TD chief Masrani seeks level playing field with startup fintechs

TD chief Masrani seeks level playing field with startup fintechs – The Globe and Mail

Toronto-Dominion Bank’s chief executive officer identified tech-savvy upstarts as a key challenge for the lender, but asked policy makers to consider new rules to level the playing field with established banks.

“Thousands of fintechs are vying for bank customers,” Bharat Masrani said at the bank’s annual general meeting in Montreal on Thursday. While competition is a good thing, he argued that new financial technology players – some of which lend money to small businesses through online services – are often not subject to the same regulatory rules as traditional banks, suggesting an unfair advantage and the potential for security lapses. “That’s why I believe it would be appropriate for policy makers to consider a regulatory environment that ensures the safety of customer information and the integrity of our financial system,” Mr. Masrani said, adding that security breaches and service interruptions have plagued a number of fintechs.

In a conference call with reporters following the annual meeting, Mr. Masrani was reluctant to provide specifics on what policy changes he would like to see or examples of security breaches.

However, some of the most notable breaches in recent years have involved major firms with big budgets to defend themselves against attacks. In 2014, a cyberattack against JPMorgan Chase & Co. compromised accounts for 83 million households and small businesses. Recent attacks have also targeted Home Depot Inc., Sony Pictures Entertainment Inc. and Target Corp.

TD itself was the target of a denial-of-service attack in 2013, when a flood of online traffic knocked out access to the bank’s website and mobile banking services.

Despite highlighting fintech as a competitive threat that enjoys unfair advantages over traditional banking, Mr. Masrani made it clear that TD was hardly struggling.

He said the bank would engage with some fintech firms as potential collaborators, and sees the rise of new ideas and technology as a huge benefit to consumers.

“We engage with a wide range of firms who can support our mission to seamlessly fulfill the wants and needs of each and every customer,” he said.

Nonetheless, his point about rising competition and a potentially disruptive threat to traditional banking has been supported by many observers.

A report from Citigroup this week highlighted the threat globally. It estimated that banks in the United States and Europe will slash another 1.7 million jobs over the next 10 years – representing about 30 per cent of their current payrolls – as they react to competition in areas such as lending and payments. Investments in the fintech sector surged to $19-billion (U.S.) in 2015, up tenfold over the past five years.

“The banks have clients and scale but the new fintech entrants usually have the innovation edge, especially at the ‘client experience’ interface,” Citigroup analysts said. “To remain competitive, banks need to get innovation before the fintech companies get scale.”

Mr. Masrani appeared to agree with this assessment. He noted that TD has partnered with Cisco Systems Inc. to create a lab for building tech-focused banking enhancements and joined an international consortium to explore the benefits of blockchain, the technology that underpins bitcoin.

He also noted recent enhancements to the bank’s online brokerage, WebBroker, and announced that TD would soon launch an application called TD MySpend, which will provide customers with a visual representation of their financial health on their smartphones.

“The world is changing around us, and I cannot say with 100-per-cent certainty what the future looks like,” he told his audience. “But I do know this: TD will adapt without abandoning what you have come to expect from us.”


DDoS attacks now a threat to interior network applications: US test

DDoS attacks now a threat to interior network applications: US test – Canadian Underwriter


New test research out of the United States is shedding light on emerging trends around distributed denial-of-service (DDoS), indicating related attacks are now targeting applications inside the networks of enterprise organizations.

Released this week by information security research and advisory company NSS Labs, the finding is contained in the company’s new Security Value Map and Comparative Report. The research evaluates six leading DDoS prevention solutions for security effectiveness, performance and total cost of ownership.

“Historically, DDoS protection meant protecting an enterprise’s Internet presence. In the constantly evolving battle with cyber criminals, DDoS attacks are now targeting applications inside the networks of enterprise organizations,” notes a statement from the company.


Representing the first public Group Test for DDoS prevention solutions, the test focused on, among other things, volumetric, protocol and application DDoS attacks.

“DDoS attacks continue to grow in prevalence and have become a key pain point for security professionals,” the company points out. “While average protection against volumetric and protocol attacks ranged were 94.4% and 95.1%, respectively, the average protection against application attacks was only 80%,” it adds.

