news.buyenne.com

More than 36 organizations—some in the gas, telecommunications, and steel manufacturing industries—have been breached by attackers exploiting a vulnerability in older SAP business applications that gives them remote access to highly confidential data, the US government-sponsored CERT warned Wednesday.

The attacks were carried out over the past three years by attackers exploiting the "invoker servlet," which is a set of functions in SAP applications that allows users to run Java applications without use of a password or other authentication measure. Attackers outside the targeted organizations have abused the feature to gain access to sensitive data and possibly to take control over servers that process the data, according to researchers at security firm Onapsis.

"The exploitation of this vulnerability gives remote unauthenticated attackers full access to the affected SAP platforms, providing them with complete control of the business information and processes run by them, as well as potentially further access to connected SAP and non-SAP systems," company researchers wrote in a blog post published Wednesday.

(credit: Dan Pisut/NOAA NNVL)

El Niño and La Niña may have diminutive names, but anyone who keeps an eye on climate news or weather reports knows their impact around the globe isn’t small. Like a mythical two-faced beast, the El Niño Southern Oscillation (ENSO) seems to have a mind of its own. Currently, we can’t forecast which one we’re going to get much more than a few months before it appears. So it’s interesting to look back and ask why an expected El Niño fizzled in 2014. It turns out the answer also helps explain why the current El Niño grew into such a monster.

The El Niño Southern Oscillation relates to the pattern of sea surface temperatures along the equatorial Pacific Ocean. In neutral conditions, the westward-blowing trade winds push surface waters aside, uncovering deeper, colder water along the South American coastline that wells up to the surface. Warmer surface water piles up on the other side of the Pacific, near the Philippines.

In a La Niña, more cold water is brought up in the east and the cool area spreads to the west. Conversely, an El Niño occurs when the warm water from the west sloshes eastward, putting a lid on the upwelling of cold water near South America. The different sizes and positions of these warm and cool patches of ocean water shift weather patterns around the globe, and help drive the global average surface temperature.

Author's approximation of what VR on Chrome might look like. (A little too literal? Whatever.)

The ongoing virtual reality battles aren’t just being waged on the hardware side. Software firms are making a big play for the platform—particularly the ones making 3D engines, which game and app makers are heavily relying on to help them create optimized content that looks good and runs at a crisp 90 frames-per-second refresh.

While Unity and Unreal have fetched the most headlines about VR 3D engines, Google might have a surprising game-changer on its hands: the Chrome Web browser.

A Wednesday report from Road to VR surfaced a late-April speech from Google software engineer Boris Smus, and that speech stood out because it stressed efforts by the Chrome team to finally support a 90 frames-per-second refresh for systems such as the HTC Vive and Oculus Rift. Up until recently, the burgeoning WebVR platform had been capped at 60 FPS, which doesn’t reach the necessary visual-smoothness threshold needed to ensure comfort for VR users.

James Comey (right) is the director of the FBI.

The head of the FBI said Wednesday that the government will bring more legal cases over encryption issues in the near future, according to Reuters.

Speaking with reporters at FBI headquarters in Washington, FBI Director James Comey specifically said that end-to-end encryption on WhatsApp is affecting the agency’s work in "huge ways." However, he noted the FBI has no plans to sue Facebook, the app’s parent company.

He also said that since October 2015, the FBI has examined "about 4,000 digital devices" and was unable to unlock "approximately 500."

(credit: Wikimedia)

Things aren’t going well for two of the country’s top health agencies—the National Institutes of Health and the Centers for Disease Control and Prevention.

Tuesday, USA Today reported that the CDC has repeatedly faced secret federal sanctions over the mishandling of bioterror pathogens in several of its labs. The report, which came about only after USA Today won a Freedom of Information Act appeal, reveals that the CDC is one of just a handful of facilities that had a lab suspended after serious safety violations were found. The CDC acknowledged after the FOIA appeal that its labs have gotten into trouble with federal regulators six times for unsafely handling bacteria, viruses, and/or toxins that are considered potential bioterror weapons.

The agency refused to reveal the specific labs and most of the bioterror agents involved in the mishaps, citing security reasons and the federal Bioterrorism Act. However, it vaguely described issues such as “sending improperly killed select agent pathogens to entities not approved to receive them” and storing potential bioterror weapons in “un-registered” spaces within CDC labs. The CDC said that one of the incidents involved Japanese encephalitis virus, which can cause deadly brain inflammation. The agency was quick to note that the virus is no longer considered a potential bioterror weapon by the government.

Last night, a new Windows 10 Insider Preview unexpectedly made its way onto the Internet after Microsoft accidentally started releasing it to end users while sending it to Windows Update.

The new build, 14342, takes some big steps forward in Edge's extension support. Previously, extensions in the Edge browser had to be manually downloaded and installed. Now they are installed and updated in the same way as Universal Windows Apps. The number of extensions available for Edge has also grown, with a couple of ad blockers now joining the fray.

With this build, Microsoft is starting to bring back some of the more tablet-oriented features that were in Windows 8 but removed from Windows 10. Swipe navigation in the browser is now back, allowing you to navigate back and forward just by swiping the page left and right. The next Mobile build will also include this capability.

Hyperloop One

Here's a look at the sled Hyperloop One is testing in North Las Vegas today.

4 more images in gallery

The test of Hyperloop One's propulsion system is just one step of many on the path to achieve a dream put forth by Tesla and SpaceX CEO Elon Musk, who first drew up a plan to transport people at 760mph in low-pressure tubes in 2013. Musk decided not to pursue this business venture, which he called Hyperloop, but his whitepaper spawned two rival Hyperloop companies and an international student engineer competition.

Hyperloop One, formerly known Hyperloop Technologies, announced its name change on Tuesday, hoping to differentiate itself from Hyperloop Transportation Technologies (HTT), which has also made considerable headway in research and development of such a transportation system. HTT announced on Monday that it had exclusively licensed passive magnetic levitation technology that would serve to keep Hyperloop pods off the track, minimizing friction as they speed through a tube.

Jonathan Schwartz in 2004 at the JavaOne conference. (Photo by Noah Berger/Bloomberg via Getty Images) (credit: Noah Berger/Bloomberg via Getty Images)

SAN FRANCISCO—Former Sun CEO Jonathan Schwartz took the stand today in the second Oracle v. Google trial, testifying about the Java language and APIs, including how they were used in the market.

After a brief overview of his career path, Schwartz launched into a discussion about Java, the software language that Sun created and popularized. It's critical testimony in the Oracle v. Google lawsuit, in which Oracle claims that Google's use of Java APIs, now owned by Oracle, violates copyright law. Oracle is seeking up to $9 billion in damages.

Was the Java language, created by Sun Microsystems in the 1990s, "free and open to use," Google lawyer Robert Van Nest asked?