Robocall Strike Force set to take wraps off battle plan

Two months after accepting its marching orders, the federal Robocall Strike Force chaired by AT&T CEO Randall Stephenson and featuring industry heavyweights such as Verizon, Google and Apple, will tomorrow make public its plan for dramatically reducing the torrent of automated phone calls.“The Robocall Strike Force is an industry-led group which has been working to develop comprehensive solutions to prevent, detect, and filter unwanted robocalls,” says the FCC.  “Robocalls and telemarketing calls are the number one source of consumer complaints received by the FCC.  However, giving consumers meaningful control over the calls and texts they receive requires collective action by the industry.”To read this article in full or to leave a comment, please click here

Workstation software flaw exposes industrial control systems to hacking

The software used to program and deploy code to various Schneider Electric industrial controllers has a weakness that could allow hackers to remotely take over engineering workstations.The software, known as Unity Pro, runs on PCs used by engineers and includes a simulator for testing code before deploying it to programmable logic controllers (PLCs). These are the specialized hardware devices that monitor and control mechanical processes -- spinning motors, opening and closing valves, etc. -- inside factories, power stations, gas refineries, public utilities and other industrial installations.Researchers from industrial cybersecurity firm Indegy found that unauthenticated attackers could execute malicious code on Windows computers where the Unity Pro PLC simulator is installed. That code would run with debug privileges leading to a complete system compromise.To read this article in full or to leave a comment, please click here

Workstation software flaw exposes industrial control systems to hacking

The software used to program and deploy code to various Schneider Electric industrial controllers has a weakness that could allow hackers to remotely take over engineering workstations.The software, known as Unity Pro, runs on PCs used by engineers and includes a simulator for testing code before deploying it to programmable logic controllers (PLCs). These are the specialized hardware devices that monitor and control mechanical processes -- spinning motors, opening and closing valves, etc. -- inside factories, power stations, gas refineries, public utilities and other industrial installations.Researchers from industrial cybersecurity firm Indegy found that unauthenticated attackers could execute malicious code on Windows computers where the Unity Pro PLC simulator is installed. That code would run with debug privileges leading to a complete system compromise.To read this article in full or to leave a comment, please click here

Critical account creation flaws patched in popular Joomla CMS

The Joomla developers are warning website administrators to apply an update for the popular content management system that fixes two critical vulnerabilities.The flaws are serious enough that the Joomla project released a prenotification about the planned update on Friday, urging everyone to be prepared to install it as soon as possible. This suggests that attacks targeting these vulnerabilities are expected to follow shortly.Joomla 3.6.4, released Tuesday, fixes a high-priority flaw in the account creation component that could be exploited to create accounts on a Joomla-based website even if user registration has been disabled on it.To read this article in full or to leave a comment, please click here

Critical account creation flaws patched in popular Joomla CMS

The Joomla developers are warning website administrators to apply an update for the popular content management system that fixes two critical vulnerabilities.The flaws are serious enough that the Joomla project released a prenotification about the planned update on Friday, urging everyone to be prepared to install it as soon as possible. This suggests that attacks targeting these vulnerabilities are expected to follow shortly.Joomla 3.6.4, released Tuesday, fixes a high-priority flaw in the account creation component that could be exploited to create accounts on a Joomla-based website even if user registration has been disabled on it.To read this article in full or to leave a comment, please click here

Microsoft wants to bring machine learning into the mainstream

Microsoft just released the open-source licensed beta release of the Microsoft Cognitive Toolkit on Github. This announcement represents a shift in Microsoft’s customer focus from research to implementation. It is an update to the Computational Network Toolkit (CNTK). The toolkit is a supervised machine learning system in the same category of other open-source projects such as Tensorflow, Caffe and Torch.  Microsoft is one of the leading investors in and contributors to the open machine learning software and research community. A glance at the Neural Information Processing Systems (NIPS) conference reveals that there are just four major technology companies committed to moving the field of neural networks forward: Microsoft, Google, Facebook and IBM.To read this article in full or to leave a comment, please click here

Yahoo! User Data Breach: The Case for Pervasive Security and Monitoring

ARM builds up security in the tiniest IoT chips

IoT is making devices smaller, smarter, and – we hope – safer. It’s not easy to make all those things happen at once, but chips that can help are starting to emerge.On Tuesday at ARM TechCon in Silicon Valley, ARM will introduce processors that are just a fraction of a millimeter across and incorporate the company’s TrustZone technology. TrustZone is hardware-based security built into SoC (system on chip) processors to establish a root of trust.It’s designed to prevent devices from being hacked and taken over by intruders, a danger that’s been in the news since the discovery of the Mirai botnet, which recently took over thousands of IP cameras to mount denial-of-service attacks.To read this article in full or to leave a comment, please click here

ARM builds up security in the tiniest IoT chips

IoT is making devices smaller, smarter, and – we hope – safer. It’s not easy to make all those things happen at once, but chips that can help are starting to emerge.On Tuesday at ARM TechCon in Silicon Valley, ARM will introduce processors that are just a fraction of a millimeter across and incorporate the company’s TrustZone technology. TrustZone is hardware-based security built into SoC (system on chip) processors to establish a root of trust.It’s designed to prevent devices from being hacked and taken over by intruders, a danger that’s been in the news since the discovery of the Mirai botnet, which recently took over thousands of IP cameras to mount denial-of-service attacks.To read this article in full or to leave a comment, please click here

