IDG Contributor Network: 3 security analytics approaches that don’t work (but could) — Part 1

Digital technologies have changed the face of business and government, and they will continue to do so at an even faster pace. They drive innovation, boost productivity, improve communications and generate competitive advantage, among other benefits.The dark side of this digital revolution has now come clearly into focus as well: McKinsey estimates that cyber attacks will cost the global economy $3 trillion in lost productivity and growth by 2020, while theft, sabotage and other damage inflicted by trusted insider personnel continue to cost organizations in lost revenues, revealed secrets and damaged reputations.To read this article in full or to leave a comment, please click here

IDG Contributor Network: 3 security analytics approaches that don’t work (but could) — Part 1

Digital technologies have changed the face of business and government, and they will continue to do so at an even faster pace. They drive innovation, boost productivity, improve communications and generate competitive advantage, among other benefits.The dark side of this digital revolution has now come clearly into focus as well: McKinsey estimates that cyber attacks will cost the global economy $3 trillion in lost productivity and growth by 2020, while theft, sabotage and other damage inflicted by trusted insider personnel continue to cost organizations in lost revenues, revealed secrets and damaged reputations.To read this article in full or to leave a comment, please click here

WhatsApp vulnerability could expose messages to prying eyes, report claims

When Facebook’s WhatsApp turned on end-end-end encryption in its messaging service last year, it was a big deal. As all eyes were glued on Apple’s fight with the FBI over unlocking the San Bernardino shooter’s iPhone, WhatsApp took a huge step toward protecting its users’ privacy by moving to encrypt all messages and calls being sent between its apps.But a new report suggests it might not be as secure as users think. According to The Guardian, a serious vulnerability in WhatApp’s encryption could allow Facebook to intercept and read messages unbeknownst to the recipient, and only aware of by the sender if they have previously opted in to receive encryption warnings. The security flaw, which was discovered by Tobias Boelter, a cryptography and security researcher at the University of California, Berkeley, can “effectively grant access (to users’ messages)” by changing the security keys and resending messages.To read this article in full or to leave a comment, please click here

WhatsApp vulnerability could expose messages to prying eyes, report claims

When Facebook’s WhatsApp turned on end-end-end encryption in its messaging service last year, it was a big deal. As all eyes were glued on Apple’s fight with the FBI over unlocking the San Bernardino shooter’s iPhone, WhatsApp took a huge step toward protecting its users’ privacy by moving to encrypt all messages and calls being sent between its apps.But a new report suggests it might not be as secure as users think. According to The Guardian, a serious vulnerability in WhatApp’s encryption could allow Facebook to intercept and read messages unbeknownst to the recipient, and only aware of by the sender if they have previously opted in to receive encryption warnings. The security flaw, which was discovered by Tobias Boelter, a cryptography and security researcher at the University of California, Berkeley, can “effectively grant access (to users’ messages)” by changing the security keys and resending messages.To read this article in full or to leave a comment, please click here

Small businesses are prime targets for cyber attacks: SIEM-as-a-service can help

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  In February 2016, quick service restaurant The Wendy’s Company reported unusual payment card activity affecting some of its franchise restaurants. The breach was confirmed in May when the company revealed it had found evidence of malware on the affected stores’ point-of-sale systems. Additional malicious activity was later reported in June.In a statement from the CEO, the company says it believes the cyberattacks resulted from service providers’ remote access credentials being compromised, allowing access – and the ability to deploy malware – to some franchisees’ point-of-sale systems.To read this article in full or to leave a comment, please click here

Small businesses are prime targets for cyber attacks: SIEM-as-a-service can help

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  In February 2016, quick service restaurant The Wendy’s Company reported unusual payment card activity affecting some of its franchise restaurants. The breach was confirmed in May when the company revealed it had found evidence of malware on the affected stores’ point-of-sale systems. Additional malicious activity was later reported in June.In a statement from the CEO, the company says it believes the cyberattacks resulted from service providers’ remote access credentials being compromised, allowing access – and the ability to deploy malware – to some franchisees’ point-of-sale systems.To read this article in full or to leave a comment, please click here

