Archive

Category Archives for "Network World SDN"

IDG Contributor Network: DigitalOcean moves into partners’ turf with monitoring

I’m a fan of DigitalOcean. In a space (public cloud infrastructure) dominated by far bigger and deeper-pocket vendors such as Amazon, Microsoft and Google, this plucky vendor has grown rapidly, continued to delight its customers, and retained a very focused view on what it is and, more important, what it isn’t.While other platforms grow increasingly complex as they try to be all things to all people, DigitalOcean focuses 100 percent on being a developer-friendly cloud platform. It’s offerings are known for their simplicity and ease of consumption.But that simplicity creates something of a difficulty—most every platform, even those focused on the small end of town, eventually needs to move up the food chain. As it does so, its customers start to demand more functionality. In delivering what these customers want, the platform invariably gets more complex, and what was once simple and elegant becomes big and unwieldy. While not a criticism per se, anyone who has taken a long look at (for example) Amazon Web Services’ list of available compute instance types will know what I mean.To read this article in full or to leave a comment, please click here

Kaspersky Lab reveals ‘direct link’ between banking heist hackers and North Korea

Kaspersky Lab found a “direct link” between the Lazarus group banking heist hackers and North Korea.While Lazarus is a notorious cyber-espionage and sabotage group, a subgroup of Lazarus, called Bluenoroff by Kaspersky researchers, focuses only on financial attacks with the goal of “invisible theft without leaving a trace.”The group has four main types of targets: financial institutions, casinos, companies involved in the development of financial trade software and crypto-currency businesses.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Knowing when a trusted insider becomes a threat

Most organizations are pretty good at vetting job applicants up front. They interview candidates, contact references, and in many cases conduct at least rudimentary background checks to bring out any issues of concern before making a hiring decision.Government security agencies go several steps further; just ask anyone who's filled out an SF-86 and then waited while investigators delved into youthful indiscretions, overseas trips and contacts with foreigners.But it's also true that most government and private-sector organizations operate on the principle of "Once you're in, you're in." Few of them have anything remotely resembling a continuous monitoring program for current managers and staff, let alone for contractors and vendors. And yet virtually every day brings fresh news of a data breach, intellectual property theft, or other adverse event either instigated or abetted by a supposedly trusted insider.To read this article in full or to leave a comment, please click here

DigitalOcean adds free monitoring to its cloud virtual machines

DigitalOcean’s cloud platform became more useful to developers running production applications on Tuesday with the addition of monitoring capabilities for its virtual machines.Customers will be able to set alerts on the performance of their VMs, so that they’re notified via email or Slack when certain conditions are met. For example, users could set an alert to trigger if a machine is using more than 85 percent of its CPU capacity for five minutes.In addition, the monitoring service will let developers view logs of the performance of their VMs over time. The capabilities aren’t as advanced as some third-party offerings, but DigitalOcean is offering them to customers free of charge.To read this article in full or to leave a comment, please click here

Why enterprises are upgrading to Windows 10 faster than expected

In 2015, Gartner predicted that 50 percent of enterprises would start their Windows 10 deployments by January 2017. A Spiceworks survey of IT pros agreed: 40 of respondents said they would start migrating to Windows 10 by the middle of 2016, and 73 percent said their organizations would roll out Windows 10 by July 2017. A follow-up survey found that prediction was fairly accurate: 38 percent of organizations had already adopted Windows 10 by July 2016, most of them larger businesses.And in October 2016, CCS Insight’s decision maker survey showed “strong anticipated adoption of Windows 10 this year and beyond,” vice president for enterprise research Nick McQuire tells CIO. Forty-seven percent of organizations surveyed planned to upgrade to Windows 10 by the end of 2017, with 86 percent saying they’d migrate within three to four years. He estimates there are already some 24 million Windows 10 enterprise machines in production.To read this article in full or to leave a comment, please click here

Meleap delivers augmented reality to the iPhone before Apple

Today, augmented reality (AR) could be translated to mean “prototype.” Waiting for improved software and lighter, lower-cost and faster headsets, developers build prototype applications. One example is Japanese company Meleap, which used used clever engineering to deliver light, fast and low-cost AR today—on an iPhone no less.Hado, an active game that was demonstrated at Virtual Reality Silicon Valley Expo, solves a lot of AR problems still on the horizon. Designed for a class of applications using tried and true technologies, meleap’s engineering is simple—beautifully simple.To read this article in full or to leave a comment, please click here

Amazon Unveils Deep Discounts On Select Unlocked Phones, Tues and Wed Only – Deal Alert

