Spyro Reignited Trilogy release delayed until November

Spyro Reignited Trilogy release delayed until November

Spyro Reignited Trilogy release delayed until November

Activision and Toys For Bob, the developers behind the Spyro Reignited Trilogy package, have announced that the game will only be arriving on November 13, two months late than the original date of September 21.

Paul Yan, Co-Studio Head at Toys For Bob, said on the Activision Blog that the game “needs more love and care” and that they as a studio are “committed to getting these games right” and have therefore decided to push back the launch for PS4 and Xbox One.

To ease the pain of the anticipation, go ahead and watch the playthrough below:

By Daniëlle Kruger
Follow Daniëlle Kruger on Twitter
Follow IT News Africa on Twitter

Powered by WPeMatico

Five ways you a can create the perfect password and why you should

Five ways you a can create the perfect password and why you should

Five ways you a can create the perfect password and why you should.

Stories of people being hacked online are becoming more common these days. Many people have had their accounts, whether Facebook or Twitter, compromised.  Avoiding these kinds of hacks mean that one needs to use stronger passwords, but this won’t keep you secure from all the threats out there.

It is also important to ensure that there is a secure password for every service you use.

“Most sites today require a combination of capital letters, numbers and occasionally a special character. However, there are common patterns that most of us tend to use, like starting with a capital letter and ending with a couple of numbers. If a special character is required, we typically place it on the end. The bad guys know this. With machines equipped with today’s off-the-shelf processing power, even these seemingly complicated passwords are cracked in relatively short time”, said Martin Walshaw, Senior Engineer at F5 Networks.

Sometimes you are tempted to recycle your password mainly because it is easier to remember. It is okay to recycle but only if the website does not store any store personal information. You should always memorize your password never write it down. Other services like a password management tool could help with storing your password. These services automatically generate passwords and allow you to select the level of complexity, pattern type, and length.

“So, what happens when the bad guys acquire your credentials? You might think the password is hashed or encrypted and are therefore protected. In the case of LinkedIn 2012 data set, the SHA1 algorithm was used, which is now considered a broken hash and should not be used. To make things worse, the passwords were hashed without first being “salted” (i.e. adding more data to the password to hide its true meaning),” said Walshaw.

How then do you create the perfect password? Here is a list of 5 ways to help you create a password that is harder to crack.

1. Longer is better.
The more characters a password has, the harder it becomes for people to get it right. Mix letters, numbers, and punctuation and, when possible, include both uppercase and lowercase letters. Made up or altered words are better than actual words. You should go for passwords that are a minimum of 12 to 14 characters in length. A longer password would be even better.

2. Avoid calendar dates
As part of the numeric portion of the password. Don’t use account numbers or other billing information as part of a password. Passwords like “123456” are still the most used. Don’t Do This. It is easier for hackers to crack such passwords.

3. Avoid personal information
Personal information that can easily be looked up or verified should be avoided. The use of adjacent keys or consecutive numbers are easy for others to notice and should be avoided.

4. Use a password manager
One other way to keep track of all those passwords is to use an online password management option. These tools are easy to set up and useful in helping you manage all your passwords. They have strong encryption and allow you to unlock and auto-fill your passwords and other information with one master password.

5. Separate your passwords
Maintain a separate password for each highly sensitive account, such as email, financial institutions, and social media.

“The fact is that more than 1.1M people chose the password “123456” and nearly 190,000 people chose “password”. If people are using such configurations for LinkedIn, then there is a good chance they are adopting the same password on more sensitive sites, such as bank accounts, which might be more interesting to cybercriminals”, said Walshaw.

Walshaw advises people to be responsible for their personal information. He said, “Cybercriminals spend enormous effort trying to access your information for unscrupulous commercial gain. By adopting best practice and investing in personal security, your vital credentials will remain encrypted, which means that should a hack take place then you automatically devalue the stolen data for the cybercriminal. Don’t ignore the dangers of the Dark Web – cybersecurity is all of our responsibility. Stay safe.”

By Fundisiwe Maseko
Follow Fundisiwe Maseko on Twitter
Follow IT News Africa on Twitter

Powered by WPeMatico

Criminals target fax machines to hijack networks and spread malware

Criminals target fax machines to hijack networks and spread malware

Research reveals how criminals target fax machines to take over networks and spread malware.

