Skip to main content

News

Target agrees to pay $10 million to data breach victims

By News, Security No Comments

 CBS News Original article

MINNEAPOLIS — Target has agreed to pay $10 million under a proposed settlement in a class-action lawsuit stemming from a massive 2013 data breach, the company confirmed to CBS News.

“We are pleased to see the process moving forward and look forward to its resolution,” Target spokesperson Molly Snyder told CBS News late Wednesday.

The proposed settlement, which must be approved by a federal district court judge, creates a settlement account that could pay individual victims up to $10,000 in damages, according to court documents.

The data breach, one of the largest of its kind, occurred between Nov. 27 and Dec. 15, 2013, just as the busy holiday shopping season was underway. Information from as many as 40 million credit and debit cards was stolen.

Investigators believe the thieves captured the information by installing software on payment terminals customers used to swipe their payment cards at checkout. Nearly all of Target’s 1,797 stores in the United States were affected.

At least 15 lawsuits were filed by the end of 2013, seeking millions of dollars in damages. The harm was so widespread that the Department of Justice began its own investigation into the breach.

A court hearing on the settlement proposal was scheduled for Thursday in St. Paul, Minnesota, where Target’s headquarters is located.

The news comes as Target recently announced layoffs of 1,700 employees — or 13 percent of the workforce — at its Minneapolis headquarters, reports CBS Minnesota.

A Safer Internet for Our Children? We Need Better Tools For Managing Their Digital Lives

By News No Comments

Over the years, I think we’ve tried just about everything to manage our kids’ access to the Internet. We’ve installed a half dozen Web monitoring programs on every computer in the house, changed the WiFi network passwords countless times, and spent hours on the phone with our wireless carrier getting them to throttle our kids’ data plans.

Original Article  Tech Columnist

It was a total frigging pain. And my wife and I are both geeks. Imagine what it has been like for non-tech savvy parents.

While the tools have improved a lot since we first started – Norton Online Family and Net Nanny are both pretty good at filtering Web content and reporting what your kids are up to – they still require way too much time and geek know how.

Tomorrow is Safer Internet Day 2015, which aims to promote responsible behavior online and on mobile devices, especially among kids. Here’s my wish for SID2015: That somebody invents an easier way to manage our kids’ digital lives. In fact, there are a handful of parents trying to do just that.

Dead dog

A year ago I found a beautiful solution for controlling our home network: The Skydog router. It offered a simple dashboard that allowed me to control Internet access for every single device or user on the network. I could set time limits, block categories of sites or individual ones, throttle down the bandwidth, and more. I was in Geek parent heaven.

Then, in June, Comcast bought Skydog’s parent company and took the router off the market. Comcast said it planned to incorporate the tech into a new generation of Xfinity routers, but it still has not announced a time frame for that.

Ever since then I’ve been seeking a Skydog substitute. I’m not alone, and a few parents have invented their own solutions. One is Rod da Silva, owner of WebCurfew, a platform that let you control Internet access at the router level, turn devices on or off, set timers, and filter content.

(Webcurfew.com)

The Chicago-based Da Silva started developing WebCurfew three years ago to manage Internet access for his three kids; last year he turned it into a product. You can use WebCurfew’s content filters and access controls for free; if you want to set timers, you’ll need to pony up $6 to $9 a month.

The downside? You need to dig into your WiFi router’s administrative settings to set it up, it doesn’t work with every router (none of the ones you rent from Comcast, for example), you can’t customize it by user, and your kids can easily defeat it by resetting the router. In other words, it’s not Skydog. But at least it’s something.

A vexing problem

Another parent taking matters into his own hands is Sean O’Riordan of Portland, Oregon. He’s just launched a Kickstarter crowdfunding campaign for the VexBox, a cube-shaped device that plugs into your existing router and creates a new WiFi network just for your kids. Here’s the beauty part: When you turn on the VexBox, it doesn’t shut off the Internet, it just slows the connection down to 56K modem speeds.

image
(VexBox)

And that’s it. The VexBox doesn’t do any content filtering; it’s just a way to get his kids to pry their eyes away from the screen long enough to do their homework and clean their rooms. When you turn the VexBox off and broadband speeds return.

