Cloudflare bug exposed passwords, other sensitive data from websites

For months, a bug in Cloudflare's content optimization systems exposed sensitive information sent by users to websites that use the company's content delivery network. The data included passwords, session cookies, authentication tokens and even private messages.Cloudflare acts as a reverse proxy for millions of websites, including those of major internet services and Fortune 500 companies, for which it provides security and content optimization services behind the scenes. As part of that process, the company's systems modify HTML pages as they pass through its servers in order to rewrite HTTP links to HTTPS, hide certain content from bots, obfuscate email addresses, enable Accelerated Mobile Pages (AMP) and more.To read this article in full or to leave a comment, please click here

35% off Razor Hovertrax 2.0 Hoverboard Self-Balancing Smart Scooter – Deal Alert

Step on the deck and go with Razor Hovertrax 2.0, the world’s smartest self-balancing electric scooter. Intelligently-engineered with EverBalance technology, Hovertrax 2.0 is the only board that auto-levels for a safer, easier mount and a smoother ride. Whether you’re coasting, racing, or commuting, Hovertrax 2.0 is always in balance. Indoors or out, Hovertrax 2.0 does the work so you can enjoy the journey. Hovertrax 2.0: technology so advanced, it’s simple. Once you learn how to ride, it becomes second nature.  Razor was also the first U.S. brand to receive the UL 2272 listing for safety, ensuring that the Hovertrax 2.0 meets or exceeds the highest fire and electrical safety standards. The HoverTrax 2.0 has a list price of $459.99 has been reduced 35% to just 298.00. See this deal on Amazon.To read this article in full or to leave a comment, please click here

Google cloud debuts Intel’s latest Skylake processors

Google today announced that it is the first IaaS public cloud provider to run the newest version of Intel’s chips, named Skylake.The news comes just months after Google and Intel announced a partnership in November 2016 to co-engineer new processors for the company’s cloud platform.+MORE AT NETWORK WORLD: Battle of the IaaS cloud: Amazon Web Services versus Microsoft Azure vs. Google Cloud Platform+Skylake is the code-name for the next-generation silicon beyond Intel’s Broadwell processors.To read this article in full or to leave a comment, please click here

Worth Reading: Making connections in disparate data

Enterprises are awash in data, and the number of sources of that data is only increasing. For some of the larger companies, data sources can rise into the thousands – from databases, files and tables to ERP and CRM programs – and the data itself can come in different formats, making it difficult to bring together and integrate into a unified pool. This can create a variety of challenges for businesses in everything from securing the data they have to analyzing it. —The Next Platform

The post Worth Reading: Making connections in disparate data appeared first on 'net work.

Taking a DevOps Approach to Network Transformation

With DevOps, you have to be continually developing, testing, integrating, and deploying changes.

Walmart Boasts 213,000 Cores on OpenStack

The retailer also created an internal open source team.

Google snafu signs users out of accounts, wreaks havoc on OnHub and Wifi routers

The good thing and the bad thing about the cloud is, well, the cloud. The latter part of that trueism was brought home late Thursday when some Google users were suddenly signed out of their accounts and devices.The problem affected Google Wifi mesh routers, Google’s OnHub router, other devices like the Chromecast, and even some plain old Google Accounts.The impact on you at home: If this problem affected you last night and you were suddenly signed out of all your accounts, don’t worry. Malcious hackers hadn’t suddenly taken over all your devices. Google says it was just a snafu with the Google Account engine.To read this article in full or to leave a comment, please click here

UN steps in to end marketing war over what 5G means

With mobile operators' marketing departments already throwing around claims about their 5G services, the United Nations is weighing in with its definition of what qualifies a network as next-generation.Verizon Wireless will begin delivering "5G" service to select users in 11 U.S. cities in mid-2017, even though some places don't yet have access to 4G. And at the Mobile World Congress 2017 trade show in Barcelona, companies including Intel, Qualcomm and Ericsson will be promoting their moves towards 5G.To read this article in full or to leave a comment, please click here

Networking Features Coming Soon in Ansible 2.3

It’s been a year since the first networking modules were developed and included in Ansible 2.0. Since then, there have been two additional Ansible releases and more than 175 modules added, with 24 networking vendor platforms enabled. With the fantastic efforts from the community and our networking partners, Ansible has been able to add more and more features for networking use cases. In the forthcoming Ansible 2.3 release, the focus on networking enablement now turns to increasing performance and adding connection methods that provide compatibility and flexibility.

Looking ahead to Ansible 2.3, the most notable additions planned are:

• Persistent connections framework
• The network_cli connection plugin
• The netconf connection plugin

Why are these features important?

Since Ansible 2.0, the primary focus for networking enablement has been to help increase the number of third-party devices that have modules included by default. As this list grows (we expect to have even more platforms and modules in Ansible 2.3), Ansible and Ansible Tower continue to be trusted components of critical networking production deployments.

The development of these plugins further demonstrates the value and investment Ansible and the community have made into networking infrastructure enablement. As we approach the Ansible Continue reading

OCSA Passed!