IDG Contributor Network: API adoption: Traditional industries lag

At the close of 2016, Gartner Research Director Mark O’Neill presented at both API Strategy and Practice (in Boston) and APIdays Global (in Paris) to share his insights into this year’s API trends. Top on his list was a discussion about how, while everyone talks about building APIs, the much larger impact of APIs is with their consumption. O’Neill predicts that 2017 will see some maturing in product offerings that support businesses with their API consumption.To read this article in full or to leave a comment, please click here

After MongoDB, ransomware groups hit exposed Elasticsearch clusters

After deleting data from thousands of publicly accessible MongoDB databases, ransomware groups have started doing the same with Elasticsearch clusters that are accessible from the internet and are not properly secured.Elasticsearch is a Java-based search engine that's popular in enterprise environments. It's typically used in conjunction with log collection and data analytics and visualization platforms.The first report of an Elasticsearch cluster being hit by ransomware appeared on the official support forums on Thursday from a user who was running a test deployment accessible from the internet.To read this article in full or to leave a comment, please click here

After MongoDB, ransomware groups hit exposed Elasticsearch clusters

After deleting data from thousands of publicly accessible MongoDB databases, ransomware groups have started doing the same with Elasticsearch clusters that are accessible from the internet and are not properly secured.Elasticsearch is a Java-based search engine that's popular in enterprise environments. It's typically used in conjunction with log collection and data analytics and visualization platforms.The first report of an Elasticsearch cluster being hit by ransomware appeared on the official support forums on Thursday from a user who was running a test deployment accessible from the internet.To read this article in full or to leave a comment, please click here

Review: Netgear Nighthawk X10 packs a speed punch, has nice add-on features

How many years have gone by since you’ve upgraded your Wi-Fi router? If it’s been a few years and you want to also future-proof the network for upcoming technologies, a router on your short list should be Netgear’s Nighthawk X10 (model R9000, $499.99).The X10 not only has very fast dual-band (5GHz and 2.4 GHz) networking, but it also adds 802.11ad (60GHz) support, which provides for very fast data transfer rates over very short distances. This can be perfect for transferring large amounts of files over your LAN (such as between computers or a centralized storage device). Netgear also says that VR gaming will benefit from 802.11ad technologies (for when the headsets go wireless and need a high-speed connection to the PC from the headset) in the future. MU-MIMO technology is also supported, which maintains high data transfers when multiple-devices are also trying to do things on the network (such as stream video).To read this article in full or to leave a comment, please click here

European legislators debate robot rights for autonomous vehicles

Robots should one day have rights as "electronic persons," members of the European Parliament recommended Thursday -- but not until the machines are all fitted with "kill" switches to shut them down in an emergency.Parliament's Legal Affairs Committee wants the European Commission to propose legislation that will settle a number of ethical and liability issues in the field of robotics -- including who is to blame when an autonomous vehicle is involved in a collision.Granting the more sophisticated autonomous robots some kind of electronic personhood could settle issues of who is responsible for their actions, the committee suggested. More urgent than the question of robot rights, though, is the setting up of an obligatory insurance scheme that would pay out to the victims of a self-driving car if it caused an accident in the European Union.To read this article in full or to leave a comment, please click here

Amazon commits to hiring 100,000 U.S. workers

Over the next 18 months, Amazon expects to add 100,000 full-time jobs in the U.S.While many of the jobs will be in warehouses, Amazon said the company will be looking for engineers and software developers in such areas as cloud computing and machine learning.[To comment on this article, visit Computerworld's Facebook page.]“Innovation is one of our guiding principles at Amazon, and it’s created hundreds of thousands of American jobs,” said Jeff Bezos, Amazon founder and CEO, in a statement. “These jobs are not just in our Seattle headquarters or in Silicon Valley. They’re in our customer service network, fulfillment centers and other facilities in local communities throughout the country.”To read this article in full or to leave a comment, please click here

Now it’s AT&T’s turn to talk jobs, investment with Trump

AT&T chief executive Randall Stephenson met with President-elect Donald Trump on Thursday to talk jobs and investment, but the company's multi-billion takeover of Time Warner was not on the table. The company didn't say much about the meeting, which took place at Trump Tower in New York, but characterized it as wide ranging. "As the country’s leading investor of capital for each of the last five years, the conversation focused on how AT&T can work with the Trump administration to increase investment in the U.S., stimulate job creation in America, and make American companies more competitive globally," AT&T said in a statement.To read this article in full or to leave a comment, please click here