The best part about it, says O’Riordan, is that the VexBox has improved his relationship with his 17-year old stepson. They no longer fight over school work or chores; when the kid sees his Internet speeds plummet, he gets up and does what’s needed.

O’Riordan has been using the VexBox at home for about 6 months; now he’s hoping to raise $50,000 so he can manufacture and sell these things to other parents.

The mobile savage

That still leaves a bigger problem: your teenager’s smartphone. Here, too, things are easier than they were a few years ago – just not easy enough. Now you may be able to throttle your kids’ data plan, track their locations, keep them from texting while driving, or limit the sites they can access using an app on your phone.

The key word in that sentence, though, is may. Your ability to do this varies from carrier to carrier and phone to phone. You may have to install multiple apps to get this functionality, and you’ll probably have to pay a monthly subscription fee. Use an iPhone? That’s too bad: Apple doesn’t let third-party apps manage any of these things on its consumer devices.

I recently tried to install AT&T’s Family Map app on my Android phone. It wouldn’t work. Why? Because my Nexus 5 is registered as a business line, and Family App only works on consumer lines.

Why is this process so bloody difficult? I asked Tasso Roumeliotis, founder and CEO of Location Labs, now part of security software company AVG. Location Labs makes safety apps for wireless carriers. When you install AT&T’s Smart Limits, Verizon’s FamilyBase, T-Mobile’s FamilyWhere, or Sprint’s Drive First app, you’re using Location Labs’ software.

image
(AT&T Family Map; Location Labs)

One reason is that wireless carriers move very slowly, both because of their size and regulatory constraints, says Roumeliotis. A change to a sign-up process that would take a tech startup a few days to implement might take months for a carrier.

“Managing your kids’ mobile devices is a hard problem we haven’t completely solved,” he says. “In enterprises it’s called mobile device management; if you want to use your phone at work, you need to put software on it to make it secure. The same thing needs to happen in the family space.”

In the meantime, the best thing you can do is try to keep your kids from engaging in risky online behavior and minimize the distractions technology can bring, Roumeliotis says. That might involve using an app to throttle down their data consumption, or it might be as simple as locking the phone away in a drawer until their homework is done.

As with many parenting dilemmas, there is no simple push-button solution.

Send your Internet safety solutions to Dan Tynan at Modfamily1@yahoo.com.

WebWizards® Launches Fun Ad Campaign Highlighting In-Person Internet Support At Neighborhood Stores

By News No Comments

WebWizards Network’s Internet Stores Provide Personalized Assistance With Social Media; Mobile Apps; Browser-Based Applications and Web Presence Services

LOS ANGELES, CA – WebWizards® Network, Inc., a full-service Internet education and support company, today announced the launch of it’s new ad campaign promoting the company’s innovative, in-person Internet retail stores. The first 30 sec spot pokes fun at Internet call centers and suggests that in-person support and education is a much better way for Internet users to keep up with advancing Internet technology.

The company’s flagship North Hollywood store is also in the process of launching it’s first series of neighborhood classes, teaching kids, teens and seniors Internet safety, trending applications, online security and how to build and market websites.

About WebWizards Network, Inc.

WebWizards® Network is a unified system of Internet service associates across America that offers personalized ground support, private/public classes and web presence services from WebWizards® branded brick n’ mortar retail locations, mobile support vehicles and authorized resellers. The business model is the first of its kind in the Internet industry. For more information, visit the company web site at http://www.webwizardsnetwork.com

WordPress Security: Nulled Scripts and the CryptoPHP Infection

By Security No Comments

Our friends over at Fox-IT based in Delft in the Netherlands just contacted Wordfence with some amazing research they’ve just published. If you’re technically minded and want as much detail as possible, I recommend you skip this blog entry and head straight over to the Whitepaper that Fox-IT has published on the CryptoPHP backdoor (It’s 50 pages). I’ve summarized the details and our response:

Nulled scripts are commercial web applications that you can obtain from pirated websites that have been modified to work without a license key. They are the web equivalent of pirated software. They include commercial WordPress themes and plugins.

