The five most common ways of hacking an organization all involve stolen credentials, "based on data from 75 organizations, 100 penetration tests, and 450 real-world attacks," writes an anonymous Slashdot reader. In fact, 66% of the researchers' successful attacks involved cracking a weak domain user password. From an article on Dark Reading: Playing whack-a-mole with software vulnerabilities should not be top of security pros' priority list because exploiting software doesn't even rank among the top five plays in the attacker's playbook, according to a new report from Praetorian. Organizations would be far better served by improving credential management and network segmentation...

"If we assume that 1 percent [of users] will click on the [malicious] link, what will we do next?" says Joshua Abraham, practice manager at Praetorian. The report suggests specific mitigation tactics organizations should take in response to each one of these attacks -- tactics that may not stop attackers from stealing credentials, but "building in the defenses so it's really not a big deal if they do"... [O]ne stolen password should not give an attacker (or pen tester) the leverage to access an organization's entire computing environment, exfiltrating all documents along the way.
Similar results were reported in Verizon's 2016 Data Breach Investigations Report.

Long-time Slashdot reader dyork brings new from The Internet Society: IPv6 deployment hit a milestone this month related to the four major US providers (Verizon Wireless, T-Mobile USA, Sprint, AT&T): "IPv6 is the dominant protocol for traffic from those mobile networks to major IPv6-capable content providers."
A graph on their "World IPv6 Launch" site shows those carriers are now delivering close to 55% of their traffic over IPv6 to major IPv6-capable content providers -- up from just 37.59% in December. "This is really remarkable progress in the four years since World IPv6 Launch in 2012, and the growth of IPv6 deployment in 2016 is showing no signs of abating." In fact, the NTIA is now requesting feedback from organizations that have already implemented IPv6, noting that while we've used up all the 4.3 billion IPv4 addresses, IPv6 offers 340 undecillion IP addresses -- that is, 340 followed by 36 digits.

Last month the FCC had pressed major U.S. phone companies to take immediate steps to develop technology that blocks unwanted automated calls available to consumers at no charge. It had demanded the concerned companies to come up with a "concrete, actionable" plan within 30 days. Well, the companies have complied. On Friday, 30 major technology companies announced they are joining the U.S. government to crack down on automated, pre-recorded telephone calls that regulators have labeled as "scourge." Reuters adds: AT&T, Alphabet, Apple, Verizon Communications and Comcast are among the members of the "Robocall Strike Force," which will work with the U.S. Federal Communications Commission. The strike force will report to the commission by Oct. 19 on "concrete plans to accelerate the development and adoption of new tools and solutions," said AT&T Chief Executive Officer Randall Stephenson, who is chairing the group. The group hopes to put in place Caller ID verification standards that would help block calls from spoofed phone numbers and to consider a "Do Not Originate" list that would block spoofers from impersonating specific phone numbers from governments, banks or others.

An anonymous reader quotes a report from Reuters: ATT Inc, the No. 2 U.S wireless provider, said on Wednesday that it would roll out a new data plan that does away with overage fees and reduces data speeds for wireless customers who surpass their data allowance. Beginning Sunday, customers can choose the new Mobile Share Advantage plan and pay for extra data, if needed, or work with slower data speeds instead of paying for overages, the company said in a statement. Its current plan includes a $5 data overage charge per 300 megabytes on its 300-megabyte plan and $15 per 1 gigabyte on other plans. ATT has also revised prices and data bucket sizes. For instance, its larger 25-gigabyte plan now costs $190 per month for four smartphone lines. It previously cost $235. All the new plans include an access charge of $10 to $40 per month for each device, ATT said. The new plans will continue to have features such as unlimited text and talk and rollover data. Plans above 10 gigabytes also include unlimited talk and text to Mexico and Canada and no roaming charges in Mexico. Last month, Verizon introduced a new "Safety Mode" for its data plans that similarly throttles customers who exceed their monthly allotment to avoid overages. While Verizon charges customers on lower tier plans for the feature, ATT notes that it does not apply any extra charges.

