Connect with us

ZDNET

Remote code execution vulnerability uncovered in Starbucks mobile platform

The researcher’s report revealed multiple endpoints vulnerable to the same flaw….

Published

on

A potential remote code execution (RCE) bug has been patched in one of Starbucks’ mobile domains.

The US coffee giant runs a bug bounty platform on HackerOne. A new vulnerability report submitted by Kamil “ko2sec” Onur Özkaleli, first submitted on November 5 and made public on December 9, describes an RCE issue found on mobile.starbucks.com.sg, a platform for Singaporean users.

See also: FireEye’s bug bounty program goes public

According to the advisory, ko2sec discovered an .ashx endpoint on mobile.starbucks.com.sg that was intended for handling image files. However, the endpoint did not restrict file type uploads, which means that attackers abusing the issue could potentially upload malicious files and remotely execute arbitrary code.

While the full bug bounty report has been restricted by Starbucks, it is noted that the bug bounty hunter’s analysis of the issue revealed “additional endpoints on other out of scope domains that shared this vulnerability.”

CNET: Hackers access documents related to authorized COVID-19 vaccines

A CVE has not been issued for the critical vulnerability but a severity score of 9.8 has been added to the report.

Ko2sec was awarded $5,600 for his findings.

The RCE is not the only submission the researcher has made to Starbucks. In October, Ko2sec described an account takeover exploit in the Starbucks Singapore website caused by open test environments. It was possible to target users by knowing their email address, view their personal information, and even use any credit loaded in their account wallets to make purchases.

TechRepublic: Phishing emails: More than 25% of American workers fall for them

The bug bounty hunter received $6,000 for this previous report.

To date, Starbucks has received 1068 vulnerability reports on HackerOne. The average bounty paid out for valid submissions is between $250 and $375, while critical bugs are worth $4000 – $6000. In total, the coffee chain has paid more than $640,000 to bug bounty hunters, with $20,000 cashed out in the past 90 days.

ZDNet has reached out to Starbucks and will update when we hear back.

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0

Source: https://www.zdnet.com/article/remote-code-execution-vulnerability-uncovered-in-starbucks-mobile-platform/

remote-code-execution-vulnerability-uncovered-in-starbucks-mobile-platform

ZDNET

How to build business credit

Business credit is vital for businesses that need to borrow money to grow. Building business credit is not impossible; it just takes time and dedication.

Published

on

The face of business continues to change. Even before the pandemic of 2020 hit, business market trends suggested that the growth of e-commerce would continue to be the big wave of the future. Businesses are learning to adapt to changes in the digital marketplace and stay ahead of changes by adopting the innovations of e-commerce.

As consumer spending continues to rise, businesses will have to invest to compete. This will require working capital and cash flow to purchase the software and technologies needed to survive in the digital economy.

For those businesses without large amounts of working capital or wealthy investors — like many small businesses and startups — it has brought up the idea of building business credit.

Below, ZDNet has all the information you need on how to build business credit.

What is business credit?

At some point, entrepreneurs and business owners consider borrowing money. Many have not accumulated enough capital and cash to hit the ground running right out the gate when starting a business.

Business credit allows a business owner or company to borrow money to build their business, pay for the necessary purchases, or expand their business. Of course, they must pay this money back with interest.

Some businesses do get to the point where they can maintain their working operations off of profits, but most require constant cash flow — good business credit affords this.

However, it isn’t as simple as walking into a bank and getting large amounts of cash. Businesses must first work hard to build business credit to qualify for needed loans. It takes patience and the right knowledge to build business credit the right way.

How to build business credit the right way?

Most people are familiar with building credit for personal use — applying for loans, purchasing homes or vehicles, or getting credit cards — building business credit is not much different in principle.

How to choose a business structure?

Unless you plan on being a sole proprietor, you must first establish your business as an entity separate from yourself. Not doing so leaves you open to assuming personal liability if legal issues were ever to arise.

