Distributed denial of service (DDoS) attacks continued to rise in Q4 and are increasingly repeating strikes on the same targets, Akamai said Monday in a report. The number of DDoS attacks rose by 40 percent in Q4 from Q3. The average number of repeat attacks continued to increase in Q4 to 24 per target. One surveyed customer was hit with 188 repeat DDoS attacks during the quarter, Akamai said. More than 54 percent of DDoS attacks were aimed at targets in the gaming industry, while 23 percent were aimed at tech firms, Akamai said. Less than 7 percent of Q4 attacks were aimed at financial services, and less than 5 percent were aimed at entertainment companies. China was the top country where DDoS attacks originated in Q4, with 28 percent of all such attacks being sourced there, Akamai said. Twenty-two percent of attacks originated in Turkey, and 15 percent came from within the U.S.

The European Commission approved the proposed combination of Dell and information technology and cloud services provider EMC, Dell said in a news release Monday. A week ago, the FTC cleared the companies' merger. The deal is still subject to approval by EMC's shareholders and regulatory bodies in "certain other jurisdictions," said Dell.

Microsoft is “thrilled with the success of Windows 10, which is off to the hottest start in Windows history and already running on more than 200 million devices,” a spokesperson emailed us Thursday in response to HP Inc.’s statement that it hasn’t “yet seen the anticipated Windows 10 stimulation of demand that we would have hoped for” (see 1602250024). For Windows 10, Microsoft continues “to see huge opportunity in the consumer and enterprise PC markets, with 300 million PC sales expected in 2016, and strong growth in the 2-in-1 market,” the spokesperson said. “We are pleased with our progress toward making Windows 10 available on one billion devices and we’re thrilled by the new Windows 10 devices we’re seeing, including a new set of devices announced at Mobile World Congress.”

The FBI shouldn't require any technology company to create codes that undermine security and introduce additional vulnerabilities, Mozilla Chief Legal and Business Officer Denelle Dixon-Thayer wrote in a blog post Thursday. She said that government surveillance can cause "massive harm" to user security and the Apple case is the latest example. Instead, she proposed that governments adopt basic principles to guide the scope of their surveillance activities. Governments should strengthen user security and minimize the impact of surveillance on user trust and security, and such surveillance activities should have "empowered, independent and transparent oversight," Dixon-Thayer wrote. She asked users to share the principles and encourage policymakers and governments to protect users from what she sees as surveillance harms.

Private sector chief information officers from the U.S., U.K., France and Germany overwhelmingly said they're wasting millions of dollars on failing cybersecurity tools because they "blindly trust" vulnerable cryptographic keys and digital certificates, a survey from cybersecurity company Venafi found. The survey released Wednesday said that 90 percent of 500 CIO respondents said they have been attacked or expect to be by "bad guys" using encrypted traffic to hide their actions, while 87 percent said security controls are inadequate or ineffective because they don't inspect malicious activity or data exfiltration inside encrypted traffic. Eighty-five percent of CIOs expect criminal misuse of keys and certificates to get worse. Venafi said that organizations don't understand just how important keys and certificates are to cybersecurity. Technology researcher Vanson Bourne conducted the survey of CIOs from the financial services, manufacturing, retail, distribution, transport and other commercial sectors in January.

TP-Link bowed Wi-Fi range extenders for the home that are said to provide up to 10,000 square feet of coverage. The RE590T AC1900 ($149) range extender offers speeds up to 1900 Mbps for online gaming and 4K Ultra HD video streaming, the company said Wednesday. The extender includes 4 gigabit ethernet ports for hardwired connections and its touch screen lets users access network management features including guest login information. The AC1900 TP-Link’s Kasa app works with the RE350K AC1200 ($99) wall plug extender, finding the optimal location for the device and letting users know if the extenders are too close or far from the router, the company said.