According to a report on AdAge, Verizon Wireless is trying to add more bloatware to Android phones by installing apps from other companies in exchange for payment. From the report: The wireless carrier has offered to install big brands' apps on its subscribers' home screens, potentially delivering millions of downloads, according to agency executives who have considered making such deals for their clients. But that reach would come at a cost: Verizon was seeking between $1 and $2 for each device affected, executives said. Verizon started courting advertisers with app installations late last year, pitching retail and finance brands among others, agency executives said. It has only offered the installations on Android phones, because Google's software is open for carriers to customize. Apple controls its platform more tightly. The proposed deals with brands ensure that their apps download to only new devices when consumers activate the phones and their software for the first time.

The cable industry's grip on the U.S. broadband space increased last quarter, with Comcast and Charter gaining nearly 500,000 subscribers, combined. Phone companies AT&T, Verizon, CenturyLink, and Frontier, however, all lost Internet customers. ArsTechnica reports:The 14 largest ISPs, accounting for 95 percent of the US market, gained 192,510 Internet customers in Q2 2016, bringing the total to 91.9 million, Leichtman Research Group reported today. Cable companies accounted for all of the gains, adding 553,293 subscribers for a new total of 57 million. The phone companies lost 360,783 subscribers, bringing them down to 34.9 million. Phone companies' losses more than doubled since Q2 2015, when they lost about 150,000 subscribers. [...] Comcast and Charter, the two biggest ISPs, led the way in subscriber gains. Comcast added 220,000 broadband subscribers to boost its total to 24 million, while Charter (the new owner of Time Warner Cable) added 277,000 subscribers for a new total of 21.8 million. AT&T lost 123,000 subscribers, lowering its total to 15.6 million. Verizon lost 83,000, leaving it with 7 million Internet customers. CenturyLink and Frontier lost 66,000 and 77,000, respectively.

Many people have promised us that 5G will be here very soon. And it will be the best thing ever. To quote Lowell McAdam, the CEO of Verizon, 5G is "wireless fiber," and to quote SK Telecom, thanks to 5G we will soon be able to "transfer holograms" because the upcoming standard is "100 times faster" than our current communications system 4G LTE. But if we were to quote Science, the distant future isn't nearly as lofty as the one promised by executives. Backchannel explains: "5G" is a marketing term. There is no 5G standard -- yet. The International Telecommunications Union plans to have standards ready by 2020. So for the moment "5G" refers to a handful of different kinds of technologies that are predicted, but not guaranteed, to emerge at some point in the next 3 to 7 years. (3GPP, a carrier consortium that will be contributing to the ITU process, said last year that until an actual standard exists, '"5G' will remain a marketing & industry term that companies will use as they see fit." At least they're candid.) At the moment, advertising something as "5G" carries no greater significance than saying it's "blazing fast" or "next generation" -- nut because "5G" sounds technical, it's good for sales. We are a long way away from actual deployment. [...] Second, this "wireless fiber" will never happen unless we have... more fiber. Real fiber, in the form of fiber optic cables reaching businesses and homes. (This is the "last mile" problem; fiber already runs between cities.) It's just plain physics. In order to work, 99% of any "5G" wireless deployment will have to be fiber running very close to every home and business. The high-frequency spectrum the carriers are planning to use wobbles billions of times a second but travels incredibly short distances and gets interfered with easily. So it's great at carrying loads of information -- every wobble can be imprinted with data -- but can't go very far at all.

