On April 30, the House’s Technology Service Desk informed users about an increase in ransomware-related emails on third-party email services like Yahoo Mail and Gmail.

“The House Information Security Office is taking a number of steps to address this specific attack,” the Technology Service Desk said in an email obtained and published by Gizmodo. “As part of that effort, we will be blocking access to Yahoo Mail on the House Network until further notice.”

The ban on Yahoo Mail access suggests that some House of Representatives workers accessed Yahoo mailboxes from their work computers. This raises questions: Are House workers using Yahoo Mail for official business, and, if they’re not, are they allowed to check their private email accounts on work devices?

If they use the same devices for both personal and work activities, one would hope that there are access controls in place to separate the work and personal data. Otherwise, if they are allowed to take those devices outside of the House’s network, they could just as easily become infected there, where the ban is not in effect.

“The recent attacks have focused on using .js files attached as ZIP files to e-mail that appear to come from known senders,” the House’s Technology Service Desk said. “The primary focus appears to be through Yahoo Mail at this time.”

The increase in ZIP and RAR attachments that contain malicious JavaScript (JS) files has been observed by multiple security companies in recent months. Microsoft offers several recommendations, like using the Windows AppLocker group policy to restrict the execution of .JS files.

The House Information Security Office also banned access to appspot.com, the domain name used by applications hosted on the Google App Engine platform, Reuters reported.

Source- http://www.thegurureview.net/aroundnet-category/u-s-house-of-representatives-block-yahoo-and-google-apps.html

Once a die-hard cloud holdout, Oracle has been making up for lost time by buying a foothold in specific industries through acquisitions such as this one. Last week’s Textura buy gave it a leg up in engineering and construction.

“It’s a good move on Oracle’s part, and it definitely strengthens Oracle’s cloud story,” said Frank Scavo, president of Computer Economics.

Opower’s big-data platform helps utilities improve customer service, reduce costs and meet regulatory requirements. It currently stores and analyzes more than 600 billion meter readings from 60 million end customers. Opower claims more than 100 global utilities among its clients, including PG&E, Exelon and National Grid.

Opower will continue to operate independently until the transaction closes, which is expected later this year. The union will create the largest provider of mission-critical cloud services to an industry that’s worth $2.3 trillion, Oracle said.

Oracle’s Utilities business delivers applications and cloud services that automate core operational processes and enable compliance for global electric, gas and water utilities.

“Oracle’s industry organizations maintain unique domain knowledge, specialized expertise and focused product investments,” said Rodger Smith, a senior vice president who leads the Utilities global business unit, in a letter to customers and partners. “This model has proven highly successful across several industries, and we look forward to bringing these same benefits to the customers of Opower.”

Source- http://www.thegurureview.net/aroundnet-category/oracle-pushes-deeper-into-cloud-computing-with-another-acquisition.html

That’s according to U.S. Department of Energy (DOE) officials, who run the national labs. A new program aims to connect manufacturers with supercomputers and the expertise to use them.

This program provides $3 million, initially, for 10 industry projects, the DOE has announced. Whether the program extends into future fiscal years may well depend on Congress.

The projects are all designed to improve efficiency, product development and energy use.

For instance, Procter & Gamble will get help to reduce the paper pulp in products by 20%, “which could result in significant cost and energy savings” in this energy- intensive industry, according to the project description.

Another firm, ZoomEssence, which produces “powder ingredients that capture all the key sensory components of a liquid,” will work to optimize the design of a new drying method using HPC simulations, according to the award description.

Some other projects in the initial implementation of what is being called HPC4Mfg (HPC for Manufacturing) includes an effort to help Global Foundriesoptimize transistor design.

In another, the Ohio Supercomputer Center and the Edison Welding Institute will develop a welding simulation tool.

The national labs not only have the hardware; “more importantly the labs have deep expertise in using HPC to help solve complex problems,” said Donna Crawford, the associate director of computation at Lawrence Livermore National Laboratory, in a conference call. They have the applications as well, she said.

HPC can be used to design and prototype products virtually that otherwise might require physical prototypes. These systems can run simulations and visualizations to discover, for instance, new energy-efficient manufacturing methods.

Source-http://www.thegurureview.net/computing-category/u-s-wants-to-help-supercomputer-makers.html

This is the second bout of attacks from the group of technology tearaways, according to Motherboard, which reports on the Clapper problem and its connection to a group known as Crackas With Attitude.

A member of the group, a young chap called Cracka, told Motherboard that access to a range of Clapper accounts had been seized, and that Clapper and the CIA haven’t a clue what’s going on.

