Archive

Category Archives for "Network World Wireless"

Sen. Durbin accuses Trump of breaking his H-1B promise

In November, President Donald Trump said on his first day in office he would order an investigation of H-1B abuses.That never happened, though critics held their tongues. After all, Trump had repeatedly campaigned for H-1B reforms, even inviting laid-off Disney IT workers to speak at his campaign rallies. Even so, patience is ending.[ Discuss this story. Join our H-1B/Outsourcing group on Facebook. ] Sen. Dick Durbin (D-Ill), a long-time critic of the H-1B visa program and co-sponsor of a reform bill with Sen. Chuck Grassley (R-Iowa), accused Trump today of failing "to put American workers first by cracking down on H-1B visa abuse.To read this article in full or to leave a comment, please click here

Windows 10 Creators Update allows indefinite postponing of reboots

When it launched, Windows 10 had a really bad habit of spontaneously rebooting to install updates. Updates were coming fast and furious in its early months, which was to be expected during an OS launch. A restart without warning was not expected or appreciated, and this earned Redmond some anger.Eventually they tamed that beast, giving people options when to reboot and warning them that one was needed. Now Microsoft is promising even more control over when you reboot, including the option to indefinitely postpone it, as documented in a new blog post. To read this article in full or to leave a comment, please click here

Security alert overload threatens to bury security teams

When it comes to incident detection and response, enterprise organizations are collecting, processing and analyzing more security data through an assortment of new analytics tools—endpoint detection and response (EDR) tools, network analytics tools, threat intelligence platforms (TIPs), etc.When each of threat management or security analytics tools sees something suspicious, it generates a security alert, and therein lies the problem: Enterprise organizations are getting buried by an avalanche of security alerts. According to ESG research: When asked to identify their top incident response challenges, 36 percent of the cybersecurity professionals surveyed said, “keeping up with the volume of security alerts.” Forty-two percent of cybersecurity professionals say their organization ignores a significant number of security alerts because they can’t keep up with the volume.  When asked to estimate the percentage of security alerts ignored at their organization, 34 percent say between 26 percent and 50 percent, 20 percent of cybersecurity professionals say their organization ignores between 50 percent and 75 percent of security alerts, and 11 percent say their organization ignores more than 75 percent of security alerts. Mama Mia, that’s a lot of security alerts left on the cutting room floor.  All told, the ESG data indicates Continue reading

MWC protest asks about the fate of 4 million recalled Note7 batteries

The question of how the electronics industry recycles or disposes of old batteries came up again due to a Greenpeace protest of Samsung at Mobile World Congress this week.Greenpeace protestors appeared at a Samsung press event in Barcelona on Sunday carrying and erecting banners outside the venue; the group urged reuse and recycling of old batteries.Greenpeace said in a statement that it was demanding Samsung reuse and recycle the 4.3 million Galaxy Note7 batteries that were recalled last year after reports that some of the lithium ion batteries overheated and caught fire.To read this article in full or to leave a comment, please click here

The 10 essential Reddits for security pros

Going viralImage by IDGReddit isn’t just about viral news stories and viral memes or heated thread debates, although there is always plenty of that on the sharing and social media site. For security professionals, as well as those interested in pursuing the field of cybersecurity, there is a wealth of advice, content, and conversation from deep and dirty forensics work to the latest on cyberlaw and everything in-between — if you know where to look.To read this article in full or to leave a comment, please click here

Safari browser sheds users, mimicking IE

Apple's Safari browser, like rival Internet Explorer (IE), has lost a significant number of users in the last two years, data published Wednesday showed.The most likely destination of Safari defectors: Google's Chrome.According to California-based analytics vendor Net Applications, in March 2015, an estimated 69% of all Mac owners used Safari to go online. But by last month, that number had dropped to 56%, a drop of 13 percentage points -- representing a decline of nearly a fifth of the share of two years prior.It was possible to peg the percentage of Mac users who ran Safari only because that browser works solely on macOS, the Apple operating system formerly labeled OS X. The same single-OS characteristic of IE and Edge has made it possible in the past to determine the percentage of Windows users who run those browsers.To read this article in full or to leave a comment, please click here