In addition, separating yourself from your business also brings advantages at tax time. The most common business entities are limited liability companies (LLC) and corporations.

How to register your business?

Once the proper business structure is chosen, you need to register your business and apply for a federal tax ID from the IRS — known as an EIN. Without an EIN, you will be unable to open business bank accounts or apply for business lines of credit.

How to establish a business credit profile?

Once your business entity is filed and registered, you can begin the task of building your business credit. To establish a trusted financial reputation among lenders, you will need to have a working business credit file.

Every lender will check your credit profile when you apply for a loan or line of credit. The lender must establish trust with the borrower, making sure money borrowed will be repaid. This is referred to as “creditworthiness.”

One way you can begin to develop this trust is by opening a business bank account.

Begin building business credit

There are numerous business bank accounts for traditional banking and online banking. You must find one that suits your business needs.

Consider these when choosing a business bank account:

  • Is it trusted and secure? Make sure you establish a bank account with a trusted bank, one that is registered and insured by the FDIC. As time goes on, you will also want to ensure your bank is an equal opportunity lender in good standing; all reputable banks are.

  • Explore the services and management tools. Chances are you will want to apply for a business credit card; if so, what are the APR rates? What type of management tools do they offer for business accounts?

  • Check the investment rates and maintenance fees. If you’re looking to earn interest on your money, what are their APY rates? What are the required minimum balances to take advantage of those rates? Most banks have monthly maintenance fees, another factor to consider.

  • How are the help and support? New business owners will profit from a bank with professional help centers and financial advisors on-site or within reach. If you’re always on the go, does the bank have an app for mobile banking?

Get a business credit card

Another way to help establish your business credit profile and build your business credit is by getting a business credit card. Business credit cards allow business owners to pay for necessary expenses without massive amounts of cash flow while also helping to build a business credit history.

Most come with higher credit limits and bonus rewards that you won’t find with personal credit cards.

Here are a few advantages:

  • More spending for business tools: Business owners, especially startups, can use higher credit limits to invest in the necessary software and business tools they may need. Business credit cards allow you to build business credit as you boost cash flow.

  • Protection on purchases: As opposed to cash-only purchasing methods, business credit cards often come with protection on purchases — if lost, stolen, or damaged.

  • Rewards and cashback: Many credit card companies offer rewards for spending, e.g. points or miles to travel. Some offer cashback bonuses after meeting certain spending thresholds.

  • Building business credit history: Perhaps the most significant advantage for our purposes is the ability to build a business credit history. It is essential to make your credit card payments on time or early to establish a trusted credit history. This will boost your business credit profile and score with credit bureaus.

Explore other forms of business credit

In addition to business credit cards, there are other ways to establish and build business credit. These include different forms such as supplier credit, vendor credits, and service or retail credits.

  • Supplier credit: Supplier credits are a great way to establish a reputation of trust with your business. Most businesses need a steady stream of supplies and inventory to maintain operation. Supplier credit is an agreement between you and a supplier allowing you to defer payment for supplies. This helps conserve working cash flow and allows you to build credit as you make your payments.

  • Vendor credit: Like supplier credits, vendor credits allow you to purchase services (or products) from vendors with short-term financing. These payments can be made with a business credit card, allowing you additional time until profits roll in. Again, making payments before or on time is critical.

  • Service credit: Service credits are usually the simplest form of building credit outside of business credit cards. Services providers — internet, phone, TV, or other utility services — allow business owners to build credit as they make service payments.

  • Retail credit: Business owners can also establish relationships with their preferred retailers; most offer store credit cards for businesses. This is yet another avenue to build credit as payments are made.

  • Pay early (or at least on time): Again, it is important to pay these entities on time, but preferably early. It is equally important that these entities report payments to credit bureaus. This will ensure that your business credit profile gets a boost.

Keep building and monitoring your business credit

Once your business credit profile is established, and in good standing, you will have a better opportunity to branch out into other forms of lending — lines of credit and business loans.