AsusTeK Computer agreed to settle FTC allegations that it put hundreds of thousands of consumers' home networks at risk due to critical security flaws in the Taiwan-based company's routers, and exposed thousands of people's sensitive personal information on the Internet due to insecure cloud services, the commission said in a news release Tuesday. The commission, which voted 4-0 to approve an administrative complaint and proposed consent order, said that Asus must establish and maintain a comprehensive security program over the next 20 years and be subject to independent audits during that time. The company will have to notify consumers about software updates and give them an option to register for direct security notices through email, text message or a push notification, FTC said. The commission will publish the agreement soon in the Federal Register, and the pact will be open for public comment through March 24. The FTC alleged Asus "didn't take reasonable steps to secure the software on its routers," even though the company claimed the devices contained many security features to protect computers from hacking and malware. For instance, the commission said a malware researcher in April discovered a large-scale exploit campaign by hackers who specifically targeted numerous Asus router models, enabling them to hijack consumers' Web traffic. The commission also alleged that Asus advertised secure services on its routers called AiCloud and AiDisk that allowed consumers to plug a USB hard drive into the router to create their own cloud storage, but those services had "serious security flaws." The FTC said hackers could exploit the AiCloud service to get access to people's connected storage device and that AiDisk didn't encrypt consumers' files in transit. In February 2014, hackers exploited these flaws to get access to more than 12,900 consumers' connected storage devices, the commission said. Asus didn't immediately comment.

The FTC approved a final consent order requiring California-based Carrot Neurotechnology and its co-owners to stop making false claims that their app can help improve people's eyesight, the commission said in a news release Tuesday. The commission, which voted 4-0 to OK the final order following a public comment period, issued an administrative complaint and proposed order in September. At the time, the company agreed to settle with the FTC. The commission said the company's ads for the Ultimeyes app falsely claimed that users' vision would improve. The order requires the company and owners Adam Goldberg and Aaron Seitz to provide "competent and reliable scientific evidence" before making such claims, the FTC said. The order also bars the company from misrepresenting any test, study or research. The defendants will pay $150,000 to the FTC. Seitz, a University of California, Riverside professor who conducts perceptual learning research, described the consent order as "chilling," saying it could have a negative impact on his reputation, scientific research, the "brain game" industry and on people who could benefit from such technology. Neither he nor Goldberg, the co-owner, financially gained from his 3-year-old company, Seitz said in an interview. And money they did receive went toward development of the app or to lawyers, he said. Additionally, Seitz said the FTC ignored the scientific research that was provided to it and also ignored the public comments, which he said strongly supported his research. He also said that the FTC is holding him to a higher standard in the consent agreement than it even held brain training company Lumosity, which agreed to settle allegations of deceptive advertising in January (see 1601050026). “We’re going to do what we can to move forward in a manner that has been crippled by the FTC,” he said.

NTIA will hold a "Digital Northwest" regional broadband summit March 21 aimed at helping communities improve their broadband capacity and utilization, said a notice to be published in Wednesday's Federal Register. "The summit will present best practices and lessons learned from broadband network infrastructure build-outs and digital inclusion programs from the State of Washington and surrounding states, including projects funded by NTIA’s Broadband Technology Opportunities Program and State Broadband Initiative grant programs funded by the American Recovery and Reinvestment Act of 2009. The summit will also explore effective business and partnership models and will include access to regional policymakers, federal funders and industry providers." NTIA said the meeting, which will be held at the Bell Harbor Conference Center in Seattle from 9 a.m. to 5 p.m. PDT, is being organized under its Broadband USA program and in conjunction with Next Century Cities.

Google will be assisting Spotify in developing a cloud platform infrastructure for the company, the streaming music service said in a news release Tuesday. Spotify, which previously operated its own data centers, is transitioning to the cloud in what it called a "no-brainer" decision. Spotify's experience with Google's data platform and tools is what "tipped the scales" to cause the streaming service to choose Google to help develop a cloud platform -- a process that could take "some time," it said. "We have a large and complex backend, so this is a large and complex project that will take us some time to complete," Spotify said.