The test methodology also addressed stability and performance impact, namely the ability of a solution to maintain performance while defending against an attack. “This gives enterprise buyers a key additional element for evaluations – the ability of the solution to not only detect and mitigate the attack, but to also allow legitimate traffic while the attack is being suppressed,” the statement notes.

“While vendors have largely become adept at protecting against traditional volumetric attacks with little performance impact, stopping a protocol attack can impact performance by as much as 92.5%,” it adds.


DDoS Mitigation – Protecting Network Walls from Falling to Enemy Cyber Attacks

DDoS Mitigation – Protecting Network Walls from Falling to Enemy Cyber Attacks | Allot Blog

Firewalls and IPS have become a standard in network protection, installed in every network just like stone walls once fortified every medieval fortress or castle. Although they have greatly advanced over the years in safeguarding networks against a wide variety of cyber threats, they remain vulnerable to today’s massive DDoS attacks because of the way they are designed. Many organizations, including financial institutions, gaming companies, telecom networks and other enterprises, experience DDoS attacks even though they are equipped with a Firewall and  IPS. Ironically, during a DDoS attack these security functions are likely to become the weakest link of the entire network security.

During a DDoS attack, a cybercriminal most often attacks internet facing servers or services with massive volumetric floods (TCP SYN, UDP, and HTTP floods). These attacks are carried out using ports which are commonly open on most firewalls: 80, 53, 25 and 443, to name a few. The attacker’s goal is to employ threat vectors that exploit the weaknesses at the network/application header layer.

A firewall is a stateful device that is designed and configured to block undesired ports. Volumetric flood attacks on ports which remain open on the firewall to allow service delivery traffic, exploit the stateful nature of the firewall by filling up the state tables with volumes of unwanted traffic, so that it has little time to pass legitimate traffic. This creates a bottleneck that may result in an entirely dysfunctional firewall. Like in medieval times, when breaking a castle’s wall successfully led attackers to victory, cyber-attackers take advantage of the firewall vulnerability, utilizing DDoS as a technique to disable it, making way to a successful breach.

An IPS is deployed deeper in the network, typically behind the firewall. It allows only legitimate known traffic to pass through, while blocking a wide range of intrusions such as server exploits, code injections, cross site scripting attempts, etc. Since most of the intrusions occur at the application layer, the IPS performs deep packet inspection (DPI) to prevent them. The problem is that if an IPS has to deal with the massive volumes of DDoS traffic on top of other traffic, it becomes flooded, resulting in a bottleneck or even worse: allowing hostile traffic to pass through uninspected due to the lack of machine resources.

A Firewall, an IPS, or even a combination of the two, may give a false sense of security. Security professionals are typically aware of this issue, and are deploying separate DDoS mitigation solutions, like the Allot ServiceProtector, at the edge of their network. Allot ServiceProtector DDoS mitigation system inspects traffic and analyzes abnormalities fast and efficiently to pinpoint threats. It then instantaneously mitigates the attacks at line rates of tens and even hundreds Gbps without dropping legitimate traffic (zero false positives). ServiceProtector not only minimizes the effects of DDoS attacks on service, but also supplements the firewall and IPS systems, providing a stronger first line of defense in protecting the network against cyber enemies.



UK startup runs biggest ever simulation of the entire internet

UK startup runs biggest ever simulation of the entire internet | Information Age

A UK startup in partnership with the government has developed the largest simulation of the net’s infrastructure ever created, that could be used to test for failures in the Internet of Things

A simulated internet could help us create functioning complex smart cities without failures

A UK startup, working with the British government, has created what’s believed to be the largest simulation of the internet ever made.

London startup Improbable’s customers include computer gaming companies, financial services firms, governments and academic researchers, but this time an unnamed department of the British governmen approached the team for this ambitious project.

Their goal was to build a realistic simulation of the complete structure of the internet and the vast number of connections and networks that make up the World Wide Web, in order to see its weak spots and understand how to protect this crucial infrastructure from failure and attack.

Large-scale internet disruptions are far from rare, and often affect large portions of the world and causing widespread disruption.

In 2008, an ISP in Pakistan accidentally blocked YouTube for a large portion of the world by misconstruing a central server after it tried to block its citizens’ access to anti-Islamic content. And this January Telstra, Australia’s largest telecoms provider, suffered a country wide outage that affected 16.7 million subscribers, costing the company millions in compensation and causing massive disruption for businesses.

