Tag Archives: Customer

Ticketmaster breach part of worldwide card-skimming campaign

The attack that caused the Ticketmaster breach of customer information last month was actually part of a widespread campaign that’s affected more than 800 e-commerce sites.

According to researchers at the threat intelligence company RiskIQ Inc., the hacking group known as Magecart has been running a digital credit card-skimming campaign that targets third-party components of e-commerce websites around the world.

At the end of June, ticket sales company Ticketmaster disclosed that it had been compromised and user credit card data had been skimmed. A report by RiskIQ researchers Yonathan Klijnsma and Jordan Herman said the Ticketmaster breach was not an isolated incident, but was instead part of the broader campaign run by the threat group Magecart.

“The target for Magecart actors was the payment information entered into forms on Ticketmaster’s various websites,” Klijnsma and Herman wrote in a blog post. “The method was hacking third-party components shared by many of the most frequented e-commerce sites in the world.”

A digital credit card skimmer, according to RiskIQ, uses scripts injected into websites to steal data entered into forms. Magecart “placed one of these digital skimmers on Ticketmaster websites through the compromise of a third-party functionality supplier known as Inbenta,” the researchers said, noting specifically that Ticketmaster’s network was not directly breached.

RiskIQ has been tracking the activities of Magecart since 2015 and said attacks by the group have been “ramping up in frequency and impact” throughout the past few years, and Ticketmaster and Inbenta are not the only organizations that have been affected by this threat.

According to Klijnsma and Herman, Inbenta’s custom JavaScript code was “wholly replaced” with card skimmers by Magecart.

“In the use of third-party JavaScript libraries, whether a customized module or not, it may be expected that configuration options are available to modify the generated JavaScript. However, the entire replacement of the script in question is generally beyond what one would expect to see,” they wrote.

RiskIQ also noted that the command and control servers to which the skimmed data is sent has been active since 2016, though that doesn’t mean the Ticketmaster websites were affected the entire time.

The Ticketmaster breach is just “the tip of the iceberg” according to Klijnsma and Herman.

“The Ticketmaster incident received quite a lot of publicity and attention, but the Magecart problem extends to e-commerce sites well beyond Ticketmaster, and we believe it’s cause for far greater concern,” they wrote. “We’ve identified over 800 victim websites from Magecart’s main campaigns making it likely bigger than any other credit card breach to date.”

In other news:

  • The U.K.’s Information Commissioner’s Office (ICO) is fining Facebook £500,000 — more than $600,000 — for failing to protect its users’ data from misuse by Cambridge Analytica. The ICO is also going to bring criminal charges against the parent company of Cambridge Analytica, which gathered the data of millions of Americans before the 2016 presidential election. The ICO has been investigating data privacy abuses like the one by Cambridge Analytica — which has since gone out of business — and its investigations will continue. The fine brought against Facebook is reportedly the largest ever issued by the ICO and the maximum amount allowed under the U.K.’s Data Protection Act.
  • Apple will roll out USB Restricted Mode as part of the new version of iOS 11.4.1. USB Restricted Mode prevents iOS devices that have been locked for over an hour from connecting with USB devices that plug into the Lightning port. “If you don’t first unlock your password-protected iOS device — or you haven’t unlocked and connected it to a USB accessory within the past hour — your iOS device won’t communicate with the accessory or computer, and, in some cases, it might not charge,” Apple explained. Apple hasn’t provided the reason for this feature, but it will make it more difficult for forensics analysts and law enforcement to access data on locked devices.
  • Security researcher Troy Hunt discovered an online credential stuffing list that contained 111 million compromised records. The records included email addresses and passwords that were stored on a web server in France. The data set Hunt looked at had a folder called “USA” — though it has not been confirmed whether or not all the data came from Americans — and the files had dates starting in early April 2018. “That one file alone had millions of records in it and due to the nature of password reuse, hundreds of thousands of those, at least, will unlock all sorts of other accounts belonging to the email addresses involved,” Hunt said. The site with this information has been taken down, so it’s no longer accessible. Hunt also said there’s no way to know which websites leaked the credentials and suggests users implement password managers and make their passwords stronger and more unique.

Believe it or not, CIOs need a digital customer experience strategy

Whether or not a company is born digital, delivering a quality digital customer experience has emerged as a key performance indicator for technology leaders.

