New products of the weekImage by ArrayOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.FastCollect for Archives Commvault EditionImage by archive360To read this article in full or to leave a comment, please click here
Friday’s unprecedented ransomware attack may have stopped spreading to new machines -- at least briefly -- thanks to a "kill switch" that a security researcher has activated.The ransomware, called Wana Decryptor or WannaCry, has been found infecting machines across the globe. It works by exploiting a Windows vulnerability that the U.S. National Security Agency may have used for spying.The malware encrypts data on a PC and shows users a note demanding $300 in bitcoin to have their data decrypted. Images of the ransom note have been circulating on Twitter. Security experts have detected tens of thousands of attacks, apparently spreading over LANs and the internet like a computer worm.To read this article in full or to leave a comment, please click here
Microsoft is winding down its annual Build developers conference in Seattle, and a lot of news has come from the show. Some of it was expected; some of it was a surprise. And there were a few from out of left field. We speculated on what might make news and what would not, so let’s revisit the list and see how the predictions went.Operating systems
As expected, Redstone 3 was discussed. It’s formally known as the Windows 10 Fall Creators Update, a pretty blah name, and will be released in September. Microsoft gave a pretty deep dive on what to expect primarily with Project NEON, now known as the Microsoft Fluent Design System. To read this article in full or to leave a comment, please click here
In the next year or two, Hewlett Packard Enterprise will add support for Intel Optane memory and storage to its latest Unix servers.Optane is a new form of storage and memory that could replace today's SSDs and DRAM. It is significantly faster and denser than both.One new system that can be configured with Optane is HPE's new Integrity i6 server, which was released this week. Integrity i6 is based on Intel's Itanium 9700 processors, code-named Kittson, and runs the HP-UX OS. The server can also be linked to HP's all-flash 3Par storage arrays, which are due to get Optane support later.Optane has stringent hardware and OS requirements. The first Optane products were low-capacity storage drives for PC caching and worked only with Intel's Kaby Lake chips and Windows 10.To read this article in full or to leave a comment, please click here
Consumers with HP laptops that have been accidentally recording their keystrokes can easily address the problem with a patch from the PC maker.More than two dozen HP laptop models, including the EliteBook, ProBook and ZBook, have an bug in the audio driver that will act as a keylogger, a Swiss security firm said Thursday. A list of affected products can be found here. Fortunately, HP began rolling out fixes through its support page, and in a Windows update, starting on Thursday, HP Vice President Mike Nash said.To read this article in full or to leave a comment, please click here
A gamble on a relatively unknown technology four years ago is paying off for a logistics company, which is using the software to shave millions of dollars off its bandwidth connectivity costs. Today freight forwarding company JAS Global is leveraging a software-defined wide area network (SD-WAN) to run cloud applications, according to JAS CIO Mark Baker. Eventually, Baker hopes to use the SD-WAN as the backbone of a predictive analytics strategy to grow the business.SD-WANs allow companies to set up and manage networking functionality, including VPNs, WAN optimization, VoIP and firewalls, using software to program traffic routing typically conducted by routers and switches. Just as virtualization software disrupted the server market, SD-WANs are shaking the networking equipment market.To read this article in full or to leave a comment, please click here
A Microsoft manager this week offered IT administrators a way to replicate -- in a fashion -- the security bulletins the company discarded last month."If you want a report summarizing today's #MSRC security bulletins, here's a script that uses the MSRC Portal API," John Lambert, general manager of the Microsoft Threat Intelligence Center, said in a Tuesday message on Twitter.Lambert's tweet linked to code depository GitHub, where he posted a PowerShell script that polled data using a new API (application programming interface). Microsoft made the API available in November when it first announced that it planned to axe the security bulletins it had issued since at least 1998.To read this article in full or to leave a comment, please click here
In response to recent attacks where hackers abused Google's OAuth services to gain access to Gmail accounts, the company will review new web applications that request Google users' data.To better enforce its policy regarding access to user data through its APIs (application programming interfaces), which states that apps should not mislead users when presenting themselves and their intentions, Google is making changes to the third-party app publishing process, its risk assessment systems and the consent page it displays to users.Google is an identity provider, which means other web apps can use Google as the authentication mechanism for users accessing the app. Apps use the OAuth protocol to do this. These apps can also use Google's APIs to send users requests for information stored in Google's services.To read this article in full or to leave a comment, please click here
Over the past few months, we've seen an endless number of conflicting rumors regarding the iPhone 8's release date. Whereas some reports claimed that Apple's next-gen iPhone would hit store shelves in September, more ominous reports have relayed that the device may be subject to a multi-week delay. In fact, the most pessimistic projection has Apple releasing the iPhone 8 as late as November. According to scattered reports, the rumored iPhone 8 delay was rooted in manufacturing challenges and a shortage of advanced components such as the device's 3D camera sensors.Now to be fair, iPhone rumors are never in short supply, so part of the challenge is knowing which rumors are worth paying attention to. That said, one of the most reliable iPhone leakers in recent years delivered some welcome news for folks who can't wait to get their hands on Apple's next-gen iPhone. According to Steve Hemmerstoffe, who you might know better by his Twitter handle "OnLeaks", mass production on the iPhone 8 is slated to begin in August ahead of a September launch. Again, iPhone release date rumors are a dime a dozen, but Hemmerstoffe has a very strong track record with respect to Apple rumors, so Continue reading
A ransomware attack appears to be spreading around the world, leveraging a hacking tool that may have come from the U.S. National Security Agency.The ransomware, called Wanna Decryptor, struck hospitals at the U.K.’s National Health Service on Friday, taking down some of their network.Spain’s computer response team CCN-CERT has also warned of a "massive attack" from the ransomware strain, amid reports that local telecommunications firm Telefonica was hit.To read this article in full or to leave a comment, please click here
