Connect with us

Tech News

IBM: Retail cyberattacks become less frequent, but more effective

Published

on

ibm_logo

If the 2014 holiday shopping season is any indication, cyberattackers have shifted their tactics, placing quality of attacks over quantity as they zero in on high-reward targets by compromising retailers’ database vulnerabilities.

In a study released Jan. 5, IBM Managed Security Services researchers revealed that the number of cyberattacks on retailers dropped by a third during late November and December as compared to the same period in 2013, and half as many breaches occurred during the busy Black Friday and Cyber Monday shopping period.

For the two-week period from Nov. 24 to Dec. 5, IBM identified 3,043 daily cyberattacks, nearly one-third less than the 4,200 attacks over the same period in 2013.

IBM’s analysis of data compiled by the Privacy Rights Clearinghouse shows a similar trend for 2014 as a whole, with retail breach incidents last year down 50% from just two years ago.

Nevertheless, malicious hackers managed to steal more than 61 million records last year. The findings demonstrate “cybercriminals’ increasing sophistication and efficiency,” IBM researchers said.

Security Readers’ Choice Awards 2014
IBM noted that the 50% drop in the number of retail breaches during the holiday season resulted from attackers scaling back on attacks around Black Friday, the traditional opening of the Christmas shopping frenzy on the day after Thanksgiving, and Cyber Monday, usually the business online shopping day of the year.

By contrast, the 2013 holiday shopping season saw massive security breaches at retailers like Target, resulting in a record number of consumer records being compromised.

Interestingly, when IBM analyzed the total number of retail records compromised in incidents involving fewer than 10 million records, it found that the number of records compromised in 2014 rose 43% over 2013, and that percentage doesn’t include what may prove to be a massive data breach at Chick-Fil-A Inc. first reported Dec. 31.

“While we have seen fewer breaches reported in the last two years,” said IBM in the report, “these breaches were more significant and wide-reaching in terms of victims affected.”

Database vulnerabilities lead to retail data breaches

While point-of-sale (POS) malware attacks continue to increase, IBM found that the “vast majority” of incidents targeted retailers’ databases via command injection or SQL injection methods. For example, the researchers found that nearly 6,000 attacks against retailers involved command injection.

“The complexity of SQL deployments and the lack of data validation performed by security administrators made retail databases a primary target,” IBM Security concluded.

POS malware remains a threat, but cyberattackers are upping the ante as they probe for more weaknesses in retailers’ networks. Along with the Shellshock vulnerability that targets retailers’ servers, the security researchers found that POS malware like Alina, BlackPOS, Citadel, Dexter and vSkimmer remain in play.

“Shellshock is not going away anytime soon, much like SQL Slammer,” IBM warned. “Patching is of paramount importance for this specific attack vector.”

How should enterprises respond as the database threat grows? IBM security specialists stressed that “shellcode characters should never be allowed to enter an organization’s network via HTTP.” They added that deployment of security appliances focusing on these attack vectors, like firewall deployments, should become standard practice.

IBM said the data it analyzed consisted of records compromised and breaches disclosed by retailers, in addition to data compiled by the Privacy Rights Clearinghouse. Other data used in the retailer security study was compiled internally by IBM’s Managed Security Services team.

John Kuhn, an IBM senior threat researcher, said in an interview that data on attacks and threats was gleaned from its customer base. The data was “boiled down” by analytical engines to detect potential attacks and threats; analysts then weeded out any false positives.

As the threat to customer databases grows, Kuhn said vulnerable retailers need to initiate thorough audits of their systems. Those audits should include penetration tools and testers.

Kuhn said he expects to trend of fewer but more sophisticated attacks to continue, the result being a steady increase in the number of stolen customer records.

However, some industry watchers counseled a wait-and-see approach.

“Black Friday [and] Cyber Monday were just five weeks ago,” noted Rick Holland, principal analyst for security and risk management with Forrester Research Inc., based in Cambridge, Mass. “Given how long it takes organizations to detect intrusions, it could be premature to say that attacks were down. Let’s revisit the numbers in 12 months.”

Others agreed that more holiday breaches may eventually surface, but the IBM findings still reveal a new level of sophistication that is yielding more stolen records.

Looking at IBM’s data, “If you assume a margin of error of 10%, that’s still a significant drop” in the number of attacks, said Christina Richmond, security services analyst with IDC in Framingham, Mass.

