Microsoft will likely wait until February 14 to fix a publicly disclosed vulnerability in the SMB network file sharing protocol that can be exploited to crash Windows computers.
The vulnerability was disclosed Thursday when the security researcher who found it posted a proof-of-concept exploit for it on GitHub. There was concern initially that the flaw might also allow for arbitrary code execution and not just denial-of-service, which would have made it critical.
The CERT Coordination Center (CERT/CC) at Carnegie Mellon University at first mentioned arbitrary code execution as a possibility in an advisory released Thursday. However, the organization has since removed that wording from the document and downgraded the flaw's severity score from 10 (critical) to 7.8 (high).To read this article in full or to leave a comment, please click here
Google Senior Product Manager Isaac Hepworth has delivered this Friday diversion dubbed the Executive Order Generator, poking fun at President Trump's early penchant for issuing such rules. Github
The tool, on Github, lets you create your own executive order, held up by the Commander in Chief, and encourages you to share it on Twitter (one of Hepworth's former employers, by the way).To read this article in full or to leave a comment, please click here
Micron is rushing to release the latest GDDR6 graphics memory by the end of the year, and eSports is a major driver behind the plans.The memory company is speeding up the release of GDDR6 to cope with faster PC and console upgrades. GDDR6 will be significantly faster than its predecessor, GDDR5X, which is still reaching GPUs. Micron had originally planned to release GDDR6 next year.Virtual reality is also driving PC upgrades, but not at the same pace as gaming and eSports, which are forcing faster development of new graphics memory technologies, said Tom Eby, vice president of the computing and networking business unit at Micron.A projected 500 million people will be eSports fans by the end of the decade. Gaming PCs are now being upgraded every three years, which is faster than the previous five-year cycle.To read this article in full or to leave a comment, please click here
This week, global software-defined WAN (SD-WAN) provider Aryaka announced its series D financing round. The round was led by two new investors, Third Point Ventures and Deutsche Telekom Capital Partners (DTCP), displaying strong endorsement of the company’s global SD-WAN platform. Existing investors participated in the round, too, demonstrating its belief in the potential of SD-WAN and Aryaka. SD-WANs have been seen by some to be the death knell for traditional service providers offering MPLS and IP VPN, and until now, no investment in the technology has been made by a major telecommunications company. To read this article in full or to leave a comment, please click here
The implementation of the SMB network file sharing protocol in Windows has a serious vulnerability that could allow hackers to, at the very least, remotely crash systems.
The unpatched vulnerability was publicly disclosed Thursday by an independent security researcher named Laurent Gaffié, who claims that Microsoft has delayed releasing a patch for the flaw for the past three months.
Gaffié, who is known on Twitter as PythonResponder, published a proof-of-concept exploit for the vulnerability on GitHub, triggering an advisory from the CERT Coordination Center (CERT/CC) at Carnegie Mellon University.To read this article in full or to leave a comment, please click here
Let your opponents take the blows while you game without pain. HyperX Cloud cradles your head in a super-soft padded headband, memory foam ear cushions and leatherette-padded cups so even your late game will be comfortable. It's affordable, so there's no pain in the price either. Pro-gaming optimized, HyperX Cloud is HiFi capable and delivers intense audio with crystal-clear low, mid and high tones plus enhanced bass-reproduction so you can lose yourself while you win. Plus you'll look sharp while playing, thanks to the unique HyperX design.The headset averages 4.3 out of 5 stars from over 3,400 reviewers on Amazon (see reviews), where their typical list price of $149.99 has been reduced to $79.99. See the deal now on Amazon.To read this article in full or to leave a comment, please click here
Once upon a time, there was a role known as the database administrator. Back when all data was stored locally, these employees were the keepers of the company database, responsible for making sure all information was accessible and tracking things such as financial information and customer details.Typically, these employees would hold a bachelor’s degree in computer science or similar subjects, while being well-versed in the major database management products (SQL, SAP and Oracle-based database management software).+ Also on Network World: If the cloud is so great, why are so many businesses unsatisfied? +
In 2017, however, the trend of enterprises moving data into the cloud continues to reduce the role of the database administrator (DBA) in big and small businesses alike around the world.To read this article in full or to leave a comment, please click here
Terms and technologies come and go. Some seem to stick around a bit longer than we’d like. I thought that it was time to retire hybrid WAN and give SD-WAN its due. Not everyone seems to agree.I received a great email from Scott Pickett, who argued in the most compelling, polite way possible that he thought I was smoking too much of that substance Massachusetts just legalized (not exactly, but grant me the literary license here). He argued that SD-WANs should be relegated to that same place as the next least-favorite term of ours—the cloud.To read this article in full or to leave a comment, please click here
2.5A is now a requirement for the Raspberry Pi 3. The CanaKit 2.5A Raspberry Pi power supply / adapter has been specially designed and tested for the new Raspberry Pi 3 and incorporates an inline noise filter for highest stability and reliable operation. This power supply differs from typical standard 5V USB power supplies in the market in that it can deliver a full 2.5A and still output a voltage well within the USB minimum voltage specifications. Standard 5V USB power supplies in the market have a high voltage drop when the full current is drawn from them which may cause the Raspberry Pi to reboot unexpectedly. With this power supply, you can power the Raspberry Pi 3 at full load as well as up to 1.2A across the four USB ports. This item averages 4.5 out of 5 stars from over 760 people on Amazon (read reviews). With the current 33% off deal, the CanaKit power supply is listed for just $9.99. See it on Amazon.To read this article in full or to leave a comment, please click here
