0

East-West Encryption: The Next Security Frontier?

VMware says it is looking at East-West encryption inside the data center, adding another layer of security to the SDDC.

0

Worth Reading: Cryptocurrency mining malware infecting NAS’

A malware variant named Mal/Miner-C (also known as PhotoMiner) is infecting Internet-exposed Seagate Central Network Attached Storage (NAS) devices and using them to infect connected computers to mine for the Monero cryptocurrency. Miner-C, or PhotoMiner, appeared at the start of June 2016, when a report revealed how this malware was targeting FTP servers and spreading on its own to new machines thanks to worm-like features that attempted to brute-force other FTP servers using a list of default credentials. —Softpedia

The post Worth Reading: Cryptocurrency mining malware infecting NAS’ appeared first on 'net work.

0

Banks turn to AI for improved customer service, competitive edge

With the Wells Fargo fake accounts scandal fresh on your mind, it’s hard to feel sorry for banks these days. But the pressure on big banks to innovate has never been higher.To read this article in full or to leave a comment, please click here(Insider Story)

0

Yahoo reportedly to confirm massive data breach

Following reports that Yahoo will confirm a data breach that affects hundreds of millions of accounts, some users reported Thursday on Twitter and elsewhere that they were prompted to change their email password when trying to log in.Yahoo launched an investigation into a possible breach in early August after someone offered to sell a data dump of over 200 million Yahoo accounts on an underground market, including usernames, easy-to-crack password hashes, dates of birth and backup email addresses.The company has since determined that the breach is real and that it's even worse than initially believed, news website Recode reported Thursday, citing unnamed sources familiar with the investigation.To read this article in full or to leave a comment, please click here

0

Yahoo reportedly to confirm massive data breach

Following reports that Yahoo will confirm a data breach that affects hundreds of millions of accounts, some users reported Thursday on Twitter and elsewhere that they were prompted to change their email password when trying to log in.Yahoo launched an investigation into a possible breach in early August after someone offered to sell a data dump of over 200 million Yahoo accounts on an underground market, including usernames, easy-to-crack password hashes, dates of birth and backup email addresses.The company has since determined that the breach is real and that it's even worse than initially believed, news website Recode reported Thursday, citing unnamed sources familiar with the investigation.To read this article in full or to leave a comment, please click here

0

Keeping up with incident response

A fire department in a large city certainly has a difficult job, but its mission is fairly straightforward. When a fire is detected, the fire department dispatches an appropriately sized staff to assess, contain and put out the fire, clean up, investigate what happened, and prepare themselves for the next blaze.Yup, it's a pretty simple process when a manageable number of fires are burning. But what would happen if there were hundreds or thousands of simultaneous infernos?My guess is that a senior fire chief (and perhaps other participants from local government and law enforcement) would have to make decisions on which blazes to resource and which to ignore. These decisions would certainly be based upon information analysis and best practices, but there is still some risk that the disregarded fires would end up being far worse than expected, turn into disasters, and call into question the judgement of all involved.To read this article in full or to leave a comment, please click here

0

In WiFi Too, It Pays To Work Hard

We are thrilled to announce that Ruckus, operating as a business unit within Brocade, was recognized by industry analyst firm, IHS Markit, as a Leader in its annual “2016 Wireless LAN Infrastructure Vendor Scorecard.”

0

Fixing the mixed content problem with Automatic HTTPS Rewrites

CloudFlare aims to put an end to the unencrypted Internet. But the web has a chicken and egg problem moving to HTTPS.

Long ago it was difficult, expensive, and slow to set up an HTTPS capable web site. Then along came services like CloudFlare’s Universal SSL that made switching from http:// to https:// as easy as clicking a button. With one click a site was served over HTTPS with a freshly minted, free SSL certificate.

Boom.

Suddenly, the website is available over HTTPS, and, even better, the website gets faster because it can take advantage of the latest web protocol HTTP/2.

Unfortunately, the story doesn’t end there. Many otherwise secure sites suffer from the problem of mixed content. And mixed content means the green padlock icon will not be displayed for an https:// site because, in fact, it’s not truly secure.

Here’s the problem: if an https:// website includes any content from a site (even its own) served over http:// the green padlock can’t be displayed. That’s because resources like images, JavaScript, audio, video etc. included over http:// open up a security hole into the secure web site. A backdoor to trouble.

Web browsers have known this was a problem Continue reading

0

IDG Contributor Network: AT&T’s AirGig shows wireless internet over power lines is possible

High-speed wireless internet could soon be delivered over power lines, according to a major mobile network operator that announced positive test results of a proposed system.AT&T says its project, called AirGig, will deliver multiple gigabit-speed wireless internet by creating broadband signals that will emanate from the power lines crossing the country and beyond.The company says it won’t actually connect its equipment directly to the powerline cables but will simply use the wires as way to send modulated radio signals to individuals’ homes, smartphones, tablets and so on. The equipment sits atop the utility poles and uses the existing wires for transmitting and receiving.To read this article in full or to leave a comment, please click here

0

SourceFire & AMP showing up on CCNP: Security

Looks like the SITCS Exam, that is part of the CCNP: Security exam is going from v1.0 to v1.5. SITCS is the exam oriented around ‘Implementing Cisco Threat Control Soluation’. Now, it only makes sense as the original version of this exam was more geared towards Cisco IPS & CX which has since been EoX’ed some time […]

0

Google’s Allo is an early personal assistant, not a late-to-market messaging app

Allo is a child that Google just sent to school to become your personal assistant. The first release looks like a messenger app because it is a common user interface (UI) that almost all smartphone users know, and it is conversational. Like a child learns to speak through conversation with adults, Allo will learn to be a personal assistant through quadrillions of messaging conversations if it succeeds as the next big platform.Google Now and Apple’s Siri are rudimentary compared to the personal assistant that Google Allo could become. Google Now’s and Siri’s voice to text is pretty accurate, but the user is limited to a fixed set of commands, navigate, play music, search, etc.To read this article in full or to leave a comment, please click here

0

PQ Show 93: Smart Network Monitoring With Paessler (Sponsored)

On todays Priority Queue episode, we talk smart network monitoring with our sponsor, Paessler, maker of PRTG Network Monitor. The post PQ Show 93: Smart Network Monitoring With Paessler (Sponsored) appeared first on Packet Pushers.

