Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

IBM: Customer Stiffed Us For $1.7 Million

Big Blue lawsuit claims Wall Street firm BGC improperly obtained multiple copies of its Informix database software.

IBM claims a New York-based brokerage downloaded more than $1.7 million worth of its Informix database software without paying for it.

In a lawsuit filed last week, IBM says the software was downloaded over the course of several years by BGC Partners' Euro Brokers unit, which BGC acquired in 2005. BGC itself was spun off from Cantor Fitzgerald in 2004.

Euro Brokers was a legitimate IBM Informix customer, but Big Blue claims the company obtained and copied more software than was authorized by its purchase agreement. The extra downloads were discovered during an audit conducted by KPMG, IBM says in papers filed in U.S. District Court for Southern New York.

"In September 2008, IBM sent BGC an invoice for $1,730,665.24 to account for certain unpaid license fees that BGC owed IBM for running the extra Informix copies. The invoice did not include all of the unpaid maintenance fees that BGC owes IBM for running the extra Informix copies," IBM states.

"BGC did not pay the September 2008 invoice," IBM says.

IBM said it offered BGC a new license in December, 2008, that would cover the additional software, but BGC rejected the plan. IBM terminated BGC's International Program License Agreement later that month.

BGC "has not destroyed its copies of Informix Software as required by the IPLA," IBM asserts. "In fact, BGC downloaded copies of additional Informix Software from IBM after December 31, 2008. That Informix Software is of significant value to IBM," the company says.

IBM is suing BGC for breach of contract and copyright infringement. It's asking the court to award it unspecified damages and issue an injunction that would impound all copies of Informix software that it believes were improperly downloaded by BGC.

Representatives from BGC and IBM contacted by InformationWeek.com declined to comment on the case.

Our "A New IT Manifesto" report looks at a variety of new approaches and technologies that let IT rebels take on a whole new role, enhancing their companies' competitiveness and engaging their entire organizations more intimately with customers. Download the report here (registration required).

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/6/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15505
PUBLISHED: 2020-07-07
MobileIron Core and Connector before 10.3.0.4, 10.4.x before 10.4.0.4, 10.5.x before 10.5.1.1, 10.5.2.x before 10.5.2.1, and 10.6.x before 10.6.0.1, and Sentry before 9.7.3 and 9.8.x before 9.8.1, allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2020-15506
PUBLISHED: 2020-07-07
MobileIron Core and Connector before 10.3.0.4, 10.4.x before 10.4.0.4, 10.5.x before 10.5.1.1, 10.5.2.x before 10.5.2.1, and 10.6.x before 10.6.0.1 allow remote attackers to bypass authentication mechanisms via unspecified vectors.
CVE-2020-15507
PUBLISHED: 2020-07-07
MobileIron Core and Connector before 10.3.0.4, 10.4.x before 10.4.0.4, 10.5.x before 10.5.1.1, 10.5.2.x before 10.5.2.1, and 10.6.x before 10.6.0.1 allow remote attackers to read files on the system via unspecified vectors.
CVE-2020-15096
PUBLISHED: 2020-07-07
In Electron before versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21, there is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. Apps using "contextIsolation" are affecte...
CVE-2020-4075
PUBLISHED: 2020-07-07
In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, arbitrary local file read is possible by defining unsafe window options on a child window opened via window.open. As a workaround, ensure you are calling `event.preventDefault()` on all new-window events where the `url` or `options` is not ...