Again, it is vitally important that these lenders report to credit bureaus so that your business credit profile and history continue to rise.

It is also essential to monitor your business credit profile to ensure your record is up to date and free of errors. Unfortunately, fraudulent activity happens, and if you are not watching your credit profile regularly, this can have a detrimental impact on your business credit.

Currently, three major companies handle business credit reporting — Equifax, Experian, and Dun & Bradstreet. Each varies slightly in their reporting, but each offers ways to monitor your business credit score and standing and allows you to update business information if the need should arise.

Building business credit is not complicated, but it does take time and dedication. Doing so will ensure that your business is equipped and prepared for whatever the future may hold.

At some point, entrepreneurs and business owners consider borrowing money. Many have not accumulated enough capital and cash to hit the ground running right out the gate when starting a business.

Source: https://www.zdnet.com/article/build-business-credit/

how-to-build-business-credit

Continue Reading

ZDNET

Apple releases emergency update for older iPhones and iPads

If you’re running iOS 12, this is an update for you.

Published

on

Apple is getting pretty committed to the idea of pushing out security updates to older iPhones and iPads. Not only will the company continue to support iOS 14 come the release of iOS 15, we are also seeing a trickle of patches for older versions of iOS.

If you have an iPhone or iPad that’s still running iOS 12 — because that was the end of the line for your device — then Apple has released an emergency update that you need to download and install as soon as possible.

Why?

Because of the three security fixes contained in this update, two “may have been actively exploited.” In other words, the bad guys might already be using the vulnerabilities to compromise smartphones and tablets.

Must read: Apple will finally give iPhone and iPad users an important choice to make

iOS 12.5,4 is available for the following devices:

  • iPhone 5s
  • iPhone 6
  • iPhone 6 Plus
  • iPad Air
  • iPad mini 2
  • iPad mini 3
  • iPod touch (6th generation)

To check what version your device is running, tap on Settings > General, then on Software Update. Here you will see what version your iPhone of iPad is running along with any updates.

Note that if you have stayed on iOS 12 but the device is compatible with later versions, then this update will not be available to you. Your path is to upgrade to the latest release of iOS 14 or iPadOS 14.

There have been several high-profile security issuers plaguing iPhone and iPads over the past few months, and while for some there’s a hesitancy to install updates, it is the first and best line of defense against attack.

And iOS 12 and later will do it for you. Tap on Settings > General > Software Update > Customize Automatic Updates and then turn on Install iOS Updates.

Because of the three security fixes contained in this update, two “may have been actively exploited.” In other words, the bad guys might already be using the vulnerabilities to compromise smartphones and tablets.

Source: https://www.zdnet.com/article/apple-releases-emergency-update-for-older-iphones-and-ipads/

apple-releases-emergency-update-for-older-iphones-and-ipads

Continue Reading

ZDNET

SSD market to reach $51.5 billion in revenue by 2025: IDC

The IDC is predicting that SSD unit shipments will increase with a CAGR of 7.8% in coming years.

Published

on

The International Data Corporation is expecting an increase in worldwide solid state drive (SSD) revenue and shipments over the next four years, according to a newly published forecast of the market.

The IDC said SSD unit shipments are expected to grow with a compound annual growth rate (CAGR) of 7.8% and revenues are slated to increase at a CAGR of 9.2% from now until 2025. The market will reach $51.5 billion in revenue by 2025, according to IDC.

IDC also predicted that SSD capacity shipments worldwide will expand further at a 2020–2025 CAGR of 33.0%.

Jeff Janukowicz, research vice president at IDC, explained that the worldwide demand for SSDs has increased because the pandemic has accelerated the need for transformation.

The steep increases are driven by growing demands for storage that expanded throughout the COVID-19 pandemic as millions increasingly worked and schooled from home, using their own devices in many instances.