New research from Check Point, a provider of cyber-security solutions globally, has shown how organisations and individuals could be hacked via their fax machines, using newly discovered vulnerabilities in the communication protocols used in tens of millions of fax devices globally. A fax number is all an attacker needs to exploit the flaws, and potentially seize control of a company or home network.

The Check Point research demonstrated the vulnerabilities in the popular HP Officejet Pro All-in-One fax printers. The same protocols are also used by many other vendors’ faxes and multifunction printers, and in online fax services such as fax2email, so it is likely that these are also vulnerable to attack by the same method. Following discovery of the vulnerabilities, Check Point shared the findings with HP, which was quick to respond and to develop a software patch for its printers, which is available on HP.com.

Not often perceived as modern-day technology, there are over 45 million fax machines in use in businesses globally, with 17 billion faxes sent every year. It is still widely used in several Industry sectors such as healthcare, legal, banking and real estate, where organizations store and process vast amounts of highly sensitive personal data. The UK’s National Health Service alone has over 9,000 fax machines in regular use for sending patient data. In many countries, emails are not considered as evidence in courts of law, so fax is used when handling certain business and legal processes. Nearly half of all laser printers sold in Europe are multifunction devices which include fax capability.

“Many companies may not even be aware they have a fax machine connected to their network, but fax capability is built into many multifunction office and home printers,” said Yaniv Balmas, Group Manager, Security Research at Check Point. “This groundbreaking research shows how these overlooked devices can be targeted by criminals and used to take over networks to breach data or disrupt operations.

“It’s critical that organizations protect themselves against these possible attacks by updating their fax machines with the latest patches and separating them from other devices on their networks,” Balmas continued. “It’s a powerful reminder that in the current, complex fifth-generation attack landscape, organisations cannot overlook the security of any part of their corporate networks.”

Once an attacker obtains an organisation’s fax number (which is easily obtainable from corporate websites), the attacker sends a specially created image file by fax to the target. The vulnerabilities enable malware (such as ransomware, crypto-miners or spyware) to be coded into the image file, which the fax machine decodes and uploads to its memory. The malware can then potentially breach sensitive data or cause disruption by spreading across any networks to which the fax machine is connected.

To minimize the security risk, Check Point advises that organisations check for available firmware updates for their fax devices and apply them. Businesses are also urged to place fax devices on a secure network segment separated from applications and servers that carry sensitive information. That will limit the ability of malware to spread across networks.

The vulnerabilities were presented by Check Point researchers Yaniv Balmas and Eyal Itkin at DEF CON 26, the leading security and hacking conference. For more information on these findings, visit Check Point’s corporate blog. For full details of the vulnerabilities found by Check Point’s researchers, visit Check Point’s Research Blog.

Edited by Fundisiwe Maseko
Follow Fundisiwe Maseko on Twitter
Follow IT News Africa on Twitter

Powered by WPeMatico

Google employees protest censored search engine For China

Google employees protest censored search engine For China

The employees are demanding more transparency so they can understand the moral implications of their work, said the Times, which obtained a copy of the letter.

About a thousand Google employees have signed a letter protesting the company’s efforts to build a censored version of its search engine in China, as reported by The New York Times.

The employees are demanding more transparency so they can understand the moral implications of their work, said the Times, which obtained a copy of the letter.

It has been signed by 1,400 employees and is circulating on the company’s internal communications system, the newspaper said, quoting three people who are familiar with the document.

The letter argues that the search engine project and Google’s apparent willingness to accept China’s censorship requirements “raise urgent moral and ethical issues.”

“We urgently need more transparency, a seat at the table and a commitment to clear and open processes: Google employees need to know what we’re building,” the letter said. It also asked the company to let employees be a part of ethics reviews and publish ethical assessments of projects that are seen as controversial. The letter said Google’s willingness to work within China’s censorship laws raises “urgent moral and ethical issues,” and that employees currently don’t have the information needed “to make ethically-informed decisions about our work, our projects and our employment.”

Employee anger flared with a report earlier this month in The Intercept that Google is secretly building a search engine that will filter content banned in China and thus meet Beijing’s tough censorship rules.

The multinational tech company withdrew its search engine from China eight years ago due to censorship and hacking.