So say the CTO at Kayak, the CIO at DBS Bank, and the CIO at Adobe Systems Inc., who expounded on this idea during a panel discussion at the recent MIT Sloan CIO Symposium. Simply put: Customer satisfaction equates to company success, and technology such as artificial intelligence is the link between the two.

The three technology leaders are aggressively helping build a digital customer experience strategy that benefits both customers and the company. Doing this requires collecting data on how customers interact with the company and then finding ways to make those interactions more efficient — and more intelligent. Here is what each had to say about using advanced technology to monitor, enhance and capitalize on customer experience.

The error budget

One of the most practical pieces of advice on creating an effective digital customer experience strategy came from David Gledhill, group CIO and head of group technology and operations at DBS Bank in Singapore. He encouraged the audience to follow his lead and steal Google’s concept of an “error budget,” which can help companies strike a balance between moving fast and keeping customer service top of mind.

DBS Bank, AI, MIT CIO SymposiumDavid Gledhill

The error budget, a concept that’s evolving at DBS Bank, is a joint key performance indicator between technology and operations “to gauge and monitor customer experience” on digital platforms, according to Gledhill. “Every time a customer gets a performance degradation or [experiences] a struggle, it counts against the platform,” he said. Whatever those strikes are — be they performance issues or incomplete transactions — the company should determine a threshold and “round everything up to a single number,” Gledhill said.

Once the strikes against the digital platform hit the error threshold, developers have to stop and “refocus their efforts on solving those customer pain point interactions,” Gledhill said. He pointed audience members to Google’s book Site Reliability Engineering: How Google Runs Production Systems for more information.

Mapping the ‘customer journey’

Cynthia Stoddard, senior vice president and CIO at Adobe, said AI and machine learning have always been a part of the software company’s products. “We refer to it as the Adobe magic,” she said.

But what the company is attempting to do now is to use those tools to improve the customer’s experience with Adobe products — especially with its Creative Cloud. “What we want to be able to do with it is really unleash the power and let our customer have access to it so that we can remove the mundane and let people focus on the creativity,” Stoddard said.

Our view of the world with AI, from a product perspective, is more of a Harry Potter view of the world. We want to do good things and help people do their tasks quicker.
Cynthia StoddardSVP and CIO, Adobe

Part of Adobe’s digital customer experience strategy is to map a customer’s “journey” across its product set, which can help illuminate both customer friction points as well as repetitive activity that might be ripe for automation. “Our view of the world with AI, from a product perspective, is more of a Harry Potter view of the world,” she said. “We want to do good things and help people do their tasks quicker.”

Stoddard said she uses an “outside-in” approach to understand the customer’s perspective by “looking at their journey points and ensuring that we remove all friction points,” she said. But she also said it’s important to look at the world from an inside-out perspective, which focuses on designing for enterprise scale and efficiency.

When the two perspectives conflict, “the customer comes first,” she said.

A hybrid approach

Giorgos Zacharia, CTO and chief scientist at Kayak, demystified AI and machine learning as computational statistics with more computational power. “To me, there is nothing magic about it,” he said.

At Kayak, the digital customer experience strategy is the strategy for the company, according to Zacharia. “The dominant metric is completion of transaction — has the user found what they’re looking for?” he said.

Kayak, data science, AI, MIT CIO SymposiumGiorgos Zacharia

But as Kayak’s developers experiment with how to better serve their users, their ideas can sometimes produce an undesirable result. “If you change the user experience way too much, the users might be taken aback,” Zacharia said. “And it takes time to retrain them.”

This happened recently when Kayak developers implemented a machine learning algorithm for sorting flights. Rather than sorting by price, the algorithm sorted by likelihood that a customer would complete a transaction. “For some users, the snackers, we call them, those who run a search to see what the current prices are, they were taken aback that they didn’t see the cheapest price on top,” he said.

Zacharia and his team addressed the issue with a hybrid approach — the cheapest fare is on top and the rest of the results are sorted by likelihood of conversion. “It works for the user — for now,” he said.

SAP C/4HANA hopes to tie together front and back office

ORLANDO, Fla. — SAP is setting its sights on Salesforce with a new suite of customer experience products called SAP C/4HANA.

Unveiled at the opening keynote here at SAP Sapphire Now, SAP C/4HANA brings together SAP’s marketing, commerce, sales and service cloud products, sitting them all atop its Customer Data Cloud and embedding machine learning with SAP Leonardo.