Internet speeds are getting faster in the United States, especially in cities such as Kansas City, Austin, Seattle, San Francisco, and Phoenix, according to a new Speedtest Market Report. The report, by Ookla's popular service, found that fixed broadband customers saw the biggest jump in performance this year with download speeds achieving an average of over 50Mbps for the first time ever. The result marks a 40 percent increase since July 2015. From a TechCrunch report: That average, 54.97 megabits per second is 42 percent higher than the same period last year, and upload jumped even more -- 18.88 is 51 percent higher year over year. This is all based on the 8 million or so daily tests conducted on Speedtest's website and apps, by the way, so the data is pretty sound. Comcast Xfinity took the honors for fastest speed on average, but its 125 megabits wasn't that much higher than the competition: Cox with 118 and Spectrum with 114. [...] On mobile, Verizon and T-Mobile are tied for first place with 21 megabits and change download speed on average, though the latter beats the competition by a long shot with upload speeds averaging 11.59 megabits. Poor Sprint, though.

Reader evelynlewis445 writes: Tumblr this week quietly announced plans to roll out a new advertising program across its site which will see it implementing ads across users' blogs. The company did not provide specific details on how the program will operate, but it appears to be an expansion of its earlier Creators program, which connects brands with Tumblr users directly, instead of having advertisers work with third-party influencer networks.The ads will begin appearing on the platform starting today. Tumblr remains one of the most popular blogging platforms, attracting over 550 million monthly users to its blogs. Tumblr creators will have an opportunity to share in the revenue from ads on their blogs. The company says that bloggers will have the ability to opt out of the program should they wish not to participate.

The reports were spot on. Verizon Communications on Monday announced that it plans to purchase Yahoo's Web assets for a sum of $4.83 billion in cash. The multi-billion dollars deal will get Verizon Yahoo's core internet business and some real estate. The announcement also marks a remarkable fall for the Silicon Valley web pioneer, which once had a market capitalization of more than $125 billion. For Verizon, the deal adds another piece to the mammoth digital media and advertising empire it owns. The deal is expected to close early 2017. CNBC reports: The transaction is seen boosting Verizon's AOL internet business, which the company acquired last year for $4.4 billion, by giving it access to Yahoo's advertising technology tools, as well as other assets such as search, mail, messenger and real estate. It also marks the end of Yahoo as an operating company, leaving it only as the owner of a 35.5 percent stake in Yahoo Japan, as well as its 15 percent interest in Chinese e-commerce company Alibaba. In December, Yahoo scrapped plans to spin off its Alibaba stake after investors worried about whether that transaction could have been carried out on a tax-free basis. It instead decided to explore a sale of its core assets, spurred on by activist hedge fund Starboard Value. Forbes has called it one of the "saddest $5B deals in tech history."Yahoo CEO Marissa Mayer, who was expected to leave -- or get fired -- said she intends to stay. "For me personally, I'm planning to stay," Mayer said in a note on Yahoo's Tumblr page. "I love Yahoo, and I believe in all of you. It's important to me to see Yahoo into its next chapter."

The FCC chairman on Friday pressed major U.S. phone companies to take immediate steps to develop technology that blocks unwanted automated calls available to consumers at no charge. Chairman Tom Wheeler, in letters to CEOs of Verizon Communications, AT&T, Sprint, US Cellular, Level 3 Communications, Frontier Communications, Bandwidth.com, and T-Mobile, said that so-called robocalls, automated pre-recorded telephone calls often from telemarketers or scam artists continue because the industry isn't taking any action. Wheeler demands answers with "concrete, actionable solutions to address these issues" within 30 days. A report on FastCompany adds: Wheeler also urged carriers to create a list of institutions like government agencies and banks that are commonly impersonated by scammers and filter out overseas callers impersonating them through falsified caller ID data

Verizon Communications is nearing a deal to buy Yahoo, Bloomberg reports, citing people familiar with the matter. While nothing is official yet, the publication claims that Verizon is discussing a price close to $5 billion for Yahoo's core Internet business. The report adds that Yahoo's patents are not part of the discussion, and it's unclear whether the two companies are considering Yahoo's real estate. "The companies may be ready to announce the deal in the coming days, the people said," the report adds. Interestingly, CNBC, citing its own sources, is independently reporting the same thing.