Google did not immediately respond to comment. The company has repeatedly ignored requests for comment, despite being responsive to commenting on other stories. Its sole statement on its situation in China is from August 3rd: “We provide a number of mobile apps in China, such as Google Translate and Files Go, help Chinese developers, and have made significant investments in Chinese companies like JD.com. But we don’t comment on speculation about future plans.”’

Edited by Neo Sesinye
Follow Neo Sesinye on Twitter
Follow IT News Africa on Twitter

Powered by WPeMatico

F5 appoints David Helfer as Senior Vice President for EMEA Sales

F5 appoints David Helfer as Senior Vice President for EMEA Sales

David Helfer, newly appointed Senior Vice President for EMEA Sales at F5 Networks.

F5 Networks has announced the appointment of David Helfer as its new Senior Vice President of Sales for the UK, Europe, Middle East, and Africa (EMEA). A veteran leader of high-performance global teams, David has more than 25 years of deep industry knowledge in the technology sector. He first joined F5 in 2016 as Senior Vice President, Worldwide Partners & Cloud Sales.

“David is an accomplished leader with a strong global track record. With his customer development experience and deep commercial pedigree, we look forward to David continuing to accelerate F5’s application security and cloud leadership across EMEA,” said Chad Whalen, Executive Vice President, Worldwide Sales, F5 Networks.

Prior to F5, Helfer was Vice President of Worldwide Channels at the mobility cybersecurity company Lookout, where he also held the role of Direct Sales Manager for all of Asia Pacific and Inside Sales. For nearly 15 years, David also held senior positions at Juniper Networks as head of Worldwide Channels, Vice President of Commercial and Inside Sales, and while based in London, Vice President of EMEA Partners and Alliances. Helfer joined Juniper Networks in 2000 from UUNET, where he was working as Global Sales Director.

David holds a BA degree in Political Science from Kalamazoo College, Michigan, and he also attended the International Study Program from the Universidad de Extremadura, Cáceres, Spain.

Helfer is a sought-after public speaker and thought leader, regularly participating in high-profile events, roundtables, and global media engagements.

“I am delighted to head EMEA Sales and strengthen F5’s leadership position in the application security and cloud markets,” said David Helfer. “F5 is uniquely positioned to help EMEA businesses cope with a rapidly shifting threat landscape, soaring data privacy concerns and emerging, cloud-driven business imperatives. I have an exceptionally talented team of technical experts and sales professionals committed to growing our customer and partner relationships across the region. We now need to take initiatives to the next level by further enhancing and securing our customers’ apps – irrespective of where they reside.”

Edited by Fundisiwe Maseko
Follow Fundisiwe Maseko on Twitter
Follow IT News Africa on Twitter

Powered by WPeMatico

Motorola mimic’s Apple iPhone X

Motorola mimic’s Apple iPhone X

Motorola unveils new Moto P30 flagship.

Motorola’s new high-end Moto P30 6.2-inch phone has launched in China, looking uncannily like the Apple iPhone X.

Unveiled just hours after press renders of the smartphone appeared online, Motorola has been criticised for revealing a “shameless” copy of the iPhone X as its new model.

Similar to the iPhone X, the Motorola P30 boasts a metal and glass design with rounded corners, a sizeable notch at the top of its display, and a vertical dual camera array on its backside that’s almost indistinguishable to that found on Apple’s flagship.

Moto P30 comes with an octa-core Snapdragon 636 processor, 6GB of RAM, up to 128GB of storage, a 6.2-inch display with a resolution of 2246×1080 pixels, and a 3000mAh battery. For the camera, Motorola has included a 16MP sensor with a 5MP secondary sensor on the back — the system makes use of some sort of AI to take shots with “more refined depth of field effect”, much like the iPhone’s portrait mode camera. The device also ships with Android 8.0.

Moto P30 will go on sale next month, starting at 2,099 RMB which is roughly around $300. It’s available in black, white, and two-tone purple/blue model.

Motorola is basically making an iPhone X that runs Android. But is that so bad? 🤔 https://t.co/kqbj5zB1yq

— Android Central (@androidcentral) August 14, 2018

Edited by Neo Sesinye
Follow Neo Sesinye on Twitter
Follow IT News Africa on Twitter

Powered by WPeMatico

Black Hat: Protecting Industrial Control System

Black Hat: Protecting Industrial Control System

Cameron Camp, security researcher at ESET

Industrial Control System (ICS) security was ramped up at Black Hat USA – with packed sessions ranging from specific attacks to vulnerable hardware – all with the aim of protecting critical infrastructure, whose security shortcomings so frequently hit the headlines these days.