“SAP was the last to accept the status quo, and SAP will be the first to change it,” said Bill McDermott, CEO for SAP. “We’re moving from a 360-degree view of sales automation to a 360-degree view of the customer. The entire supply chain is connected to customer experience.”

SAP is hoping that by connecting back-office capabilities with SAP ERP products to the front office, the company can provide an end-to-end experience for its users — something that few vendors can offer. SAP executives called the release of SAP C/4HANA a reflection point for SAP and the CRM industry.

“The roadmap for Hana and S/4Hana gave us what we needed to connect the back office to the front office,” McDermott said.

In addition to connecting back-office functionality, SAP’s new CX suite was also spurred by the separate acquisitions of Hybris, Gigya and CallidusCloud, which added the capabilities necessary to bring together these products.

“The goal is a single view of the customer,” said Alex Atzberger, president of customer experience for SAP. “With the acquisition of Gigya, we manage 1.3 billion profiles, and this is what’s happening in CRM. It’s about effectiveness and efficiency and how can you effectively target and engage a particular customer.”

Atzberger added that this customer engagement needs to keep the customer in mind first and foremost, meaning it can’t be creepy when it comes to courting a customer, but rather provide users with the tools to move a customer along the entire marketing, sales and service pipeline.

We’re moving from a 360-degree view of sales automation to a 360-degree view of the customer.
Bill McDermottCEO, SAP

It has been a long-standing goal of SAP’s to combine its industry-leading ERP tools with its CRM tools — being the first major vendor to combine front- and back-office capabilities — and while time will tell whether SAP can achieve this with C/4HANA, it appears the company is on the right track.

“They’ve been saying this for years, so what changed? I really think they’re finally executing on what they want to do and the architecture caught up and the acquisitions helped tie it together,” said Sheryl Kingstone, research vice president at 451 Research. “This ties to their cloud platform, and it was critical for that vision they have to connect the dots. These are things that Salesforce is trying to figure out in regards to the 360-degree customer view.”

While SAP admitted it was slow to adapt to this modern view of the customer, it’s hoping that by stringing together this suite of applications, it can provide the customer experience businesses are vying for.

“It’s not only about connecting that end-to-end chain, but also to give the best user experience in the industry,” McDermott said. “SAP is capable of doing this, and now we’re ready.”

The importance of SAP’s various acquisitions over the past couple of years can’t be understated when it comes to creating SAP C/4HANA. The 2017 purchase of Gigya for $350 million became the data management platform for SAP, helping customers maintain and protect customer data. The SAP acquisition of CallidusCloud earlier this year for $2.4 billion gave the company a modern, cloud-based sales, quote-to-cash and customer experience product that helps round out those front-office offerings that can complement SAP’s existing ERP products.

“The Gigya acquisition is really essential for that vision of [customer identification]. And managing that identity in a secure environment — especially with GDPR — is critical,” Kingstone said. “That plus bringing in their data management capabilities and machine learning with SAP Leonardo — if they can pull this off, that’s the next generation in a modern architecture.”

Pricing information regarding SAP C/4HANA wasn’t released at the unveiling.

Laptop 14″ or bigger

currently I have this one HP ProBook 4525s Notebook PC – Specifications | HP® Customer Support

Looking to upgrade but not wanting to spend 100s

Need one ready to go with all the usual software so kids can do homework etc.

Not really that clued up on specs etc so please keep it simple lol.

Location: Nelson

______________________________________________________
This message is automatically…

Laptop 14″ or bigger

or Trade HP Laptop i7-7500U , 8GB RAM, 1TB HDD, Shared GPU

Hi All

im selling the following laptop:

HP Notebook – 15-ay168sa Product Specifications | HP® Customer Support

Product number
Z3C97EA
Product name
HP Notebook – 15-ay168sa
Microprocessor
Intel® Core™ i7-7500U (2.7 GHz, up to 3.5 GHz, 4 MB cache, 2 cores)
Memory, standard
8 GB DDR4-2133 SDRAM (1 x 8 GB)
Video graphics
Intel® HD Graphics 620
Hard drive
1 TB 5400 rpm SATA
Optical…

or Trade HP Laptop i7-7500U , 8GB RAM, 1TB HDD, Shared GPU

or Trade HP Laptop i7-7500U , 8GB RAM, 1TB HDD, Shared GPU

Hi All

im selling the following laptop:

HP Notebook – 15-ay168sa Product Specifications | HP® Customer Support

Product number
Z3C97EA
Product name
HP Notebook – 15-ay168sa
Microprocessor
Intel® Core™ i7-7500U (2.7 GHz, up to 3.5 GHz, 4 MB cache, 2 cores)
Memory, standard
8 GB DDR4-2133 SDRAM (1 x 8 GB)
Video graphics
Intel® HD Graphics 620
Hard drive
1 TB 5400 rpm SATA
Optical…

or Trade HP Laptop i7-7500U , 8GB RAM, 1TB HDD, Shared GPU

or Trade HP Laptop i7-7500U , 8GB RAM, 1TB HDD, Shared GPU

Hi All

im selling the following laptop:

HP Notebook – 15-ay168sa Product Specifications | HP® Customer Support

Product number
Z3C97EA
Product name
HP Notebook – 15-ay168sa
Microprocessor
Intel® Core™ i7-7500U (2.7 GHz, up to 3.5 GHz, 4 MB cache, 2 cores)
Memory, standard
8 GB DDR4-2133 SDRAM (1 x 8 GB)
Video graphics
Intel® HD Graphics 620
Hard drive
1 TB 5400 rpm SATA
Optical…

or Trade HP Laptop i7-7500U , 8GB RAM, 1TB HDD, Shared GPU

C3 IoT and Microsoft announce strategic partnership to accelerate AI in the enterprise

C3 IoT Platform to increase customer value, provide more intelligent business solutions with Microsoft Azure as a preferred cloud provider

REDWOOD CITY, Calif. and REDMOND, Wash. – April 10, 2018 – C3 IoT and Microsoft Corp. announced Tuesday a strategic partnership to deliver new technology developments and go-to-market initiatives that accelerate enterprise AI and IoT application development.

As part of this partnership, the companies will create a “better together” solution, comprising the C3 IoT Platform™, a low-code, high-productivity PaaS for scaling AI and IoT across enterprises, fully integrated to operate on Microsoft Azure. C3 IoT will leverage Microsoft Azure as a preferred cloud platform and tap into the power of its intelligent capabilities. The companies will conduct co-marketing and co-selling strategies that rapidly scale distribution globally, as well as intensive training for dedicated teams to speed customers’ time to value.

Close collaboration between Microsoft and C3 IoT will help enable customers to more rapidly develop and deploy AI-based applications for transformative use cases, such as AI predictive maintenance, dynamic inventory optimization, precision healthcare and CRM.

“The partnership between Microsoft and C3 IoT is significant in that it allows us to optimize our existing investments in data infrastructure while accelerating time to value of AI-based applications that enable Shell to better serve our customers with even more agility and efficiency,” said Erik Betz, Vice President, Architecture, Platforms, and Data, Shell.

“With this partnership, two market leaders are joining forces to drive digital transformation at the world’s leading organizations,” said Thomas M. Siebel, C3 IoT CEO. “Combining the market reach of Microsoft, the amazing power of Microsoft Azure, and the capability of the C3 IoT AI platform, we will dramatically accelerate the adoption of AI, IoT, and elastic cloud computing globally.”

“C3 IoT has an exciting vision, proven technology, and demonstrated customer success across industries, making them a great partner for implementing 3M’s digital transformation initiatives,” said H.C. Shin, 3M Vice Chair and Executive Vice President. “With tangible business results from the initial predictive healthcare and supply chain analytics applications, we plan on scaling the C3 IoT and Microsoft Azure solution across our enterprise. In this way, 3M is combining data science into material science, transforming how we design and deliver products and better serve our customers.”

“AI is one of the most transformative technology paradigms of our time in its ability to empower companies, societies, and economies to achieve more,” said Judson Althoff, Executive Vice President, Worldwide Commercial Business, Microsoft. “C3 IoT’s proven technology and strong customer relationships make them an ideal partner in helping drive forward AI-based solutions built on the intelligent cloud.”

The C3 IoT Platform is now available on Microsoft Azure and fully integrated with a rich set of Azure services, including Azure IoT Hub, Azure Machine Learning, and big data and advanced analytics solutions.

About Microsoft

Microsoft (Nasdaq “MSFT” @microsoft) enables digital transformation for the era of an intelligent cloud and an intelligent edge. Its mission is to empower every person and every organization on the planet to achieve more.