Verizon Wireless customers who have an unlimited data plan and use significantly more than 100GB a month will soon be disconnected from the network unless they agree to move to limited data packages that require payment of overage fees. Ars Technica reports: Verizon stopped offering unlimited data to new smartphone customers a few years ago, but some customers have been able to hang on to the old plans instead of switching to ones with monthly data limits. Verizon has tried to convert the holdouts by raising the price $20 a month and occasionally throttling heavy users but stopped that practice after net neutrality rules took effect. Now Verizon is implementing a formal policy for disconnecting the heaviest users.In a statement, Verizon said: "Because our network is a shared resource and we need to ensure all customers have a great mobile experience with Verizon, we are notifying a very small group of customers on unlimited plans who use an extraordinary amount of data that they must move to one of the new Verizon Plans by August 31, 2016." a Verizon spokesperson told Ars. "These users are using data amounts well in excess of our largest plan size (100GB). While the Verizon Plan at 100GB is designed to be shared across multiple users, each line receiving notification to move to the new Verizon Plan is using well in excess of that on a single device." FYI: The 100GB plan costs $450 a month.

Karl Bode, reporting for DSLReports: Several users have written in to note that Verizon has informed them the company will begin charging FiOS customers with an older router a new "Router Maintenance Charge." An e-mail being sent to many Verizon FiOS customers says that the fee of $2.80 will soon be charged every month -- unless users pay Verizon to get a more recent iteration of its FiOS gateway and router. Since Verizon FiOS often uses a MOCA coax connection and the gateway is needed for Verizon TV, many FiOS users don't have the ability to swap out gear as easily as with other ISPs. "Our records indicate that you have an older model router that is being discontinued," states the e-mail. "If you do plan to keep using your current router, we will begin billing, on 9.29.16, a monthly Router Maintenance Charge of $2.80 (plus taxes), to ensure we deliver the best support."

The Obama Administration has announced a new funding initiative to ensure the United States maintains its leadership in the mobile technology space. For this, it will spend over $400 million on large-scale test platforms led by National Science Foundation with an aim to develop and advance wireless technology to 5G and beyond. Fortune reports: To be sure, the private sector has also been getting smarter and better organized for 5G this year and the new Obama effort will be conducted in conjunction with a bevy of technology and telecommunications partners. All four major wireless carriers, AT&T, Verizon Communications, Sprint, and T-Mobile, are participating. Tech companies on board include Intel, Juniper Networks, Qualcomm, and Nokia. Notably, Apple, Google, and Microsoft are missing from the list. "These super-fast, ultra-low latency, high-capacity networks will enable breakthrough applications for consumers, smart cities, and the Internet of Things that cannot even be imagined today," the White House said in a statement. The report adds: The transition to the next generation standard for wireless networks, so-called 5G, has so far been fraught with confusion, complications, and even some contradictions. But in a few years, when 5G gear sending data at up to 100 times the speed of current networks is commonplace, people may remember July 2016 as a major turning point. The private sector has offered mixed messages about when 5G will be available for regular people and just what it will be used for. Without many standards yet agreed upon, some predicted 5G would be ready starting next year, but others said not until 2020 or later. Some wanted to use it to speed up smartphone connections, while others said it was better suited to improve home and business Internet connections or to collect data from smart devices in the "Internet of Things."

Roger Cheng, reporting for CNET: The reality of 5G, wireless connectivity that's faster than our speediest home internet service, is years away. But that isn't stopping Verizon from making its presence felt now. The nation's largest wireless carrier said Monday it has worked out the radio specifications for its 5G deployment with its vendor partners, providing a common blueprint for everyone regarding the network infrastructure, processors and devices. It's a significant step on the path to 5G. And by moving quickly now, Verizon hopes to set the agenda for how the standards look, a similar strategy it took with its 4G LTE deployment. Setting the specifications not only speeds the process for its own vendors, but may influence the international community when players around the world finally begin hammering out a global standard, expected in 2020. The Federal Communications Commission is also working to free up resources to drive 5G in the US. [...] Verizon said it will begin commercially deploying its service next year.