U.S. Marshals warn against dual phone scams

The U.S Marshals are warning the public not to respond to two recent scams involving people fraudulently posing as Marshals making calls across the country.The first is a warning about a scam where the fraudster calls members of the public and alleging they, or their family members, have an active federal arrest warrant and demanding payment of fines.+More on Network World: Avaya wants out of S.F. stadium suite, not too impressed with 49ers on-field performance either+“Recently, there were reported attempts of a fraudulent caller who identified himself as a Deputy United States Marshal. This phony law enforcement officer informed the potential victims that warrants were being issued for them or their family member due to being absent from a federal grand jury they were previously summoned to appear before. The potential victims were then informed they could avoid arrest by paying a fine by electronic fund transfer or cashier’s check. The Marshals Service became aware of the scam after receiving information from several calls from alert citizens,” the service wrote.To read this article in full or to leave a comment, please click here

Fileless Powershell malware uses DNS as covert communication channel

Targeted attacks are moving away from traditional malware to stealthier techniques that involve abusing standard system tools and protocols, some of which are not always monitored.The latest example is an attack dubbed DNSMessenger, which was analyzed by researchers from Cisco Systems' Talos team. The attack starts with a malicious Microsoft Word document distributed through an email phishing campaign.When opened, the file masquerades as a "protected document" secured by McAfee, an antivirus brand now owned by Intel Security. The user is asked to click on the enable content button in order to view the document's content, but doing so will actually execute malicious scripting embedded within.To read this article in full or to leave a comment, please click here

25% off Xbox One Play and Charge Kit – Deal Alert

Forget disposable batteries and keep the action going with the Xbox One Play & Charge Kit. Recharge while you play or afterwards, even when your Xbox is in standby. The long-lasting rechargeable battery fully charges in under 4 hours. Compatible with the original Xbox One Wireless controller and the new white Xbox Wireless Controller. The typical list price of $24.99 has been reduced 25% to $18.74. See the discounted Xbox One Play and Charge Kit on Amazon.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Customization key to successful ITSM implementation

Axelos defines IT Service Management (ITSM) as the implementation and management of quality IT services that meet the needs of the business. IT service management is performed by IT service providers through an appropriate mix of people, process and information technology. A widely adopted framework for ITSM is IT Infrastructure Library (ITIL).ITIL refers to a set of best-practice publications for IT service management. Owned by the U.K. Cabinet Office, ITIL gives guidance on the provision of quality IT services and the processes, functions and other capabilities needed to support them. The ITIL framework is based on a service lifecycle and consists of five lifecycle stages (service strategy, service design, service transition, service operation and continual service improvement), each of which has its own supporting publication.To read this article in full or to leave a comment, please click here

Turn your iPhone into an even better digital camera

Since the time a mobile phone vendor first added a camera lens (creating the ‘camera phone’), we’ve seen improvements to the lenses, megapixels and software, but not much else on the outside. While you’ve likely given up using a regular digital camera in favor of your smartphone, for truly professional photographs you likely have invested in a larger DLSR-style camera (with the costs associated with that).If you’re looking for something that helps enhance your existing iPhone but not to the level of the DLSR space, Bitplay has some accessories that can help. The company recently sent me a bunch of their Snap! line of camera cases and accessories – the SNAP! Pro, the Snap! 7 and one add-on wide-angle lens.To read this article in full or to leave a comment, please click here

H-1B reform bill unites political opposites

Since 2005, U.S. Rep. Bill Pascrell (D-N.J.) has been introducing H-1B reform legislation in the House and getting nowhere. But with the bill he introduced today, he might have struck gold.Pascrell calls his bill bipartisan, but that doesn't quite do it justice. The co-sponsors of this bill, called the H-1B and L-1 Visa Reform Act of 2017, are about as far apart politically as you can get.This legislation, perhaps more than any other H-1B reform bill introduced in either chamber, illustrates the belief that visa reform is a strongly bipartisan issue that can bring together otherwise divided lawmakers.To read this article in full or to leave a comment, please click here

