Department of Labor sues Google over wage data

The U.S. Department of Labor has filed a lawsuit against Google, with the company's ability to win government contracts at risk.The agency is seeking what it calls "routine" information about wages and the company's equal opportunity program. The agency filed a lawsuit with its Office of Administrative Law Judges to gain access to the information, it announced Wednesday.Google, as a federal contractor, is required to provide the data as part of a compliance check by the agency's Office of Federal Contract Compliance Programs (OFCCP), according to the Department of Labor. The inquiry is focused on Google's compliance with equal employment laws, the agency said.To read this article in full or to leave a comment, please click here

33% off Powerbeats3 Wireless In-Ear Headphones – Deal Alert

Powerbeats3 packs up to 12 hours of battery life in a single charge. And with Fast Fuel technology, a 5-minute charge gives you 1 hour of playback. Sweat and water resistance provides trusted durability, and dual-driver acoustics deliver dynamic sound to power your workout. These highly rated wireless earphones typically list for $199.99, but with this deal you save $50. The discount will be magically applied when you add it to your cart. Get them for $149.99 on Amazon.To read this article in full or to leave a comment, please click here

BrandPost: Every Company Must Behave Like a Software Company — Including Yours

Originally posted on the Puppet blog, and republished here with Puppet's permission.In technology, we get used to the idea that change is coming at us all the time, faster and faster. Or at least, we should get used to that idea, and even more important, we should prepare ourselves, our teams and our entire organizations for that rapid pace of change. That's why we created The CIO's Guide to DevOps: to help executives responsible for IT navigate the recent wave of change, dubbed digital transformation. Now that digital technology drives everything, every company, nonprofit, university and government agency that wants to stay relevant must become really good at developing and delivering software quickly, with great agility. That need is what's driving adoption of DevOps principles and practices.To read this article in full or to leave a comment, please click here

DDoS-for-hire services thrive despite closure of major marketplace

The closure of a major online marketplace for paid distributed denial-of-service attacks appears to have done little to slow down the illegal activity.In late October, HackForums.net shut down its "Server Stress Testing" section, amid concerns that hackers were peddling DDoS-for-hire services through the site for as little as US$10 a month.According to security experts, the section was the largest open marketplace for paid DDoS attacks -- a notorious hacking technique that can disrupt access to internet services or websites. But since the section's closure, the attacks remain rampant.To read this article in full or to leave a comment, please click here

DDoS-for-hire services thrive despite closure of major marketplace

The closure of a major online marketplace for paid distributed denial-of-service attacks appears to have done little to slow down the illegal activity.In late October, HackForums.net shut down its "Server Stress Testing" section, amid concerns that hackers were peddling DDoS-for-hire services through the site for as little as US$10 a month.According to security experts, the section was the largest open marketplace for paid DDoS attacks -- a notorious hacking technique that can disrupt access to internet services or websites. But since the section's closure, the attacks remain rampant.To read this article in full or to leave a comment, please click here

Worth Reading: Before you pay that ransom…

A decade ago, if a desktop computer got infected with malware the chief symptom probably was an intrusive browser toolbar of some kind. Five years ago you were more likely to get whacked by a banking trojan that stole all your passwords and credit card numbers. These days if your mobile or desktop computer is infected what gets installed is likely to be “ransomware” — malicious software that locks your most prized documents, songs and pictures with strong encryption and then requires you to pay for a key to unlock the files. —Krebs on Security

The post Worth Reading: Before you pay that ransom… appeared first on 'net work.

Toshiba expands recall of laptop battery packs by 83,000 due to burn/fire risk

The U.S. Consumer Product Safety Commission has issued an alert that Toshiba on Wednesday has greatly expanded its recall of laptop computer battery packs due to burn and fire hazards.More specifically, these are Panasonic lithium-ion battery packs that have been found susceptible to overheating in 41 models of the Toshiba Satellite laptop, which runs Windows. The firm has received five reports of the battery pack overheating and melting, including one additional report since the first recall announcement; no injuries have been reported.MORE: Samsung Note7's phenomenal flame-out timelineTo read this article in full or to leave a comment, please click here

56% off 299-Piece All-Purpose First Aid Kit – Deal Alert

This full-fledged, easy-to-tote first aid softpack is designed to save time and frustration in the midst of an emergency. It's compact and portable, but contains 299 physician-recommended supplies.  Among the items neatly organized inside the zippered kit is a first aid guide, vinyl gloves, bandages, cold compress, gauze pads, trauma pad, cotton-tipped applicators, first aid tape roll, antiseptics and all three common OTC pain medications. The kit is currently a #1 best seller on Amazon, averages 4.5 out of 5 stars from over 280 customers, and its typical list price of $26.74 has been reduced 56% to just $11.69. Click over to Amazon to see this deal.To read this article in full or to leave a comment, please click here

AT&T Outlines 5G Goals, Surpasses 2016 Virtualization Goal

The carrier has virtualized 34% of its network.

Intel Launches GO to Accelerate Autonomous Driving

A 40-car BMW fleet is on its way.