Demand for PCs has skyrocketed and the IDC said higher SSD demand is also reflected in the enterprise market, where companies are making investments in both cloud and traditional IT.

“IDC believes that most of the long-term trends remain intact, enabling broader SSD adoption over the forecast period, and worldwide SSD units and capacity shipped are higher than the prior forecast thanks to increasing demand from client devices, enterprise storage customers, and cloud service providers,” Janukowicz said.

The IDC added that there have been some key developments in the SSD market globally, including:

  • The pricing of SSDs is still volatile and elevated because of the increased demand.

  • Technological advancements, like NAND flash, will emerge in the next few years and “will continue to enable more cost-effective solutions helping to further increase demand for SSDs.”

  • Client SSDs are in higher demand because of permanent moves toward remote work and remote schooling.

  • Demand for SSDs among cloud and traditional IT market segments has continued to hold strong.

  • IDC believes lower prices will help “drive demand elasticity and system optimization around flash.”

The report also predicts similar growth in the HDD industry because of how COVID-19 has affected the markets for enterprise storage systems, PCs, personal and entry-level storage devices, video surveillance systems, and consumer electronics products. Worldwide HDD industry petabyte shipments are slated to see a compound annual growth rate of 18.5% through 2025, according to IDC.

Edward Burns, research director for IDC, noted that the client HDD market has had a long-term secular decline due to rising SSD attach rates. But the COVID-19 pandemic has over the near term increased the demand for certain types of HDDs, particularly mobile HDDs as well as capacity-optimized HDDs, Burns added.

Jeff Janukowicz, research vice president at IDC, explained that the worldwide demand for SSDs has increased because the pandemic has accelerated the need for transformation.

Source: https://www.zdnet.com/article/ssd-market-to-reach-51-5-billion-in-revenue-by-2025-idc/

ssd-market-to-reach-$51.5-billion-in-revenue-by-2025:-idc

Continue Reading

Title

ZDNET2 hours ago

How to build business credit

Business credit is vital for businesses that need to borrow money to grow. Building business credit is not impossible; it...

Blockchain news5 hours ago

Global Financial Indexes Provider MSCI Plans to Launch Crypto Indexes

Global securities index publisher MSCI is considering launching cryptocurrency indexes. Yet, Henry Fernandez, CEO of the MSCI did not disclose...

Business insider16 hours ago

Artificial Organs Market | $ 10.90 billion growth expected during5 | Technavio

NEW YORK, June 18, 2021 /PRNewswire/ -- The artificial organs market is expected to grow by USD 10.90 billion during...

Crunchbase19 hours ago

Curate Brings In $1.25M Seed For Small Business Sales, Operations Platform

The company's platform provides back office functions so that small businesses can focus on building clientele and maximizing profits.

Entrepreneur21 hours ago

3 Simple Things You Can Do to Build a Healthy, Thriving Email List

Your list is only as good as the number of real people on it.

Techcrunch24 hours ago

Tiger Global in talks to back BharatPe at $2.5 billion valuation – TechCrunch

Indian fintech startup BharatPe is in advanced stages of talks to raise about $250 million in a new financing round...

Reuters1 day ago

Largest Boeing 737 MAX model set for maiden flight -source

Boeing Co (BA.N) was readying the largest member of its 737 MAX family for its maiden flight on Friday, a...

Entrepreneur2 days ago

Free Webinar | June 22: How to Grow & Thrive in an Evolving Business Landscape

SurveyMonkey CEO, Zander Lurie, shares how he's embraced change over his 20-plus year career.

CNBC2 days ago

The Fed moves up its timeline for rate hikes as inflation rises

However, the central bank gave no indication as to when it will begin cutting back on its aggressive bond-buying program.

CNBC2 days ago

Oracle guidance misses expectations, stock drops

Oracle reported better-than-expected results and showed accelerating growth compared with the immediate impact of the coronavirus last year.

Review

    Select language

    Trending