Hospitals across England have fallen victim to what appears to be a coordinated ransomware attack that has affected facilities diverting patients to hospitals not hit by the malware.The attackers are asking for $300 in Bitcoin to decrypt affected machines, payable within 24 hours or the ransom doubles. If the victims don’t pay within seven days, they lose the option to have the files decrypted, according to U.K. press reports.While multiple healthcare facilities have been hit, the country’s health service says other types of groups have also fallen victim.According to The Register, a spokesperson for the country’s National Health Service’s digital division said: "The investigation is at an early stage but we believe the malware variant is Wanna Decryptor.” The spokesperson said the attack was not specifically targeted at the NHS, but affects organizations across a range of sectors, but didn’t specify which.To read this article in full or to leave a comment, please click here
Tech star personalities Stephen Hawkings, Elon Musk and Bill Gates warned the public about artificial intelligence (AI). The tech-oriented public and AI experts disagree, though, according to a recent research paper, “Tweeting AI: Perceptions of AI-Tweeters (AIT) vs Expert AI-Tweeters (EAIT),” (pdf) published by researchers at the School of Computing, Informatics and Decision Systems Engineering at the University of Arizona. One of the insights from this work, extracted from the tweets analyzed:To read this article in full or to leave a comment, please click here
HERO Session packs the power of GoPro into a convenient, grab-and-go, everyday camera. Perfect for the first-time GoPro user, or as a second camera, HERO Session is simple and easy to use. A single button powers on the camera and starts recording automatically, then when you stop recording, the camera automatically powers itself off. With 1080p60 video and 8MP photo capture, HERO Session delivers the stunning image quality that has made GoPro famous, and its rugged, waterproof design eliminates the need for a separate housing. HERO Session is compatible with over 30 GoPro mounts and accessories. GoPro's HERO Session has been discounted 25% off its typical list price of $199.99, so you can buy it now on Amazon for just $149. See the discounted GoPro HERO Session on Amazon.To read this article in full or to leave a comment, please click here
Attackers behind the highly successful Locky and Bart ransomware campaigns have returned with a new creation: A malicious file-encrypting program called Jaff that asks victims for payments of around $3,700.Like Locky and Bart, Jaff is distributed via malicious spam emails sent by the Necurs botnet, according to researchers from Malwarebytes. Necurs first appeared in 2012 and is one of the largest and longest-running botnets around today.According to an April analysis by researchers from IBM Security, Necurs is made up of about 6 million infected computers and is capable of sending batches of millions of emails at a time. It is also indirectly responsible for a large percentage of the world's cybercrime because it's the main distribution channel for some of the worst banking Trojan and ransomware programs.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. It’s a great time to be in the SD-WAN business. IDC estimates that worldwide SD-WAN revenues will exceed $6 billion in 2020, with a compound annual growth rate of more than 90% over the 2015-to-2020 forecast period. According to IHS, as of the end of 2016, 13% of North American enterprises already have the technology in production and 62% are in lab trials. By 2018, 82% are expected to be using SD-WAN.Those are some pretty remarkable adoption rates for a technology that is still in its early days.To read this article in full or to leave a comment, please click here
First of all, that used phone you’re thinking about buying – the one on Craigslist going for a ridiculously low price – is almost certainly stolen. You know that. We all know it.Yet if you’re intent on buying a used phone – and don’t want to buy a hot one – the wireless industry has just given you a new tool that will allow you to be reasonably confident that the phone hasn’t been reported stolen lost.From a CTIA press release:
CTIA, the U.S. wireless industry association, today announced the launch of a new tool www.stolenphonechecker.org to provide consumers with free one stop access to determine if a used or refurbished smartphone has been reported as stolen or lost.To read this article in full or to leave a comment, please click here
Since I reviewed Tableau, Qlik Sense, and Microsoft Power BI in 2015, Tableau and Microsoft have solidified their leadership in the business intelligence (BI) market: Tableau with intuitive interactive exploration, Microsoft with low price and Office integration. Qlik is still a leader compared to the other 20 vendors in the sector, but trails both Tableau and Power BI.To read this article in full or to leave a comment, please click here(Insider Story)
New research finds that 25% of all physical servers -- and 30% of all virtual servers -- are comatose. These are systems that have no activity in the last six months.The problem with comatose, or zombie, physical servers is well known. Past studies have routinely put the number of undead enterprise physical servers in the 20% to 30% range. But this latest research looked at virtual servers as well, and they may represent a significant cost to IT departments.[ Further reading: The march toward exascale computers ]
That's because users may be paying licensing fees on their virtual servers, as well as on the software they support, said the researchers.To read this article in full or to leave a comment, please click here
Citrix’s CSO Stan Black has been in the cybersecurity field for 20 years. He has seen generations of employees come and go at the software and data security company. There are three generations working side by side at Citrix – and a fourth on the way. Citrix has 9,500 employees with 51 percent being Millennials. With each generation comes a new security challenge that employers need to be overcome so that eventually enterprise security is second nature by the time future generations are in the workforce. CSO Managing Editor Ryan Francis recently asked Black how these challenges can be lessened in future generations. What is the biggest security issue you see of new employees?To read this article in full or to leave a comment, please click here
Over two dozen HP laptop models have been secretly recording users’ keystrokes, possibly by mistake, according to a Swiss security firm.The keylogger is found within the PCs' audio driver software and has existed since at least Dec. 2015, the security firm Modzero said in a Thursday blog post. The audio driver was designed to identify when a special key on the PC was used. But in reality, the software will capture all the keystrokes and write them in an unencrypted file located on the laptop.In other cases, the keystrokes will be passed to a Microsoft Windows debugging interface on the PC, and expose them to possible capture, Modzero said. To read this article in full or to leave a comment, please click here