Apple must face claims of monopoly in iPhone app market

An appeals court has ruled that Apple must face antitrust charges in a lawsuit that alleges that the company monopolized the market for iPhone apps.The U.S. Court for Appeals for the Ninth Circuit reversed Thursday a decision by a lower court and ruled that the app buyers filing the lawsuit are direct purchasers of iPhone apps from Apple, rather than from app developers, and hence have standing to sue. Apple was a distributor of iPhone apps, selling them directly to buyers through its App Store, according to the court.The proposed class-action lawsuit started in 2011 with the complaint changing several times.NEWSLETTERS: Get the latest tech news sent directly to your in-box The purchasers object to the 30 percent "surcharge" that they pay to Apple. The company collects 30 percent of the revenue of third-party apps on its store, with the balance going to the developer, in a closed system in which Apple controls which apps can run on an iPhone, according to court records.To read this article in full or to leave a comment, please click here

How to prepare an old Mac for sale

What steps do I need to take before selling or giving away my old Mac?It's perfectly safe to sell on a Mac second-hand (or pass it on to a friend or relative), provided you take some basic precautions. (Well, if you've been storing state secrets or billion-pound business-critical data on there, you might want to get in some specialist help. The following tips are for the rest of us!)Before you sell your Mac second-hand, you should clean it both inside and out. Here are the most important steps you should take before selling or giving away an old Mac.Read next: Best Mac buying guide 2017 | How to sell an old MacTo read this article in full or to leave a comment, please click here

Will Trump’s policies increase IT employment?

Estimates for IT employment growth this year range from flat to gangbuster. But the actual 2017 outcome will depend on the economy and the still-uncertain policies of President-elect Donald Trump.Trump has talked about actions such as tariffs to keep some firms from relocating operations to Mexico or other countries. But analysts don't know how deep or broad the tariffs might be and what their hiring impact would be.[To comment on this story, visit Computerworld's Facebook page.]To read this article in full or to leave a comment, please click here

Open Networking: A Progress Report

IDG Contributor Network: 3 things you need to know to effectively scale your team

Success of a company is often a double-edged sword for technology teams. Enthusiastic customers, positive sales numbers and increased opportunity generally mean only one thing for a CTO—the need to scale.For start-ups, determining how and when to scale can be a challenge. Just when you hire your first set of developers and build the product, you’re faced with the need to grow your team and ensure that technology can accommodate an expanding number of users. Resource management is also key—and technology and process, in addition to people, can help you to scale wisely without having to rebuild your product. After managing the challenge of scaling at a number of companies, I’ve narrowed it down to three elements of scaling to keep in mind when it comes to people.To read this article in full or to leave a comment, please click here

VXLAN Ping and Traceroute

From the moment Cisco and VMware announced VXLAN some networking engineers complained that they'd lose visibility into the end-to-end path. It took a long while, but finally the troubleshooting tools started appearing in VXLAN environment: NVO3 working group defined Fault Managemnet framework for overlay networks and Cisco implemented at least parts of it in recent Nexus OS releases.

You'll find more details in Software Gone Wild Episode 69 recorded with Lukas Krattiger in November 2016 (you can also watch VXLAN Technical Deep Dive webinar to learn more about VXLAN).

Response: Introducing Open/R — a new modular routing platform | Engineering Blog | Facebook Code | Facebook

Although this post is from May 2016, Petr Lapukhov at Facebook outlines an method to replace routing protocols with a message bus to enable real network applications.

I’m doubtful that wider networking market would adopt something that doesn’t have BGP in the solution but Facebook has the resources to develop something like this and prove that it works. That could change perceptions. In any case, thought provoking reading.

Introducing Open/R — a new modular routing platform | Engineering Blog | Facebook Code | Facebook: “The Open/R software enables rapid prototyping and deployment of new applications to the network much more frequently than the industry’s standard development process. To create an interoperable standard, the industry’s process is often lengthy due to code being built independently by multiple vendors and then slowly deployed to their customer networks. Furthermore, every vendor has to accommodate for the demands of numerous customers — complicating the development process and requiring features that are not always useful universally.”

The post Response: Introducing Open/R — a new modular routing platform | Engineering Blog | Facebook Code | Facebook appeared first on EtherealMind.