Mediaboss Marketing

WASHINGTON, May 15, 2017 /PRNewswire/ -- MyCollege Connectis a mobile app designed to easily connect college students with fellow students and faculty members. It was envisioned by a Virginia startup,College Connect LLC, which hired Simpalm, a leading app development company in DC. The MyCollege Connect app enables students to discover and connect with faculty and students in shared and similar courses and programs. Once connected, students and faculty can easily share chat sessions, event information, news, assignment deadlines, files, and other information and resources.

MyCollege Connect isn't simply a social tool, it is a competitive edge for students who are keenly interested in knowing without delay the latest information about assignment requirements, deadlines, test dates, resources, and essential planning details. Students can link their MyCollege Connect account to a college or specific school, broadening or narrowing their community network.

How Does It Work?

MyCollege Connect is a feature-rich platform with a built-in chat platform, discussions forum, and status-notification display. Students can use the app to share and respond to status posts, questions, invitations, and discussion items. Planned attendance of classes, program activities, and events can be tracked and recorded. A Class Feed makes it easy to share files and resources with fellow students and faculty members.

Important Features For Students and Faculty members:

The native iOS app can be downloaded from the App Store using the link below:

https://itunes.apple.com/us/app/mycollegeconnect/id1200453931?mt=8

About Simpalm:

Simpalm is a Mobile Application Development Company founded in 2009 to bring more efficiency and mobility to the world. With offices in Bethesda and Chicago,Simpalm designs, develops, deploys, and supports mobile applications and responsive websites for clients both small and large. Simpalm delivers end-to-end services including UI/UX design, development, testing, deployment, and support. It has highly skilled iOS, iPhone app developers,Android Application Developers, iPad app developers, HTML5 developers, and the business experience and technical acumen necessary to build mobile apps for any industry or vertical market. Simpalm uses Amazon AWS, LAMP and Windows Azure to build cloud-based backend support for web and mobile applications. In addition to native apps, it builds applications and websites using cross-platform technologies such as Titanium, Xamarin and Phonegap. Simpalm develops solutions for startups, SMBs, regional and global enterprises, and Government offices, agencies and departments. Among its clients are Flextronics USA, Forte Payment Systems, Bed Bath & Beyond, Blue Cross/Blue Shield, and Cantada.

Media Contact

NishantJain nishant@simpalm.com

Related Links

http://www.simpalm.com/applications/mycollege-connect

To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/simpalm-develops-and-launches-college-social-networking-app-for-virginia-based-startup-300457224.html

SOURCE Simpalm

http://www.simpalm.com

See the article here:
Simpalm Develops and Launches College Social Networking App for Virginia-Based Startup - PR Newswire (press release)

Microsoft President Brad Smith speaks at the annual Microsoft shareholders meeting on Nov. 30, 2016, in Bellevue, Wash. Elaine Thompson/AP hide caption

Microsoft President Brad Smith speaks at the annual Microsoft shareholders meeting on Nov. 30, 2016, in Bellevue, Wash.

Microsoft has had a whirlwind last few days. The company's operating system, Windows, was the target of a massive cyberattack that took down hundreds of thousands of computers across 150 countries. While it's too soon to say the worst is over there could be another wave the president of the company does have two big takeaways.

One takeaway is sexy, edgy. The other is boring, plain vanilla but no less important to Brad Smith, president of Microsoft.

Let's start there.

Simple maintenance would solve a lot of problems

"We need to make it as easy as we can for people to patch their systems, and then customers have to apply those patches," Smith says.

Patching! That's it. Instead of hitting "ignore, ignore" when a pop-up on your screen asks, "Do you want to install a critical update and reboot?" You should just do it. Two months ago, Microsoft released the patch that could have prevented the outbreak. But because so many companies didn't apply it, the so-called WannaCry attack spread like cholera.

Some victims were using computers that run on Windows XP, a 16-year-old operating system. In digital years, that's old.

"It's worth remembering Windows XP not only came out six years before first iPhone. It came out two months before the very first iPod. Think about how antiquated that feels to us today," Smith says.

Because this attack is so contagious it self-propagates, slithering from computer to computer without any human help Microsoft decided it had to build a patch for that antique system too. Microsoft also found itself giving tech support to one more unusual group: thieves, people who used pirated, illegal copies of Windows.

Smith does not want to make a habit of that, but he says, "It was the right thing to do for this particular incident."

Microsoft calls for a "Digital Geneva Convention"

The Microsoft president's second takeaway is not about what businesses of every size need to do. It's about what intelligence agencies, like the CIA and the NSA, need to do.

