STE WILLIAMS

Free ESG report : Seamless data management with Avere FXT

Firefox maker Mozilla has pushed out a new version of its web browser in which multiple security vulnerabilities have been fixed – and seven of them are rated as critical.

Firefox 24, released on Tuesday, grapples with a total of 17 exploitable flaws: the most dangerous of the squashed bugs, which could have allowed an attacker to remotely execute code or install software on a victim’s computer, are:

• A garbage collection bug
• Memory corruption when scrolling a page
• Buffer overflow with multi-column, lists, and floats
• Use-after-free with select element
• Use-after-free in Animation Manager during stylesheet cloning
• Integer overflow in ANGLE library
• Miscellaneous memory safety hazards

The other 10 bugs are rated high or moderately threatening. More details can be found on Mozilla’s security advisory page here.

Firefox 24 is available in Windows, Mac OS X, Linux and Android flavours. The Android version of the cross-platform update includes WebRTC support for video calling. ®

Supercharge your infrastructure

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/09/18/firefox_24_update/

Free ESG report : Seamless data management with Avere FXT

The NSA doesn’t only hoover up your emails, web surfing habits and phone call metadata – they also harvest your credit card records and banking transactions.

The latest leaks from whistleblower Edward Snowden reveal that the NSA is monitoring international banking and credit card transactions that pass through the Society for Worldwide Interbank Financial Telecommunication (SWIFT) as well as the systems of several companies, including Visa. Anyone who has tried to transfer money between two countries will know that the SWIFT network is used by more than 8,000 banking institutions in over 200 countries to “securely” send their customers’ transaction information.

According to the leaked documents, the aptly named “Follow The Money” ¹ NSA team takes a lead in monitoring international financial transactions, German news magazine Der Spiegel reports.

These monitored transactions end up as entries in an NSA database called “Tracfin”, which held 180 million records in 2011, according to revelations from Snowden. The majority of these records (84 per cent) covered credit card transactions, captured under a programme called “Dishfire”, according to the documents seen by the German paper.

Only 180 million records? How abstemious…

SWIFT processes over 15 million transactions every day, so the real surprise in the latest revelation is that the Tracfin database only stores 180 million records. The US Treasury, a separate branch of the US government, already has an openly known information-sharing agreement where the US can issue subpoenas to Brussels-based SWIFT for information about international transactions by suspected terrorists. More details on the Terrorist Finance Tracking Program can be found on the US Treasury website.

Foreign targets

According to the documents seen by the paper, the NSA’s financial records database targets transactions in Europe, the Middle East and Africa and is designed to track terrorism-related financial transactions. The spying operation targets non-US citizens and so is less legally contentious than the dragnet surveillance of Verizon call record metadata – which was yesterday defended by a Foreign Intelligence Surveillance Court judge as being “authorized under the 2001 law known as the Patriot Act” – or the PRISM web surveillance programme, to quote just two examples.

Deal or no deal?

The latest revelations do, however, raise questions about whether core systems at Visa and SWIFT were compromised by the US’s signals intelligence agency or whether they acquiesced to its demands.

In a statement, Visa told Der Spiegel that “we are not aware of any unauthorised access to our network” adding “Visa’s policy to only provide transaction information in response to a subpoena or other valid legal process”.

According to the documents, NSA spied on SWIFT, using “multiple techniques”. Tactics apparently included reading SWIFT printer traffic from numerous banks.

The documents also revealed that even close allies of the NSA within the intelligence community had apparently expressed reservations about widespread spying on financial records.

Der Spiegel noted that memos within the leaked documents, purportedly from British intelligence agency GCHQ, had cautioned that:

…the collection and sharing of “politically sensitive” [financial transaction] data is a highly invasive measure since it includes “bulk data – rich personal information. A lot of it is not about our targets.”

SWIFT and Visa were earlier named alongside Petrobas as targets of NSA spying by a Brazilian TV programme earlier this month.