With all of my recent testing in the wireless home Wi-Fi mesh space, I’ve still had some time to try out some smaller items. This post/review highlights a bunch of them. There’s no rhyme or reason as to why I’m bundling them together, other than this is the “clean up your desk” column! mJoose
Front and back views of the mJoose smartphone case.To read this article in full or to leave a comment, please click here
Apple and IBM’s program for iOS mobile app development in the enterprise is broadening its reach this year as more businesses pursue apps that can transform how their employees work, according to IBM. “We are engaged with more than 1,000 clients across the world,” says Mahmoud Naghshineh, IBM’s general manager in charge of the MobileFirst for iOS partnership with Apple.IBM also plans to integrate Watson analytics and cognitive differentiation to its growing portfolio of iOS apps in 2017, according to Naghshineh. Once a new app is deployed and it becomes valuable for the business, the next step is to make it smarter, he says.Hundreds of businesses have deployed apps to date and more are in development or at least in the sales cycle that leads to design and testing of new apps, according to Naghshineh. Changing the way people work, which was the original goal of Apple and IBM’s partnership, is also resulting in rapid digital transformation for many businesses, he says.To read this article in full or to leave a comment, please click here
Innovative apparelImage by Keoni Cabral / FlickrTime was, you could slap a couple of sensors and a battery into a plastic wristband, layer some software around it, tell the world you were in the wearables business, and watch the money roll in. Those days are long gone (although there are still the inevitable bottom feeders fighting for scraps). Now, wearables are actually doing useful and interesting things, with lots of innovation on display.To read this article in full or to leave a comment, please click here
Under attackImage by ThinkstockA report recently released by Microsoft shows the antivirus suite included in Windows 10 detected a 400 percent increase in the number of ransomware encounters from December 2015 to July 2016. These vulnerabilities create opportunities for hackers to access one of the most important applications to an organization, Microsoft Active Directory. If breached its blast radius can be devastating.To read this article in full or to leave a comment, please click here
Almost every day, there’s news about a massive data leak -- a breach at Yahoo that reveals millions of user accounts, a compromise involving Gmail phishing scams. Security professionals are constantly moving the chess pieces around, but it can be a losing battle.Yet, there is one ally that has emerged in recent years. Artificial intelligence can stay vigilant at all times, looking for patterns in behavior and alerting you to a new threat.To read this article in full or to leave a comment, please click here
The internet is what made IoT happen, providing a common protocol to take the place of separate, specialized networks. But the public internet itself may not always be the best path between a connected device and the cloud.Enterprises can now connect cellular IoT devices to back-end systems via NetBond, a private network service from AT&T, instead of the Internet. The NetBond service sets up a VPN (virtual private network) from an edge device to the cloud. It can connect to 16 different public clouds, including Amazon Web Services and Microsoft Azure, or a private or hybrid cloud.To read this article in full or to leave a comment, please click here
RSA Conference 2017 will take on the threat posed by the internet of things, something that was demonstrated last fall by the DDoS attacks that took down Dyn data centers and many of the high-profile Web sites it supports.Those attacks, generating peak traffic of 1TByte or more, raise the question of how best to secure these devices, and sessions at the Feb.13-17 conference in San Francisco try to answer it.+More on Network World: Cisco: Faulty clock part could cause failure in some Nexus switches, ISR routers, ASA security appliances+To read this article in full or to leave a comment, please click here
While we've all been busy watching for the newest iPhone 8 leaks, Apple has apparently been selling iPhone 7 and 7 Plus smartphones like crazy. With all the buzz about Apple's record-breaking iPhone sales in Q1 of 2017, iPhone 8 rumors had to take a back seat.But enough about the iPhone 7...Even More Expensive iPhones
At $650 or $770 for an iPhone 7 or 7 Plus, respectively, Apple's smartphones certainly aren't cheap. But Apple might be asking patrons to pay even a bit more for the iPhone 8, if the latest reports can be believed.To read this article in full or to leave a comment, please click here
The rocketship of cloud growth continued at the end of 2016 for Amazon Web Services. The public cloud provider announced Thursday that it brought in a little more than $3.5 billion during the fourth quarter of last year, up 47 percent from the same period in 2015. Quarterly operating income rose 60 percent to $926 million, compared to $580 million during the prior year quarter. That's nothing to sneeze at, but AWS's revenue growth was the lowest it has been in the past two years. There are a number of potential explanations for that, including seasonal changes in cloud migrations, and increasing difficulties on Amazon didn't provide an explanation for that, but it likely has to do with AWS's growing revenue base overall.To read this article in full or to leave a comment, please click here
Just as tax season gets underway in earnest, the Internal Revenue Service put out a warning about what it called dangerous, evolving W-2 scams that are targeting corporations, school districts and other public and private concerns.“This is one of the most dangerous email phishing scams we’ve seen in a long time. It can result in the large-scale theft of sensitive data that criminals can use to commit various crimes, including filing fraudulent tax returns. We need everyone’s help to turn the tide against this scheme,’’ said IRS Commissioner John Koskinen in a statement. “Taxpayers should avoid opening surprise emails or clicking on web links claiming to be from the IRS. Don’t be fooled by unexpected emails about big refunds, tax bills or requesting personal information. That’s not how the IRS communicates with taxpayers.”To read this article in full or to leave a comment, please click here
Geek outImage by Stephen SauerTreat your favorite Valentine to something special. Check out these gifts that offer a techie alternative to the usual flowers, jewelry and candy.MORE IDEAS: See our Valentine’s Day gift guides from 2016, 2015, 2014 and 2013To read this article in full or to leave a comment, please click here