If you're in the market for an unlocked phone, you'll save serious cash by buying one of these on Amazon, but the special event runs April 4 and 5 (Tuesday and Wednesday) only. These phones will work on any carrier. Browse the full list of unlocked phone deals on this special Amazon page, active April 4-5 only. To read this article in full or to leave a comment, please click here

Web inventor Berners-Lee adds Turing Award to prize collection

Sir Tim Berners Lee, deservingly among the most decorated of technology professionals for his invention of the world wide web, has now been honored with the 50th edition of the ACM A.M. Turing Award (a.k.a., the Nobel Prize of Computing).The MIT and University of Oxford professor is being recognized with the $1M Association for Computing Machinery (ACM) prize, funded by Google, for inventing the web, coming up with the first browser and working on the protocols and algorithms that have allowed the web to scale.MORE: Whirlwind tour of computing and telecom's top honors, awards & prizesTo read this article in full or to leave a comment, please click here

Trump ‘actively’ considering new H-1B spouse work rule

President Donald Trump's administration has decided to "actively reconsider" an Obama-era rule allowing certain H-1B spouses to hold jobs, according to court documents filed Monday. It is asking the court to give it until September to consider changing the H-4 work authorization rule.This is becoming a high-stakes case for approximately 180,000 spouses of H-1B visa holders who gained the right to work in 2014. These are spouses of H-1B visa holders who are seeking a green card.+ RELATED: Trump reviews right of H-1B spouses to work +To read this article in full or to leave a comment, please click here

Justice Dept. says replacing U.S. workers may bring lawsuit

Critics of the H-1B program have little to celebrate, so far, from President Donald Trump. He promised reforms of the visa program during the campaign, but nothing has happened of consequence -- at least until Monday.The U.S. Department of Justice (DOJ) issued a warning to H-1B employers not to use the visa program to discriminate against U.S. workers. And it promised to investigate and prosecute employers who do so.[ Further reading: 4 high-growth tech fields with top pay ] By itself, the Justice Department notice may be a poor consolation prize to critics who wanted more. But if the DOJ files a lawsuit alleging discrimination against U.S. workers "because of their citizenship or national origin in hiring, firing and recruiting" it may be breaking ground.To read this article in full or to leave a comment, please click here

How to rescue your PC from ransomware

With  nasty malware like Locky making the rounds—encrypting its victims’ files, and then refusing to unlock them unless you pay up—ransomware is a serious headache. But not all ransomware is so difficult.You can remove many ransomware viruses without losing your files, but with some variants that isn’t the case. In the past I’ve discussed general steps for removing malware and viruses, but you need to apply some specific tips and tricks for ransomware. The process varies and depends on the type of invader. Some procedures involve a simple virus scan, while others require offline scans and advanced recovery of your files. I categorize ransomware into three varieties: scareware, lock-screen viruses, and the really nasty stuff.To read this article in full or to leave a comment, please click here

Here’s where to buy the Bitcoins to pay a ransom

Ransomware grew into a $1 billion industry last year, and ransom payments now account for nearly 10 percent of the entire Bitcoin economy.Avoiding becoming part of that statistic requires good endpoint security and effective backups. But what if your defenses fail, your backups are inadequate, all attempts to restore the data fail, and you have to pay the ransom after all -- what do you do?First of all, get the ball rolling on improving your security. Second, if the ransomware includes a recommendation for where to buy the Bitcoins, take it with a grain of salt. These guys are, after all, criminals. They might steer you wrong.Instead, go to a reputable exchange.To read this article in full or to leave a comment, please click here

Old attack code is new weapon for Russian hackers

Attackers prefer to reuse code and tools for as long as they keep working. In that tradition, researchers have found evidence suggesting a cyberespionage group is still successfully using tools and infrastructure that was first deployed in attacks 20 years ago.The Moonlight Maze refers to the wave of attacks that targeted U.S. military and government networks, universities, and research institutions back in the mid-to-late 1990s. While the Moonlight Maze disappeared from the radar after the FBI and Department of Defense investigation became public in 1999, there were whispers within the security community that the cyberespionage group never entirely went away. Turla, a Russian-speaking attack group that's also known as Venomous Bear, Uroburos, and Snake, was floated as a possibility, but until recently, all links were guesswork and speculation.To read this article in full or to leave a comment, please click here

After political Twitter bot revelation, are companies at risk?