A follow-up analysis by Spiegel Online, written by filmmaker turned Snowden collaborator Laura Poitras and others, can be found here. ®

Bootnote

¹ Watergate whistleblower “Deep Throat” famously told Bob Woodward and Carl Bernstein, the Washington Post reporters investigating the Watergate scandal that brought down the Nixon administration, to “follow the money” to unearth links between the burglars and the administration. Deep Throat was identified as former FBI associate director Mark Felt after he outed himself in 2005.

Supercharge your infrastructure

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/09/18/nsa_banking_cybersnooping/

A network scanner designed from scratch by three University of Michigan researchers can scan the entire IPv4 Internet in about 45 minutes, drastically reducing the speed at which such scans can be accomplished.

Announced at last month’s USENIX Security conference, the scanner, dubbed ZMap, uses a modular approach to scanning to speed the process, the pseudo-random selection of IP addresses to avoid overwhelming small networks and validation of the responses by a separate system to verify the results. The researchers — Zakir Durumeric, Eric Wustrow, and J. Alex Halderman — used the scanner to track protocol use on the Internet, find systems vulnerable to HTTPS weak key flaw, and discover unadvertised services. Without fast scans of the Internet, many types of research would not be feasible, says Durumeric, a Ph.D. candidate in computer science at the University of Michigan.

“You can imagine that if you did your scans over three months and then did all the follow-up processing, the Internet could have grown, in terms of the use of certain protocols, by 10 percent,” Durumeric says. “So you have a whole new degree of specificity.”

The techniques combined to create ZMap are not all new but have not before been brought together in a single program. In the same way that the Shodan service made the results of Internet scans more accessible, the ability to quickly perform customized scans of the Internet will likely result in a “golden age” of vulnerability scanning, says HD Moore, chief research officer for Rapid7, a vulnerability management firm. Rather than waiting for days or weeks for scans to complete, researchers can do a lot more with fewer resources.

“It really shrinks the size of the Internet in a way that we couldn’t do before,” Moore says. “It’s not big data anymore.”

Network scanners were originally designed to scan small networks, keeping track of the current state of the scan as it progressed. However, when scanning a network the size of the Internet, the state data can grow too large for most systems, Durumeric says. To solve that problem, some scanning projects have broken their scans into batches, scanning a complete subnetwork before moving onto the next subnet. Yet, if the scan is done quickly, it can overwhelm the provider with requests.

[Researchers and attackers catalog vulnerable systems connected to the Internet, from videoconferencing systems set to auto-answer, to open point-of-sale servers, to poorly configured database systems. See Global Scans Reveal Internet’s Insecurities In 2012.]

ZMap solves both problems by generating pseudo-random IP addresses using a particular method, known as multiplicative group of integers, so that each address appears only once. The process is broken into a fast engine for generating and sending the packets, and an asynchronous collector that receives the packets and logs the data. The state of each connection is not kept, Durumeric says. Instead, packets are matched by putting identifying data in the unused fields of the network packet.

“Really, each of these packets is the same except for where it goes, so we don’t need to go through all these same validation steps,” he says. “We just need to update a small amount of information and send it onto the next host.”

While the three researchers from the University of Michigan have shortened the time it takes to do a scan, the bandwidth required to scan the entire Internet quickly will likely limit such projects to academic research groups and large corporations.

“When we say we are scanning at a gigabit speed, we are using an entire gigabit connection,” he says. “Most home users have 1- or 2 megabytes.”

Rapid7’s HD Moore had already begun working with the University of Michigan on a large-scale study using scans to find websites, Internet-connected servers, and cloud services that link back to a business’ domain to help companies find unknown or rogue assets. Certificates used with secure services, for example, include the domain of the certificate holder, providing a link that the researchers can connect back to the firm.

“They all point to identifying assets out there that you may not know belongs to your company,” Moore says.

Looking for vulnerabilities is another fertile field. There is no shortage of vulnerable systems out there, Moore says. By using fast scanning to highlight the weaknesses before they can be exploited by attackers, the Internet benefits as a whole, he says. Many ISPs distribute poorly configured routers, and Rapid7 and Moore have already highlighted problems in universal plug-and-play devices, such as routers, as well as insecure video conferencing systems.