It’s official – I passed the ONF Certified SDN Associate exam. I’m OCSA #SDN10356! If you’re interested in obtaining this certificate, I recommend you read through my short blog series covering the resources necessary on the blueprint. ONF Certified SDN Associate (OCSA) – Part 1 ONF Certified SDN Associate (OCSA) – Part 2 ONF Certified […]

The post OCSA Passed! appeared first on Overlaid.

IDG Contributor Network: 3 security analytics approaches that don’t work (but could) — Part 2

A security analytics approach that exploits the unique strengths of Bayesian networks, machine learning and rules-based systems—while also compensating for or eliminating their individual weaknesses—leads to powerful solutions that are effective across a wide array of security missions. Despite the drawbacks of security analytics approaches I described in part 1 of this series, it's possible to build such solutions today, giving users a way to rapidly identify their highest-priority security threats at very large scale without being deluged with false-positive alerts or being forced to hire an army of extra analysts.To read this article in full or to leave a comment, please click here

IDG Contributor Network: 3 security analytics approaches that don’t work (but could) — Part 2

A security analytics approach that exploits the unique strengths of Bayesian networks, machine learning and rules-based systems—while also compensating for or eliminating their individual weaknesses—leads to powerful solutions that are effective across a wide array of security missions. Despite the drawbacks of security analytics approaches I described in part 1 of this series, it's possible to build such solutions today, giving users a way to rapidly identify their highest-priority security threats at very large scale without being deluged with false-positive alerts or being forced to hire an army of extra analysts.To read this article in full or to leave a comment, please click here

Show 328: Wire Data Analysis With ExtraHop (Sponsored)

In this sponsored Weekly Show, Jesse Rothstein, co-founder & CTO of ExtraHop joins the Packet Pushers to talk about how ExtraHop helps organizations tap the network for real-time visibility into all IT systems. The post Show 328: Wire Data Analysis With ExtraHop (Sponsored) appeared first on Packet Pushers.

Linux Foundation smushes two smaller projects together to form Open Networking Automation Platform

The Linux Foundation announced yesterday that it had combined open source ECOMP and the Open Orchestrator Project into ONAP, the Open Networking Automation Platform, with the aim of helping users automate network service delivery, design, and service through a unified standard.Jim Zemlin, executive director of the Linux Foundation, said that ONAP should be a boon to enterprise IT departments, thanks to improved speed and flexibility.+MORE ON NETWORK WORLD: FCC rolls back net neutrality ISP transparency rules + Brocade's Ruckus Wi-Fi business finds a buyerTo read this article in full or to leave a comment, please click here

Ransomware ‘customer support’ chat reveals criminals’ ruthlessness

Ransomware criminals chatting up victims, offering to delay deadlines, showing how to obtain Bitcoin, dispensing the kind of customer support that consumers lust for from their cable and mobile plan providers, PC and software makers?What's not to love?Finnish security vendor F-Secure yesterday released 34 pages of transcripts from the group chat used by the crafters of the Spora ransomware family. The back-and-forth not only put a spotlight on the gang's customer support chops, but, said a company security advisor, illustrated the intertwining of Bitcoin and extortion malware.To read this article in full or to leave a comment, please click here

Ransomware ‘customer support’ chat reveals criminals’ ruthlessness

Ransomware criminals chatting up victims, offering to delay deadlines, showing how to obtain Bitcoin, dispensing the kind of customer support that consumers lust for from their cable and mobile plan providers, PC and software makers?What's not to love?Finnish security vendor F-Secure yesterday released 34 pages of transcripts from the group chat used by the crafters of the Spora ransomware family. The back-and-forth not only put a spotlight on the gang's customer support chops, but, said a company security advisor, illustrated the intertwining of Bitcoin and extortion malware.To read this article in full or to leave a comment, please click here

How big data is changing the nature of policing from reactive to proactive

Dwindling budgets, the changing nature of crime and the contemporary demands of communities are forcing police across the country to reevaluate their approach to law enforcement. Adding data-driven insights to their traditional policing expertise could provide a solution. It has already found a home in numerous areas of policing, from fraud detection to the identification of crime hotspots, and is transforming methods of policing from reactive to preventative."We strive to be more preventative," Detective Chief Superintendent of West Midlands Police Andy Hill told the audience at the Reform Big Data in Government Conference on Tuesday. "That isn't a new concept for policing. If we look back to Sir Robert Peel's 1829 Principles of Policing, it's number one on that list and then it recurs again down at number nine [the final entry on the list]."To read this article in full or to leave a comment, please click here

Create your own Slack bots — and web APIs — in R

One of Slack's greatest appeals is that it's so extensible. While its main purpose is group collaboration, add-on apps can do everything from answer questions about business analytics to offer project updates from tools like Jira and Trello.Step 3: Host the R API remotelyTo read this article in full or to leave a comment, please click here(Insider Story)

The future of biometrics and IoT

(Insider Story)

The future of biometrics and IoT

Biometrics in useImage by ThinkstockBiometrics falls into the third category of security modalities: (1) what we have: e.g. key, RFID card or ID card; (2) what we know: e.g. password, PIN, challenge/response answers like mother’s maiden name or first pet; and (3) what we are: e.g. biometrics, such as our fingerprint, face, iris, etc.To read this article in full or to leave a comment, please click here(Insider Story)