Dozens of defense companies, government agencies, and financial organizations in America and abroad appear to have been compromised by China via vulnerabilities in their Pulse Connect Secure VPN appliances – including a zero-day flaw that won't be patched until next month.
On Tuesday, IT software supplier Ivanti, the parent of Pulse Secure, issued a wake-up call to its customers by revealing it looks as though select clients were compromised via their encrypted gateways.
"There is a new issue, discovered this month, that impacted a very limited number of customers," said Phil Richards, chief security officer at Pulse Secure, in a memo to the world. "The team worked quickly to provide mitigations directly to the limited number of impacted customers that remediates the risk to their system."
Node.js 16 has been released with prebuilt Apple Silicon binaries and version 9.0 of the V8 JavaScript engine.
Node.js releases appear every six months or so. A new version becomes the current release, and odd numbered releases are supported for only six months, but even numbered releases become long-term support (LTS) releases. The last three LTS releases were therefore 10, 12 and 14 (or Dubnium, Erbium and Fermium), while version 16, once it has had six months to mature, will be known as Gallium.
This release is based on version 9.0 of the V8 JavaScript engine, and therefore supports new language features added since version 8.6, used in Node.js 15. There is nothing dramatic in this respect, but developers can look forward to the Timers Promises API, RegExp Match indices and other goodies. Version 9.0 was released in mid-March and the details of what is new are documented here.
Facebook wants you to believe that the scraping of 533 million people’s personal data from its platform, and the dumping of that data online by nefarious people, is something to be “normalised.”
A blundering Facebook public relations operative managed to send a journalist a copy an internal document detailing the antisocial network's strategy for containing the leaking of 533 million accounts – and what the memo contained was infuriating though unsurprising.
Belgian tech journalist Pieterjan van Leemputten asked the Mark Zuckerberg-owned company some questions about the theft and dumping online of account data earlier this month.
Straight from Microsoft's Department of Stating the Bleeding Obvious come tweaks to its online productivity software based on research that found back-to-back meeting cause stress.
As such, Microsoft has introduced settings in Office 365 that promote breaks by making these corporate congregations start late or finish early.
Administrators can set three values in Microsoft Exchange Online which determine what happens when meetings are scheduled. The first, ShortenEventScopeDefault, sets whether meetings are ended early or started late, or the feature can be turned off.
Sponsored It’s understandable that people get excited about the cloud. As well as the prospect of virtually unlimited compute and storage, it promises relief from the frustrations of maintaining legacy software and infrastructure.
But frustration, excitement and relief are all emotions. And emotions may cloud your judgement about the true benefits – and costs – of moving to the cloud. Or about the fact that in many cases it might make far more sense to keep your workloads partly, if not entirely, on-premises.
Although some organizations are truly completely cloud native – in that they were born in the cloud era and have always existed in the cloud – most organizations will have legacy infrastructure and software that cannot easily be discarded.
An Apple iPhone XR caught fire aboard a British Airways Boeing 787 mid-flight after a clumsy passenger dropped it down the side of her seat.
The Club World passenger, flying from Miami to Heathrow, had raised her seat from its lie-flat bed position back to the conventional one while a stewardess rearranged her bedding.
Yet on removing the blankets the stewardess "smelt a strong odour" of sulphur. This wasn't caused by the in-flight curry, either: a charger cable led "down the side of the seat." Even as she called the purser over, the stewardess heard a "hissing" sound and saw an "orange glow" as a plume of thick smoke began issuing from the seat.
Ten thousand Britons have been targeted on LinkedIn by recruiters for the Chinese and Russian intelligence services, according to an awareness campaign launched by domestic spy agency MI5 this morning.
Details were previewed in this morning's Times newspaper, which warned specifically of people with "access to classified or sensitive information" being targeted by Britain's enemies.
The Centre for the Protection of National Infrastructure (CPNI), an MI5 offshoot, told the newspaper its figure of 10,000 compromise attempts over five years was a conservative one, with MI5 chief Ken McCallum saying in a prepared statement: "Malicious profiles on professional networking sites are being utilised on an industrial scale."
UK Government has submitted major reforms to the legislation surrounding how mobile masts are deployed in the countryside, with the aim of improving overall coverage and expediting the transition to 5G.
The proposed planning rules, which are subject to a consultation, emphasised upgrading existing masts over deploying new ones. Operators would be allowed to increase the width of already established masts by either 50 per cent or two metres (whichever is higher) without the need to obtain prior planning permission.
In unprotected areas (which excludes national parks, conservation areas, world heritage sites, and areas of outstanding natural beauty), masts would be able to reach heights of up to 25 metres. The previous limit was just 20 metres.
Microsoft engineers scrambled to improve the health of Azure on Tuesday after the cloud service started looking a bit green around the gills.
"We observed a subset of Azure Portal instances in the UK West became unhealthy, causing intermittent issues accessing the Azure Portal," Microsoft told users seeking to understand the 503 message they had just received.
The problem, which first manifested around noon UK time, was fixed shortly after 2pm. Little comfort that was to the valiant support people who suffered the lunchtime disruption.
Microsoft has announced 64-bit Visual Studio, but in its rush towards modern development some developers using older Windows or Azure technology are feeling left behind.
The forthcoming release of 64-bit Visual Studio 2022 (VS 2022) is huge news for devs who have been requesting this for over a decade. But the company still has some tricky issues to navigate with its developer community, especially those using older Microsoft technology, as well as areas where the full Visual Studio finds it hard to keep up with its nimbler cross-platform cousin, VS Code.
The context here is that today's Microsoft cares most about winning developers for its Azure platform. The combination of VS Code and GitHub is strategic because, although these tools work fine with competing platforms like AWS or Google Cloud, Microsoft can ensure that Azure is well integrated.
As a metaphor for its current financial plight, IBM's cloud platform was wobbling this moring for customers in cities across the world.
Big Blue, which last night released shrinking calendar Q1 numbers, confirmed to customers that its Infrastructure Management Systems were experiencing issues in the London, Dallas, Sydney and Frankfurt regions today from 8.20 UTC.
"Customers are not able to manage tags and they may observe inaccurate search results for classic infrastructure resources," said IBM in an email to customers, seen by us. The incident is being investigated and was designated a severity rating of 2.
Biting the hand that feeds IT © 1998–2021