Proprietary Software Leftovers
-
Pentagon Cancels a Disputed $10 Billion Technology Contract
The Defense Department said in a news release on Tuesday that the contract for the Joint Enterprise Defense Infrastructure, known as JEDI, “no longer meets its needs,” but it said it would solicit bids from Amazon and Microsoft on future cloud-computing contracts.
The Pentagon statement made for a quiet end to years of legal wrangling and dueling technology claims over what many considered to be the marquee contract for providing cloud-computing services to the federal government.
A senior administration official said that soon after the Biden administration took office, it began a review that quickly concluded that the costly arguments over JEDI had been so lengthy that the system would be outdated as soon as it was deployed.
-
Pentagon cancels $10bn 'Jedi' contract
The Department of Defense (DoD) said in a statement on Tuesday: "With the shifting technology environment, it has become clear that the Jedi Cloud contract, which has long been delayed, no longer meets the requirements to fill the DoD's capability gaps."
It added that it would seek new proposals "from a limited number of sources", including both Amazon and Microsoft.
-
Pentagon Moves to Split Cloud Deal Between Microsoft, Amazon
The Pentagon scrapped a $10 billion cloud-computing contract awarded in 2019 to Microsoft Corp. after several years of wrangling between the government and some of the biggest U.S. tech companies over the deal, indicating it plans to divide the work between Microsoft and rival Amazon.com Inc. instead.
-
Pentagon cancels Microsoft JEDI contract, will ask for new cloud computing bids
The release also announced a multi-vendor contract called the Joint Warfighter Cloud Capability contract to provide many of the services offered by JEDI. CNBC says the Defense Department considers Amazon and Microsoft the only companies capable of providing the necessary infrastructure, although it says it will perform market research to see if other competitors could fit the bill.
-
Pentagon cancels $10 billion JEDI cloud contract that Amazon and Microsoft were fighting over
The fight over a cloud computing project does not appear to be completely over yet. The Pentagon said in the press release that it still needs enterprise-scale cloud capability and announced a new multivendor contract known as the Joint Warfighter Cloud Capability.
The agency said it plans to solicit proposals from both Amazon and Microsoft for the contract, adding that they are the only cloud service providers that can meet its needs. But, it added, it will continue to do market research to see if others could also meet its specifications.
-
Full Impact Of Ransomware Attack Hard To Estimate, CEO Of Software Company Targeted Says [iophk: Windows TCO]
-
U.S. Senator Recommends Mandatory Breach Reporting for Companies [iophk: Windows TCO]
King said he strongly advocates that such new rules should be a joint effort with the Geneva Convention for Cyber War. It’s the type of international cooperation that others have recommended between countries.
-
https://www.dw.com/en/ransomware-attack-can-companies-protect-themselves/a-58165558 [iophk: Windows TCO]
The hackers targeted US firm Kaseya, which provides remote software services to about 37,000 clients. Kaseya CEO Fred Voccola said the company believed that fewer than 40 of its customers had been affected. However, at least 20 of those were managed-service providers (MSPs). Companies hire MSPs to remotely manage their IT infrastructure. Attacks against MSPs are tricky because affected MSPs end up inadvertently passing the ransomware onto their clients, who can pass it onto their clients, in what is known as a "supply chain attack."
"It's particularly insidious for all the customers because it spreads through a supposedly trusted channel," Miriam Föller-Nord, dean of the Department of Computer Sciences at Mannheim University of Applied Sciences, told DW.
-
Regarding the Kaseya Attack, Some Answers
Firstly, how did Revel learn about the VSA exploit? This zero day vulnerability was in the process of being patched. The coordinated vulnerability disclosure process was being shepherded by Wietse Boonstra, the research at the Dutch Institute for Vulnerability Disclosure who discovered it. So how did it come to be used by a ransomware gang?
There are a lot of interesting possibilities, but given how little we know it’s all pure speculation. Here are some of mine: it could be anything from a duplicate discovery, or a compromised researcher, or using already existing access to Kaseya to read the vulnerability reports.
-
Russian ransomware attack under way, Centre for Cybersecurity warns
The current attack targets an ICT management tool known as Kaseya VSA, the CCB said. The software has certain vulnerabilities which allow it to be taken over, crippling not one machine but a whole network.
-
Microsoft Edge Translator contained uXSS flaw exploitable ‘on any web page’
A universal cross-site scripting (uXSS) vulnerability in Microsoft Edge’s translation function left users open to attack, regardless of which website they visited, security researchers have claimed.
-
[Old] [Cr]ackers Tricked Microsoft Into Certifying Malware That Could Spy on Users
On June 17, a security researcher found that Microsoft had signed a rootkit, a dangerous type of malware that has the ability to be persistent and capture practically all data on an infected computer. Whoever is behind this attack was able to make their malware look like a legitimate driver approved by Microsoft, giving them the ability to bypass most computers' protections.
-
Fallout continues from biggest global ransomware attack
Thousands of organizations – largely firms that remotely manage the IT infrastructure of others – were infected in at least 17 countries in Friday’s assault. Kaseya, whose product was exploited, said Monday that they include several just returning to work.
Because the attack by the notorious REvil gang came just as a long Fourth of July weekend began, more victims were expected to learn their fate when they return to the office Tuesday.
-
Kaspersky Password Manager's random password generator was about as random as your wall clock
Last year, Kaspersky Password Manager (KPM) users got an alert telling them to update their weaker passwords. Now we've found out why that happened.
In March 2019, security biz Kaspersky Lab shipped an update to KPM, promising that the application could identify weak passwords and generate strong replacements. Three months later, a team from security consultancy Donjon found that KPM didn't manage either task particularly well – the software used a pseudo-random number generator (PRNG) that was insufficiently random to create strong passwords.
From that time until the last few months of 2020, KPM was suggesting passwords that could be easily cracked, without flagging the weak passwords for users.
-
Ransomware-hit law firm gets court order asking crooks not to publish the data they stole
A barristers' chambers hit by a ransomware attack has responded by getting a court order demanding the criminals do not share stolen data.
4 New Square chambers, which counts IT dispute experts among its ranks, obtained a privacy injunction from the High Court at the end of June against "person or persons unknown" who were "blackmailing" the firm.
Those persons were said to be "responsible for engaging in a cyber-attack on [the barristers] on or about 12 June 2021 and/or who is threatening to release the information thereby obtained."
-
- Login or register to post comments
- Printer-friendly version
- 510 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
Linux for Starters: Your Guide to Linux – Open Source Replacements for Proprietary Windows Desktop Software – Part 8
This is a series that offers a gentle introduction to Linux for newcomers. In the previous article in this series we showed how easy it is to install software in Linux. You’ve decided to try Linux but need to make sure your software requirements are met. Let’s consider popular Windows proprietary software. In this article we recommend great open source replacements that run under Linux.
today's leftovers
Hardware Modding and Freedom
Biden Sets Up Tech Showdown With ‘Right-to-Repair’ Rules for FTC
Programming Leftovers
Recent comments
2 hours 16 min ago
2 hours 36 min ago
6 hours 29 min ago
6 hours 44 min ago
6 hours 50 min ago
7 hours 1 min ago
12 hours 26 min ago
12 hours 54 min ago
15 hours 1 min ago
15 hours 37 min ago