"A lot has changed in the world just in the last 12 months," Smith says. "We've seen a huge focus on nation-state hacking by other countries including Russia and North Korea."

According to a New York Times report, North Korea may be behind this recent attack. And according to many security researchers, the attack method was first developed inside the NSA. Criminals got a hold of it and tweaked it.

Many countries are racing to create more cyber weapons. Smith says there's a real risk that criminals will steal them. He'd like governments to limit the creation of cyber weapons, just like they did for nuclear weapons. Microsoft wants a "Digital Geneva Convention" he explains, "something that would commit governments to do less hoarding of exploits and vulnerabilities, do more to work with software vendors so that we can all keep systems secure."

Meaning, as he wrote in a blog post this past weekend, agencies like that NSA should have a "new requirement" to report vulnerabilities they find to software makers like Microsoft, instead of stockpiling or selling or exploiting them.

"This is not a conversation that has even begun, at least with the general public," Smith says.

McAfee's Grobman counters Smith's position

Steve Grobman, chief technology officer at McAfee, which makes the popular antivirus software, disagrees with Smith. "Microsoft has a very strong position that is an absolute, whereas my position is a little bit more balanced," he says.

Grobman says governments should stockpile cyber weapons in some instances. For example, we're fighting a war and our military needs to take down a power plant, and there are only two options: "to drop a bomb on it, or to use a cyberattack to temporarily disable it. The cyberattack can in many cases limit the amount of loss of life."

Clearly, there is a difference of opinion among tech leaders. Though Grobman agrees with his colleague at Microsoft: These last few days, battling the WannaCry attack, have been very long.

Read the rest here:
Microsoft's President Reflects On Cyberattack, Helping Pirates And The NSA - NPR

Enlarge / A cryptocurrency mining farm.

On Friday, Ransomware called WannaCry used leaked hacking tools stolen from the National Security Agency to attack an estimated 200,000 computers in 150 countries. On Monday, researchers said the same weapons-grade attack kit was used in a much earlier and possibly larger-scale hack that made infected computers part of a botnet that mined cryptocurrency.

Like WannaCry, this earlier, previously unknown attack used an exploit codenamed EternalBlue and a backdoor called DoublePulsar, both of which were NSA-developed hacking tools leaked in mid April by a group calling itself Shadow Brokers. But instead of installing ransomware, the campaign pushed cryptocurrency mining software known as Adylkuzz. WannaCry, which gets its name from a password hard-coded into the exploit, is also known as WCry.

Kafeine, a well-known researcher at security firm Proofpoint, said the attack started no later than May 2 and may have begun as early as April 24. He said the campaign was surprisingly effective at compromising Internet-connected computers that have yet to install updates Microsoft released in early March to patch the critical vulnerabilities in the Windows implementation of the Server Message Block protocol. In a blog post published Monday afternoon Kafeine wrote:

In the course of researching the WannaCry campaign, we exposed a lab machine vulnerable to the EternalBlue attack. While we expected to see WannaCry, the lab machine was actually infected with an unexpected and less noisy guest: the cryptocurrency miner Adylkuzz. We repeated the operation several times with the same result: within 20 minutes of exposing a vulnerable machine to the open web, it was enrolled in an Adylkuzz mining botnet.

The attack is launched from several virtual private servers which are massively scanning the Internet on TCP port 445 for potential targets.

Upon successful exploitation via EternalBlue, machines are infected with DoublePulsar. The DoublePulsar backdoor then downloads and runs Adylkuzz from another host. Once running, Adylkuzz will first stop any potential instances of itself already running and block SMB communication to avoid further infection. It then determines the public IP address of the victim and download the mining instructions, cryptominer, and cleanup tools.

It appears that at any given time there are multiple Adylkuzz command and control (C&C) servers hosting the cryptominer binaries and mining instructions.

Figure 2 shows the post-infection traffic generated by Adylkuzz in this attack.

Symptoms of the attack include a loss of access to networked resources and system sluggishness. Kafeine said that some people who thought their systems were infected in the WannaCry outbreak were in fact hit by the Adylkuzz attack. The researcher went on to say this overlooked attack may have limited the spread of WannaCry by shutting down SMB networking to prevent the compromised machines from falling into the hands of competing botnets.

Proofpoint researchers have identified more than 20 hosts set up to scan the Internet and infect vulnerable machines they find. The researchers are aware of more than a dozen active Adylkuzz control servers. The botnet then mined Monero, a cryptocurrency that bills itself as being fully anonymous, as opposed to Bitcoin, in which all transactions are traceable.

