But for that reason, Bloomberg View columnist Leonid Bershidsky suggests any anti-virus software will be targetted by nation-state actors, and argues that for most users, "non-state criminal threats are worse. That's why Interpol this week signed a new information-sharing agreement with Kaspersky despite all the revelations in the U.S. media: The international police cooperation organization deals mainly with non-state actors, including profit-seeking hackers, rather than with the warring intelligence services."
And long-time Slashdot reader freddieb is a loyal Kaspersky user who is wondering what to do, calling the software "very effective and non-intrusive." And in addition, "Numerous recent hacks have gotten my data (Equifax, and others) so I expect I have nothing else to fear except ransomware."
Share your own informed opinions in the comments. Should users uninstall Kaspersky's antivirus software?
Among the potential scenarios: Hackers could cripple a widely used payroll system; they could inject false information into stock-data feeds, sending trading algorithms out of whack; or they could flood the stock market with fake sell orders and trigger a market crash... "We started thinking a couple years ago what it would be like if a malicious actor wanted to cause havoc on our financial markets," said Wade Shen, who researched artificial intelligence at the Massachusetts Institute of Technology before joining Darpa as a program manager in 2014.
"[W]e estimate that less than one percent of the visits to our website over the course of the relevant week were affected," read a customer notice sent only to those affected, offering them a free year of credit monitoring. But that hasn't stopped sarcastic tweets like this from the breach's angry victims.
"Hey @pizzahut, thanks for telling me you got hacked 2 weeks after you lost my cc number. And a week after someone started using it."
The researcher said he reached out to Subaru about his findings. "I did [reach out]. I told them about the vulnerability and shared my code with them," Wimmenhove told BleepingComputer. "They referred me to their 'partnership' page and asked me to fill in a questionnaire. It didn't seem like they really cared and I haven't heard back from them."
His Subaru-cracking feat -- documented in a video -- was accomplished using a $25 Raspberry Pi B+ and two dongles, one for wifi ($2) and one for a TV ($8), plus a $1 antenna and a $1 MCX-to-SMA convertor.
I am giving up on fixing this company but finding it hard to exemplify my work when it is hidden behind some of the worst front-end code I have ever seen. Most job applications ask for links to live code, not for code samples (which I would more easily be able to supply). Some of the websites look okay on the surface, but are one right click -> inspect element away from giving away the mess; most of the projects require a username and password to login as well but account registration is not open. So how do I reference my recent work when all of my recent work is embarrassing on the front-end?
The original submission's title asked what to use for work samples "when the CTO has butchered all my work." Any suggestions? Leave your best thoughts in the comments. How can you apply for a job when your code samples suck?
Equifax on Thursday was quick to say that its systems were never compromised in the attacks. TransUnion said much the same thing. This is an important distinction in some respects because it means that the redirections weren't the result of attackers having access to restricted parts of either company's networks. At the same time, the incidents show that visitors to both sites remain much more vulnerable to malicious content than they should be.
Both sites hosted fireclick.js, an old script from a small web analytics company which pulls pages from sites like Akamai, SiteStats.info, and Ostats.net. "It appears that attackers have compromised the third-party library," writes BankInfoSecurity, adding that Malwarebytes estimates over a 1,000 more sites are using the same library.
While the authors of the software are earning six-figure incomes, ransom payments totalled $1 billion in 2016, according to FBI estimates -- up from just $24 million in 2015. Carbon Black, which was founded by former U.S. government "offensive security hackers," argues that ransomware's growth has been aided by "the emergence of Bitcoin for ransom payment, and the anonymity network, Tor, to mask illicit activities.. Bitcoin allows money to be transferred in a way that makes it nearly impossible for law enforcement to 'follow the money.'"
One less obvious advantage to open source adoption is in career satisfaction and advancement. It gives developers opportunities to work on more interesting applications, said Wynd. Developers can now take on projects or switch jobs more easily across Federal Reserve banks because the New York Fed uses a lot of common open source components and a standard tool set, meaning retraining is minimal if needed at all."
Providing training in-house also creates a more consistent use of best practices. "Our biggest headache is to prove to groups that an application is secure, because we have to defend against nation state attacks."
Microsoft touts a Harvard physician who believes nature "stimulates reward neurons in your brain. It turns off the stress response, which means you have lower cortisol levels, lower heart rate and blood pressure, and improved immune response." There's a short video on the "Working at Microsoft" channel on YouTube, but I'm curious what Slashdot readers think about working outdoors. Or, in a tree...