The point, Richmond added, is that even though IBM found that the most recent holiday shopping season may “not be as much of a free-for-all” as the year prior, retailers still need to remain vigilant against many potential attackers and attack methods.

source:http://searchsecurity.techtarget.com/news/2240237641/IBM-Retail-cyberattacks-become-less-frequent-but-more-effective?utm_medium=EM&asrc=EM_NLN_38438888&utm_campaign=20150107_Why%20retail%20cyberattacks%20are%20becoming%20more%20lethal_mbacon&utm_source=NLN&track=NL-1820&ad=898186

Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Tech News

72% OF GLOBAL 5G SMARTPHONE REVENUE COMES FROM CHINA

Published

on

By

Counterpoint Research reported that in the second quarter of 2020, 5G smartphone shipments increased, accounting for 10% of global smartphone shipments.

REVENUE AND ASP OF 5G SMARTPHONE

In the second quarter of this year, 5G smartphone revenue accounted for 20% of global smartphone revenue. Among them, China is the largest contributor to 5G smartphone sales. It is reported that 72% of global 5G smartphone revenue comes from China. Most of them comes from 5G smartphones released by Huawei. In addition, the average selling price of the Chinese smartphone market also increased by 12% year-on-year.

According to the report, the Asia-Pacific region, China, Europe, the Middle East and Africa, North America and other regions contributed 10% of the overall growth rate in the average sales price in the second quarter of 2020. However, Latin America is the only country where average sales prices have fallen 5% year-on-year. Although the new coronavirus has had an impact on the entire market, the high-end segment has not fallen sharply. Compared with the overall market decline, it only faces a year-on-year decline of 8%.

5G smartphone market

The report also shows that in the second quarter of 2020, the average selling price (ASP) of the global smartphone market increased by 10% year-on-year. With the exception of Latin America, average selling prices increased in all regions. This is because many 5G phones sold well in the second quarter. The increasing demand for education, work, games, and entertainment is also a factor in users’ preference for high-end smartphones.

Read Also:  Samsung may announce the Galaxy F41 smartphone tomorrow

Overall, due to the economic impact and the closure of offline retail stores, the market’s demand for low-priced devices has decreased. Coupled with the resilience of the high-end market and the growth of 5G smartphone sales (especially in China), this quarter’s increase in the average selling price of smartphones.

5G smartphone market

THE BOTTOM LINE

At the same time, smartphone shipments fell 23% year-on-year, reaching a record high. Although most OEM’s smartphone shipments declined in the second quarter of 2020, Apple’s shipments increased by 3% year-on-year, while iPhone revenue increased by 2% year-on-year. But we should also point out that Apple still has no 5G iPhone. The first models will come to the market only this year. Once this happens, and 5G appears on lower models, it will be quite interesting to see how the proportion changes.

Source: https://www.gizchina.com/2020/09/27/72-of-global-5g-smartphone-revenue-comes-from-china/

Continue Reading

Tech News

Former Blizzard CEO Mike Morhaime announces new game company

Published

on

By

Two years after stepping down as CEO at Blizzard, the game company he co-founded in 1991, Mike Morhaime is back with his next venture. It’s called Dreamhaven, and it’s a combination of a publisher and developer, with “a common goal to empower creators, help bring their ideas to life, and create original gaming experiences that foster meaningful connections between players.”

As part of the announcement, Dreamhaven also revealed its first two internal studios: Moonshot Games and Secret Door. Moonshot is headed by a trio of Blizzard veterans, including former Hearthstone lead Jason Chayes, StarCraft II director Dustin Browder, and Hearthstone creative director Ben Thompson. “Though it’s very early days, when we think about Moonshot, we imagine a studio that celebrates curiosity and courage,” Chayes said in a statement. “We aspire to be bold in our approach, and we think the best way to do that is to create a culture centered around trust.”

Secret Door, meanwhile, is similarly led by a team of former Blizzard developers, including Chris Sigaty (executive producer on Hearthstone), Alan Dabiri (technical director on Warcraft III and StarCraft II), and Eric Dodds (designer on World of Warcraft and Starcraft). No projects have been announced for either studio.

Morhaime stepped down as CEO of Blizzard in 2018, though he stayed on in a consultancy role until last year. In an interview with The Washington Post, he said that one of the goals of the new company was to build an environment focused on creators — something that was likely a challenge under Activision, which became Blizzard’s parent company in 2008.

“We’ve learned a ton about what goes into creating an environment that allows creators to do their best work, and we were very successful doing that for many years at Blizzard,” Morhaime told the Post. “We reached a crossroads where we reassessed what we want to do with the rest of our lives.”