“I’m pretty sure they don’t even know they’ve been hacked. You asked why I did it. I just wanted the gov to know people aren’t fucking around, people know what they’re doing and people don’t agree #FreePalestine,” he said.

The claims were supported by the Office of the Director of National Intelligence, which confirmed that something has happened and that the authorities are looking into it.

“We’re aware of the matter and we reported it to the appropriate authorities,” said spokesman Brian Hale, before going mute.

Cracka, representing himself on Twitter as @dickreject, is less quiet. He has tweeted a number of confirmatory and celebratory messages that are not particularly flattering about the CIA and its abilities.

This is the group’s second bite at the CIA cherry. The teenagers walked into the personal email account of CIA director John Brennan last year and had a good look around. Some of the impact of this was washed away when it was discovered that Brennan used an AOL account for his communications.

“A hacker, who describes himself as an American high school student, has breached the CIA boss’s AOL email account and found a host of sensitive government files that one assumes a government official shouldn’t be sending to his personal email address,” said security comment kingpin Graham Cluley at the time.

“I’m not sure what’s more embarrassing. Being hacked or having an AOL email account.”

Courtesy-TheInq

JP Rangaswami, who joined Deutsche Bank in January as its first-ever chief data officer, said better and cheaper metadata was allowing the bank to analyze previously inaccessible information.

“We are able to see patterns that we could not see beforehand, allowing us to gain insights we couldn’t gain before,” Rangaswami told Reuters in an interview.

Upgrading the technical infrastructure Deutsche Bank needs to get the most out of this data is a priority for Chief Executive John Cryan. He is trying to improve the performance of Germany’s biggest bank, which is struggling to adapt to the tougher climate for banks since the financial crisis.

Cryan, who unveiled a big overhaul at Deutsche on Oct. 29, said at the time that imposing standards on Deutsche’s IT infrastructure was key to improving controls and reducing overheads.

The CEO said in the October presentation that IT design had occurred in silos with the application of little or no common standards. “Our systems are disjointed, cumbersome and far too often just plain incompatible.”

An annual global survey of more than 200 senior bankers published last week by banking software firm Temenos found that “IT Modernization” was now top priority, displacing earlier investment objectives such as regulation and customer friendly mobile apps. IT modernization ranked only fourth among major priorities in the survey last year.

The shift toward technology as a priority shows the extent of the challenge facing banks to modernize infrastructure to analyze internal customer data and try to fend off competition from new financial technology companies.

Rangaswami, who was chief scientist at Silicon Valley marketing software giant Salesforce from 2010 until 2014, said the data would allow Deutsche to tailor services to customers’ needs and to identify bottlenecks and regional implications faster and solve problems more quickly.

Source- http://www.thegurureview.net/aroundnet-category/deutsche-bank-taking-a-deeper-dive-into-big-data.html

We say reportedly as we have not been able to contact Hilton ourselves and can rely only on reports. They are pretty solid reports, however, and they concern a problem at the company that happened between 21 April and 27 July.

Brian Krebs, of KrebsOnSecurity, started this off with a report about a payment card breach. Krebs said that he had heard about the breach from various sources, and that Visa – the card provider – has mailed potentially affected parties with a warning, and the news that it is the fault of a bricks and mortar company.

Visa did not name the company, but affected parties, or banks to be more precise, have uttered it to Krebs. Its name is Hilton.

“Sources at five different banks say they have now determined that the common point-of-purchase for cards included in that alert had only one commonality: they were all were used at Hilton properties, including the company’s flagship Hilton locations as well as Embassy Suites, Doubletree, Hampton Inn and Suites, and the upscale Waldorf Astoria Hotels & Resorts,” he wrote.

“It remains unclear how many Hilton properties may be affected by this apparent breach. Several sources in the financial industry told KrebsOnSecurity that the incident may date back to November 2014, and may still be ongoing.”

Krebs has a statement from the Hilton organisation in which the firm defended its security practices, and revealed that it is aware of the potential problem and is looking into it. This is a common theme among the breached, and should soon become part of mission statements.

“Hilton Worldwide is strongly committed to protecting our customers’ credit card information,” said the company in the statement to Krebs.

“We have many systems in place and work with some of the top experts in the field to address data security. Unfortunately the possibility of fraudulent credit card activity is all too common for every company in today’s marketplace. We take any potential issue very seriously, and we are looking into this matter.”

We have asked Visa and Hilton for their comments.

Source-http://www.thegurureview.net/computing-category/was-the-hilton-hotel-chain-hacked-in-april.html