The net benefit of fast scanning should be that more vulnerabilities will be detected and eliminated because attackers have already been using botnets and other techniques to scan for vulnerable services in networks. The Carna botnet and the report on its scanning results showed the possibilities of illegal scanning projects. They could adopt ZMap’s techniques for scanning, but will not benefit from the technology as much as defenders, says Moore.

However, eventually the golden age of fast scanning will end. As IPv6 becomes increasingly deployed, scanning the entire network will become impossible. Even limiting scans to known assigned IPv6 addresses and using other information to attempt to identify hosts will not narrow the field much for researchers.

“With IPv6, if it’s not a published entry somewhere, you are not going to find it,” Moore says. “You have to send almost as much traffic to identify a single subnet as the entire IPv4 Internet. So the numbers are not going to work out.”

Have a comment on this story? Please click “Add Your Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/vulnerability/fast-scanning-to-fuel-golden-age-of-glob/240161403

Security awareness programs and strong password policies are standard procedure in most organizations, but most enterprises don’t do enough to reinforce them, according to a new survey.

According to a study published Friday by security firm Rapid7 (PDF), most companies don’t go back and test their employees to see whether they have learned from security training and policy.

About two-thirds (66 percent) of enterprises do security awareness training to help users recognize and avoid phishing attacks, the study says. But only one-third (33 percent) actually test employees with simulated phishing attacks.

“While organizations want to believe that every employee will detect a phishing scam once it hits their inbox, that is often not the case,” the study says.

And even some organizations that do simulated phishing attacks fail to adequately integrate those tests with their training programs, says Rohyt Belani, CEO of PhishMe, which offers phishing awareness and simulation services.

“If you only send simulated phishing emails to test your user base — and provide training in the traditional sense at a different time — you’re not going to change behavior,” Belani says. “By providing training immediately after a person falls for a simulated phish, you’re providing that training within the context of the situation. But if training is noncontextual, you may as well not do it.”

A similar problem occurs at the password level, according to the Rapid7 study. While 90 percent of companies surveyed have a strong password policy in place, only 56 percent of enterprises check to see whether users are employing strong passwords on services beyond their primary Windows login, the survey says.

“Immediately following the LinkedIn data breach in June 2012, Rapid7 compared leaked passwords from the 2010 Gawker Media breach with the stolen passwords of LinkedIn users, and found that the same, weak passwords publicized two years before were still being used and were often part of a larger password/passphrase,” the study says.

“While Windows login can enable domain admins to require users to create stronger passwords, organizations must also ensure that all password-protected assets receive the same policy,” Rapid7 says.

The study recommends implementing technical controls that test and measure end user security behavior and enforce policy.

Have a comment on this story? Please click “Add a Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/end-user/study-enterprises-fail-to-test-end-user/240161449

WASHINGTON, Sept. 18, 2013 – Enterprise Information Protection (EIP) leader Verdasys and FireEye, Inc., the leader in stopping today’s new breed of cyber attacks, have announced an integrated security solution combining FireEye’s network with Verdasys’ endpoint defenses through the Verdasys Digital Guardian Connector for FireEye. This newly integrated solution is designed to enable security organizations to quickly investigate, confirm and stop advanced malware threats beyond the network to endpoints, such as physical and virtual laptops, desktops and servers. Available immediately, the joint Verdasys-FireEye solution leverages FireEye’s Multi-Vector Virtual Execution (MVX) engine and Verdasys’ Digital Guardian platform to protect intellectual property and other sensitive data against insider threat and malware attacks.

Utilizing Indicators of Compromise (IOCs) and other threat intelligence received from FireEye’s MVX engine, Digital Guardian correlates that intelligence and creates rules for endpoint agents to search out any potentially compromised machines. Both solutions are engineered to quickly contain and block further infections in real-time across the network and endpoint. Digital Guardian also submits suspicious artifacts collected on host systems for analysis in the FireEye Malware Analysis System (MAS), with results of the analysis utilized by both solutions for containment and prevention of new infections.