Underwater cables can be accidentally damaged and Distributed Denial of Service (DDoS) attacks can wreak havok on ordinary internet uses, as in the case of the 2013 attack against non-profit company Spamhaus, which cut off internet for millions of people.

And now that cities, cars, and a whole host of connected objects are becoming part of the Internet of Things, the impact of these potential outages could be even more catastrophic.
So Improbable employed its cloud-based SpatialOS software, which enables developers to create and test vast virtual worlds with an almost infinite number of variables, to make a 1:1 model of the backbone of the entire internet.

Improbable’s simulation allows you to create and delete ISPs, configure links between them, or load in data from the real world.

The whole internet contains about 60,000 AS networks and over half a million routes running between them. In order to accurately simulate this, the program uses 15 machines and over 1TB of RAM.
‘Not only did we demonstrate a dynamic model of BGP routing at scale, we also produced an interactive visualization where both AS’s and the connections between them can be created or destroyed, observing dynamic routing, cascade failures and new route propagation across the network,’ said Improbable CEO Herman Narula.
‘Doing this sort of simulation on a single server would be almost impossible, but using our operating system we were able to distribute this simulation over as many machines as we need to reach the full scale.’
The potential for the continued development of this model, and its application, is vast, say the researchers.
‘Cyber security is one of the areas where a model such as this could have a significant impact on understanding network vulnerabilities, and how different types of attacks and exploits propagate across the internet,’ he said. ‘Applications could range from protection of critical national infrastructure, right down to a safer and more secure internet for individual users.’
With a detailed simulation of the internet, people could begin to prepare for cyber attacks before they happen, understanding the vulnerabilities and the cascading effects of various interventions better.
‘This will enable businesses, institutions and even countries to become more resilient in an age of exponential vulnerability online,’ the researchers said.
Not only this, but the model is available for developers to integrate into their existing models. Improbable has imported their code into an existing city simulation project to test how smart city networks would work.
‘Being able to combine orthogonal simulations in this way will enable organizations to understand how the internet relates to other complex systems: cities, infrastructure, energy, economies,’ said Narula.

British columbia Casino Accidentally Prints 5 Secrets to Beat the House

Casinos Don’t Expect You To Do This. But They Can’t Stop You…

With the insane amount of online casino and slot machine advertising in Canada recently, people are wondering if they can actually win money by playing at any of these sites. We spoke to a PRO casino player recently and he let us in on some great secrets.

#1: Cash In On Risk-Free Money Bonuses

Competition in the Online Gambling Industry is massive with multiple billion dollar companies facing off against each other to get new players.

This has resulted in online casinos literally throwing money at people to get you through the door. This includes both risk-free money and new player deposit incentives. Some of the top online casinos like Zodiac Casino will even give you free chances to become a millionaire.

#2: Find a High Variance Slot Machine, WIN LARGER JACKPOTS

Slots are really a game of luck. The Variance is the technical term in the gaming world that is used to calculate how risky a game is to play. The lower the variance, the more frequent the wins, the less the win amount.

The high variance slots such as Mega Moolah are the ones that will pay out larger amounts of money, but the wins will happen less frequently. The less time you spend spinning the reels, the lower the house edge so we learned you need to play in short bursts, betting a little more than usual, and you’ll have a better chance of beating the odds.

If you do get a nice win, be prepared to take a break and move on to another game.

#3: Play Progressive Jackpots Online to Make Millions!

Yes, it’s true! When you bet on any of these progressive jackpot slot games, you are playing for a chance to win the jackpot, which is regularly over $1 million (currently over $3.3 million!).

We recommend trying your luck on Mega Moolah by Zodiac Casino.

The largest ever progressive jackpot won online was $15,143,600 on the 20th of January 2013 by a female player aged 47 in Finland.

#4: Not All Online Gambling Sites in Canada are Legal

It was only recently that the Canadian government deemed certain forms of online casinos gambling legal and decided to regulate it. As such, not all casino gambling websites have passed the regulation process, which requires demanding tests proving that the site is fair and honest.