Infosec mourns over Howard Schmidt, who helped make the country a safer place

Howard Schmidt advised both President Brack Obama and George W. Bush on cybersecurity. He was a CSO at Microsoft and a CISO at eBay. He led several industry groups, and wrote books on cybersecurity.But when security professionals remember him, it is not so much for his technical accomplishments as for the impact he had on the people around him. He is remembered as a mentor, a communicator, and an educator."He does have a very storied path of accomplishment," said Mary Ann Davidson, CSO at Redwood City, Calif.-based Oracle Corp. "From a security standpoint, he had a tremendous impact, the many roles he played, the work in the white house."To read this article in full or to leave a comment, please click here

Are Virtual CISOs the answer to your security problems?

Chief Information Security Officers are a relatively rare breed. Information security is, after all, a relatively recent addition or subset to IT, and while most large organizations now do profess to having a CISO, CSO or head of information security, many still don’t. Indeed, it’s often the case that a company appoints its first CISO in the aftermath of a data breach - like Target did in 2014 or Sony in 2011.To read this article in full or to leave a comment, please click here(Insider Story)

IDG Contributor Network: Ensure your data infrastructure remains available and resilient

The fundamental role of data infrastructure is to protect, preserve, secure, serve applications and data, transforming them into information. Data protection is an encompassing topic, as it spans security (logical and physical), reliability availability serviceability (RAS), privacy and encryption, backup/restore, archiving, business continuance (BC), business resiliency (BR) and disaster recovery (DR).Recently, we've seen news about data infrastructure and application outages, including Amazon Web Service (AWS) Simple Storage Service (S3), Gitlab, and the Australian Tax Office (ATO).To read this article in full or to leave a comment, please click here

AWS says a typo caused the massive S3 failure this week

Everyone makes mistakes. But working at Amazon Web Services means an incorrectly entered input can lead to a massive outage that cripples popular websites and services. That's apparently what happened earlier this week, when the AWS Simple Storage Service (S3) in the provider's Northern Virginia region experienced an 11-hour system failure.Other Amazon services in the US-EAST-1 region that rely on S3, like Elastic Block Store, Lambda, and the new instance launch for the Elastic Compute Cloud infrastructure-as-a-service offering were all impacted by the outage.To read this article in full or to leave a comment, please click here

Slack bug paved the way for a hack that can steal user access

One bug in Slack, the popular work chat application, was enough for a security researcher to design a hack that could trick users into handing over access to their accounts.Bug bounty hunter Frans Rosen noticed he could steal Slack access tokens to user accounts due to a flaw in the way the application communicates data in an internet browser.“Slack missed an important step when using a technology called postMessage,” Rosen said on Wednesday in an email.  PostMessage is a kind of command that can let separate browser windows communicate with each other. In Slack, it’s used whenever the chat application opens a new window to enable a voice call.To read this article in full or to leave a comment, please click here

Free decryption tools now available for Dharma ransomware

Computer users who have been affected by the Dharma ransomware and have held onto their encrypted files can now restore them for free. Researchers have created decryption tools for this ransomware strain after someone recently leaked the decryption keys.Dharma first appeared in November and is based on an older ransomware program known as Crysis. It's easy to recognize files affected by it because they will have the extension: .[email_address].dharma, where the email address is the one used by the attacker as a point of contact.On Wednesday, a user named gektar published a link to a Pastebin post on the BleepingComputer.com technical support forum. The post, he claimed, contained the decryption keys for all Dharma variants.To read this article in full or to leave a comment, please click here

IDG Contributor Network: The contact center and CRM collision leads to a new dominant species

Some weeks ago I wrote that CRM and contact center are on a collision course. I argued that as the technologies used in CRM and the contact center will naturally mash up, the vendors of these traditionally distinct technologies will collide.In this post, I will expand upon that idea and talk about the future and a key aspect that will be important to successful synergies: how each domain leverages behaviors.CRM/contact center collision The first post argued that a co-mingling of the technologies used in CRM and the contact center worlds have occurred. This has been more of a lending of functionality. Seldom has true synergy emerged.To read this article in full or to leave a comment, please click here