Security

• Sysadmins: Why not simply verify there's no backdoor in every program you install, and thus avoid any cyber-drama?

  Just 'validate third-party code before using it', says Euro body
  Gareth Corfield Sat 31 Jul 2021 // 07:14 UTC 5

  Half of publicly reported supply chain attacks were carried out by "well known APT groups", according to an analysis by EU infosec agency ENISA, which warned such digital assaults need to drive "new protective methods."

  Of the 24 supply-chain attacks studied by ENISA since January 2020, a dozen were attributed to APTs while 10 of them hadn't been attributed to anyone at all in open-source reporting, the agency said.

  Juhan Lepassaar, ENISA's exec director, said in a canned statement: “Due to the cascading effect of supply chain attacks, threat actors can cause widespread damage affecting businesses and their customers all at once. With good practices and coordinated actions at EU level, Member States will be able to reach a similar level of capabilities raising the common level of cybersecurity in the EU.”

  Continue reading

• Euro watchdog will try to extract $900m from Amazon for breaking data privacy laws

  You miss every shot you don't take, we guess
  Thomas Claburn in San Francisco Fri 30 Jul 2021 // 22:33 UTC 7

  Amazon says a European Union privacy watchdog has mustered the temerity to demand a $885m fine for failing to comply with data privacy rules.

  "On July 16, 2021, the Luxembourg National Commission for Data Protection (CNPD) issued a decision against Amazon Europe Core S.à r.l. claiming that Amazon’s processing of personal data did not comply with the EU General Data Protection Regulation," the web goliath said in a financial filing accompanying its Q2 2021 earnings report [PDF] on Thursday.

  "The decision imposes a fine of €746m [$885m] and corresponding practice revisions."

  Continue reading

• Russia says software malfunction caused Nauka module to unexpectedly fire thrusters, tilt space station

  You call this a glitch?
  Chris Williams, Editor in Chief Fri 30 Jul 2021 // 20:09 UTC 15

  Russia said a "software failure" caused its Nauka module to suddenly and unexpectedly fire its thrusters after docking with the International Space Station this week.

  The engine burn caused the orbiting lab to tilt 45 degrees at a rate of about half a degree a second. The station automatically fired thrusters on its Russian Zvezda module and an attached Progress cargo craft to compensate, creating a brief tug of war between the module and the station.

  After about an hour, officials were able to regain attitude control. Commands were sent to Nauka to not only shut off the thrusters but ensure they cannot inadvertently fire again. NASA insisted the seven astronauts onboard the ISS were not harmed nor in any real peril during the undesirable thruster burn, which started at 1634 UTC on Thursday.

  Continue reading

• HP Inc slurps Teradici to get better at delivering remote PCs

  Apparently quite a few people haven't been in the office as much lately
  Simon Sharwood, APAC Editor Fri 30 Jul 2021 // 18:04 UTC 2

  HP Inc has acquired remote PC specialist Teradici.

  Teradici's best trick is PC-over-IP (PCoIP), software that makes PCs remotely accessible by streaming whatever would be on their screens. The company's approach means that no data moves over networks – just bitmaps.

  The tech is well regarded and can point to one ringing endorsement as a presence behind Amazon Web Services' "Workstations" desktop-as-a-service product.

  Continue reading

• '$6 in every $10' spent on cloud infrastructure is with AWS, Microsoft, or Google

  Fewer and fewer orgs want to run their own data centre
  Paul Kunert Fri 30 Jul 2021 // 17:16 UTC 5

  Spending on cloud infrastructure services shot up by more than a third again as workload migration and cloud native applications development sped up, according to the latest research from Canalys.

  After AWS filed its latest set of quarterly figures last night, analysts at the channel focused consultancy confirmed that some $47bn was forked out by biz customers on infrastructure-as-a-service (IaaS) in calendar Q2, up 36 per cent year-on-year.

  The top three cloud providers accounted for 61 per cent of this total expenditure, said Canalys, and AWS was the frontrunner with a 31 per cent share of the spoils, or $14.57bn.

  Continue reading

• Here's 30 servers Russian intelligence uses to fling malware at the West, beams RiskIQ

  Biden-Putin summit went well, then
  Gareth Corfield Fri 30 Jul 2021 // 16:24 UTC 5

  Details of 30 servers thought to be used by Russia's SVR spy agency (aka APT29) as part of its ongoing campaigns to steal Western intellectual property were made public today by RiskIQ.