Source: https://www.theverge.com/2020/9/23/21452256/former-blizzard-ceo-new-game-company-dreamhaven-morhaime

Continue Reading

Tech News

Apple Loop: Shock iPhone 12 Details, Massive iOS 14 Problems, Macbook Pro Delay

Published

on

By

Taking a look back at another week of news and headlines from Cupertino, this week’s Apple Loop includes surprising iPhone 12 benchmarks, big problems with iOS 14, two new iPads, Apple ignores MacOS, the “good/better/best” of the Apple Watch, the controversy around Apple One, and the Macs’ never changing system System Preferences.

Apple Loop is here to remind you of a few of the very many discussions that have happened around Apple over the last seven days (and you can read my weekly digest of Android news here on Forbes).

Just How Fast Is Your Next iPhone?

We might not have seen the iPhone 12 family as part of Apple’s virtual September launch event this week, but we have seen the benchmarks pop up on the AnTuTu website. That gives us a raw comparison of the numbers from last year’s iPhone to this year’s. Philip Michaels reports some pretty shocking numbers:

“Leaked benchmarks from Antutu, purportedly showing off an iPhone 12 Pro Max’s performance, may help fill in some of the blanks. MySmartPrice spotted the leaked numbers, which claim to show off a device with 6GB of RAM and 128GB of storage running iOS 14.1.

“According to the leaks, the iPhone 12 Pro Max tallied a score of 572,333 on Antutu’s test, which is a 9% gain over the iPhone 11 Pro Max’s 524,436 result on the same test. MySmartPrice says the iPhone 12 Pro Max’s reported tally would be the highest score ever posted by an iPhone, which you’d hope given that it’s a new model.

More at Tom’s Guide.

The Big Problem With iOS 14

Apple may not have announced a release date for the iPhone, but it did announce the release date of iOS 14. And that has caused problems. Normally Apple will provide a week’s worth of ‘heads up’ time to Developers so they can ensure their apps are ready for the jump up to the next major version of iOS. Not this year… developers had less than a days notice, and they are not happy. Matt Binder reports:

““Gone are the hopes of being on the store by the time users install the new iOS 14 and are looking for new apps. Gone is the chance to get some last-minute fixes into your existing apps to make sure they don’t stop working outright by the time users get to upgrade their OS,” explained Steve [Troughton-Smith from High Caffeine Content.”

““There are some developers who have spent all summer working on something new, using the latest technologies, hoping to be there on day one and participate in the excitement (and press coverage) of the new iOS,” he continued. “For many of them, they’ll be incredibly upset to have it end like this instead of a triumphant launch, and it can dramatically decrease the amount of coverage or sales they receive.””

More at Mashable.

Take Two Tablets And Call Your iPhone In The Morning

Taking the flagship spot away from the ‘missing presumed having a good time’ iPhone 12 was Apple’s new iPad Air. Beating the smartphone as the first device with Apple’s new A14 ARM-based processor. Samuel Axon and Jim Salter report for Ars Technica:

“The iPad Air gets the new A14 Bionic CPU, built on 5nm process technology. It’s a six-core CPU with two high-performance cores and four lower-power, more efficient cores for simpler background tasks. The A14 Bionic offers a 30 percent GPU performance boost compared to previous generations, and Apple says it puts up double the graphics performance of typical laptops.”

As well as the increased power, 2020’s iPad Air has a new design; USB-C has been added, the bezels have been trimmed away, the home button has been removed, and TouchID has been integrated into the power button. It;s not the only new iPad, as the entry-level iPad moves up rom the A10 to the A12 Bionic processor. Benjamin Mayo reports:

“The jump from A10 to A12 means Apple’s cheapest iPad will feature the Neural Engine for the first time. Apple says the A12 chip offers more than twice the performance of the top selling Windows laptop, 6x faster than the top-selling Android tablet and 6x faster than the best-selling Chromebook.

“The 8th-generation iPad keeps the same price as the 7th-gen: that’s $329 for general sale and $299 for education.”

More at 9to5Mac.

Will Mac Owners Be Satisfied With Safari After macOS Delay?

If you were waiting for MmcOS Big Sur to drop for your Mac or MacBook, then you are out of luck. Apple’s event saw updates to iOS, iPadOS, tvOS, and watchOS… but macOS has been delayed. The ‘Big Sur’ release is still in the future, but a small crumb (perhaps from a cookie) has been handed to Mac fans in the form of Safari 14, presumably to offer cross-OS support with other devices. Juli Clover reports:

“Safari 14 brings improved performance, customizable start pages, a Privacy Report to see which cross-site trackers are being blocked, and a new tab bar design that provides tab previews so you can see what you have open at a glance. Today’s update also removes Adobe Flash.”

