Ok, that's a little unfair - let's say the photo recon boys managed to get a bit lower...
For the record, D is more of a "what happened here?" than a "what is this?", and we can now reveal that...
Tata Consultancy Services won just seven new customers in its fiscal 2021, and went backwards on revenue and profit.
The company’s Q4 and full FY 2021 results, released Monday, revealed annual revenue of $22.174bn, a 0.7 per cent jump from FY 2020’s $22.031bn but a 0.8 per cent dip after exchange rates were taken into consideration.
Net income for FY 2021 was $4.513bn, down from the previous year’s $4.541bn.
Hong Kong-based CK Hutchison, operator of the '3' mobile brand, has told investors that COVID-19 cut its revenues by eight per cent and profits by 21 per cent, but it also found bright spots of business around the world.
Europe delivered muted financial performance as revenue dipped by 3 per cent year-on-year and margins were flat. Hutchison attributed those numbers to lower roaming revenues - thanks to COVID travel restrictions - while regulations reduced intra-EU mobile charges. Those blows were offset by higher margin contracts. However, the company lost customers: 5 per cent were lost to competitors.
Remaining customers' demand for data surged however. The company's Annual Report [PDF] stated:
The FBI deleted web shells installed by criminals on hundreds of Microsoft Exchange servers across the United States, it was revealed on Tuesday.
The Feds were given approval by the courts to carry out the deletions, which occurred without first warning the servers' owners, following the discovery and exploitation of critical vulnerabilities in the enterprise software.
Shortly after Microsoft raised the alarm early last month over the security holes in Exchange and provided fixes for the vulnerabilities, miscreants swarmed to exploit the programming blunders and hijack unpatched installations. (Certain groups were even breaking in Exchange servers via the holes before their existence was public knowledge.)
More than 100,000 web pages hosted by Google Sites are being used to trick netizens into opening business documents booby-trapped with a remote-access trojan (RAT) that takes over victims' PCs and hands control to miscreants.
Infosec outfit eSentire on Tuesday said it has noted a wave of so-called search redirection shenanigans, in which people Googling for business forms and the like are shown links to web pages published via Google Sites – a Google-hosted web service – that offer a download of whatever materials they were looking for. After clicking on a button to fetch the desired file, the mark is taken to a different site entirely.
Those sites download a Windows executable, masquerading as a PDF or Microsoft Word file, that when opened installs the RAT, meaning a victim has to be duped into running the malicious software after fetching it. The Google Sites pages include common business terms like "template," "invoice," "receipt," "questionnaire," and "resume," in order to convince Google's search algorithm that the pages are relevant for those searches.
Job alert The Register has a couple of vacancies open on our editorial team that we would like to fill immediately. Without further ado, here are the details:
The FCC is finally taking concrete action on the scourge of robocalls after years of dithering on the issue.
In an announcement on Tuesday, America's telecoms watchdog said it had written to cellular network operators asking them to detail the free robocall blocking tools they provide to consumers. It also released two cease-and-desist letters against two robocalling hosts and said it would track the agency’s actions in implementing a new anti-robocall law.
Just as with an announcement yesterday pushing an internet speed measuring app, the measures taken are soft, rather than strong enforcement, but indicate a clear shift in priorities under the FCC's new chairwoman Jessica Rosenworcel.
US Senator Josh Hawley (R-MO) has proposed his latest anti-Big Tech legislation: a complete ban on mergers and acquisitions for companies valued at over $100bn if it may harm competition in any way possible.
The “Trust-Busting for the Twenty-First Century Act” [PDF] will “take back control from big business and return it to the American people,” the senator announced, and it will “crack down on mergers and acquisitions by mega-corporations and strengthen antitrust enforcement to pursue the breakup of dominant, anti-competitive firms.”
The law is intended to put constraints on Apple, Google, Facebook, and Amazon – in keeping with Hawley's political brand of attacking tech companies – and he provides examples of actions that would be prevented, such as Google purchasing Waze and incorporating into its Maps app.
Password specialist 1Password has acquired SecretHub, a secrets management platform aimed at IT engineers, and made a new service called Secrets Automation, previously in beta, generally available.
The proliferation of passwords and SSH keys in modern IT has brought with it a tricky management problem, not only for people but also for machine-to-machine communications. Developers may struggle to keep secrets such as database logins secure, when their code will not function without them.
In 2019 researchers at North Carolina State University scanned code publicly committed to GitHub and found that “not only is secret leakage pervasive — affecting over 100,000 repositories — but that thousands of new, unique secrets are leaked every day.” In June 2020, security researcher Craig Hays deliberately leaked server credentials in a GitHub repository and observed an unauthorised login just 34 minutes later.
Patch Tuesday April showers bring hours of patches as Microsoft delivers its Patch Tuesday fun-fest consisting of over a hundred CVEs, including four Exchange Server vulnerabilities reported to the company by the US National Security Agency (NSA).
Forty-four different products and services are affected, mainly having to do with Azure, Exchange Server, Office, Visual Studio Code, and Windows. Among the vulnerabilities, four have been publicly disclosed and a fifth is being actively exploited. Nineteen of the CVEs have been designated critical.
"This month’s release includes a number of critical vulnerabilities that we recommend you prioritize, including updates to protect against new vulnerabilities in on-premise Exchange Servers," Microsoft said in its blog post.
The move to 5G has allowed vendors and carriers to fundamentally rethink how their networks are structured. Once the norm, tightly integrated vendor-specific hardware is gradually being supplanted by virtualized alternatives that run happily on standards-agnostic kit. Jumping on the bandwagon is Japanese provider NEC, which today said it would use RedHat's OpenShift Kubernetes platform for its upcoming 5G hardware.
The company said it plans to use OpenShift across its 5G Core and RAN products, intended for both public and private use, as well its Edge and AI platforms.
On the edge, NEC sells a compact data processing device called the UPF mini. The hardware has already been selected for NTT DoCoMo's 5G SA (StandAlone) network, with the device positioned on existing base stations. The company also sells a software-based AI analysis platform for private and local networks, which NEC claimed can help mitigate performance slowdowns caused by congestion.
Sponsored Without a doubt, Kubernetes is the most important thing that has happened in enterprise computing in the past two decades, rivalling the transformation that swept over the datacenter with server virtualization, first in the early 2000s on RISC/Unix platforms and then during the Great Recession when commercial-grade server virtualization became available on X86 platforms at precisely the moment it was most needed.
All things being equal, the industry would have probably preferred to go straight to containers, which are lighter weight than server virtualization and which are designed explicitly for service-oriented architectures – now called microservices – but it is the same idea of chopping code into smaller chunks so it can be maintained, extended, or replaced piecemeal.
This is precisely why Google spent so much time in the middle 2000s creating what are now seen as relatively rudimentary Linux containers and the Borg cluster and container controllers. Seven years ago, as it was unclear what the future platform might look like; OpenStack, which came out of NASA and Rackspace Hosting, was a contender, and so was Mesos, which came out of Twitter, but Kubernetes, inspired by Borg and adopting a universal container format derived from Docker, has won.
Biting the hand that feeds IT © 1998–2021