About C3 IoT

C3 IoT is the world’s leading AI and IoT software platform for digital transformation. C3 IoT delivers a comprehensive platform as a service (PaaS) for the rapid design, development, and deployment of the largest-scale big data, predictive analytics, AI, and IoT applications for any business value chain. C3 IoT also provides a family of configurable and extensible SaaS products developed with and operating on its PaaS, including predictive maintenance, fraud detection, sensor network health, supply chain optimization, investment planning, and customer engagement.

MEDIA CONTACTS

C3 IoT Contact:

Kim Dion, Corporate Public Relations

(650) 503-2200; PR@C3IoT.com

Microsoft Contact:

Microsoft Media Relations, WE Communications for Microsoft

(425) 638-7777; rrt@we-worldwide.com

 

The post C3 IoT and Microsoft announce strategic partnership to accelerate AI in the enterprise appeared first on Stories.

ThousandEyes-Juniper pact focuses on hybrid WANs

ThousandEyes has deployed its network performance monitoring agents on routers and customer premises equipment, or CPE, made by Juniper Networks to improve visibility for hybrid WANs and other extended networks.

ThousandEyes software, running as virtual network functions on NFX250 branch routers, will support a wide range of capabilities, the companies said, including gauging network health and confirming traffic paths. Among other capabilities, the agents probe latency and bandwidth, monitor MPLS and automate outage detection. They also can report connection errors for FTP, HTTP, Session Initiation Protocol and Real-Time Transport Protocol-based applications, and carry out root-cause analysis for problems stemming from domain name system and Border Gateway Protocol routing.

The proliferation of hybrid WANs, SD-WAN and SaaS offerings, as well as ongoing consolidation of data centers, means enterprises face visibility challenges with their extended networks. The addition of ThousandEyes’ software is aimed at eliminating some of those challenges, said Mihir Maniar, vice president of product management for Juniper Networks. 

“As more and more of our customers move to cloud-centric networks to realize its cost and agility promises, the migration — often to a hybrid public-private environment — can also bring new network blind spots that, if left unchecked, can wreak havoc on service delivery, application development, SLAs [service-level agreements] and the overall end-user experience,” Maniar said in a statement.

Cloud revenues soar 25% in Q3: IDC

Sales of cloud infrastructure products, such as Ethernet and servers, surged in the third quarter of 2017, growing 25.5% year over year and reaching $11.3 billion, according to the most recent study by IDC. The firm’s Worldwide Quarterly Cloud IT Infrastructure Tracker found that public cloud investments fueled most of the sales increase, representing 68% of all cloud IT infrastructure sales during the quarter. Storage platforms generated the highest growth, with revenue up 45% over the same quarter in 2016.

IDC said all regions of the world, except for Latin America, experienced double-digit growth in cloud infrastructure spending, with the fastest growth in Asia-Pacific and in Central and Eastern Europe. Private cloud revenues reached $3.6 billion, an annual increase of 13.1%. Noncloud IT infrastructure sales, meantime, rose 8% to $14.2 billion.

“2017 has been a strong year for public cloud IT infrastructure growth, accelerating throughout the year,” said Kuba Stolarski, research director for computing platforms at IDC, in a statement.

“While hyperscalers such as Amazon and Google are driving the lion’s share of the growth, IDC is seeing strong growth in the lower tiers of public cloud and continued growth in private cloud on a worldwide scale,” he added.

New Intel and AMD platforms launched in 2017 will provide a further boost to the cloud segment, Stolarksi said, as providers and enterprises take steps to upgrade their IT infrastructures.

Lambda MSA issues preliminary optical specification

The 100G Lambda Multi-Source Agreement, or MSA Group, released preliminary interoperability specifications based on 100 Gbps pulse amplitude modulation 4-based optical technology. The new optical interface specification is intended for next-generation networking equipment and is suitable for tasks requiring increased bandwidth and greater bandwidth density.

In addition to ensuring optical receivers from multiple vendors can work together, the new spec increases the distances supported by both 100 Gigabit Ethernet and 400 GbE  systems from the 500 meters currently specified in the IEEE 802.3 Ethernet standard to up to 10 kilometers for 100 GbE and up to 2 kilometers over duplex single-mode fiber for 400 GbE.

The Lambda MSA group is comprised of major networking vendors, such as Arista Networks, Broadcom, Cisco and Juniper Networks, as well as major enterprises, such as Alibaba and Nokia. Final specifications will be released later in 2018, the MSA Group said.