Worth Reading: A Case to Further Registrar Self Regulation

In most industries, businesses that blatantly act against the interests of their customers to favor their own internal profit centers would either not be allowed or else subject to controls and oversight by the government. It is universally regarded as an unfair and deceptive business practice. In the domain name registrar business, however, the normal practices of legitimate business dealings and customer protection seem woefully wanting. Kelly’s Case described here illustrates the point, and it provides the opportunity for ICANN to demonstrate it can be responsive to egregious registrar behavior without government agencies or juridical bodies becoming engaged. —CircleID

The post Worth Reading: A Case to Further Registrar Self Regulation appeared first on 'net work.

Get a $20 Discount If You Buy 3 Echo Dots on Amazon, For A Limited Time – Deal Alert

Alexa in every room? Get 3 Echo Dots for less than the price of one Amazon Echo, and save $20 on top with this limited time deal. Echo Dot is a hands-free, voice-controlled device that uses Alexa to play music, control smart home devices, provide information, read the news, set alarms, read audiobooks from Audible, and more. In fact, new Alexa "skills" are being created all the time. Amazon has quietly published a special code that will apply a $20 discount when you buy 3 Echo Dots -- good until 4/25 only. Just put them in your cart and apply the code DOT3PACK to activate this deal. If you're in the market for a few Dots, jump over to Amazon and claim your discount while it lasts.To read this article in full or to leave a comment, please click here

F-Secure buys Little Flocker to combat macOS ransomware

With attacks against Mac users growing in number and sophistication, endpoint security vendor F-Secure has decided to acquire Little Flocker, a macOS application that provides behavior-based protection against ransomware and other malicious programs.Little Flocker can be used to enforce strict access controls to a Mac's files and directories as well as its webcam, microphone and other resources. It's particularly effective against ransomware, spyware, computer Trojans and other malicious programs that attempt to steal, encrypt or destroy files.F-Secure plans to integrate Little Flocker, which it calls "the most advanced security technology available for Macs," into its new Xfence technology. Xfence is designed to  add behavioral-based protection to its existing endpoint security products for macOS.To read this article in full or to leave a comment, please click here

F-Secure buys Little Flocker to combat macOS ransomware

With attacks against Mac users growing in number and sophistication, endpoint security vendor F-Secure has decided to acquire Little Flocker, a macOS application that provides behavior-based protection against ransomware and other malicious programs.Little Flocker can be used to enforce strict access controls to a Mac's files and directories as well as its webcam, microphone and other resources. It's particularly effective against ransomware, spyware, computer Trojans and other malicious programs that attempt to steal, encrypt or destroy files.F-Secure plans to integrate Little Flocker, which it calls "the most advanced security technology available for Macs," into its new Xfence technology. Xfence is designed to  add behavioral-based protection to its existing endpoint security products for macOS.To read this article in full or to leave a comment, please click here

29% off Zendure A8 26,800mAh Portable Battery Bank with LED Display – Deal Alert

One of the world's highest capacity portable chargers. Charge Zendure while charging your devices at full speed with a single wall charger, a feature rarely seen in other power banks. The QC port outputs 5-6V/3.0A,6-9V/2.0A,9-12V/1.5A (18W Max) when connected to a compatible device. Charges an iPhone 6s 9 times and the Galaxy S6 over seven times. Durable, stylish, and built to retain 95% of its charge after 6 months without use. An LED digital display accurately shows the remaining capacity. The product averages 4.5 out of 5 stars on Amazon from over 570 people (read recent reviews). The typical list price has been reduced a generous 29%. See this deal on Amazon.To read this article in full or to leave a comment, please click here

Cisco Offers New Certifications Around Digital Network Architecture

Cisco has over 220 partners to help certify and teach people around the world.

IDG Contributor Network: Flatbed scanners are latest cyberattack vector

Office scanners are now susceptible to attack, according to researchers. The ubiquitous office equipment’s light-sensitivity can allow passing vehicles, or laser-carrying drones to trigger malware in a network, says a research team from two Israeli universities.The computer experts say they have been able to successfully create a test “covert channel” between a server and flatbed scanner. The proof-of-concept hack, in some experimental cases, was performed almost a kilometer away from the scanner. They used a kind of infiltrating illumination to fool the device.Numerous light sources could be used, they say. Hijacked smart bulbs and lasers were both used for the data-grab in experiments, the Ben-Gurion University of the Negev, and Weizmann Institute of Science researchers say in their paper (PDF).To read this article in full or to leave a comment, please click here

IDG Contributor Network: Flatbed scanners are latest cyberattack vector

Office scanners are now susceptible to attack, according to researchers. The ubiquitous office equipment’s light-sensitivity can allow passing vehicles, or laser-carrying drones to trigger malware in a network, says a research team from two Israeli universities.The computer experts say they have been able to successfully create a test “covert channel” between a server and flatbed scanner. The proof-of-concept hack, in some experimental cases, was performed almost a kilometer away from the scanner. They used a kind of infiltrating illumination to fool the device.Numerous light sources could be used, they say. Hijacked smart bulbs and lasers were both used for the data-grab in experiments, the Ben-Gurion University of the Negev, and Weizmann Institute of Science researchers say in their paper (PDF).To read this article in full or to leave a comment, please click here

Tier 1 carrier performance: March, 2017 snapshot

The post Tier 1 carrier performance: March, 2017 snapshot appeared first on Noction.

H-1B employers face stricter rules

The federal government is doing something it has never done before: It's encouraging people to file H-1B abuse complaints.This week the U.S. Department of Justice (DOJ) and Department of Labor each posted information about how to file a complaint against suspected H-1B abuse. It's a clear signal that government scrutiny of H-1B use will intensify and that the U.S. may challenge employers.But it creates a dilemma aptly summed up by Norm Matloff, a professor of computer science at the University of California at Davis, in a blog post titled, "American Victims of H-1B Get Their Chance -- Will They Take It?"To read this article in full or to leave a comment, please click here

Prevent or detect? What to do about vulnerabilities

Today's CISOs are undoubtedly overwhelmed with trying to make the most informed, efficient, and economical decisions about securing the most valuable assets in the enterprise. In the days of old, those decisions were a little bit easier because investing in prevention provided decent protection.That's not true today, which is why Ira Winkler president of Secure Mentem and author of Advanced Persistent Security said that trying to protect against every threat is not cost efficient.Shifting the mentality of those defenders who came to age in the world of preventative protection has been slow going. As a result, some security programs are failing, "Not because the bad guys got in, but because they got out," Winkler said.To read this article in full or to leave a comment, please click here

Prevent or detect? What to do about vulnerabilities

Today's CISOs are undoubtedly overwhelmed with trying to make the most informed, efficient, and economical decisions about securing the most valuable assets in the enterprise. In the days of old, those decisions were a little bit easier because investing in prevention provided decent protection.That's not true today, which is why Ira Winkler president of Secure Mentem and author of Advanced Persistent Security said that trying to protect against every threat is not cost efficient.Shifting the mentality of those defenders who came to age in the world of preventative protection has been slow going. As a result, some security programs are failing, "Not because the bad guys got in, but because they got out," Winkler said.To read this article in full or to leave a comment, please click here

Trust issues: Know the limits of SSL certificates

Certificate authorities (CAs) have given themselves a black eye lately, making it hard for users to trust them. Google stopped trusting Symantec after discovering the CA had mis-issued thousands of certificates over several years, and researchers found that phishing sites were using PayPal-labeled certificates issued by Linux Foundation’s Let’s Encrypt CA. Even with these missteps, the CAs play a critical role in establishing trust on the internet.To read this article in full or to leave a comment, please click here

Trust issues: Know the limits of SSL certificates

Certificate authorities (CAs) have given themselves a black eye lately, making it hard for users to trust them. Google stopped trusting Symantec after discovering the CA had mis-issued thousands of certificates over several years, and researchers found that phishing sites were using PayPal-labeled certificates issued by Linux Foundation’s Let’s Encrypt CA. Even with these missteps, the CAs play a critical role in establishing trust on the internet.To read this article in full or to leave a comment, please click here

Python vs. R: The battle for data scientist mind share

The boss’s boss looks out across the server farm and sees data—petabytes and petabytes of data. That leads to one conclusion: There must be a signal in that noise. There must be intelligent life in that numerical world—a strategy to monetize all those hard disks filling up with numbers.That job falls on your desk, and you must now find a way to poke around the digital rat’s nest and find a gem to hand the boss.[ Download the InfoWorld megaguide: The best Python frameworks and IDEs. | Learn to crunch big data with R. | Keep up with hot topics in programming with InfoWorld’s App Dev Report newsletter. ] How? If you’re a developer, there are two major contenders: R and Python. There are plenty of other solutions that help crunch data, and they live under rubrics like business intelligence or data visualization, but they are often full-service solutions. If they do what you want, you should choose them. But if you want something different, well, writing your own code is the only solution. Full-service tools do a good job when the data is cleaned, buffed, and ready, but they tend to hiccup and even throw up when Continue reading

How to break your smartphone addiction and get back to work

Few things have as much hold on our attention as our smartphones. Recent research found that an average user touches their mobile phone 2,617 times a day and a heavy user swipes, taps, and clicks more than 5,000 times per day! That’s nearly three to four hours a day of lost productivity.Luckily, there are a few tools that can help save you from yourself. Treat your smartphone addiction with these three apps.OffTime PCWorld OffTime lets you tailor your smartphone use—and its distractions—for work, home, or alone time.To read this article in full or to leave a comment, please click here

What enterprises can learn in the aftermath of a phishing attack

The problem: spearphishingImage by John Singleton Copley/National Gallery of ArtSpearphishing is a top attack vector used by cyber adversaries today. Consists of fraudulent emails that appear to be legitimate which target specific organizations, groups, or individuals to gain access to information systems. Targeted spear phishing also leverages social engineering which includes research about specific targets of interest. Organizations rely on email connectivity with the outside to function and thus is an entry into a potential target’s environment that bypasses many of the legacy security stack.To read this article in full or to leave a comment, please click here

What enterprises can learn in the aftermath of a phishing attack

The problem: spearphishingImage by John Singleton Copley/National Gallery of ArtSpearphishing is a top attack vector used by cyber adversaries today. Consists of fraudulent emails that appear to be legitimate which target specific organizations, groups, or individuals to gain access to information systems. Targeted spear phishing also leverages social engineering which includes research about specific targets of interest. Organizations rely on email connectivity with the outside to function and thus is an entry into a potential target’s environment that bypasses many of the legacy security stack.To read this article in full or to leave a comment, please click here

Antsy Windows 10 users can grab Creators Update now

Microsoft on Wednesday began letting antsy customers download Creators Update, the latest Windows 10 feature upgrade.Last week, the company had said it would make Creators Update available for manual download on April 5, about a week before it will pull the Windows Update trigger and start pushing the upgrade to most users.[ See Computerworld’s Review of Windows 10 Creators Update. ]To read this article in full or to leave a comment, please click here

Cloud Security Fears Evolve