Microsoft finally bans SHA-1 certificates in Internet Explorer and Edge

The Tuesday updates for Internet Explorer and Microsoft Edge force those browsers to flag SSL/TLS certificates signed with the aging SHA-1 hashing function as insecure. The move follows similar actions by Google Chrome and Mozilla Firefox earlier this year.Browser vendors and certificate authorities have been engaged in a coordinated effort to phase out the use of SHA-1 certificates on the web for the past few years, because the hashing function no longer provides sufficient security against spoofing.SHA-1 (Secure Hash Algorithm 1) dates back to 1995 and has been known to be vulnerable to theoretical attacks since 2005. The U.S. National Institute of Standards and Technology has banned the use of SHA-1 by U.S. federal agencies since 2010, and digital certificate authorities have not been allowed to issue SHA-1-signed certificates since Jan. 1, 2016, although some exemptions have been made -- for example, for outdated payment terminals.To read this article in full or to leave a comment, please click here

Microsoft finally bans SHA-1 certificates in Internet Explorer and Edge

The Tuesday updates for Internet Explorer and Microsoft Edge force those browsers to flag SSL/TLS certificates signed with the aging SHA-1 hashing function as insecure. The move follows similar actions by Google Chrome and Mozilla Firefox earlier this year.Browser vendors and certificate authorities have been engaged in a coordinated effort to phase out the use of SHA-1 certificates on the web for the past few years, because the hashing function no longer provides sufficient security against spoofing.SHA-1 (Secure Hash Algorithm 1) dates back to 1995 and has been known to be vulnerable to theoretical attacks since 2005. The U.S. National Institute of Standards and Technology has banned the use of SHA-1 by U.S. federal agencies since 2010, and digital certificate authorities have not been allowed to issue SHA-1-signed certificates since Jan. 1, 2016, although some exemptions have been made -- for example, for outdated payment terminals.To read this article in full or to leave a comment, please click here

Worth Reading: Mind the gap

The sheer number of IT departments that are not acknowledging the numerous security gaps for cyber-attackers to exploit is astonishing. The problem is that many of those within the industry believe they have their security posture under control but they haven’t looked at the wider picture. The number of threats is increasing every day and as new technologies and opportunities emerge, companies need new security infrastructure to cope with the modifications of the threat landscape. Currently, C-level executives struggle to keep up with the necessity to approve budget requirements to bring their enterprise security up to the next level of protection. If companies are not up to date with the latest trends, businesses are being left more vulnerable to data breached as a consequence. —Cloud Security Alliance

The post Worth Reading: Mind the gap appeared first on rule 11 reader.

Amazon’s new Echo Show is a really big deal

I’d like to think that Amazon CEO Jeff Bezos is taking my advice about how to improve his company’s Echo smart speaker and Alexa voice assistant—but he probably isn’t. More likely, the new Echo Show device the company announced yesterday is just another logical step in the evolution of voice recognition and smart assistants.To read this article in full or to leave a comment, please click here

Nuage Scores Telefonica as New SD-WAN Customer

Nuage is acting as a gateway to enterprise business for Nokia

Microsoft brings customization to its pre-built AI services

Microsoft is doubling down on its cloud AI services for business customers with a fleet of new offerings aimed at helping companies deal with video and unique problems not solved by its off-the-shelf cognitive services.New services announced Wednesday include a new Video Indexer service that will provide customers with automated captioning, sentiment analysis, custom face recognition, object detection, optical character recognition and keyword extraction of videos they provide. The tool is built on existing Microsoft services, but gives customers an easier way to process large amounts of video for indexing and analysis rather than require manual work by humans.To read this article in full or to leave a comment, please click here

Cisco patches critical IOS security fault found after CIA WikiLeaks dump

Cisco this week said it patched a critical vulnerability in its widely deployed IOS software that was disclosed in the WikiLeaks dump of CIA exploits earlier this year.Cisco had in March issued a “critical” security advisory for the IOS software that runs on some 300 models of its Catalyst switches and other networking equipment.+More on Network World: FBI/IC3: Vile $5B business e-mail scam continues to breed+Cisco this week wrote: “A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.”To read this article in full or to leave a comment, please click here

Cisco patches critical IOS security fault found after CIA WikiLeaks dump

Cisco this week said it patched a critical vulnerability in its widely deployed IOS software that was disclosed in the WikiLeaks dump of CIA exploits earlier this year.Cisco had in March issued a “critical” security advisory for the IOS software that runs on some 300 models of its Catalyst switches and other networking equipment.+More on Network World: FBI/IC3: Vile $5B business e-mail scam continues to breed+Cisco this week wrote: “A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.”To read this article in full or to leave a comment, please click here

The need to automate routine work has never been higher

Anyone who has been in the workforce for any significant length of time probably feels like their workload has grown tenfold, but they likely brush it off to getting old or maybe being burned out. The fact is, however, the extra workload is very real. This week, as part of its Knowledge17 event, ServiceNow released a study called “Today’s State of Work: At the Breaking Point” (pdf) that shows how bad the problem currently is. Before I get into the details of the survey, it’s important to understand the demographics. The report summarizes a survey of about 1,850 business leaders, including C-level executives, vice presidents, directors and managers in seven countries, to understand the workload of business leaders, the impact of automation and the opinions on the future of work. To read this article in full or to leave a comment, please click here

Trump to FBI Director James Comey: You’re fired!