According to Dan Geer, security expert and CISO of In-Q-Tel, the strategic investment arm of the Intelligence Community, “Detection and correlation of threats collected from as many locations as possible across the enterprise offers the best defense against advanced malware. Digital Guardian’s integration with FireEye’s solutions is designed not only to enable security teams to detect, analyze and understand when and how they are being attacked, but also offers the most advanced set of prevention and containment controls to stop those attacks.”

Manish Gupta, senior vice president of products at FireEye, added, “By integrating our respective solutions, our customers enhance their investment in FireEye with Digital Guardian’s understanding of sensitive data and deep visibility and control on the endpoint. The result is a streamlined workflow engineered to stop advanced malware and prevent loss of sensitive data both on and off the corporate network.”

The integrated Verdasys and FireEye solution is designed to enable security teams to:

Reduce investigation and containment time by verifying whether threats discovered on the network by FireEye have infected systems and if they have been contained on the endpoint

Contain malware on infected hosts and prevent new infections by Digital Guardian rules based on IOCs received from FireEye

Decrease time to containment by submitting threats discovered on the endpoint by Digital Guardian agents for detonation and validation in the FireEye MVX engine

Protect sensitive data from being exfiltrated during an attack with Digital Guardian end point data protection control rules defined by FireEye IOC characteristics.

According to Jim Ricotta, Verdasys CEO, “Enterprises looking to protect intellectual property and other sensitive data are finding that Digital Guardian and FireEye are fundamental components of their multi-layered defense due to their ability to accurately identify and block previously unknown attacks in real time. Now, these organizations can detect infections even when devices are outside the corporate network or when they are brought back to the network, so they can secure all personal and company-owned devices across their entire computing environment.”

About Verdasys

Verdasys (www.verdasys.com) provides Enterprise Information Protection solutions and managed services to secure sensitive data and assure the integrity of business processes, enabling midsize and global businesses to successfully compete in collaborative and mobile environments. Digital Guardian, a Leader in Gartner’s 2012 Magic Quadrant for Content-Aware Data Loss Prevention, is a proven technology platform that provides complete, policy-based data lifecycle monitoring, classification, forensics and control on endpoints and servers, virtual machines and enterprise applications, networks, mobile devices and cloud environments. Digital Guardian protects IP and regulated data from compromise by insiders, contractors, partners and targeted cyber attacks. Since 2003, millions of Digital Guardian agents have been deployed to protect critical data for global leaders in financial services, insurance, technology, manufacturing and healthcare industries.

Article source: http://www.darkreading.com/end-user/fireeye-verdasys-partner-in-endpoint-sec/240161461

DALLAS, Sept. 18, 2013 /PRNewswire/ — ATT* and Microsoft Corp. today announced they will deliver a security-enhanced and reliable cloud solution that will allow enterprise customers to connect to Microsoft’s cloud platform using a private network.

The new solution will use breakthrough cloud integration technology from ATT to pair virtual private networking with Microsoft’s industry-leading Windows Azure cloud platform. Customers of the solution are expected to benefit from the enterprise-grade security of virtual private networking, with as much as 50% lower latency than the public Internet, and access to cloud resources from any site using almost any wired or wireless device.

“This is a game changer for businesses that have been seeking a more secure way to reap the benefits of cloud services,” said Andy Geisse, CEO, ATT Business Solutions. “By bringing the security and performance of our virtual private network to Windows Azure we expect to energize enterprise demand for cloud solutions.”

Enterprises continue to cite concerns about security and reliable performance in their decision to adopt cloud computing. Working together, Microsoft and ATT will address these concerns by enabling enterprise customers to quickly and reliably connect applications and services from their own data centers (private

clouds) to the Windows Azure cloud service using the protective confines and high transmission speeds of a highly-secure virtual private network.

ATT’s cloud integration technology, ATT NetBond, bonds networking and computing resources together and automates functions that are often performed manually. It allows the network and compute resources to flex in tandem to support the fluctuating demands on systems that enterprise cloud users often experience throughout the year. ATT customers are already able to take advantage of the technology with ATT’s own cloud offers.

The new cloud solution takes advantage of the Multi-Protocol Label Switching

(MPLS) technology underpinning ATT’s virtual private network solution.

