digest – Page 71 – Tech Today w/ Ken May

Cisco machine gets listed by blackhat org that rents out hacked PCs

Enlarge KrebsonSecurity.com A computer running inside the corporate network of Cisco Systems is one of about 17,000 machines that is being rented out to online miscreants looking to get a foothold inside Fortune 500 companies, according to a published report. The Windows Server 2003 system uses Microsoft’s Remote Desktop Protocol so it can be remotely accessed by anyone with the login credentials. It’s listed on Dedicatexpress.com, a service that allows anyone in the world to access hacked computers at specific organizations, KrebsonSecurity reported . Remarkably, the username for the box is “Cisco” and the corresponding password is—you guessed it—”Cisco.” “Businesses often turn on RDP for server and desktop systems that they wish to use remotely, but if they do so using a username and password that is easily guessed, those systems will soon wind up for sale on services like this one,” reporter Brian Krebs wrote. Read 3 remaining paragraphs | Comments

Dept. of Veterans Affairs spent millions on PC software it couldn’t use

Rolling out new software to a few thousand users is an involved process for any organization. But installing software that affects hundreds of thousands of PCs as part of a response to a data breach while under embarrassing scrutiny is a task that would challenge even the most well-managed IT departments. And, apparently, the Office of Information Technology (OIT) at the Department of Veterans Affairs’ answer to that challenge was to sweep it under the rug. After removable hard disks containing unencrypted personal identifying information of 26 million military veterans were stolen from the home of a VA employee in 2006, then-Secretary of Veterans Affairs R. James Nicholson mandated that the VA’s Office of Information Technology install encryption software on all of the department’s notebook and desktop computers. But while the VA purchased 400,000 licensees for Symantec’s Guardian Edge encryption software, more than 84 percent of those licenses—worth about $5.1 million, including the maintenance contracts for them—remain uninstalled, a VA Inspector General’s audit has found. The VA’s OIT purchased 300,000 licenses and maintenance agreements for Guardian Edge in 2006 and continued to pay for maintenance on those licenses for the next five years. And in 2011, the VA purchased 100,000 more software licenses from Symantec and extended maintenance on all 400,000 licenses for two years. Read 2 remaining paragraphs | Comments

Excerpt from:
Dept. of Veterans Affairs spent millions on PC software it couldn’t use

Analyst calls AMD “un-investable,” downgrades rating

Another day, and AMD inches even closer to irrelevance . Just one day after the company posted pretty terrible quarterly earnings (“Net loss $157 million, loss per share $0.21, operating loss $131 million”), followed by a 16 percent drop in the company’s stock price and job cuts of 1,800 (15 percent of its global workforce), two financial analysts have now downgraded the company. It certainly doesn’t help things that the company’s CFO resigned abruptly last month, either. In a financial analysis report released Friday, Bernstein Research‘s Stacy Rasgon wrote: Read 2 remaining paragraphs | Comments

More:
Analyst calls AMD “un-investable,” downgrades rating