0

Plan now for the EU’s privacy regulation revolution, says HPE exec

The cost of complying with the European Union's General Data Protection Regulation might seem like something best deferred until it enters force in 2018 -- but working on compliance just might boost profit, not reduce it.The GDPR, the EU's latest rewrite of its data privacy laws, doesn't enter effect until May 25, 2018, but already IT companies are talking up their software and services for complying with the new rules.It's not just an issue for EU enterprises: Any company processing the personal information of EU citizens is affected.To read this article in full or to leave a comment, please click here

0

IDG Contributor Network: MacOS Sierra: The day nothing happened

I was notified that a software update was available for a few of my systems. An update to macOS Sierra was available for my main production system, a MacBook Pro, and my travel system, a MacBook Air. My personal work environment also includes a cloud-based storage service, several Linux servers for local file and print services as well as a lonely, old Windows-based laptop to execute a single application to support a long-term consulting contract.Living with an electronic tower of potential trouble Since my production environment is made up of systems from different vendors, purchased at different times, and software from different vendors, the prospect of updating anything, much less the operating system on one of my production machines, is scary.To read this article in full or to leave a comment, please click here

0

Lockdown! Harden Windows 10 for maximum security

You may have heard that Microsoft has made Windows 10 more secure than any of its predecessors, packing it with security goodies. What you might not know is that some of these vaunted security features aren’t available out of the box or they require additional hardware -- you may not be getting the level of security you bargained for.Features such as Credential Guard are available for only certain editions of Windows 10, while the advanced biometrics promised by Windows Hello require a hefty investment in third-party hardware. Windows 10 may be the most secure Windows operating system to date, but the security-savvy organization -- and individual user -- needs to keep the following hardware and Windows 10 edition requirements in mind in order to unlock the necessary features to achieve optimum security.To read this article in full or to leave a comment, please click here

0

Investigating Cybersecurity Incidents — a free course

One of the biggest mistakes companies make when responding to a cybersecurity incident is taking well-meaning steps to “clean up the mess” that actually ruin the digital evidence needed to investigate and prosecute the case.To read this article in full or to leave a comment, please click here(Insider Story)

0

Investigating Cybersecurity Incidents — a free course

One of the biggest mistakes companies make when responding to a cybersecurity incident is taking well-meaning steps to “clean up the mess” that actually ruin the digital evidence needed to investigate and prosecute the case.Learning to securely preserve that forensic evidence is key to a successful legal case. In partnership with IDG Enterprise, training company Logical Operations Inc. presents a free online course on this timely topic: Investigating Cybersecurity Incidents.In three video sessions, you’ll learn skills such as how to plan the forensic investigation; collect, protect and analyze the evidence; write an investigation report; work with law enforcement; comply with relevant laws; and prepare for case for court.To read this article in full or to leave a comment, please click here(Insider Story)

0

Were Apple’s ‘leaked’ iPhone 7 tweets really a mistake?

Apple hasn't embraced social media the way its tech rivals have, but the company appears to have warmed to the medium. Today Apple uses its @AppleSupport account on Twitter as a customer service and outreach tool, and the company also maintains Twitter accounts for some of its most popular services, including Apple Music, the App Store, iTunes and Beats1. Apple also finally started to use its main @Apple Twitter account in the days leading up to the iPhone 7 launch earlier this month. But things got off to a bit of a rocky start. During the company's presentation, the company published and then immediately deleted at least three tweets to the @Apple account that revealed details and key features of the iPhone 7 — before it was officially announced.To read this article in full or to leave a comment, please click here

0

6 tips for managing a global workforce

Technology has drastically changed the role of management in the enterprise, as teams, and even entire companies, grow more disperse. In fact, it's not out of the realm of possibility that you could eventually work for a company with an entirely remote workforce.While technology has brought plenty of positives to the corporate world, it's also made managers' jobs more difficult. How do you effectively measure engagement and performance if you have a team of workers sprinkled across the country or even the globe?Phil Shawe, Co-CEO of TransPerfect manages over 4,000 employees across 100 countries -- and he's learned a lot from the experience. He's had to get creative to make it work, but based on lessons learned growing his company from an NYU dorm room in 1992 to a global operation, he has six tips to offer for effectively managing remote teams.To read this article in full or to leave a comment, please click here

0

Does Oracle have a shot in the public cloud vs. Amazon and Microsoft?

Larry Ellison has voiced fighting words at Oracle’s OpenWorld conference this week, announcing that Amazon Web Services’ lead in the IaaS market is over and that AWS will have “serious competition going forward.”But does Oracle actually have a shot versus AWS and the company many see as the second place vendor, Microsoft?“It depends,” says Gartner distinguished analyst Lydia Leong, author of the annual Magic Quadrant benchmark report for the public Infrastructure-as-a-Service cloud market.+MORE AT NETWORK WORLD: Oracle CEO Mark Hurd says he has the whole cloud stack +To read this article in full or to leave a comment, please click here