A vulnerability in Cisco’s widely deployed IOS software that was disclosed in the recent WikiLeaks dump of CIA exploits has triggered the company to release a critical warning for its Catalyst networking customers.+More on Cisco Security on Network World: Cisco security advisory dump finds 20 warnings, 2 critical+The vulnerability -- which could let an attacker cause a reload of an affected device or remotely execute code and take over a device -- impacts more than 300 models of Cisco Catalyst switches from the model 2350-48TD-S Switch to the Cisco SM-X Layer 2/3 EtherSwitch Service Module.To read this article in full or to leave a comment, please click here
They came from miles around to carry out a hallowed, decade-long mission: To eat your lunch. The security researchers assembled at the Pwn2Own 2017 hacking competition, sponsored by Trend Micro, and occasionally grouped together, then performed essentially zero-day exploits (at least by the rules, heretofore unknown) on your favorite stuff, such as Windows, MacOS and Linux. Smoldering pits in the screen were left, as teams collected cash prizes and creds. RELATED: How San Diego fights off 500,000 cyberattacks a day
For giggles and grins, a Type 2 Hypervisor, VMWare Workstation was also left for shrapnel, one of the first times a hypervisor has been penetrated by a virtual machine in this way. It wasn’t a cascade effect, but rather a shot across the bow. I suspect there are more ways to penetrate a foundational hypervisor, too, but they haven’t been seen in captivity to my knowledge. To read this article in full or to leave a comment, please click here
The FBI is actively investigating Russia's attempts to influence the 2016 U.S. presidential election and possible cooperation from President Donald Trump's campaign, agency director James Comey confirmed.The existence of an investigation isn't a surprise, but Comey's announcement Monday is the first time the FBI has acknowledged an active case. The FBI typically does not comment on active investigations, but the Russian actions targeting the U.S. election represents an "unusual" case, he told members of the House of Representatives Intelligence Committee.Comey told lawmakers he couldn't comment more on the investigation, but he said the FBI is looking into possible contacts and cooperation between the Trump campaign and the Russian government. The FBI is looking into "the nature of any links" between the Trump campaign and the Russian government, he said.To read this article in full or to leave a comment, please click here
A man accused of sending an animated GIF of a strobe light to a reporter with epilepsy was arrested and charged with criminal cyberstalking with the intent to kill or cause bodily harm.Back on December 15, 2016, Twitter user @jew_goldstein tweeted a flashing image to Newsweek reporter Kurt Eichenwald along with the message: “YOU DESERVE A SEIZURE FOR YOUR POSTS.” Eichenwald, who has epilepsy, immediately suffered a seizure.After his wife found him on the floor and called 911, she replied to @jew_goldstein, telling him that the tweet caused a seizure. “I have your information and have called the police to report the assault.”On Friday, the FBI arrested 29-year-old John Rivello at his home in Maryland.To read this article in full or to leave a comment, please click here
A man accused of sending an animated GIF of a strobe light to a reporter who has epilepsy was arrested and charged with criminal cyberstalking with the intent to kill or cause bodily harm.Back on Dec. 15, 2016, Twitter user @jew_goldstein tweeted a flashing image to Newsweek reporter Kurt Eichenwald along with the message: “YOU DESERVE A SEIZURE FOR YOUR POSTS.” Eichenwald, who has epilepsy, immediately suffered a seizure.After Eichenwald's wife found him on the floor and called 911, she replied to @jew_goldstein, telling him that the tweet caused a seizure. “I have your information and have called the police to report the assault,” she wrote.To read this article in full or to leave a comment, please click here
Control TP-Link's smart bulbs from anywhere with your tablet or smartphone, or with your voice via the Alexa service. Dim brightness, fine-tune light appearance from soft white to daylight, and choose from 16 million colors to set the mood. Set timers and countdowns, or create an on/off schedule. The bulb also features an "away" mode that randomly turns on/off to give the appearance you're home, when you're away. The 60W multicolor dimmable and tunable smart bulb from TP-Link averages 4 out of 5 stars from over 1,100 people on Amazon (read reviews), where its typical list price of $49.99 has been temporarily reduced 14%. See this deal on Amazon.To read this article in full or to leave a comment, please click here
I go to a lot of conferences, and something I have noticed in the past year or two is that almost every conference will have a keynote speaker talking about digital transformation. Hell, people have even started calling it simply DT, and digital transformation keynoters have the usual suspects to call on for case studies—Uber, Airbnb etc.But every now and then I worry about how impactful the digital transformation story really is. I spend a reasonable amount of time with large organizations talking to them about their present and their future and helping them rethink what their business will look like in one, three or five years. Part of these conversations, obviously, center around digital transformation, since I am a firm believer that digital technologies will allow the agility and innovation with regards products, services and business models that these organizations need to survive.To read this article in full or to leave a comment, please click here