According to independent research firm Forrester Research, Inc., 70% of multinational enterprises have already adopted global MPLS services1, high-performance networks that make it easy to create secure, virtual links between multiple geographic locations.

“There’s no question that the time for cloud computing is now, and it’s critical we help enterprises embrace the cloud on their terms,” said Satya Nadella, executive vice president of Cloud and Enterprise for Microsoft. “Through this strategic alliance with ATT, we can reduce the barriers to entry for cloud computing by providing a more secure and reliable connectivity option for enterprise customers, accelerating the growth of cloud computing and the rapid adoption of Windows Azure.”

ATT serves 3.5 million business customers and is the leading provider of IP-based services to multinational corporations, providing MPLS-based IP services to 187 countries, which represent 99% of the world’s economy. According to independent research firm Forrester, ATT is a global leader in managed global MPLS services.2 Similarly, Microsoft is a leader in the enterprise cloud space, with more than 50% of the Fortune 500 using Windows Azure and an unparalleled adoption rate at nearly 1000 customers per day.

The new integrated solution is expected to be available in first half of 2014.

1, 2Forrester Research, Inc., March 2013,’The Forrester Wave(TM): Managed Global MPLS Services, Q1 2013

*ATT products and services are provided or offered by subsidiaries and affiliates of ATT Inc. under the ATT brand and not by ATT Inc.

About MSFT

Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.

About ATT

ATT Inc. (NYSE:T) is a premier communications holding company and one of the most honored companies in the world. Its subsidiaries and affiliates – ATT operating companies – are the providers of ATT services in the United States and internationally. With a powerful array of network resources that includes the nation’s fastest and most reliable 4G LTE network, ATT is a leading provider of wireless, Wi-Fi, high speed Internet, voice and cloud-based services. A leader in mobile Internet, ATT also offers the best wireless coverage worldwide of any U.S. carrier, offering the most wireless phones that work in the most countries. It also offers advanced TV service with the ATT U-verse brand. The company’s suite of IP-based business communications services is one of the most advanced in the world.

Additional information about ATT Inc. and the products and services provided by ATT subsidiaries and affiliates is available at http://www.att.com/aboutus or follow our news on Twitter at @ATT, on Facebook at http://www.facebook.com/att and YouTube at http://www.youtube.com/att.

Article source: http://www.darkreading.com/management/att-and-microsoft-to-bring-enterprise-gr/240161455

Brooklyn, N.Y.–The Brooklyn campus of the Polytechnic Institute of New York University (NYU-Poly) will be the nerve center this week for the world’s biggest hacking competition, as more than 10,000 participants from across the world compete in the preliminary round to find the best student teams for the tenth annual NYU-Poly Cyber Security Awareness Week (CSAW).

Nearly 1,000 teams, from Australia to Zimbabwe, have already registered for the preliminary round of the competition, which begins at 6 p.m. on Thursday, September 19, and will continue until 6 p.m. on Sunday, September 22. Organizers expect to exceed the record-breaking number of 1,357 teams that signed up last year and easily outpaced the perennial leader in the so-called Capture the Flag (CTF) software hacking competitions. They are designed to find and challenge the best emerging cyber security talent and to encourage students to pursue careers and fill the acute shortage of trained professionals in the field.

The NYU-Poly CSAW competition has earned a reputation for being accessible to beginners but challenging enough to attract even professionals. Like all the CSAW competitions, it is led by students, who work with renowned professionals to design the challenges and judge them. This week, the NYU-Poly CSAW CTF judges will be looking for top-scoring 10 teams of undergraduate students from the United States and Canada, who will receive expense-paid trips to New York to participate in the final round of the NYU-Poly CSAW on November 14-16, 2013. The CSAW winners will receive scholarships and cash prizes, network with world-known professionals and academics, attend seminars, and will be courted by top companies and institutions during a career fair.

CTF tests the application security skills of undergraduate students interested in computer security. Competitors mount attacks on vulnerable applications and solved offense challenges in their quest to earn the most points, or “flags.” For the preliminary round, NYU-Poly’s teams will gather on campus, but the vast majority of contestants will participate remotely.

