, and reported their findings to telcos, device vendors and computer emergency response teams including Japan's CERT. The smoking gun was the message one of Rigby’s attackers - Michael Adebowale - had sent to an overseas individual via Facebook not seen until after the attack, in which Adebowale said he intended to murder a soldier.Leading sections of the influential mass-circulation UK media overlooked M15’s failings and took the bait on Facebook bashing.

In truth, whether Facebook in this case and other social networks in general are culpable is irrelevant and it seemed clear we were being softened up. Earlier in November, GCHQ chief Robert Hannigan reckoned web firms are “in denial” in their role they play helping terrorism saying they’d become “command and control networks of choice” for web-savvy extremists. “GCHQ and its sister agencies, M15 and the Secret intelligence Service, cannot tackle these challenges at scale without greater support from the private sector, including the largest US technology companies which dominate the web,” he wrote in the Financial Times.At the end of November, the final shoe dropped: UK home secretary Theresa May proposed a Counter-Terrorism and Security bill that would force firms to hand details to police letting them identify who is using a computer or a mobile phone.

Snowden - yeah, we’ve heard all about that. But what about this extract: a beyond top-secret GCHQ listening post in the Gulf sucking up voice and data comms from nine submarine cables passing through the Gulf and into the Red Sea. Uncovered by investigative journalist Duncan Campbell writing in The Reg, the base operates six large satellite dishes and is part of the ECHELON intercept system run by the Five-Eyes intelligence services run by the US, UK, Australia, Canada and New Zealand.Based at Seeb in the state of Oman, the base is something of a jewel in the intelligence crown because of its position at the apex of those nine cables, with data copied and then sifted. It has a broad remit with spooks free to operate under a set of cursory controls and official warrants.What does Take-That’s Gary Barlow have in common with Google, Amazon and Facebook? No, not that he’s probably a user of each - rather they all got in hot water for avoiding paying tax to HMRC. In Barlow’s case, he and his Take Thaters were outed for avoiding £66m using an aggressive tax planning service run by Icebreaker - once employed by comedian Jimmy Carr.In the case of Google, Amazon and Facebook the story of their aggressive tax planning entered a new chapter as governments began closing the loopholes that had let them minimize their tax bills.

Amazon was found to have routed more than £11bn through its Luxembourg strategy, Amazon EU SARL, leaving it paying just £4m in UK corporate tax while also claiming a £4bn tax rebate from the Luxembourg government. Multi-billion-dollar-earning Facebook was found to have paid less than a tiny fraction of that amount to tax to the UK government in 2012 - while also claiming a rebate that earned the giant a credit of £192,027. Google in the same year paid just £11.2m in corporate tax in the UK having funnelled billions out of the country to its European HQ in tax friendlier climate of Ireland.Britain fought back with a planned “Google Tax” - a 25 per cent tax on multinationals who do “a lot of activity in the UK” like sales. It follows a recent proposal in Spain and similar plans in Germany and Belgium that fell apart.

Laisser un Commentaire! :: Envoyer à un ami!

A Propos

Laptop Akku kaufen - Akkus/Adapter für Asus, Dell, Acer, Apple, HP / Compaq, IBM, Lenovo, Sony usw. bei akkukaufen.com store. Alle billige Ersatzakku 15% Rabat! Hochwertige Laptop Ersatzakkus.

Derniers Articles
Menu
Créer un Blog gratuit
Amis
Liens


Article 171 sur 266
Précédent | Suivant

Blog suivant >> Signaler un abus?Haut de page