In January, a bank in Edina, Minnesota, received a request for a $28,500 wire transfer from someone claiming to be local resident Douglas Junker. Though bolstered with a faked picture of a passport, the request later turned out to be fraudulent, and local cops were reportedly stymied on how to catch the thief. Until, that is, they came up with a novel idea: Hoping to find out how the fraudster got the picture, Edina Police Detective David Lindman applied for a search warrant to obtain the names, email addresses, account information and IP addresses of everyone in the entire town of 50,000 who had searched for any variation of the victim’s name between Dec. 1, 2016, and Jan. 7, 2017. To read this article in full or to leave a comment, please click here
Local police in Minnesota are trying to solve a bank fraud scheme by demanding Google give up data on people who looked up key search terms that may be related to crime.The warrant, issued to police in the city of Edina last month, is raising eyebrows among privacy advocates. It's a rare instance of U.S. law enforcement using mass data collection to solve a petty crime, said Nate Cardozo, an attorney with the Electronic Frontier Foundation.Edina police applied for the warrant to investigate a fraud case dealing with $28,500 that was wired out of a victim's bank account back in January.To read this article in full or to leave a comment, please click here
Another sizeable payment card data breach has been discovered at a U.S. restaurant chain.In the latest example, several high-end eateries run by Select Restaurants in Cleveland were the victims of fraudulent cards used by customers at its restaurants, according to a report posted Thursday on KrebsOnSecurity, a reliable site written by reporter Brian Krebs. Krebs said he learned about the case from anti-fraud teams at multiple financial institutions investigating "a great deal of fraud on cards used at a handful of high-end restaurants around the country."To read this article in full or to leave a comment, please click here
The awesome 1980s girl band The Go-Go’s had a song about insomnia called “You Can’t Walk in Your Sleep (If You Can’t Sleep)” in which one lyric went “You can’t win you wonder why that sleep is one thing you can’t buy.” While technically true, you can buy something that will help you with your sleep. Several things, actually, as sleep technology continues to develop new ways to help us get our Zzzzzzs. In my case, I’ve discovered that while I’m a light sleeper, consistent noise like an air conditioner or fan help me sleep better than complete silence. So I was pleased to receive a sample of the Sound+Sleep SE (Special Edition, about $150) sound machine from ASTI (Adaptive Sound Technologies Inc.). The device offers 64 different non-looping sounds to help people fall asleep and stay asleep. In addition, an adaptive noise tech feature (optional for users) raises the volume of the sounds when it detects a disruptive noise, such as a person snoring or car horn. To read this article in full or to leave a comment, please click here
Digital transformation has ignited a new economy where organizations are increasingly expecting IT to embrace a bigger role, drive business innovation, and move with greater agility. This often means IT must take immediate action to help the organization compete, or risk becoming irrelevant as line-of-business leaders go around IT and outsource projects to the cloud.Simply put, as your organization becomes increasingly digital, your ability to be agile is heavily dependent upon the agility of IT, which is why technology is at the heart of this new order.Automation is one of the key technologies organizations are embracing to achieve IT agility at the pace of today’s business. Unfortunately, while automation has been implemented in many domains within the data center, network automation has lagged behind. Additionally, automation tends to be implemented in silos within the data center, creating islands of automation that lead to disparate tools and highly disjointed operations. This siloed approach ultimately hinders the pace of service delivery and increases operational costs.To read this article in full or to leave a comment, please click here
Machine learning couldn’t be hotter. A type of artificial intelligence that enables computers to learn to perform tasks and make predictions without explicit programming, machine learning has caught fire among the hip tech set, but remains a somewhat futuristic concept for most enterprises. But thanks to technological advances and emerging frameworks, machine learning may soon hit the mainstream.Consulting firm Deloitte expects to see a big increase in the use and adoption of machine learning in the coming year. This is in large part because the technology is becoming much more pervasive. The firm’s latest research shows that worldwide more than 300 million smartphones, or more than one-fifth of units sold in 2017, will have machine learning capabilities on board.To read this article in full or to leave a comment, please click here
Ted Friedman, vice president and analyst at Gartner, predicts the following three trends will drive fundamental changes in the use of data and analytics:
Instead of just reflecting business performance, data analytics will become the driver of operations.