While industrial control protocols themselves are horribly insecure, there is an attempt to bolt on security hardware and software to check for anomalous communication patterns. But while this is certainly progress, it’s only part of the whole picture.

In my experience, the communication to the industrial equipment wasn’t malicious at the packet level. The equipment was following legitimate commands, albeit for a malicious purpose. This is why security is difficult.
Think of it as a rogue insider, but a digital one. Once attackers gained access to the network, the limited ICS/SCADA (supervisory control and data acquisition) defenses didn’t stop legitimate commands emanating from legitimate – but compromised – workstations.

Also at Black Hat, we saw critical networks strapping on remote communication devices over cellular networks to monitor systems, and those devices often had critical misconfiguration errors allowing attackers to gain access and mine data that would inform future attacks. Again, these entry points were protectable, but weren’t protected.
Industries controlled by ICS sit at an interesting junction where the practitioners who are best able to keep the machinery running have been around long enough to have not grown up digital, and there seems to be a natural resistance.

I recently interviewed a senior engineer for a critical infrastructure firm. He explained there was little incentive to stray beyond his areas of expertise, into network security or other digital domain issues. He wouldn’t receive a pay raise, as he was already at or near the top of his pay scale, and he felt nervous about making mistakes that could get him in trouble. In short, there was a lot of risk for him and little perceived reward.
This experience seems systemic throughout the ICS world. In some cases, it will take the next generation of engineers and operators who grew up with, and/or understand the context of, digital security running this critical machinery, before the tide will change.

Meanwhile, it was encouraging to see so much effort amongst security practitioners at Black Hat being focused on protecting critical infrastructure. After all, this same infrastructure directly controls the ability to do what we do in the security world. If the lights go out, the water stop flowing soon too and things snowball into a situation no one wants. As so much of the infrastructure that our modern societies take for granted depends on ICS-managed systems, they are definitely worth protecting.

By Cameron Camp, security researcher at ESET

Powered by WPeMatico

Apple got hacked by a teenager, but customer data is safe

Apple got hacked by a teenager, but customer data is safe

Apple got hacked by a teenager, but customer data is safe

An Australian teenager from Melbourne pleaded guilty to hacking into Apple’s computer mainframe from his home several times throughout a year.

Apple confirmed on Friday that no customer data was compromised, despite the teen having downloaded internal files and accessing customer accounts. His downloads amounted to 90 GB of data.

According to his lawyer, the 16-year-old did this because he was such a big fan of the company, but such an offense could not be ignored and the American tech giant reported him to the FBI. He managed to avoid detection by means of computerized tunnels and online bypassing systems that hid his identity, but as reported by The Age newspaper, Australian Federal Police still obtained and executed a search warrant for his home.

During this search, two laptops were seized, as well as a mobile phone and hard drive, and authorities were able to determine that the IP address matched that of the intrusions. The sensitive documents were also saved in a folder named “hacky hack hack”.

An Apple spokesman commented on the incident, saying that the company’s information security personnel “discovered the unauthorized access, contained it, and reported the incident to law enforcement” without commenting further on the specifics of the case.

The teen appeared in The Children’s Court on Thursday where he pleaded guilty to the charges, but the guilty plea was merely acknowledged by the magistrate who postponed sentencing until next month due to the case’s complexities.

By Daniëlle Kruger
Follow Daniëlle Kruger on Twitter
Follow IT News Africa on Twitter

Powered by WPeMatico

How PrepAway training courses help you in passing IT certifications exams?

How PrepAway training courses help you in passing IT certifications exams?

How PrepAway training courses help you in passing IT certifications exams?

IT certification exams are difficult to crack. That is why most of the candidates opt for different ways to pass the certification exams, such as practice sets, braindumps, Exam Testing Engine, study guides, books, self-study, and tutorials.

These tutorials or the training courses are quite popular among the IT professionals who prepare for the IT certifications exams. PrepAway understands this and that is why it offers you the best training courses that help you in becoming certified. Scroll down and you will find the benefits of training courses offered by PrepAway. However, before that, it will be good to throw some light on PrepAway and what it is meant for.