Google is trying to reinvent the whiteboard

What's big, red, and supposed to be the next big thing in workplace collaboration? Google's new Jamboard, a massive touch display and accompanying cloud service that's supposed to help business users brainstorm together. Jamboard works like a digital whiteboard, letting users sketch out ideas, attach digital sticky notes, plus bring in content from the web into a single, constantly updating workspace. People can use Jamboard to collaborate both on the 55-inch mega-display of the same name, or using accompanying tablet and smartphone apps for iOS and Android. The Jamboard is available in private beta for business customers of Google's G Suite productivity service offering starting Tuesday. The company expects to make it generally available early next year.To read this article in full or to leave a comment, please click here

Google buys eye-tracking VR firm Eyefluence

Google has acquired a 3-year-old eye-tracking company for virtual and augmented reality headsets, signaling the tech giant's interest in the immersive technologies.Eyefluence, founded in 2013 by serial entrepreneurs Jim Marggraff and David Stiehr, develops eye-interaction technologies to control VR and AR headsets. "Eyes can instantaneously transform intent into action, enabling communication as fast as you can see," the company says. The deal with Google was announced Tuesday. "With our forces combined, we will continue to advance eye-interaction technology to expand human potential and empathy on an even larger scale," Eyefluence said in a blog post.To read this article in full or to leave a comment, please click here

Audio Q&A: 20 years of networked cameras

Let’s jump into the Cool Tools Time Machine to go back to the year 1996. The Internet, at least on the consumer side of things, was just beginning to take off, and there was a Clinton running for president (well, at least some things stay the same).  Axis Communications Axis Communications NetEye 200, the company's first network-based video camera. In that year, a company called Axis Communications created its first networked video camera, the NetEye 200, which could transmit video at 1 frame per 17 seconds in normal resolution, or 1 frame per second (fps) in CIF resolution. Since then, resolution and frame rates have gotten much, much better, with current cameras supporting 4K resolution. To read this article in full or to leave a comment, please click here

IBM is folding SoftLayer into its Bluemix cloud services portfolio

OpenStack users running their workloads on IBM's SoftLayer public cloud infrastructure took it calmly when the company's object storage development lead, Brian Cline, announced that SoftLayer is going away.Cline opened his presentation with the news at the OpenStack Summit in Barcelona on Tuesday.But it's not as bad as it sounds. The same services will still be available from the same servers, managed through the same SoftLayer control portal: Only the brand is going away.IBM is going to replace the SoftLayer name with Bluemix, its broader cloud platform, making SoftLayer services just another page in the Bluemix catalog of infrastructure, platform and application services.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Beyond 911: Other N-1-1 codes you should know

The North American Numbering Plan (NANP) establishes what telephone numbers exist. It would be safe to say that most people know and understand that the short code of 911 will connect callers with police, fire or medical services in the event of an emergency. But did you know that there are seven other numbers, arguably as important?N11 numbers, or telephone short-codes, provide callers quick and simple access to other special assistance that may be needed without tying up emergency services resources and phone lines.Usage of these codes is established by the Federal Communications Commission based on use defined by the NANP Administrator, and is as follows:To read this article in full or to leave a comment, please click here

Privacy and security problems in TrackR, iTrack Easy and Nut IoT trackers

People who tend to lose or misplace things may turn to “smart” trackers, tiny devices which can be attached to keys, TV remotes, just about anything, and then the Bluetooth-enabled tracker helps you find the “lost” item via a smartphone. Many have a crowdsourcing feature so other people on that tracker’s network can also help locate a missing item. But how secure are these IoT trackers? Two researchers at Rapid7 decided to find out.Deral Heiland, principal security consultant at Rapid7, aka @Percent_X, and Adam Compton, senior security consultant at Rapid7, aka @tatanus, took aim at four different trackers: iTrack Easy, Nut Smart Tracker, TrackR Bravo and Tile. They looked at the devices as well as the companion iOS apps and found issues with each.To read this article in full or to leave a comment, please click here

Privacy and security problems in TrackR, iTrack Easy and Nut IoT trackers

People who tend to lose or misplace things may turn to “smart” trackers, tiny devices which can be attached to keys, TV remotes, just about anything, and then the Bluetooth-enabled tracker helps you find the “lost” item via a smartphone. Many have a crowdsourcing feature so other people on that tracker’s network can also help locate a missing item. But how secure are these IoT trackers? Two researchers at Rapid7 decided to find out.Deral Heiland, principal security consultant at Rapid7, aka @Percent_X, and Adam Compton, senior security consultant at Rapid7, aka @tatanus, took aim at four different trackers: iTrack Easy, Nut Smart Tracker, TrackR Bravo and Tile. They looked at the devices as well as the companion iOS apps and found issues with each.To read this article in full or to leave a comment, please click here

Worth Reading: Microsoft and FPGAs

Microsoft’s embrace of programmable chips knowns as FPGAs is well documented. But in a paper released Monday the software and cloud company provided a look into how it has fundamentally changed the economics of delivering hardware as a service thanks to these once-specialty pieces of silicon. —The Next Platform

The post Worth Reading: Microsoft and FPGAs appeared first on 'net work.

Wavefront Raises $52M in Series B Funding

The company's latest round was four times the amount it raised with its Series A funding.

Azure brings SQL Server Analysis Services to the cloud

SQL Server Analysis Services, one of the key features of Microsoft's relational database enterprise offering, is going to the cloud. The company announced Tuesday that it's launching the public beta of Azure Analysis Services, which gives users cloud-based access to semantic data modeling tools.The news is part of a host of announcements the company is making at the Professional Association for SQL Server Summit in Seattle this week. On top of the new cloud service, Microsoft also released new tools for migrating to the latest version of SQL Server and an expanded free trial for Azure SQL Data Warehouse. On the hardware side, the company revealed new reference architecture for using SQL Server 2016 with active data sets of up to 145TB.To read this article in full or to leave a comment, please click here

The New Age Of IoT-Based DDoS Attacks