Roger Cheng, reporting for CNET: Big changes are afoot at Verizon. The nation's largest wireless carrier is set to unveil changes to its plans that will make them more expensive, but will also include more data, according to someone familiar with the changes. The low-end "S" plan will go up by $5 to $35 a month, but will include 2 gigabytes of data, twice as much as before. The "M" plan will go up by $5 to $50 a month, while its data will rise from 3GB to 4GB. The "L" plan will go up by $10 to $70 a month, while data increases from 6GB to 8GB. The "XL" plan will go up by $10 to $90 a month, but you'll get 16GB, up from 12GB before. Lastly, the "XXL" plan will cost $10 more at $110 a month, but you will get 24GB instead of 18GB. The changes are part of a broader overhaul of its plans, which will also include a rollover data program called "Carryover Data," a new way to avoid overage fees, and better access to Canada and Mexico. The move reflects a heightened competitive environment, one in which smaller rivals T-Mobile and Sprint have begun winning away customers through aggressive offers. Many of these changes mimic offers already available at the other carriers.

An anonymous reader quotes a report from Reuters: The U.S. Federal Communications Commission said on Wednesday the price of 126 MHz of television airwaves taken from broadcasters to be sold for wireless use in an ongoing auction is $86.4 billion. The FCC disclosed the price in a statement after completing the first part of an auction to repurpose low-frequency wireless spectrum relinquished by television broadcasters. The so-called "broadcast incentive" spectrum auction is one of the commission's most complex and ambitious to date. In this round, called a reverse auction, broadcasters competed to give up spectrum to the FCC for the lowest price. In the next stage, the forward auction, wireless and other companies will bid to buy the airwaves for the highest price. If wireless companies are unwilling to pay $86.4 billion, the FCC may have to hold another round of bidding by broadcasters and sell less spectrum than had been expected, analysts said. The Wall Street Journal points out that $86.4 billion is more than the market cap of T-Mobile and Spring combined. It's roughly double the amount raised in the last FCC auction, where ATT spent $18.2 billion and Verizon spent $10.4 billion. It's highly likely we'll see multiple rounds stretching into 2017 that will eventually match the supply with the demand.

An article on The Atlantic this week takes a stroll down the memory lane. It talks about phone services that people could call for knowing the time. The service, according to the article, was quite popular in 1980s. But many of them don't exist now. For instance, Verizon discontinued the line -- as well as its telephone weather service -- in 2011. But what's fascinating is that some of these services still exist, and are getting more traction than many of us would've imagined. From the article:"We get 3 million calls per year!" said Demetrios Matsakis, the chief scientist for time services at the Naval Observatory. "And there's an interesting sociology to it. They don't call as much on the weekend, and the absolute minimum time they call is Christmas. On big holidays, people don't care about the time. But we get a big flood of calls when we switch to Daylight [saving] time and back." As it turns out, people have been telephoning the time for generations. In the beginning, a telephone-based time service must have seemed like a natural extension of telegraph-based timekeeping -- but it would have been radical in its own way, too, because it represented a key shift to an on-demand service. In the 19th century, big railroad companies had used the telegraph to transmit the time to major railway stations. By the early 20th century, people could simply pick up the telephone and ask a human operator for the time.

An anonymous reader cites a CNET report:Net neutrality advocates demand action. Representatives from Fight the Future, the Center for Media Justice and Free Press on Friday hand-delivered a 6-foot tall package containing 100,000 letters of complaint to the Federal Communications Commission. They ask the agency to take action against AT&T, Comcast, T-Mobile and Verizon for violating the agency's Open Internet order by offering so-called zero-rating service plans. While the practice offers some benefits to customers, critics say it violates the agency's Net neutrality principles, which requires all services on the internet be treated the same. They claim it puts smaller competitors at a disadvantage and highlights the fact that data caps are unnecessary. Carriers say they are simply experimenting with new business models that will make their service more affordable for consumers.