PC shipments predicted to return to growth in 2018 after six-year skid

Apple CEO Tim Cook declared the PC dead in a famous 2015 interview. Apparently, he's wrong, and the PC market will live another day.Gartner is projecting annual PC shipments to return to growth in 2018, ending a historic skid that started in 2012, the year Microsoft released Windows 8.The growth in 2018 will be minor. Gartner is projecting shipments of laptops, hybrids, and desktops to be around 272 million in 2018, growing from 266 million in 2017. PC shipments in 2016 were 268 million, according to the research firm.There were a few bright spots in the PC market over the last few years, including the fourth quarter of 2014, when Gartner said shipments grew by 1 percent. But on an annual basis, PC shipments have been dropping and hit double-digit declines in 2015, the year Microsoft released Windows 10.To read this article in full or to leave a comment, please click here

Hottest products from CES 2017

Get your Gadget On!Image by IDG / Network WorldIt's time once again for the International CES, the world's largest consumer electronics trade show. Thousands of people will flock to Las Vegas to see the latest gizmos, gadgets, TVs, computers, smartphones, robots and other devices meant to make our lives easier. Here's a sneak peek at some of the products on display at the show.To read this article in full or to leave a comment, please click here

The Back Door Feature Problem

In Don’t Forget to Lock the Back Door! A Characterization of IPv6 Network Security Policy, the authors ran an experiment that tested for open ports in IPv4 and IPv6 across a wide swath of the network. What they discovered was interesting—

IPv6 is more open than IPv4. A given IPv6 port is nearly always more open than the same port is in IPv4. In particular, routers are twice as reachable over IPv6 for SSH, Telnet, SNMP, and BGP. While openness on IPv6 is not as severe for servers, we still find thousands of hosts open that are only open over IPv6.

This result really, on reflection, should not be all that surprising. There are probably thousands of networks in the world with “unintentional” deployments of IPv6. The vendor has shipped new products with IPv6 enabled by default, because one large customer has demanded it. Customers who have not even thought about deploying IPv6, however, end up with an unprotected attack surface.

The obvious solution to this problem is—deploy IPv6 intentionally, including security, and these problems will likely go away.

But the obvious solution, as obvious as it might be, is only one step in the right direction. Instead of just Continue reading

State of DNSSEC Deployment 2016 report shows over 89% of top-level domains signed

AWS touts new enterprise workload magnet

Amazon Web Services recently announced a new Managed Services product for its public cloud that aims to ease migration of legacy enterprise applications to that cloud.AWS Managed Services is a series of infrastructure operations management tools meant to provide ongoing management, support, monitoring and security of an AWS cloud environment. It’s delivered jointly by AWS employees and certified AWS partners and is meant to serve AWS’s largest clients who are planning to migrate workloads to Amazon’s public cloud.+MORE AT NETWORK WORLD: 10 Must-watch IaaS cloud trends for 2017 | Why Azure’s chief believes Microsoft is in prime position in IaaS +To read this article in full or to leave a comment, please click here

HTTPS scanning in Kaspersky antivirus exposed users to MITM attacks

Security vendor Kaspersky Lab has updated its antivirus products to fix an issue that exposed users to traffic interception attacks.The problem was found by Google vulnerability researcher Tavis Ormandy in the SSL/TLS traffic inspection feature that Kaspersky Anti-Virus uses to detect potential threats hidden inside encrypted connections.Like other endpoint security products, Kaspersky Anti-Virus installs a self-signed root CA certificate on computers and uses it to issue "leaf," or interception, certificates for all HTTPS-enabled websites accessed by users. This allows the product to decrypt and then re-encrypt connections between local browsers and remote servers.To read this article in full or to leave a comment, please click here

HTTPS scanning in Kaspersky antivirus exposed users to MITM attacks

Security vendor Kaspersky Lab has updated its antivirus products to fix an issue that exposed users to traffic interception attacks.The problem was found by Google vulnerability researcher Tavis Ormandy in the SSL/TLS traffic inspection feature that Kaspersky Anti-Virus uses to detect potential threats hidden inside encrypted connections.Like other endpoint security products, Kaspersky Anti-Virus installs a self-signed root CA certificate on computers and uses it to issue "leaf," or interception, certificates for all HTTPS-enabled websites accessed by users. This allows the product to decrypt and then re-encrypt connections between local browsers and remote servers.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Kuzzle wants to productize consulting firm development services

The Consumer Electronics Show (CES) is usually used to launch new hardware—from laptops to mobile phones, from Wi-Fi routers to connected toasters.One thing it doesn’t see much of is the launch of software products. But that is what we’re seeing today with the launch of Kuzzle, a new backend platform that sees itself as the route to “seamless software development across all devices, services and platforms.”That’s a pretty lofty claim (OK, a very lofty one), especially since Kuzzle goes up against a range of tools: Salesforce’s platform, pure mobile backend as a service (MBaaS) solutions like Kinvey, as well as mobile development platforms. So, what is Kuzzle about, and what gives it the confidence to claim differentiation?To read this article in full or to leave a comment, please click here

IDG Contributor Network: Enterprise software: A look forward to 2017

I spend a reasonable amount of time formally or informally consulting to large organizations about their technology choices. These engagements can be as simple as a quick discussion over a coffee or a long-term consulting gig. In either case, vendors seek to leverage the fact that, as an independent observer of the technology space, I can give a broader take on what is going on and what that means for their particular technology requirements.Often technology practitioners within a large organization simply don’t have the time or bandwidth to look broadly, and while they may be deeply aware of what their own particular technology supplier does, they lack a more industry-wide perspective.To read this article in full or to leave a comment, please click here

Worth Reading: The Wandera Report

The Wandera 2017 Mobile Leak Report, a global analysis of almost 4 billion requests across hundreds of thousands of corporate devices, found more than 200 mobile websites and apps leaking personally identifiable information across a range of categories – including those that are essential for work. —The Internet Society

The post Worth Reading: The Wandera Report appeared first on 'net work.