What is PrepAway?

At a time when IT certifications have become so popular, you need to stay ahead of others and keep yourself informed about different IT certifications and how these can help you in boosting your career. Keeping this in mind, PrepAway has been introduced to you. It is a platform meant for anyone who belongs to IT background. You may be an IT student or an IT professional, who wants to grow in his or her career. PrepAway helps you with this. It brings you closer to the IT certification that suits you. It helps you in the preparation of the IT certifications exams. You just need to browse the PrepAway website and you will get to know about different vendors who are offering a variety of IT certifications. It unveils to you the following things:

Exam Dumps- It certification is not a piece of cake. You need to work hard, but in a smart way. One of the best ways of passing the exam is to look for brain dumps. These are questions that are asked in any particular certification. Prepared by experts, PrepAway offers you exam dumps that are of high-quality and can help you pass the real exam. These practice tests if you solve regularly will give you an idea of the IT certification exam questions. You also learn which topics are given more importance and how you can score more points.

Visit PrepAway Website

Exam Testing Engine – Apart from exam dumps, Vumingo also offers you Exam Testing Engine (ETE). These allow you to experience the real IT certification exam. This helps you know whether you can complete the test within the given span of time or not. It also helps you to understand what are the topics where you need to practice more and what are the topics which you are good at. These are quite popular among IT professionals planning to take IT certification exams. PrepAway know this and that is why helps you with this too.

To download click here

Blogs – There are many things that you need to consider while taking the exam for the certifications. Blogs by experts help you a lot in this thing. Perhaps that is why PrepAway offers you the best blogs that are informative and educating. These are prepared by IT professional experts who know your issues and can help you with it. The blogs offered here are meant to help you crack the exam in single attempt.

Apart from the aforementioned things, there is another thing which PrepAway offers you and that is none other than IT training courses. The PrepAway training courses are the best in a real sense. Here some of the points have been discussed that makes you understand how these tutorials can help you in becoming certified.

PrepAway Training Courses helps you in becoming certified

PrepAway is a unique platform that offers you many things that are beneficial for your career in the IT industry. However, one of the most intriguing features of PrepAway is its training courses as it helps in the following ways:

Makes the fundamental concepts clear

As an IT professional and an aspirant of IT certifications, you need to understand that you cannot pass the exam until and unless you have clarity on the core principles. You need to have your basics strong. Whether it is Microsoft certification or CompTIA, you need to ensure that you have the clarity on the skills and knowledge required to work on it. Most of the questions asked in the any IT certification exams are performance-based and you can pass it only if your fundamental concepts are clear. IT tutorials offered by PrepAway helps you in this. It ensures that apart from the working experience you also get to understand how a particular platform works.

Ensures your success in the exam

The training courses offered by PrepAway are designed by experts in the IT field. These professionals have expertise in designing the IT tutorials and they cover all the major and minor topics related to a particular IT certification. This uniqueness of PrepAway It training course ensures that you pass the exam effortlessly in the first attempt if you take all these tutorials seriously. Undoubtedly, you need to do self-study, but with the help of training courses, you learn how to study in a way that you pass the exam with flying colors.

Cost-effective in a true sense

The training courses provided by PrepAway are cost-effective. These are available at a competitive price and are not very costly. You can easily opt for these tutorials and this will be real value for money.

Allows you to clarify your doubts

You might be having doubts while studying with the study guides. These doubts can be cleared only if you get in touch with experts who have an in-depth knowledge of a particular IT certification topic. When you choose tutorials offered by PrepAway, you get to clear all your doubts on the topic. This way it becomes easier to pass the certification exam.

Conclusion

If you are an IT professional who wants to become certified and enhance your career, then you must opt why certification exam candidates choose Prepaway online courses offered to pass. It will definitely help you in the preparation of the IT certification exam. These tutorials can help you a great deal in becoming certified.