For example, Zodiac Casino is a member of the Interactive Gaming Council, operating under their code of conduct to guarantee fair and honest gaming. They have been awarded Safe & Fair certification by independent auditor eCOGRA, which provides assurance for secure and honest gaming practices.

Playing on regulated online casino websites means that the funds you deposit are safe and you’ll be able to cash out quickly!

#5: Don’t Get Greedy! Cash Out Your Winnings

Lastly, perhaps the most important rule of all is “Don’t Be Greedy”.

Online casino success is about winning money – not winning money and then losing it all again. A win is a win, no matter how big or small. Set yourself targets and stick to them.

Let’s say your target is to win $250. Once you reach that amount, cash out your winnings and wait for the casino to offer you another deposit bonus and start again. Know when to quit. Don’t keep playing it all back because of greed!


Microsoft drops another big batch of Windows patches

On Tuesday Microsoft released a bunch of patches, most of which will elicit little more than a snore from users. One of the patches still hasn’t been documented — Microsoft’s posts not being in sync with its bits is common problem — and a bunch of older security bulletins haven’t been updated. But such are the vagaries of the patching business.

Take control! 30 essential OS X command-line tips

Go beyond the graphical user interface and take full advantage of Mac OS X at the command line

There are seven new patches for MS16-019, the Important security bulletin released last Tuesday that deals with .Net-based denial-of-service attacks. According to the Software Update master list, they all apply to versions of .Net in Windows Embedded. Oddly, the underlying KB articles haven’t been updated to say they pertain to Windows Embedded.

The other 40 patches (there’s a complete list on mostly apply to servers.

One patch, KB 3095113, updates Server 2012 and 2012 R2 so that they better “sync and distribute feature upgrades for Windows 10.” Apparently if you try to sync upgrades in WSUS without applying this patch, you’ll get an unholy mess that “is recoverable but the process is nontrivial and can be avoided altogether if you make sure to install the update before enabling sync of upgrades.”

As poster ch100 on AskWoody notes:

[this] was finally promoted to Windows Update in March 2016 as promised last year at the time of release. Until now it was only a hotfix and discussed here only few days ago in relation to the new behaviour of Windows 10 Upgrade for Windows 7… It applies only to WSUS on Windows 2012 R2. We may see something equivalent now in Windows 7 in the sense of a new category appearing in Windows Update.

I can hardly wait.

Poster Michael says:

Just did a sync of my WSUS server, but not a single new patch shows up (we have W7 and W2012 in our environment). I just patched KB3095113 manually on WSUS, still nothing new showing. (Although now I can see all the Windows 10 update classifications in the options, urgh.)

Another patch, KB 3105115, fixes a problem when you try to RDP into a Win 8.1 or Server 2012 R2 device while using a low-resolution screen. “When this issue occurs, you can only see the Start screen, but you can’t switch to the desktop.” That makes it hard to run a server from your phone, I suppose.

There’s an odd bug that crashes Windows Explorer if you try to play an MPEG-4 file that has a zero for the UTC time offset. If that’s been a problem for you, see KB 3136019.

Then there’s the mystery patch, KB 3115224, which is described as an optional update for Win 8.1, RT 8.1, Server 2012, Server 2012 R2, and Windows Embedded 8 standard. Other than that, I can’t find any details about it anywhere. The KB article hasn’t been posted.


Cybera partners with CIRA to offer new high-performance DNS services for Alberta’s public and education sectors

CIRA’s D-Zone Anycast Domain Name System helps improve performance for Canadian users while adding enhanced Distributed Denial-of-Service protection

EDMONTON, March 15, 2016 /CNW/ – The Canadian Internet Registration Authority (CIRA) and Cybera, Alberta’s not-for-profit technology accelerator, have partnered to offer Cybera’s members improved Domain Name System (DNS) protection and performance.

This service will be useful for larger public and education institutions in the province that run their own .ca domain, and are at risk of Distributed Denial-of-Service (DDoS) attacks. CIRA’s D-Zone Anycast DNS service will be offered to Cybera members at no cost, bringing advanced cyber-security and web-performance to public and education sector institutions of all sizes.