More at MacRumors.

The Apple Watch Strikes Three 

Two new Apple Watch models were launched, and as the Apple Watch Series 3 remains, there is now a low-, a mid-, and a high-level smartwatch in the classic triplet that Apple was once famous for. Todd Haselton looks over the Series 6 Apple Watch for CNBC, including the headline ‘wellness’ features:

“The Series 6 also has Apple’s most advanced sensors. You can run the ECG app for an electrocardiogram, for example, a feature that’s not on the Apple Watch SE or Series 3. It’s also the only model with the new blood-oxygen app. I tried that and it told me my blood oxygen was 96%, which seems good.

“…Apple is careful to explain that this isn’t a medical device. You can use it if you’re curious about your blood oxygen when you’re hiking at high altitudes, but Apple isn’t making any promises about detecting low oxygen should you fall ill with coronavirus.”

Meanwhile, Apple has brought the ‘SE’ brand to the Apple Watch, again with the promise of a cheaper ‘mid-range’ slice of hardware that still delivers the core Apple experience. Chris Velazco has spent some time with the wearable to try and work out where it fits into the portfolio:

“For one, the SE uses the same S5 system-in-package (or SIP) that we got in last year’s Series 5, which in turn contains the same dual-core processor as the Series 4. Meanwhile, Apple has confirmed that the SE has the same compass and always-on altimeter as the Series 6, along with a very similar screen.

“From what I can tell, it’s the same bigger display we got in the Series 5, just without the always-on functionality enabled. And while the Series 4 was the first Apple Watch to come with heart-sensing ECG support, you simply don’t get that here. Ditto for the Series 6’s new blood oxygen measurement features.”

More at Engadget.

Bouquets and Brickbats For Apple One 

Also announced alongside Apple’s hardware, and perhaps an indication of where Apple wishes to focus on the future, were new options for the various subscription services offered by Cupertino. Apple One takes the popular options and bundles them together while offering a discount. Brian Heater reports:

“It’s not quite mix and match yet, but there are three pricing tiers. Individual offers Apple Music, TV+, Arcade and iCloud for $15 a month. The Family version will get you those four services for $20 a month. For the hardcore, there’s the $30 a month Premier tier, which bundles iCloud, Music, TV+, Arcade, News+ and [the new service] Fitness+.“

“For those who have been putting off a given Apple subscription, such a bundle could certainly sweeten the pot — and make it even harder for users to escape the pull of the Apple software ecosystem.”

More at TechCrunch. Given Apple’s market position, using one service to pptentiallybolster another through a bundle has drawn the eye of the competition. Spotify – which has already filed an anti-trust complaint with the European Commission against Apple – drew attention to the issue shortly ager the end of the event.

“Once again, Apple is using its dominant position and unfair practices to disadvantage competitors and deprive consumers by favoring its own services. We call on competition authorities to act urgently to restrict Apple’s anti-competitive behavior, which if left unchecked, will cause irreparable harm to the developer community and threaten our collective freedoms to listen, learn, create, and connect.”

More on the Spotify statement at Apple Insider.

And Finally…

The look of the MacOS user interface has evolved since OSX was announced in 2000. One area has stayed relatively contestant, but the small changes highlight the thinking behind the OS over the years.

“The interface started glassy and skeuomorphic, mimicking the materials used on Macs. Over the decades, it went through significant revisions. One thing that seems to have remained relatively unchanged over the years is the System Preferences screen.

“But, at a closer glance, we’ll see that this mundane part of the operating system has changed quite a bit and hides some fun easter eggs and surprises.”

Arun Venkatesan has taken a closer look on his blog.

Apple Loop brings you seven days worth of highlights every weekend here on Forbes. Don’t forget to follow me so you don’t miss any coverage in the future. Last week’s Apple Loop can be read here, or this week’s edition of Loop’s sister column, Android Circuit, is also available on Forbes.

Source: https://www.forbes.com/sites/ewanspence/2020/09/18/apple-news-headlines-iphone-12-benchmark-specs-launch-dates-ipad-air-apple-watch-se-ios-14-macos-macbook-pro/#2f5105752c07

Continue Reading
Advertisement

Trending

Copyright © 2020 Inventrium Magazine

%d bloggers like this: