Archive

Category Archives for "Networking"

Vendors approve of NIST password draft

A recently released draft of the National Institute of Standards and Technology’s (NIST's) digital identity guidelines has met with approval by vendors. The draft guidelines revise password security recommendations and altering many of the standards and best practices security professionals use when forming policies for their companies.The new framework recommends, among other things: Remove periodic password change requirements There have been multiple studies that have shown requiring frequent password changes to actually be counterproductive to good password security, said Mike Wilson, founder of PasswordPing. NIST said this guideline was suggested because passwords should be changed when a user wants to change it or if there is indication of breach.To read this article in full or to leave a comment, please click here

Vendors approve of NIST password draft

A recently released draft of the National Institute of Standards and Technology’s (NIST's) digital identity guidelines has met with approval by vendors. The draft guidelines revise password security recommendations and altering many of the standards and best practices security professionals use when forming policies for their companies.The new framework recommends, among other things: Remove periodic password change requirements There have been multiple studies that have shown requiring frequent password changes to actually be counterproductive to good password security, said Mike Wilson, founder of PasswordPing. NIST said this guideline was suggested because passwords should be changed when a user wants to change it or if there is indication of breach.To read this article in full or to leave a comment, please click here

Video analytics: Coming soon to a smart city near you

Earlier this week at its GPU Technology Conference, Nvidia announced a new video analytics platform, Metropolis, that promises to make cities safer and smarter and should eventually bring game-changing capabilities to other industries.The heart of Metropolis is deep learning enabled by Nvidia’s range of GPUs that provide the necessary horsepower for artificial intelligence to be performed on every video stream.+ Also on Network World: Smart city tech growing in the U.S. + The GPU Technology Conference is the right place to show off advancements in something like video analytics, as it has become the flagship event to showcase how GPUs can literally change the world by enabling AI to do some things smarter and faster than people.To read this article in full or to leave a comment, please click here

Video analytics: Coming soon to a smart city near you

Earlier this week at its GPU Technology Conference, Nvidia announced a new video analytics platform, Metropolis, that promises to make cities safer and smarter and should eventually bring game-changing capabilities to other industries.The heart of Metropolis is deep learning enabled by Nvidia’s range of GPUs that provide the necessary horsepower for artificial intelligence to be performed on every video stream.+ Also on Network World: Smart city tech growing in the U.S. + The GPU Technology Conference is the right place to show off advancements in something like video analytics, as it has become the flagship event to showcase how GPUs can literally change the world by enabling AI to do some things smarter and faster than people.To read this article in full or to leave a comment, please click here

Worth Reading: Who really has fast lanes?

Internet Association members sometimes say that they could actually afford to pay more for fast lanes but they are worried about the little guys, the startup, who may not be able to pay more and whose websites, therefore, won’t be as zippy as they need to be. They’re worried about innovation. They’re worried about you. In fact, however, the web giants like Google and Amazon have private networks which connect to the Internet in many locations. They have data caches (think of them as content warehouses) around the world. Their websites DO pop up faster than yours because their bits travel mostly on their private networks and avoid Internet backbone and interchange congestion. In other words, they have private fast lanes. You can’t achieve this speed for your website unless you A) build a private network of your own (unlikely); B) host your website on Amazon or Google in which case they MAY share some of their private access network. —CircleID

The post Worth Reading: Who really has fast lanes? appeared first on rule 11 reader.

FCC should produce logs to prove ‘multiple DDoS attacks’ stopped net neutrality comments

After John Oliver urged viewers of HBO’s Last Week Tonight to fight for net neutrality (again), even simplified the process for leaving comments by having a new URL, gofccyourself.com, redirect to the point where a person needs only to click “Express” to leave a comment, people were not able to submit comments because the site turned to molasses.The FCC blamed (pdf) the problem on “multiple” DDoS attacks. “These were deliberate attempts by external actors to bombard the FCC’s comment system with a high amount of traffic to our commercial cloud host. These actors were not attempting to file comments themselves; rather they made it difficult for legitimate commenters to access and file with the FCC.”To read this article in full or to leave a comment, please click here

FCC should produce logs to prove ‘multiple DDoS attacks’ stopped net neutrality comments

After John Oliver urged viewers of HBO’s Last Week Tonight to fight for net neutrality (again) and post comments on the FCC's site, people were not able to submit comments because the site turned to molasses.The FCC blamed the problem on “multiple” DDoS attacks: “These were deliberate attempts by external actors to bombard the FCC’s comment system with a high amount of traffic to our commercial cloud host. These actors were not attempting to file comments themselves; rather they made it difficult for legitimate commenters to access and file with the FCC.”To read this article in full or to leave a comment, please click here

IDG Contributor Network: Settling scores with risk scoring

Risk scores seem all the rage right now. Executives want to know what their risk is. The constant stream over the past few years of high profile breaches and the resulting class action lawsuits, negative PR, loss in share price, cybersecurity insurance pay-out refusals, and even termination of liable executives has made this an urgent priority. The problem is we haven’t really developed a good way to measure risk.Most risk score approaches are restricted by a very simple limitation: They are not vendor agnostic or universal. The solution used to calculate risk is limited by the data it collects, which can vary widely.  What is the risk score composed of? More important, what doesn’t it capture? One vendor will include only network and system vulnerabilities, another bundles application vulnerabilities into the mix, and yet another adds user behaviour. Agreeing on the “right” mix still eludes us with no real authoritative standards that define what should be included. Every scoring methodology is subjective, which is surely a sign of how inherently unscientific the entire approach is.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Settling scores with risk scoring

Risk scores seem all the rage right now. Executives want to know what their risk is. The constant stream over the past few years of high profile breaches and the resulting class action lawsuits, negative PR, loss in share price, cybersecurity insurance pay-out refusals, and even termination of liable executives has made this an urgent priority. The problem is we haven’t really developed a good way to measure risk.Most risk score approaches are restricted by a very simple limitation: They are not vendor agnostic or universal. The solution used to calculate risk is limited by the data it collects, which can vary widely.  What is the risk score composed of? More important, what doesn’t it capture? One vendor will include only network and system vulnerabilities, another bundles application vulnerabilities into the mix, and yet another adds user behaviour. Agreeing on the “right” mix still eludes us with no real authoritative standards that define what should be included. Every scoring methodology is subjective, which is surely a sign of how inherently unscientific the entire approach is.To read this article in full or to leave a comment, please click here

Microsoft fixes remote hacking flaw in Windows Malware Protection Engine

Microsoft has released an update for the malware scanning engine bundled with most of its Windows security products in order to fix a highly critical vulnerability that could allow attackers to hack computers.The vulnerability was discovered by Google Project Zero researchers Tavis Ormandy and Natalie Silvanovich on Saturday and was serious enough for Microsoft to create and release a patch by Monday. This was an unusually fast response for the company, which typically releases security updates on the second Tuesday of every month and rarely breaks out of that cycle.Ormandy announced Saturday on Twitter that he and his colleague found a "crazy bad" vulnerability in Windows and described it as "the worst Windows remote code execution in recent memory."To read this article in full or to leave a comment, please click here

Microsoft fixes remote hacking flaw in Windows Malware Protection Engine

Microsoft has released an update for the malware scanning engine bundled with most of its Windows security products in order to fix a highly critical vulnerability that could allow attackers to hack computers.The vulnerability was discovered by Google Project Zero researchers Tavis Ormandy and Natalie Silvanovich on Saturday and was serious enough for Microsoft to create and release a patch by Monday. This was an unusually fast response for the company, which typically releases security updates on the second Tuesday of every month and rarely breaks out of that cycle.Ormandy announced Saturday on Twitter that he and his colleague found a "crazy bad" vulnerability in Windows and described it as "the worst Windows remote code execution in recent memory."To read this article in full or to leave a comment, please click here

40% off Lexar microSD To Lightning Reader – Deal Alert

Lexar's microSD-to-Lightning reader makes it easy to move all your favorite content to & from your iOS device on the go. So whether you’re offloading stunning action photos from that sporting event, or dramatic video from your drone, or if you just want a simple solution to back up or move around your files while mobile -- it’s got you covered. With its small footprint, you can put it in your pocket and go. And the Lightning connector fits with most iOS cases, providing simple plug-and-play functionality. An optional app from the app store allows you to back up files when connected to your device for greater peace of mind. Lexar's microSD to Lightning reader averages 4 out of 5 stars on Amazon, where its typical list price of $24.99 has been reduced a generous 40%, for now, to just $14.99. See this deal on Amazon.To read this article in full or to leave a comment, please click here

Full Stack Journey 007: Ed Horley

On today's episode my guest is Ed Horley, who leads the cloud practice team for a Silicon Valley VAR. Ed may better be known as the “IPv6 dude” but today he’s talking about the business awareness and managerial aspects of the Full Stack Journey.

IDG Contributor Network: CIOs are totally stressed out: Here’s how to help

In the course of researching a marketing campaign aimed at IT professionals, I have interviewed dozens of such workers over the past year. Some are middle-aged; some are very young. I’ve talked to men and women in all parts of the country who worked at large and small firms.One thing that struck me is that I have not met a single one who was relaxed. They are all stressed and have no time. They are tortured souls who are constantly checking their phones. They live their lives on the edge of disaster.Perhaps this isn’t true across the board. A 2016 survey from TEKsystems showed that IT workers were less stressed than a few years ago. Yet even in that survey, the workers’ job satisfaction was low with less than one half agreeing that they were doing the most satisfying work of their careers.To read this article in full or to leave a comment, please click here

IDG Contributor Network: CIOs are totally stressed out: Here’s how to help

In the course of researching a marketing campaign aimed at IT professionals, I have interviewed dozens of such workers over the past year. Some are middle-aged; some are very young. I’ve talked to men and women in all parts of the country who worked at large and small firms.One thing that struck me is that I have not met a single one who was relaxed. They are all stressed and have no time. They are tortured souls who are constantly checking their phones. They live their lives on the edge of disaster.Perhaps this isn’t true across the board. A 2016 survey from TEKsystems showed that IT workers were less stressed than a few years ago. Yet even in that survey, the workers’ job satisfaction was low with less than one half agreeing that they were doing the most satisfying work of their careers.To read this article in full or to leave a comment, please click here

The rise of enterprise-class cybersecurity vendors

When I’m asked to explain what’s happening with enterprise cybersecurity technology, I often use an analogy from the business software market in the 1990s. Back then, application vendors tended to specialize in one area—PeopleSoft owned HR, Baan offered manufacturing apps, JD Edwards played in finance, etc. Around 1995, companies began replacing these departmental applications with enterprise-class ERP solutions from Oracle and SAP. The objective? Centralize all business data into a common repository that could anchor the business and be updated and used for various departmental functions and business processes in real time. + Also on Network World: Cybersecurity companies to watch + Yes, the ERP journey was a bit painful, but the transition resulted in a steady increase in business productivity, enhanced efficiency and better decision making.To read this article in full or to leave a comment, please click here

The rise of enterprise-class cybersecurity vendors

When I’m asked to explain what’s happening with enterprise cybersecurity technology, I often use an analogy from the business software market in the 1990s. Back then, application vendors tended to specialize in one area—PeopleSoft owned HR, Baan offered manufacturing apps, JD Edwards played in finance, etc. Around 1995, companies began replacing these departmental applications with enterprise-class ERP solutions from Oracle and SAP. The objective? Centralize all business data into a common repository that could anchor the business and be updated and used for various departmental functions and business processes in real time. + Also on Network World: Cybersecurity companies to watch + Yes, the ERP journey was a bit painful, but the transition resulted in a steady increase in business productivity, enhanced efficiency and better decision making.To read this article in full or to leave a comment, please click here

Cloud security startup RedLock automates public-cloud protection

Cloud security startup RedLock comes out of stealth mode today with a service that helps defend business resources that reside in pubic clouds, gives customers visibility into how these resources are being used and stores records of that activity for auditing and forensics.+More on Network World: FBI/IC3: Vile $5B business e-mail scam continues to breed+ RedLock Because virtual machines, application instances and workloads change rapidly it’s hard to get a good picture of what’s going on within cloud services such as Amazon Web Services and Microsoft Azure, says RedLock’s CEO Varun Badwhar. “It’s hard to manually monitor and control,” he says.To read this article in full or to leave a comment, please click here

1 1,752 1,753 1,754 1,755 1,756 3,410