Monday's report came the same day that a security researcher who works for Google found digital fingerprints tying a version of WCry from February to Lazarus Group, a hacking operation with links to North Korea. In a report published last month, Kaspersky Lab researchers said Bluenoroff, a Lazarus Group offshoot responsible for financial profit, installed cryptocurrency-mining software on computers it hacked to generate Monero coins. "The software so intensely consumed system resources that the system became unresponsive and froze," Kaspersky Lab researchers wrote.

Assembling a botnet the size of the one that managed WannaCry and keeping it under wraps for two to three weeks is a major coup. Monday's revelation raises the possibility that other botnets have been built on the shoulders of the NSA but have yet to be identified.

Continue reading here:
Massive cryptocurrency botnet used leaked NSA exploits weeks before WCry - Ars Technica

The U.S. National Security Agency could have headed off the global ransomware attack that has crippled hospitals, train stations and other infrastructure around the world, according to Edward Snowden, the former CIA contractor and whistleblower.

They knew about this flaw in U.S. software, U.S. infrastructure, hospitals around the world, these auto plants and so on and so forth, but they did not report it to Microsoft until after the NSA learned that that flaw had been stolen by some outside group, Snowden said Monday.

Related: What is ransomware? Computers around the world infected by malware demanding money

Subscribe to Newsweek from $1 per week

The fugitive former private security contractor made his remarks during a speech on privacy and security delivered via satellite from Moscow to a Washington, D.C., conference on big data. The conference, organized by a former Google executive, Travis Jarae, founder and CEO of One World Identity, has drawn 800 industry experts from data collection and cybersecurity firms, as well as government lawyers, to discuss questions about online identity, security and privacy.

Snowden in 2013 downloaded and then publicized an estimated 1.7 million documents related to global and domestic U.S. surveillance programs, which the Pentagon has said is the largest trove of American secrets ever purloined. Federal prosecutors subsequently charged him with theft and Espionage Act violations. Since 2013, he has been living in Moscow.

Beamed by satellite onto huge screens in the Ronald Reagan Building and International Trade Center, a federal building a few blocks from the White House, Snowden blamed the NSA for the unprecedented power of the so-called wannacry virus, which is being blamed for the worlds biggest cyberattack, affecting 150 countries so far. Among the affected in the U.S. have been Fedex and Nissan; in China, colleges and gas stations; in India, the state police; in Russia, the Central Bank, Russian railways and the Interior Ministry; and in the U.K., at least 16 National Health System hospitals.

It is still unclear who released the virus or exactly why.

Had the NSA not waited until our enemies already had this exploit to tell Microsoft, [so that] Microsoft could begin the patch cycle, we would have had years to prepare hospital networks for this attack rather than a month or two, which is what we actually ended up with, Snowden said.

Members of the audience submitted questions to the 33-year-old. One asked for his number one piece of advice for balancing privacy and security. Snowden said companies should opt for the bare minimum in determining what information they harvest and save about customer behavior, and urged them provide users with an opt-out from data collection upfront. He accused companies that say they are collecting data to improve products and services of using a legal fiction to collect data in order to monetize it, generating an extra source of revenue.

He compared the psychological effects of unchecked mass data collection to an errant high school kid being threatened that certain behavior would remain on his or her record. In a world of mass tracking and commercial and government data collection, he said, you have a permanent record that can never be erased.

A child thats born in this world wont have the same benefit you had of saying something stupid that they can move on from, he said. When people can be tracked and have no way to live outside this chain of records, what we have become is a quantified spiderweb. Its a very negative thing for a free and open society. Now, everybody in the world will think twice before they even open their mouth. That is a very, very dark future. But its not inevitable. You should reflect: Is that something we can do? Or should do?

See the original post here:
Edward Snowden Slams NSA Over Ransomware Attack - Newsweek

Forbes

Microsoft Just Took A Swipe At NSA Over The WannaCry Ransomware Nightmare Forbes After software vulnerabilities exploited and leaked by the NSA were used by cybercriminals to infect as many as 200,000 Windows PCs with ransomware over the last three days, Microsoft has criticized government agencies for hoarding those flaws and ... Microsoft Blasts the CIA and NSA for 'Stockpiling' Software VulnerabilitiesTheStreet.com A large-scale cyber attack highlights the structural dilemma of the NSAThe Economist all 2,140 news articles »

Original post:
Microsoft Just Took A Swipe At NSA Over The WannaCry Ransomware Nightmare - Forbes