Archive

Category Archives for "Networking"

How to get your infrastructure in shape to shake off scriptable attacks

According to F-Secure’s The State of Cyber Security 2017 report, criminal hackers perform most cyber-attacks using basic, scriptable techniques against poorly maintained infrastructure. This will continue as long as there are loads of attack scripts and plenty of poorly secured networks.The number of attack scripts is climbing as elite hackers continue to create these scripts and sell them to others, says Itzik Kotler, CTO and Co-Founder, SafeBreach. There doesn’t seem to be any stopping this trend.CSO examines scriptable attacks and the part of the problem that you can control: getting your infrastructure in shape to shrug off these breaches.To read this article in full or to leave a comment, please click here

How to respond to a cyber attack

Preparing and responding to a cyberattackImage by ThinkstockCybersecurity incidents continue to grow in both volume and sophistication, with 64 percent more security incidents reported in 2015 than in 2014, according to a June 2016 report by the Ponemon Institute. The human instinct is to try to find those responsible. However, any attempt to access, damage or impair another system that appears to be involved in an attack is mostly likely illegal and can result in civil and/or criminal liability. Since many intrusions and attacks are launched from compromised systems, there’s also the danger of damaging an innocent victim’s system.To read this article in full or to leave a comment, please click here

How to respond to a cyber attack

Preparing and responding to a cyberattackImage by ThinkstockCybersecurity incidents continue to grow in both volume and sophistication, with 64 percent more security incidents reported in 2015 than in 2014, according to a June 2016 report by the Ponemon Institute. The human instinct is to try to find those responsible. However, any attempt to access, damage or impair another system that appears to be involved in an attack is mostly likely illegal and can result in civil and/or criminal liability. Since many intrusions and attacks are launched from compromised systems, there’s also the danger of damaging an innocent victim’s system.To read this article in full or to leave a comment, please click here

Get started podcasting and producing video on Linux

Interested in producing your own podcast or video series entirely from a free software-fueled, Linux-powered computer? Here’s how I accomplish that task.Feel free to copy my exact setup for your own use. Or take some of my recommendations. Or ignore everything I say here and do things better than I do. Either way, hopefully this proves useful in your Linux-fueled media production endeavors.Podcasting and video hardware The hardware setup for my daily recording is fairly simple. More often than not, I utilize a Blue USB Yeti microphone. It has exceptionally good sound (especially for the roughly $100 price tag) and functions as a sound device on every modern Linux distribution I’ve encountered.To read this article in full or to leave a comment, please click here

The ultimate upgrade to Amazon’s Alexa

In a recent post, I shared 8 ways to make Amazon’s Alexa even more awesome, covering everything from better communications to easier setup and skills creation. I believe those suggestions could help Alexa become even more useful than it already is. But for voice assistants to truly fulfill their destiny, they need something a bit more radical and transformative.They need the human touch.As noted in my previous post, while Alexa does a few things really well, she doesn’t even try to deal with the vast, vast, majority of tasks and questions you might want to pose to a voice-powered assistant. That’s because the current state of AI simply doesn’t support even a tiny fraction of the questions you might want answered or tasks you might want help with. To read this article in full or to leave a comment, please click here

US FCC stays data security regulations for broadband providers

The U.S. Federal Communications Commission has halted new rules that would require high-speed internet providers to take 'reasonable' steps to protect customer data.In a 2-1 vote that went along party lines, the FCC voted Wednesday to stay temporarily one part of privacy rules passed in October that would give consumers the right to decide how their data is used and shared by broadband providers.The rules include the requirement that internet service providers should obtain "opt-in" consent from consumers to use and share sensitive information such as geolocation and web browsing history, and also give customers the option to opt out from the sharing of non-sensitive information such as email addresses or service tier information.To read this article in full or to leave a comment, please click here

US FCC stays data security regulations for broadband providers

The U.S. Federal Communications Commission has halted new rules that would require high-speed internet providers to take 'reasonable' steps to protect customer data.In a 2-1 vote that went along party lines, the FCC voted Wednesday to stay temporarily one part of privacy rules passed in October that would give consumers the right to decide how their data is used and shared by broadband providers.The rules include the requirement that internet service providers should obtain "opt-in" consent from consumers to use and share sensitive information such as geolocation and web browsing history, and also give customers the option to opt out from the sharing of non-sensitive information such as email addresses or service tier information.To read this article in full or to leave a comment, please click here

Yahoo execs botched its response to 2014 breach, investigation finds

If your company has experienced a data breach, it's probably a good idea to thoroughly investigate it promptly.Unfortunately, Yahoo didn't, according to a new internal investigation. The internet pioneer, which reported a massive data breach involving 500 million user accounts in September, actually knew an intrusion had occurred back in 2014, but allegedly botched its response.The findings were made in a Yahoo securities exchange filing on Wednesday that offered more details about the 2014 breach, which the company has blamed on a state-sponsored hacker.To read this article in full or to leave a comment, please click here

Yahoo execs botched its response to 2014 breach, investigation finds

If your company has experienced a data breach, it's probably a good idea to thoroughly investigate it promptly.Unfortunately, Yahoo didn't, according to a new internal investigation. The internet pioneer, which reported a massive data breach involving 500 million user accounts in September, actually knew an intrusion had occurred back in 2014, but allegedly botched its response.The findings were made in a Yahoo securities exchange filing on Wednesday that offered more details about the 2014 breach, which the company has blamed on a state-sponsored hacker.To read this article in full or to leave a comment, please click here

Creating an IXP in Denver, Colorado, USA

The word Internet is short for internetwork. It’s just a network of networks. So the more places you can connect those networks, the more robust the whole system is. That’s what Internet Exchange Points (“IXPs”) are. They’re the connection points where networks can connect to each other, and they’re a crucial part of the infrastructure of the Internet. 