  Russia's Foreign Intelligence Service "is actively serving malware (WellMess, WellMail) previously used in espionage campaigns targeting COVID-19 research in the UK, US, and Canada," according to threat intel firm.

  "Team Atlas assesses with high confidence that these IP addresses and certificates are in active use by APT29 at the time of this writeup," said RiskIQ in its blog post. "We were unable to locate any malware which communicated with this infrastructure, but we suspect it is likely similar to previously identified samples."

  Continue reading

• Google picked as yet another 'strategic partner' for SAP's RISE but Microsoft still lingers on the scene

  German software giant's relationships are anything but exclusive
  Lindsay Clark Fri 30 Jul 2021 // 15:30 UTC 1

  SAP has linked arms with Google in the latest dosey doe with the cloud infrastructure market.

  Google Cloud and SAP have stepped forward claiming they would "help customers execute business transformations, migrate critical business systems to the cloud, and augment existing business systems with Google Cloud capabilities in artificial intelligence and machine learning."

  It's a shame the pair couldn't have squeezed quantum computing into their commentary - The Reg could have called full house in the game of bingo buzzword.

  Continue reading

• UK regulator waves through SK Hynix's $9bn acquisition of Intel's NAND and SSD biz

  Number of 'strong remaining competitors' within the market planning expansions of their own, says CMA
  Tim Richardson Fri 30 Jul 2021 // 14:43 UTC 2

  The UK's Competition and Markets Authority (CMA) has given the thumbs-up to SK Hynix's agreed $9bn purchase of Intel's NAND and SSD businesses, ruling that the buyout would have no negative impact on local purchasers.

  In April, the non-ministerial government department decided to take a further look at the details of the $9bn deal between the South Korean semiconductor biz and Chipzilla that had been agreed last October.

  Using its own CMA lingo, the regulator said it wanted to know if the result of the agreement would lead to a "substantial lessening of competition within any market or markets in the United Kingdom for goods or services."

  Continue reading

• Happy 60th, Sinclair Radionics: We'll remember you for your revolutionary calculators and crap watches

  ZX Spectrum was pretty cool too
  Richard Speed Fri 30 Jul 2021 // 14:01 UTC 34

  It is 60 years since the founding of Sinclair Radionics, a forerunner of Sinclair Research and responsible for some nifty calculators and a not-so-nifty watch.

  The company was founded by Clive Sinclair, then a mere 20 years old, in July 1961. Its first product was the Sinclair Micro-amplifier for hi-fi systems, which was followed by the Sinclair Slimline radio kit.

  During the course of the 1960s, the company released more amplifiers and ever smaller radios before launching its first electronic calculator in 1972, the Sinclair Executive.

  Continue reading

• Telefónica's cloud limb slurps Cancom's UK&I biz to cash in on Brit enterprise tech market

  There's a tasty NHS contract in there
  Tim Richardson Fri 30 Jul 2021 // 13:30 UTC

  Telefónica Tech – the cybersecurity and cloud wing of the Spanish-owned telecoms giant – has forked out €398m (£340m) to German outfit Cancom Group's UK and Ireland operations.

  The deal is being seen as granting Telefónica a decent toehold in the UK's enterprise market.

  Some 600 IT professionals from Cancom UK&I are moving over to Telefónica Tech bringing with them a digital services portfolio including professional and managed services in advanced IT, cybersecurity, and multi-cloud.

  Continue reading

• Contractors argue umbrella companies need improved regulation, not outright ban

  Trades Union Congress proposals miss the point, say campaigners
  Lindsay Clark Fri 30 Jul 2021 // 13:01 UTC 5

  Contractors have described a UK union's call to ban umbrella companies as unworkable, leading to a greater void in the under-regulated market and making outsourced workers vulnerable.

  The Trade Union Congress (TUC), a powerful association of British unions, said yesterday UK government should abolish umbrella companies to employ agency workers in light of what it sees as abuse of workers' rights and financial fraud.

  Frances O’Grady, the TUC’s general secretary, said: "These scandalous workplace practices have no place in modern Britain. But our inadequate regulations let dodgy umbrella companies off the hook – allowing them to act with impunity."

  Continue reading