Staff Writer

Powered by WPeMatico

Over one third of all phishing attacks target customers in the financial sector

Over one third of all phishing attacks target customers in the financial sector

Over one third of all phishing attacks target financial sector customers in second quarter of 2018

In the second quarter of 2018, Kaspersky Lab’s anti-phishing technologies prevented over 107 million attempts to visit phishing pages, of which 35.7% were related to financial services and targeting customers through fake banking or payment pages. The IT sector was the second hardest hit, with 13.83 of attacks targeting tech companies, which is 12.28 percentage points more in comparison with the previous quarter, according to Kaspersky Lab’s ‘Spam and phishing in Q2 2018’ report.

The results above show that to protect their money, users should be extremely cautious about their security when they surf the internet. Attacks on customers of financial organisations, including banks, payment systems, and e- shop transactions, are an enduring trend in cybercrime and involve the theft of money as well as of personal data. By creating fake pages of banking, payment or shopping sites, intruders harvest sensitive information from unaware victims – such as their name, password, e-mail addresses, phone numbers, credit card number, and PIN code.

The second quarter of 2018 flustered users of financial services, with 21.1% of attacks featuring banks, 8.17% online shops and 6.43% payment systems – comprising more than one third of attacks overall. Brazil remained the country with the largest share of users attacked by phishers in the second quarter of 2018 (15.51%). This was followed by China (14.44%), Georgia (14.44%), Kirghizstan (13.6%), and Russia (13.27%).

The distribution of different types of financial phishing attacks detected by Kaspersky Lab in Q2 2018

The distribution of different types of financial phishing attacks detected by Kaspersky Lab in Q2 2018

The distribution of different types of financial phishing attacks detected by Kaspersky Lab in Q2 2018

Interestingly, there were almost 60,000 attempts to visit fraudulent web pages featuring popular crypto-currency wallets and exchanges, during the period from April to June. In addition to traditional phishing, which helps to access victim accounts and private key information, cybercriminals try to force their victims to independently transfer crypto-currency to them. One of the tricks is the free distribution of the crypto-currency. Another trick is for scammers to exploit the names of new ICO projects to raise funds from potential investors. Using these two tricks, according to Kaspersky Lab rather rough estimates, over the past quarter, intruders managed to earn at least $2,329,317, even without taking into account any revenues from classic phishing.

“The permanence of attacks targeting financial organisations reflects the fact that more and more people are using electronic money. Still, not all of them are sufficiently aware of the possible risks. So, intruders are actively trying to steal sensitive information through phishing,” said Nadezhda Demidova, lead web content analyst at Kaspersky Lab.

Other key findings in the report include:

Phishing:

  • The main targets of phishing attacks have remained the same since the end of last year. They are primarily global Internet portals and the financial sector, including banks, payment services and online stores.
  • In comparison with Q1, the share of attacks on financial organisations decreased by 8.22 percentage points and became 35.7%. However, IT companies added 12.28 percentage points. The share of attacks on these companies in Q2 was 13.83%.

Spam:

  • In the second quarter of 2018, the amount of spam peaked in May (51%). The average share of spam in the world’s email traffic was 50%, which is 2.16 percentage points lower than the average figure of the last quarter of 2017.
  • China became the most popular source of spam, overtaking the U.S. and Germany.
  • The country most targeted by malicious mailshots was Germany, once again. Russia came second, followed by the United Kingdom, Brazil, and Italy.

Kaspersky Lab experts advise users to take the following measures to protect themselves from phishing:

  • Always check the link address and the sender’s email before clicking anything.
  • Before clicking any link, check if the link address shown, and is the same as the actual hyperlink (the real address the link will take you to) – this can be checked by hovering your mouse over the link.
  • Only use a secure connection, especially when you visit sensitive websites. As a minimum precaution, do not use unknown or public Wi-Fi without a password protection. For maximum protection, use VPN solutions that encrypt your traffic. And remember: if you are using an insecure connection, cybercriminals can invisibly redirect you to phishing pages.
  • Check the HTTPS connection and domain name when you open a webpage. This is especially important when you are using websites which contain sensitive data – such as sites for online banking, online shops, email, social media sites etc.
  • Never share your sensitive data, such as logins and passwords, bank card data etc., with a third party. Official companies will never ask for data like this via email.
  • Use a reliable security solution with behavior-based anti-phishing technologies, such as Kaspersky Total Security, to detect and block spam and phishing attacks.

Edited by Daniëlle Kruger
Follow Daniëlle Kruger on Twitter
Follow IT News Africa on Twitter

Powered by WPeMatico