In Europe, IXPs have traditionally been independent and are often run as nonprofits, whereas in North America, they’ve typically been owned and operated by commercial colocation facility operators or Internet Service Providers (ISPs). In the last several years, though, there’s been a movement in the US to build more independent, community-focused IXPs. IX-Denver is part of that movement. 

Chris Grundemann
Jane Coffin

Old Windows malware may have tampered with 132 Android apps

More than 130 Android apps on the Google Play store have been found to contain malicious coding, possibly because the developers were using infected computers, according to security researchers.The 132 apps were found generating hidden iframes, or an HTML document embedded inside a webpage, linking to two domains that have hosted malware, according to security firm Palo Alto Networks.Google has already removed the apps from its Play store. But what's interesting is the developers behind the apps probably aren't to blame for including the malicious code, Palo Alto Networks said in a Wednesday blog post.To read this article in full or to leave a comment, please click here

Old Windows malware may have tampered with 132 Android apps

More than 130 Android apps on the Google Play store have been found to contain malicious coding, possibly because the developers were using infected computers, according to security researchers.The 132 apps were found generating hidden iframes, or an HTML document embedded inside a webpage, linking to two domains that have hosted malware, according to security firm Palo Alto Networks.Google has already removed the apps from its Play store. But what's interesting is the developers behind the apps probably aren't to blame for including the malicious code, Palo Alto Networks said in a Wednesday blog post.To read this article in full or to leave a comment, please click here

Edge computing will blow away the cloud

SAN FRANCISCO -- The ubiquitous cloud computing craze may not be long for this world if venture capitalist Peter Levine is right. The Andreessen Horowitz general partner said that as more computing capabilities move to so-called "edge" devices, including anything from driverless cars and drones to the boundless devices that make up the internet of things (IoT), the cloud will slowly evaporate."A large portion of computation that gets done in the cloud today will return to the edge," said Levine at the Wall Street Journal's CIO Network event here Tuesday.Levine said the driverless car, whose 200-plus CPUs effectively make it a "data center on wheels," is a prime example of an edge device whose computing capabilities must be self-contained. Levine said that an autonomous vehicle relying on the cloud foTo read this article in full or to leave a comment, please click here

Worth Reading: The rise of SSL based threats

The majority of Internet traffic is now encrypted. With the advent of free SSL providers like Let’s Encrypt, the move to encryption has become easy and free. On any given day in the Zscaler cloud, more than half of the traffic that inspected uses SSL. It is no surprise, then, that malicious actors have also been using the SSL protocol in their activities over the last several years. The increasing use of SSL creates problems for organizations that are unable to monitor SSL traffic, as they must rely on less-effective techniques like IP and domain blocking in an attempt to identify and block threats. —CSA

The post Worth Reading: The rise of SSL based threats appeared first on 'net work.

Microsoft employees donate $650 million in cash, services and software

Microsoft formed Microsoft Philanthropies a little over a year ago with a plan to donate money, time, cloud computing services and software around the globe. In its first year, it has done a lot of that. Mary Snapp, corporate vice president of Microsoft Philanthropies, provided an update to the program's progress after its first year, and it's impressive. The company's contributions to various nonprofits and schools include donations worth $465 million to 71,000 organizations and more than $30 million in technology and cash donations to organizations serving refugees and displaced people. Plus, company employees raised $142 million for 19,000 nonprofits and schools. To read this article in full or to leave a comment, please click here

Half of the top 100 retail sites had slow load times during AWS’s S3 outage, vendor finds

Yesterday Amazon Web Services had a bad day. And when AWS has a bad day, so do a lot of other sites.Vendor Apica is a website monitoring services that keeps a close eye on some of the top retail websites around the country. All in all, the retail website Apica tracks had trouble dealing with the elevated errors rates AWS reported in S3 starting around mid-day Eastern Time.+MORE AT NETWORK WORLD: 5 Lessons from Amazon's S3 cloud blunder, and how to protect yourself from the next outage +To read this article in full or to leave a comment, please click here

Fave Raves 2017 call for submissions

Fave Raves is Network World’s annual roundup of the best products, as chosen by IT pros. Do you have a favorite enterprise IT product you can't live without? Tell us about it and we'll share your raves with our readers.Please send your submissions to Ann Bednarz at Network World ([email protected]) by Friday, March 17. Please note: Submissions must be received directly from IT professionals, not through a third party.Items to address:1. Please provide your name, title and employer.2. What's your favorite product? (vendor name and product name)3. Why do you like it?4. How has it helped you and/or your company?5. How many years have you worked in IT?6. What upcoming IT projects are you most excited about and why?7. Please include a picture of yourself.To read this article in full or to leave a comment, please click here

1 1,978 1,979 1,980 1,981 1,982 3,465