Wordfence Original Article

It’s come to our attention courtesy of Fox-IT that nulled scripts are being distributed via several websites with a sophisticated infection pre-installed. Fox-IT have dubbed it CryptoPHP because of the fact that it encrypts data before it sends it to command and control servers.

<?php include('assets/images/social.png'); ?>

If you’re a PHP developer you will immediately recognize this as looking strange: It is a PHP directive to include an external file containing PHP source code, but the file is actually an image. Inside this image file is actual PHP and the code is obfuscated (hidden through scrambling) to try and hide the fact that it’s malicious.

If you’re a Wordfence customer, and you are doing scans, the default settings for Wordfence do not scan image files for infections. However we are aware of these kinds of infections so a while back we added an option to scan image files as if they are PHP code. However with the detection we just added, Wordfence will detect the ‘include’ directive above in your PHP source, so even if you haven’t enable image-file scanning, you will still catch all known variants of this infection provided you are running the newest version of Wordfence.

Fox-IT has determined that the purpose of the malware is, currently, to engage in black-hat SEO by injecting links to other, presumably malicious, websites into your content. However this infection is sophisticated and it communicates with command and control servers that can instruct it to do a variety of tasks including the ability to upgrade itself. So this is a classic botnet infection which turns all infected websites into drones that can be instructed to do just about anything, from sending spam email to SEO spam to hosting illegal content to performing attacks on other websites.

The researchers think they may have identified the location of the author. Inside the code of the malware is a user-agent (browser) check that checks to see if the web browser user-agent equals ‘chishijen12′. If it does, then the application is instructed to output all PHP errors to the browser, presumably for debugging purposes. Fox-IT found an IP address that is associated with that user-agent and the IP is based in the state of Chisinau in Moldova. The name of the state is similar to the user-agent string, which gives their theory some credence.

This infection doesn’t just affect WordPress but affects Drupal and Joomla too. The detection we’ve added will actually detect the infection in Drupal or Joomla source code too if that lives under your WordPress directory.

If you’re an enterprise customer and are using an IDS like Snort or the EmergingThreats ruleset, Fox-IT have created Snort signatures which are in the whitepaper and I see that EmergingThreats have updated their open ruleset today to detect this.

You can find the full white paper discussing this new threat here and it includes quite a bit of technical detail if you’re a developer or information security researcher.

Please help spread the word about the danger involved in downloading or distributing nulled scripts and help keep the community safe.

InfoWorld spotlights Liquid computing: The next wave of the mobile experience

By Weekly Trends No Comments

The traditional enterprise workflow is ripe for huge change as the focus moves away from working in a single context on a single device to the workflow being portable and contextual

Infoworld: Your computing life began with a single screen. Today, you probably have three to five screens or more: a work computer, a smartphone, multiple home computers, maybe a tablet. Soon, you may add a smartwatch and a new wave of mini-devices ushered in by the Internet of things. With this multiplicity, the idea that you have a “primary” device slips away. Instead, the heart of your compute experience rises to a cloud where you are at the center. For that ascent to be complete, however, each of your devices needs to be seamlessly connected with the others.

InfoWorld’s executive editor, Galen Gruman, has coined a phrase for this: “liquid computing.” As this “The New Enterprise Workflow” Digital Spotlight explains, Apple, Google, and Microsoft are already testing this new modality, so that your work—not just the data, but what you’re doing with it at any given moment— can flow instantly to any device in your personal cloud ecosystem.

Liquid computing has far-reaching implications for business: The increase in productivity will be stunning, but the loss of control over data will cross an alarming threshold for many IT professionals. In this Digital Spotlight, Gruman and InfoWorld contributors Paul Roberts and Fahmida Rashi, examine the reactions of vendors and customers alike to this new reality. The redefinition of personal computing couldn’t be more profound.

Get “The New Enterprise Workflow” Digital Spotlight from InfoWorld, and learn:

What liquid computing is and why it matters to your company
How to adapt enterprise workflows to liquid computing
Learn how digital rights management (DRM) will factor into this new world

Original Article By InfoWorld Staff

WebWizards® Launches In-Person App Assistance.