Key facts

  • CIRA’s D-Zone Anycast DNS service has an expansive Canadian server footprint, offering several important advantages for Canadian institutions. CIRA’s service keeps DNS data in Canada, improving performance for Canadian users and helping to limit the unnecessary flow of cross-border data.
  • With the majority of DDoS attacks originating from overseas, CIRA’s service can help to maintain network performance, even when it is experiencing a significant attack. Global servers can soak up the attack before it reaches Canadian servers, allowing D-Zone to reduce the risk of critical failures due to DDoS attacks.
  • Cybera operates Alberta’s high-speed Research and Education Network, which connects members to researchers and educators around the world. It also offers members direct peering and internet bulk-buying services, generating major network efficiencies. This new service will bring advanced cybersecurity protection to educators, libraries, and government organizations across the province, helping to increase network performance and protect these institutions from malicious attacks.

This service is available immediately, and can be accessed by Cybera members at no cost. The setup can be completed in a matter of minutes.

Executive quotes

“Our DNS service has the most expansive Canadian server footprint available on the market today. CIRA shares this intentional Canada-first approach philosophy with national research networks, making Cybera an excellent partner to launch our service with Alberta’s public and education sectors.”

- Dave Chiswell, vice president of product development at CIRA

“We are excited to be offering this free DNS service, as it will greatly improve the performance and reliability of the DNS infrastructure used by our members, who include some of the largest education and government organizations in the province. CIRA is very experienced with global DNS infrastructure and DDoS mitigation, and we are pleased to partner with them to offer this beneficial service.”

- Jean-Francois Amiot, network and operations director, Cybera

About Cybera
Cybera is a not-for-profit technology-neutral organization responsible for driving Alberta’s economic growth through the use of digital technology. Its core role is to oversee the development and operations of Alberta’s cyberinfrastructure — the advanced system of networks and computers that keeps government, educational institutions, not-for-profits, business incubators and entrepreneurs at the forefront of technological change.

About CIRA

The Canadian Internet Registration Authority (CIRA) manages the .CA top-level domain on behalf of all Canadians. A Member-based organization, CIRA also develops and implements policies that support Canada’s Internet community, and represents the .CA registry internationally.


Altcoin exchange Poloniex affected by DDOS attack

Until last night, it had been a while until DDoS attacks affected any of the popular bitcoin and altcoin exchanges.

The latest reports now indicate that a couple of hours ago, popular bitcoin exchange Poloniex was the target of a strong DDoS attack, which not only took the site offline, but it also affected the API, and therefore forced the exchange to stop carrying out transactions.

The announcement was made via a Twitter post, which read: ‘It appears we’re under a DDOS attack. We’re investigating and working on getting the site back online as quickly as we can’. Luckily, the security team behind the company managed to quickly mitigate the attack, and restore service.

However, it is believed that the attack was in fact a stress test, meant to differently target the attack next time, or even force the exchange to make a security mistake. This strategy has been put to use before, so Poloniex will have to be particularly careful in the near future.

For those who do not know, Poloniex can be considered one of the best altcoin exchanges, as it works hard to introduce as many coins as possible, while also keeping the services up and running at all times. In our review of the exchange, The Merkle also noted its friendly customer support, trading fee structure and more.

Based on everything that has been outlined so far, what do you think about the DDoS attack carried out on Poloniex? Was it the full attack, or just a simple stress test? Let us know your thoughts in the comment section below.


DDoS attacks: Getting bigger and more dangerous all the time

Distributed Denial of Service (DDoS) attacks are more frequent, bigger and more damaging than ever before a new report by internet security firm Verisign has warned.

According to statistic published in the VeriSign Distributed Denial of Service Trends Report, DDoS activity is the highest it’s ever been, with the final quarter of 2015 seeing an 85 percent rise in instances – almost double the number of attacks – when compared with the same same period in 2014. The figures for Q4 2015 also represent a 15 percent rise on the previous quarter.

The report also suggests that cyber attackers are getting much more persistent as targets are now being hit by repeated attacks, with some reportedly being the target of DDoS attacks up to 16 times in just three months.

If an increase in attacks isn’t worrying enough for potential targets, the size and the amount of damage DDoS attacks can do is also on the rise. The fastest flood attack detected by Verisign occurred during the final quarter of 2015, targeting a company in the telecommunications industry by sending 125 million packets per second (Mpps), and driving a volumetric DDoS attack of 65 gigabits per second (Gbps).