The CTF is the centerpiece of NYU-Poly’s CSAW competitions, which encompass a wide range of challenges and span an array of security issues. Last year, more than 13,000 students participated, ranging from high school students to PhDs from more than 500 institutions. CSAW attracts some of the best and youngest cyber security talent.

NYU-Poly was one of the first universities to introduce a cyber security program, and is designated as both a Center of Academic Excellence in Information Assurance Education and a Center of Academic Excellence in Research by the National Security Agency. The Sloan Consortium, an affiliation of educators and institutions dedicated to quality online education, named NYU-Poly’s virtual graduate cyber security program the Outstanding Online Program of 2011. The Center for Interdisciplinary Studies in Security and Privacy (CRISSP), a cutting-edge research collaboration of NYU-Poly and other NYU schools, re-examines the entire cyber security paradigm to integrate technology with broader issues such as human psychology, business, public policies and law. CSAW is hosted by NYU-Poly’s Information Systems and Security Laboratory (ISIS Lab).

For more information on the NYU-Poly CSAW, visit https://csaw.isis.poly.edu. To register for the CTF, visit https://ctf.isis.poly.edu.

The U.S. Department of Homeland Security is a gold sponsor of CSAW, and Facebook and Qualcomm provide support at the bronze level. To date, 19 companies have provided generous financial support for the educational goals of NYU-Poly’s CSAW.

Article source: http://www.darkreading.com/worlds-biggest-hacking-competition-launc/240161462

IRVINE, Calif., Sept. 18, 2013 /PRNewswire/ — NT OBJECTives, Inc., provider of the most automated, comprehensive and accurate web application security software, application security testing services and SaaS, announced today that its NTOSpider On-Demand scanning service now includes continuous scanning and site monitoring providing security professionals with an automated hands-off approach that automatically conducts a comprehensive test when an application changes. The new capability constantly monitors for changes in web applications and automatically re-scans the entire application to determine if any vulnerabilities exist as a result of the changes.

(Logo: http://photos.prnewswire.com/prnh/20121025/PH00003LOGO-b)

“By their nature, web applications are constantly changing, leaving security teams pressed to keep up with the security testing of newly changed web applications,” Dan Kuykendall, co-CEO and CTO of NT OBJECTives. “But in the interest of time and resources, they are only testing the part of the application that has been changed, and in some case may not know about the change, leaving it completely untested. Not testing changes at all can certainly result in security vulnerabilities, but it’s important to note that partial application security testing is also ineffective. Changes in one piece of an application can have a cascading effect, directly compromising the security of other parts of the application.”

NTOSpider On-Demand’s continuous scanning feature can be used during regular intervals as determined by the user, in most cases, quarterly, but as frequently as necessary. The program monitors for any change in the web application; when a change is detected, the entire application, and not simply the changed input, is automatically scanned and any issues are reported. This improved application security testing feature alleviates security teams of the need to monitor changes in the hundreds or thousands of applications an organization may own.

NTOSpider On-Demand is a cloud-based platform that enables organizations to efficiently engage in application security testing on an unprecedented number of web applications, while controlling scanning costs and optimizing accuracy. This flexibility and control enables enterprises to initiate comprehensive scans without installing or managing software. It also allows enterprises to initiate application assessments for selected applications, configure and execute the assessments and generate interactive, in-depth management reports. Its SaaS delivery has quickly become a preferred approach for enterprise application security teams that lack the time, budget and security staff to implement in-house web application security programs. For more information on the NTOSpider On-Demand Continuous Site Monitoring feature visit http://www.ntobjectives.com/services/ondemand-saas-security-scanning/

To learn about NT OBJECTives’ comprehensive suite of web application security solutions or to read about NTOSpider On-Demand’s continuous scanning feature for improved application security testing, visit www.ntobjectives.com or call 1-877-NTO-WEBS (1-877-686-9327).

Click to Tweet: @ntobjectives introduces continuous monitoring for #webappsec with NTO On-Demand http://bit.ly/19KxV6u

About NT OBJECTives, Inc.