By News, Weekly Trends No Comments

WebWizards Network’s Certified Ground Support Pros Provide Personalized Assistance With Social Media; Mobile Apps; Browser-Based Applications and Web Presence Services

LOS ANGELES, CA – WebWizards® Network, Inc., a full-service Internet education and support company, today announced the launch of the company’s innovative in-person Internet and mobile device support service. The company’s Ground Support service is borne out of the WebWizards philosophy that Internet users are better supported when they are shown how online applications work, face-to-face, be it Facebook, iTunes, Google Hangouts, Amazon, eBay or hundreds of others.

The WebWizards service provides a network of young Internet professionals across the United States who will provide on-site assistance for users, particularly in the 35-64 age demographic. The WebWizards business is meeting a growing national demand for in-person Internet education and service. According to recent studies, 60% of Internet users typically will not take the time to read help menus, wade through tutorial videos, wait on hold for Internet support or deal with 3rd-world outsourced servicing.<!–more–>

Currently available in California, with plans underway for a national footprint, the WebWizards Network will offer in-person support to Internet and mobile web customers at their home, office, or at one of the individually licensed WebWizards Retail Centers.

One example of an area in which the WebWizards on-site personalized Internet support is extremely relevant is in the increasingly complex mobile technology arena, where many users do not understand app usage and privacy issues, including how an app gathers information.

WebWizards maintains and deploys its professional support system through an online portal, at www.webwizardsnetwork.com, and through geo-targeted mobile applications. Consumers request services from its public website https://www.webwizards.pro.

The company recruits qualified Internet professionals from across the U.S. who become certified WebWizards Ground Support Pros. College students, for example, who want to earn income while leveraging flexible work schedules, are particularly attractive for the growing WebWizards Network.

WebWizards offers its service to individuals and businesses with items such as setting up email, connectivity performance, online and mobile application assistance, web presence needs, private instruction, online input and any other Internet-related issues. Certified WebWizards Ground Support Pros receive text messaged work orders with instructions regarding the customer’s Internet issue and coordinates to the customer location (within a 10-mile radius of the support pro). The support pros choose to accept or pass on the project and if rejected, the project is passed to the next closest support pro with the greatest related knowledge matched to the issue. Customers are then invited by email to grade the support pro and the experience overall.

“Internet users, and especially families, need a place to visit locally when it comes to Internet questions,” states WebWizards Founder, Chick Ciccarelli. “We aim to become America’s most trusted retail brand when it comes to Internet education and support. People may be engaged online, but they live on the ground, and that’s where they will receive the support of dependable, qualified professionals who can answer their questions in-person, rather than sifting through help menus or surrendering their computer screens to some remote, disembodied voice.”

WebWizards is also launching an ambitious licensing model for brick n’ mortar retail locations across America, where locals can gain access to Internet support, education, services and products. These family-friendly locations will feature public classes several times a week about current issues related to the Internet, such as cutting-edge trends, application usage, cyber-security, and cyber-bullying, for example. The WebWizards locations will also serve as venues for Internet companies to present their latest online products and services on a regular basis.

“According to American Express, in the last year 67% of online customers have hung up the phone because they couldn’t talk to a real person and 91% of Internet users have been frustrated with online help options at least half of the time,” states Ciccarelli. “This lack of human contact is not only painful for users, but poses a serious problem for online developers and e-commerce portals. With the WebWizards Network system, we get closer to the end-user than anyone can because we’re sitting with them at their computer.”