With reports of Russia using social media and bots to push fake news to influence the 2016 U.S. presidential election, questions are arising over how these same tactics could be used against an enterprise."Twitter bots could absolutely be used against a company," said Dan Olds, an analyst with OrionX. "Someone using bots could manufacture a fake groundswell of opinion against a company or a product."The subject of Twitter bots has made headlines since federal investigations into Russia's interference with the presidential election unearthed evidence that the Kremlin used chatbots, particularly on Twitter, to seed fake news stories in order to confuse discussions and taint certain candidates, especially Democratic candidate Hillary Clinton.To read this article in full or to leave a comment, please click here

What makes a good application pen test? Metrics

When it comes to creating secure applications, nothing beats focusing on the basics: secure coding in development and then testing the application for security defects. Part of the testing regime should always include an in-depth application pen test. But how do organizations know they are getting the full benefit from such assessments?What goes (or should go) into developing application security is well known. Developers should have their code vetted in their development environment. Their code should go through a series of quality and security tests in the development pipeline. Applications should be vetted again right after deployment. And, after all of that, it’s very likely that more vulnerabilities exist in the application that have yet to be uncovered.To read this article in full or to leave a comment, please click here

5 ways data classification can prevent an insurance data breach

Insuring that your data is safeImage by Yohan CreemersInsurance firms collect and process large amounts of policyholder data including personally identifiable information (PII) and protected health information (PHI), as well as sensitive employee and company information that must be protected. Confidential data is the core of the business, and companies that collect and analyze it more effectively have a competitive advantage. And with the cost of file sharing and synchronization technology decreasing, actuaries are able to analyze and share data in real time. However, this also increases the number of unnecessary copies of sensitive business and consumer data.To read this article in full or to leave a comment, please click here

How IT can foster innovation from within

Entrepreneurship is typically associated with startup companies, and the eager, driven and innovative minds that start them. But there's another type of entrepreneurship, and it lives inside established organizations.Intrapreneurs are already employed in your organization -- they're workers with progressive ideas that will benefit the company. The only problem is, these intrapreneurs often struggle to find the right channels to see their ideas realized."These are the employees who want to get their hands dirty and are often the first people to volunteer for a job. Intrapreneurs are not content with the status quo. They often see how things could be part of a bigger picture and come up with ideas to realize this new vision," says Tim Beerman, CTO at Ensono, a company that offers mainframe and hybrid IT solutions.To read this article in full or to leave a comment, please click here

Do you really need a CEO?

When Shawn Moore co-founded website design and content management software company Solodev in 2007, he knew he didn't want to take on the role of chief executive, and neither did his co-founder. So, the two followed conventional wisdom and hired on a CEO. But it soon become clear that they'd made the wrong decision -- because they didn't know what to do with him."Typically the founder becomes the CEO, and that's fine for some people, but in my case, I'm a software developer and a product guy. I like to get my hands dirty and work on actual products and drive them into the market. But when we were meeting with VCs and investors, they were all saying, 'You have to get a CEO,' but once we did, he quickly just became the chief sales guy. We weren't at the point yet where going public and needing the CEO to communicate between the board and shareholders was necessary, and we had a sales guy already, so for us as an early-stage, bootstrap company, it didn't make sense," Moore, now Solodev's CTO, says.To read this article in full or to leave a comment, please click here

McAfee on its own as independent security vendor

Effective today, McAfee has officially spun out from Intel, dumping the name Intel Security and operating under new majority ownership that has deep pockets to help the company aggressively acquire technology via mergers and acquisitions to supplement home-grown innovations.Investment firm TPG is making a $1.1 billion equity investment in McAfee in return for 51% ownership, giving it the cash it needs to buy companies for their technology so it can be incorporated faster into McAfee platforms than if developed via R&D.That’s a different strategy than is used by Intel in its chip business. “Identifying what it takes to run a semiconductor company is quite different from running a cybersecurity company in a rapidly changing threat landscape,” says Intel Security’s CTO Steve Grobman.To read this article in full or to leave a comment, please click here

IDG Contributor Network: 5 biggest cybersecurity questions answered

Some things never change. Computer security, however, is not one of them. New threats, patches and problems emerge each and every week.Many of the key questions and knowledge gaps remain remarkably consistent, and the patterns become clear when you tap into a platform with tens of thousands of those questions.That’s what Experts Exchange does. The sum of this computer security community is a reflection on the top computer security anxieties in the world right now.So, join me as I reveal the most commonly asked security questions.1. How can I surf the web anonymously? To browse the internet without fear of targeted advertising or traceable questions posted online doesn’t seem like a big ask. As online tracking systems become more sophisticated and harder to shake, however, the likelihood of private, anonymous browsing is becoming a long-ago memory. Take into account the latest ISP changes, where the U.S. government allows providers to not only track, but sell your browsing history without your consent. To read this article in full or to leave a comment, please click here

1 152 153 154 155 156 366