As shocking as it is, President Donald Trump fired FBI Director James Comey yesterday, despite the agency investigating possible collusion with Russia to interfere with the 2016 presidential election.Trump’s letter to Comey stated: “While I greatly appreciate you informing me, on three separate occasions, that I am not under investigation, I nevertheless concur with the judgement of the Department of Justice that you are not able to effectively lead the Bureau.”Trump said new leadership was needed to restore “public trust and confidence” in the FBI.To read this article in full or to leave a comment, please click here

Trump to FBI Director James Comey: You’re fired!

As shocking as it is, President Donald Trump fired FBI Director James Comey yesterday, despite the agency investigating possible collusion with Russia to interfere with the 2016 presidential election.Trump’s letter to Comey stated: “While I greatly appreciate you informing me, on three separate occasions, that I am not under investigation, I nevertheless concur with the judgement of the Department of Justice that you are not able to effectively lead the Bureau.”Trump said new leadership was needed to restore “public trust and confidence” in the FBI.To read this article in full or to leave a comment, please click here

What to expect at Microsoft Build 2017

Today marks the start of this year’s Microsoft Build developers conference in Seattle, not far from Microsoft HQ. It seems like yesterday that the show was launched at the Anaheim Convention Center, which I attended for a briefing on Windows Server 2012, among other things. The show has grown tremendously and played a part in the launches of Windows 8 and 10, among many other products.So, news will roll out out throughout the day by people there to cover the show, but in advance of that, let’s take a look at what will likely be the big news in different categories, and what we hope to see. To read this article in full or to leave a comment, please click here

African Regional Internet Development Dialogue (RIDD) Explores Opportunities for Improving the Internet Economy in Africa

Excel 2016 cheat sheet

Share this story: IT folks, we hope you'll pass this guide on to your users to help them learn the Excel 2016 ropes.Simple Sharing with the desktop version of ExcelTo read this article in full or to leave a comment, please click here(Insider Story)

Business chat review: Slack vs. Teams vs. HipChat vs. Yammer

Business chat has come into its own, with Microsoft debuting its Teams system for Office 365 in March and Google promising to deliver Hangouts Chat for G Suite later this year. What had been a market owned by niche technology companies—Slack for its Slack for Teams and Atlassian for its HipChat—suddenly became an arena for the 800-pound gorillas of office software, Microsoft and Google, as they each seek to own the whole collaboration and communications experience within an enterprise.To read this article in full or to leave a comment, please click here(Insider Story)

Top DRaaS companies to watch

Forrester Research recently released its report naming Sungard AS, Bluelock, IBM and iland as the top disaster recovery-as-a-service companies.With enterprises expecting their network up at all times, backup and recovery are key to keeping things running smoothly with no downtime. With ransomware waiting to pounce the minute a user clicks on a link, companies rely on network recovery in a matter of minutes not days.To read this article in full or to leave a comment, please click here

Top DRaaS companies to watch

Forrester Research recently released its report naming Sungard AS, Bluelock, IBM and iland as the top disaster recovery-as-a-service companies.With enterprises expecting their network up at all times, backup and recovery are key to keeping things running smoothly with no downtime. With ransomware waiting to pounce the minute a user clicks on a link, companies rely on network recovery in a matter of minutes not days.To read this article in full or to leave a comment, please click here

5 tips to uncover a company’s culture before accepting a job

You might think the perfect job is one that fits your skills, comes with the right salary and offers you the best benefits, but the evaluation doesn't end there. There's one more thing to consider, and that's whether or not you'll fit in with the company culture, which can differ greatly among companies.But you don't have to wait until you've gone through onboarding to parse out the company culture, according to Tom Gimbel, founder and CEO of LaSalle Network, a professional staffing and recruitment firm. If you ask the right questionas during the interview process and keep an eye out for certain signs, you'll be able to tell if you're a good cultural fit before you sign the offer. Here are a few things to consider if you're trying to determine company culture during the interview process.To read this article in full or to leave a comment, please click here

Versa brings multiple functions to software-defined branch networks

Branch sites are ideal places to make networking simpler and less expensive. There's often little or no IT expertise there, and it's harder to justify costs because only a fraction of a company's business happens at a given branch.Yet the rise of software-defined WANs and branch offices, designed to scale back the expense and complexity of far-flung networks, has left some parts of the problem unsolved, according to SD-WAN startup Versa Networks.For one thing, replacing branch appliances for each function with applications running on one system may raise software compatibility issues that are even more complicated than wiring up several boxes. Also, swapping out private WAN links for lower-priced internet service can open branches up to some new security threats.To read this article in full or to leave a comment, please click here

Versa brings multiple functions to software-defined branch networks

Branch sites are ideal places to make networking simpler and less expensive. There's often little or no IT expertise there, and it's harder to justify costs because only a fraction of a company's business happens at a given branch.Yet the rise of software-defined WANs and branch offices, designed to scale back the expense and complexity of far-flung networks, has left some parts of the problem unsolved, according to SD-WAN startup Versa Networks.For one thing, replacing branch appliances for each function with applications running on one system may raise software compatibility issues that are even more complicated than wiring up several boxes. Also, swapping out private WAN links for lower-priced internet service can open branches up to some new security threats.To read this article in full or to leave a comment, please click here