About WebWizards Network, Inc.
WebWizards® Network is a unified system of Internet service associates across America that offers personalized ground support, private/public classes and web presence services from WebWizards® branded brick n’ mortar retail locations, mobile support vehicles and authorized resellers. The business model is the first of its kind in the Internet industry. For more information, visit the company web site at http://www.webwizardsnetwork.com

Mobile And Web App Technology Customer Service

By Experiences No Comments

Easing The Mobile And Web Application Technology Curve: A New Paradigm For 21St-Century Customer Service

In the beginning of the Internet era, the PC reigned supreme. As the desktop publishing world, and the transition from typewritten documents to desktop-created documents grew, the technology consumer became familiar with a world that relied on offline and online applications. PCs and ISP subscriptions were sold side by side, in a glorious period for all companies tied into this massive technology shift. Businesses and consumers now were connected, with a greater understanding of how the browser could change their lives. Suddenly, consumers had a way to communicate and connect with product and service companies in new ways.

But the Internet became more complex for the average user and customer service waned to such a degree that even ordering DSL from larger providers seemed daunting: true one-on-one customer service was outsourced or driven into the background, creating opportunities for smaller customer service providers, but largely stymying the overall customer service experience.

The mobile world has made this conundrum a deeper issue for consumers. To use a term, only “native” consumers – those born into the mobile era – seem to have an intuitive sense of how applications are searched, consumed, and shared. But, for the 35-year-old and up audience, native mobile intelligence is not so readily achieved. Added to already existing feelings of customer service alienation, this audience needs greater attention.

According to Parks Associates, the market opportunity for customer support innovation is largely untapped, and will grow to $8.25 billion by the year 2017. This opportunity includes the facilitation of “holistic technical support and collaborative customer care, providing capabilities beyond what any single user, advanced or novice, could achieve on their own.”
As customer care needs grow, with the accompanying complexities of web and mobile applications, a new paradigm in customer care must be achieved.

I have been a user of web and mobile technologies since their inception, and have seen the depletion of customer care over the past 15 years reach levels that, to me, would seemingly impede the growth of the industry. Simply put, if general users of web and mobile applications do not have the adequate support that they require, they will cease to become customers. They will become stagnant non-users.

We created a solution to this problem that I think addresses a fundamental need for the non-technical user – a network of in-person assistants who can actually travel to a person’s office or home, or meet that person at a nearby retail center, to help with online and mobile applications – from ecommerce sites, iTunes and eBay to social apps like Facebook and more – with the specific goal of providing a better understanding of how online apps work, thereby creating a better user experience – and most importantly, allowing the end user to gain more personalized customer support.

This concept became what is now WebWizards Network, Inc., a full-service Internet education and support company. This notion of in-person web and mobile device support service includes certified ground support professionals who can assist with social media; mobile apps; browser-based applications and web presence services. Young Internet and mobile professionals across the United States provide the bulk of the WebWizards support network, targeting people mostly in the 35-64 age demographic. According to Harris Interactive, 60% of Internet users typically will not take the time to read help menus, wade through tutorial videos, wait on hold for Internet support or deal with 3rd-world outsourced servicing.

Currently available in California, with plans underway for a national footprint, the WebWizards Network will offer in-person support to Internet and mobile web customers at their home, office, or at one of the individually licensed WebWizards Retail Centers.

One example of an area in which the WebWizards on-site personalized Internet support is extremely relevant is in the increasingly complex mobile technology arena, where many users do not understand how to remove apps, or understand how apps gather information.
WebWizards maintains and deploys its professional support system through an online portal, at www.webwizardsnetwork.com, and through geo-targeted mobile applications. Consumers request services from its public website www.webwizards.pro.

The company recruits qualified Internet professionals from across the U.S. who become certified WebWizards Ground Support Pros. College students, for example, who want to earn income while leveraging flexible work schedules, are particularly attractive for the growing WebWizards Network.

WebWizards offers its service to individuals and businesses with items such as setting up email, connectivity performance, online and mobile application assistance, web presence needs, private instruction, online input and any other Internet-related issues. Certified WebWizards Ground Support Pros receive text messaged work orders with instructions regarding the customer’s Internet issue and coordinates to the customer location (within a 10-mile radius of the support pro). The support pros choose to accept or pass on the project and if rejected, the project is passed to the next closest support pro. Customers are then invited by email to grade the support pro and the experience overall.

We believe this is one major step in the right direction in helping the mobile industry grow smoothly and educating end users so they will continue to be willing purchase the devices and apps being developed without the fear of non-support.