Data and analytics will become infused in an organization's architecture from end to end, creating a holistic approach -- and this will include strategic project management in EPMOs (enterprise program management offices).
Executives will use data and analytics for business strategy and growth, creating new additional roles for professionals.
Experts share insights on how data improves project performance
Companies of all sizes have been using data analytics to seek out opportunities, reduce costs, create efficiencies, make better and faster decisions, and ultimately increase customer satisfaction; this also translates at the project, program and portfolio levels since these greatly enable company-wide strategy.To read this article in full or to leave a comment, please click here
Hybrid tablets, 2-in-1 devices or detachable notebooks -- whatever you want to call them -- come in all shapes and sizes. In fact, the options are so expansive, it can be overwhelming to find the device that will best suit you.Whether you prefer a more traditional notebook experience or you're looking for a tablet that can perform like a notebook, it's more than likely the perfect option exists for you. But there's a lot to consider before you purchase a hybrid device, and these five tips will help you find your best option.[ Related story: 6 new 2-in-1 devices to watch for in 2017 ] To read this article in full or to leave a comment, please click here
Searching for a new job can be a full-time job, It's a thankless, tiring -- and, yes, depressing task. Searching for roles, filling out applications, networking, tailoring endless versions of your resume to each potential job, interviewing, handling rejections -- the entire process can be so overwhelming and can leave you feeling unwanted, dejected and sad.To read this article in full or to leave a comment, please click here(Insider Story)
On a windy, snowy night in Dover, N.H., about 15 people gathered in an old converted mill, staring at computer screens and furiously tapping at their keyboards.The group – some students, some programmers, and at least one part-time dishwasher and data entry clerk – were braving the snowstorm and volunteering their time to try to keep scientific data from being lost.It was one of dozens of data rescue events spread out in cities from Toronto to Los Angeles, and Houston to Chicago. These events, many on university campuses, have been going on since December, bringing together software programmers, librarians and other volunteers who are trying to safely archive scientific data from government websites.To read this article in full or to leave a comment, please click here
1Password recently raised its top bug bounty reward from $25,000 to $100,000. They increased the amount to further incentivize researchers, according to its blog. Separately Google paid out $3 million last year for its vulnerability reward program.But how are these figures determined?David Baker, vice president of operations at Bugcrowd, believes these big bounties demonstrate that organizations are really starting to think about the market and where the market is pricing vulnerabilities.To read this article in full or to leave a comment, please click here
Social engineering is the strongest method of attack against the enterprise’s weakest vulnerability, its people. Criminal hackers recognize this fact. In 2015, social engineering became the No. 1 method of attack, according to Proofpoint’s 2016 Human Factor Report.To read this article in full or to leave a comment, please click here(Insider Story)
Raise your hand if you think webpage load times are great -- not too slow at all.No one? Well, Google may have just made big strides to increase load time for websites, while not compromising anything in the process. So how did the tech giant do that?In IT Blogwatch, we hit refresh. So what is going on? DL Cabe gives us some background:Google...released a brand new, open-source JPEG encoder called Guetzli that can do two...neat things...it can decrease JPEG file size by 35% without a noticeable decrease in quality, and...it can increase the quality of an image without increasing file size at all.
But what does that mean, exactly? Rafael Fariñas explains:To read this article in full or to leave a comment, please click here