“The 125 Mpps flood is one of the highest packets per second floods ever observed by Verisign, surpassing the previous flood of 91 Mpps mitigated by Verisign in Q2 2014. This attack, aimed at disrupting critical network services, consisted of multiple short bursts in DDoS traffic and continued intermittently for several weeks,” says the report.

While that particular attack was made against a company in the telecommunications sector, Verisign has warned that organisations in all industries are potentially at risk from “indiscriminate” DDoS attacks.

Indeed, it was companies which provide IT, cloud, and software services which are currently most targeted, with 32 percent of DDoS attacks made against this sector. However, the number of DDoS incidents media and entertainment providers wasn’t far behind, with 30 percent of attacks made against organisations in this industry.

Attacks against the financial sector made up 15 percent of incidents, the public sector accounts for 10 percent and while the biggest DDoS event was recorded against the telecommunications industry, this sector accounts for only 8 percent of DDoS attacks.

In terms of preventing attacks, Verisign recommends organisations “consider augmenting your existing DNS capacity with a cloud-based hosted DNS or managed DNS service”.


DDoS Attack Data Fort McNair

In 2014, distributed denial of service event denial of service assaults reached a mean price of 28 per hour – and they proceed to develop when it comes to scope, frequency tool ddos and complexity. Step one in arming your IT group towards DDoS is to arm your self and your workers with information.

Some one hacked my yahoo mail and is sending messeges to all my contacts that am stranded within the uk and need £1300 this particular person has even bloacked me i cant how to ddos attack an ip access my account ave tried to warn my contacts through facebook however many aren’t even on face book all am asking is for yahoo to terminate this account i will open a new one ASSIST before he swindles someone.

Hello Koolmuse, I keep in mind you from Buzz. A couple of days in the past I was in a discussion on Buzz, when this crazy woman (who thought-about something to the left of the Libertarian Party to be socialist, and who called disabled vets and Medicare recipients freeloaders) came on and began insulting folks, primarily me. I attempted to motive together with her, but she received nastier and extra profane, until after a while I decided to disregard her and advised all people else to do free server stresser the identical, since she clearly had some problems.

Ultimately, this data hopefully to explain how DDoS is served and how DDoS is always on operation. Also how a few of these services are wrapped with a simple GUI to be used for the attack. Suspending domain or mitigating DDoS companies like these is not making a lot impact, and we’d like more firm act to stop people and infrastructure used to perform it. They’re utilizing common domains, websites, even YouTube for promotion, moreover a few of them are using known DDoS safety service to protect their DDoS’er websites (see under picture), it’s just went too far, and perhaps now’s a right time to say CEASE”.

Cyberterrorism represents acts of Web-primarily based hacking that cause massive-scale disruption to computer networks by means of using pc viruses and different malicious instruments, reminiscent of worms and Trojan programs. The motivation for cyberterrorism assaults is to create widespread panic and disruption. Hacktivist groups might use cyberterrorism campaigns to protest or promote certain ideological or political beliefs. Study extra about cyberterrorism within the DDoS Assaults Against World Markets white paper

These days booters also use websites reminiscent of downornot as well/hit sites offline. I might suggest blocking the following websites (Can’t present IPs). In order to do that, you should first ping the web sites and after you get the websites IP then ban it in your server. If you are on a shared hosting then I feel you can ban them by means of cloudflare.

There are lots of ways to scale back your possibilities of getting SYNed, together with setting your firewall to dam all incoming packets from unhealthy external IP addresses like to, to, to, and to, in addition to all inside addresses. However, as SCO discovered, when you throw sufficient SYN packets at a site, any website can still be SYNed off the net.

In 2013, CloudFlare, Inc. CEO Matthew Prince predicted that DDoS assaults would solely increase in scope and ease in 2014 and this has remained true for 2015. In April of this year, Arbor Networks, Inc. reported one of many largest DDoS assaults ever detected at 334Gbps. Akamai Applied sciences Restricted backed up these figures stating that attacks had increased in volume and high quality, the report said that the overall variety of DDoS assaults increased 132.43 percent compared to Q2 2014.