NT OBJECTives, Inc. (NTO) is a provider of most automated, comprehensive and accurate web application security software, services and SaaS. NTO’s customizable suite of solutions includes application security testing, SaaS scanning and in-depth consulting services to help companies build the most comprehensive, efficient and accurate web application security program. NT OBJECTives is privately held with headquarters in Irvine, CA. For more information, visit http://www.ntobjectives.com/ or follow us on Twitter at @ntobjectives or @dan_kuykendall.

Article source: http://www.darkreading.com/applications/nt-objectives-rolls-out-continuous-web-a/240161477

Waterloo, ON – BlackBerry (NASDAQ: BBRY; TSX: BB) today introduced the new BlackBerry Z30 smartphone, BlackBerry’s biggest, fastest and most advanced smartphone. Featuring BlackBerry 10 OS version 10.2, the new all-touch BlackBerry Z30 smartphone comes with a beautiful 5″ display and the largest battery yet on a BlackBerry smartphone. It is designed to keep you hyper connected, productive and always in control, and lets you share like you’re there and collaborate with ease.

“The new BlackBerry Z30 smartphone builds on the solid foundation and engaging user experience of the BlackBerry 10 platform with features like the powerful BlackBerry Hub, its exceptional touchscreen keyboard and industry leading browser,” said Carlo Chiarello, Executive Vice President for Products at BlackBerry. “The smartphone rounds out the BlackBerry 10 portfolio and is designed for people looking for a smartphone that excels at communications, messaging and productivity. Having apps like the full Documents To Go suite that comes preinstalled, together with its 5″ touch display, the BlackBerry Z30 smartphone gives you a best in class productivity experience on the go.”

The new BlackBerry Z30 smartphone comes with BlackBerry 10 OS version 10.2, which includes hundreds of refinements plus many new features that help you be more productive. Among key features are:

BlackBerry Priority Hub – BlackBerry Hub is the one place to manage all your conversations and notifications. The new BlackBerry Priority Hub can now learn what conversations and what people are important to you making it fast and easy to find the messages and information you need. It collects priority messages across your email, social networking and other accounts and gives you instant access to the conversations most important to you to help you stay organized and focused on the most important tasks.

BBMtrade Now in Any App and Message Previews Everywhere – BlackBerry 10 OS version 10.2 continues to refine the unique communications experience of the platform. You can now get a preview of any message as it arrives in whatever app you’re using, and immediately dismiss it or tap it to read the full content and respond. If a BBM message arrives, you can instantly reply to the message without even leaving the app you’re in. In addition, if your phone is locked, you can tap the various icons on the Lock Screen to see an instant preview of your most recent messages and notifications.

5″ Super AMOLED Display – The BlackBerry Z30 smartphone features the latest in display technology with a 5″ Super AMOLED display that makes whatever you’re running larger, clearer and more vivid. The smartphone also houses many top of the line components, including a 1.7 GHz processor with quadcore graphics that makes browsing web pages faster and games more detailed.

Stereo Audio and BlackBerry Natural Sound – The BlackBerry Z30 smartphone comes with stereo speakers that immerse you in your music, videos, apps and games, and makes conversations sound like you’re face-to-face. BlackBerry Natural Sound is new technology exclusive to BlackBerry and part of BlackBerry 10 OS version 10.2 that makes BBM Voice and BBM Video chats sound more natural and realistic. BlackBerry Natural Sound lets you hear nuances and variations in tone, making conversations sound like you’re in the same room.

New Antenna Technology – The BlackBerry Z30 smartphone features BlackBerry’s new generation antenna technology that dynamically tunes reception to give you better connectivity in low signal areas. BlackBerry Paratek Antenna can give you faster data transfers and fewer dropped calls in low signal areas, keeping you connected in more places.

Longer Battery Life – The BlackBerry Z30 smartphone includes a 2880 mAh battery, the largest battery ever built into a BlackBerry smartphone. Combined with the battery enhancements in BlackBerry 10 OS version 10.2, you can get up to 25 hours of mixed use* to keep you moving from dawn ’til dawn.

The BlackBerry Z30 smartphone will roll out from select carriers and retailers around the world beginning next week in the UK and Middle East, and all other regions going into the holiday season. Specific pricing and availability will be announced by partners at the time of their respective launches. A variety of accessories including cases and chargers will also be available.

Subject to carrier approvals, BlackBerry 10 OS version 10.2 is expected to be available for the BlackBerry Z10, BlackBerry Q10 and BlackBerry Q5 smartphones beginning mid-October.

For more information about the BlackBerry Z30 smartphone, please visit www.blackberry.com/blackberryz30. To view a video of the new smartphone, visit http://www.youtube.com/watch?v=cQVKISYQ31s and for “How To” videos, visit http://demos.blackberry.com/blackberry-z30/na/ca/gen/index.html.

* Based on mixed usage scenario. Many factors affect battery life, including network connectivity, application usage, feature configuration and battery age. Actual results may vary.

About BlackBerry

A global leader in wireless innovation, BlackBerry revolutionized the mobile industry when it was introduced in 1999. Today, BlackBerry aims to inspire the success of our millions of customers around the world by continuously pushing the boundaries of mobile experiences. Founded in 1984 and based in Waterloo, Ontario, BlackBerry operates offices in North America, Europe, Asia Pacific and Latin America. BlackBerry is listed on the NASDAQ Stock Market (NASDAQ: BBRY) and the Toronto Stock Exchange (TSX: BB). For more information, visit www.blackberry.com.

Article source: http://www.darkreading.com/mobile/blackberry-announces-z30-smartphone-with/240161467

Facebook, which boasts over a billion users, is by far and away the largest social network in the world. In fact, many of us would be hard pressed to name any of our own contacts who are not already registered.

Lately, however, there’s been a trend for people to disconnect from the network. Specialised sites such as The Suicide Machine and Seppukoo (both now unavailable due to issues with the social giant) made it easy for users to delete their content and contacts before having a new and inaccessible password set on their behalf in order to block their return.

So why are people committing “virtual identity suicide”?

University psychologist Stefan Stieger, Ph.D, and his fellow researchers from the University of Vienna looked into this question. They spoke to around 300 current Facebook users and an equal number of quitters to see how they differed.

Their responses were used to assess measures focused on their level of concern over areas such as privacy and their tendency towards internet addiction.

The personalities of both those who remained on Facebook and those who had left were also looked at, with traits such as extroversion, neuroticism, agreeableness and conscientiousness recorded.

The university’s research revealed that the top four reasons why those studied had quit Facebook were:

• Concerns over privacy on the social site – 48.3%
• A general feeling of dissatisfaction with Facebook – 13.5%
• Meaningless conversations and negative interactions with friends – 12.6%
• The fear of becoming addicted to the social network – 6%

The analysis of personality types discovered that those who had quit Facebook tended to be older, conscientious males who had a general level of concern about privacy as well as a higher predisposition towards internet addiction. Beyond that, aspects of a user’s personality appeared to have no bearing on whether they committed “virtual suicide” or not.

The researchers wrote in the journal Cyberpsychology, Behavior, and Social Networking:

The present research is to our knowledge the first to focus on psychological characteristics of individuals leaving social networking sites (SNSs) by committing so-called virtual identity suicide. Compared to Facebook users, quitters had higher general concerns about privacy, higher internet addiction scores, and higher conscientiousness.

They also highlighted comments made by Facebook founder and CEO Mark Zuckerberg back in 2010 when he suggested that privacy was an outdated concept in today’s ever more connected world.

Perhaps, they suggested, many users did still indeed care about their privacy. So much so that it outweighed the benefits they saw in remaining on Facebook.

But this apparent increase in privacy awareness isn’t solely because of Facebook. As Brenda Wiederhold, editor of Cyberpsychology, Behaviour and Social Networking, puts it:

Given high-profile stories such as WikiLeaks and the recent NSA surveillance reports, individual citizens are becoming increasingly more wary of cyber-related privacy concerns. With photo tags, profiling, and Internet dependency issues, research such as Prof. Stieger’s is very timely.

What about you? Have you, or anyone you know, left Facebook because of concerns about privacy?

Follow @Security_FAQs

Follow @NakedSecurity

Image of exit sign courtesy of Shutterstock.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/xNQN0ZBEwdI/