Archive

Category Archives for "Networking"

Worth Reading: Blocking DDoS at Domain Registration

PREDATOR which stands for ‘Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration,’ is based on the notion that criminals need to obtain many domains to ensure profitability and attack agility, leading to abnormal registration behaviors such as burst registrations and textually similar names. “The intuition has always been that the way that malicious actors use online resources somehow differs fundamentally from the way legitimate actors use them,” says Princeton University computer science professor Nick Feamster — one of the researchers who worked on the project. “We were looking for those signals: what is it about a domain name that makes it automatically identifiable as a bad domain name?” —CircleID

LinkedInTwitterGoogle+Facebook

The post Worth Reading: Blocking DDoS at Domain Registration appeared first on 'net work.

After protest, Lenovo brings Linux compatibility to Yoga 900 and 900S

Lenovo created a stir when it said the Yoga 900 and 900S hybrids would work only with Windows, not Linux. The company has now changed its stance, bringing Linux support to those PCs.The PC maker earlier this month issued a BIOS update so Linux can be loaded on Yoga 900, 900S and IdeaPad 710 models.The BIOS update adds an AHCI (Advance Host Controller Interface) SATA controller mode so users can load Linux on the laptops.This is a Linux-only BIOS, meaning it should be used only by those who want to load the OS. If you want to continue with Windows, do not load the firmware.To read this article in full or to leave a comment, please click here

Android patches fix Drammer RAM attack, but not Dirty Cow exploit

Google released a new monthly batch of security patches for Android, fixing a dozen critical vulnerabilities that could allow attackers to compromise devices. One of the mitigated issues is a bit-flipping attack against memory chips that could lead to privilege escalation, but a more widespread rooting vulnerability in the Linux kernel remains unpatched.While Google releases firmware updates for its Nexus and Pixel devices on the first Monday of every month, the security patches are shared with third-party device manufacturers one month in advance and are also contributed later to the Android Open Source Project to benefit the entire ecosystem.To read this article in full or to leave a comment, please click here

Android patches fix Drammer RAM attack, but not Dirty Cow exploit

Google released a new monthly batch of security patches for Android, fixing a dozen critical vulnerabilities that could allow attackers to compromise devices. One of the mitigated issues is a bit-flipping attack against memory chips that could lead to privilege escalation, but a more widespread rooting vulnerability in the Linux kernel remains unpatched.While Google releases firmware updates for its Nexus and Pixel devices on the first Monday of every month, the security patches are shared with third-party device manufacturers one month in advance and are also contributed later to the Android Open Source Project to benefit the entire ecosystem.To read this article in full or to leave a comment, please click here

IDG Contributor Network: CloudMunch delivers its DevOps insights

Pretty much every large enterprise, at least those that realize the world is kind of in a state of change, is thinking about how to make their organization more agile. They’re also quickly reading Marc Andreessen’s famous Wall Street Journal piece from a few years ago, "Why Software Is Eating The World."Hopefully, they’re then putting these two themes, agility and innovation, through software together and deciding that key to remaining competitive is arming their technology teams with the tools, processes, freedoms and cultures to do good stuff.To read this article in full or to leave a comment, please click here

French plan for biometric database of 60 million people sparks outcry

When the French government quietly announced, in the middle of a holiday weekend, the merging of two files to create a megadatabase holding the biometrics of almost 60 million French citizens, it was clearly hoping to avoid an outcry. It failed. Among those lining up to criticize the government's move are its own minister of state for the Digital Sector and Innovation, and the National Digital Council, a body created by the government to provide independent recommendations on all matters relating to the effect of digital technologies on society and the economy. Minister of State Axelle Lemaire told French journalists the megadatabase used 10-year-old technology and had real security problems.To read this article in full or to leave a comment, please click here

French plan for biometric database of 60 million people sparks outcry

When the French government quietly announced, in the middle of a holiday weekend, the merging of two files to create a megadatabase holding the biometrics of almost 60 million French citizens, it was clearly hoping to avoid an outcry. It failed. Among those lining up to criticize the government's move are its own minister of state for the Digital Sector and Innovation, and the National Digital Council, a body created by the government to provide independent recommendations on all matters relating to the effect of digital technologies on society and the economy. Minister of State Axelle Lemaire told French journalists the megadatabase used 10-year-old technology and had real security problems.To read this article in full or to leave a comment, please click here

At campaign’s end, Trump takes a swipe at IBM

In Minnesota on Sunday, Republican presidential nominee Donald Trump added IBM to the list of companies he criticizes for moving jobs offshore or to Mexico. Trump's line was a one sentence throwaway at the Twin Cities rally, but it may have resonated with this rally crowd.In Rochester, Minn., IBM created a massive operation. In 1956, it broke ground on what would become a 32-building, 3.5-million-square-foot complex that employed 8,100 workers at its peak in 1991. It made punch card systems and later became widely known for its AS/400 system development work.IBM created a stable workforce, and by 1988 was able to point out that the average Rochester employee was 39.5 years old and a 14-year IBM veteran. Nearly 40% of those workers were engineers or programmers, according to IBM's official history.To read this article in full or to leave a comment, please click here

Make your emails more trusted with DKIM

The war against spam has been a long one. Just as we get better filtering, spammers and phishers turn to more sophisticated techniques. We are even seeing ransomware attacks like Cryptolocker and Cryptowall become commonly spread over email. There must be a technical way to stop some of this, right?Getting DKIM set up with Microsoft Exchange ServerTo read this article in full or to leave a comment, please click here(Insider Story)

Make your emails more trusted with DKIM

The war against spam has been a long one. Just as we get better filtering, spammers and phishers turn to more sophisticated techniques. We are even seeing ransomware attacks like Cryptolocker and Cryptowall become commonly spread over email. There must be a technical way to stop some of this, right?There is an Internet authentication system -- DomainKeys, and its successor, DKIM -- that tries to mitigate some of the risk of trusting that emails are actually from who they say they are from. Strangely, though, this technology has not made its way into Microsoft Exchange. In this piece, I want to open the curtains on DomainKeys and DKIM, show how they work and why what they do is important, and then demonstrate how to use a free utility to set up DKIM on your on-premises Exchange servers.To read this article in full or to leave a comment, please click here(Insider Story)

Make your emails more trusted with DKIM

The war against spam has been a long one. Just as we get better filtering, spammers and phishers turn to more sophisticated techniques. We are even seeing ransomware attacks like Cryptolocker and Cryptowall become commonly spread over email. There must be a technical way to stop some of this, right?Getting DKIM set up with Microsoft Exchange ServerTo read this article in full or to leave a comment, please click here(Insider Story)

Grassley criticizes university over its IT offshoring

A political backlash is growing over a plan by the University of California, San Francisco, to shift IT jobs overseas. The school is hiring an India-based IT services contractor, and IT workers are expecting to train their foreign replacements.Several lawmakers have written letters questioning the university's plan, including Sen. Charles Grassley (R-Iowa), chairman of the Senate Judiciary Committee, which oversees immigration."It is clear that the University is seeking to replace American workers with lower-cost foreign workers abroad and potentially also in the United States," wrote Grassley, in a letter to Janet Napolitano, the president of the University of California system. The letter, which was sent in late September, has not been made public, but a copy was obtained by Computerworld.To read this article in full or to leave a comment, please click here

AI makes security systems more flexible

Advances in machine learning are making security systems easier to train and more flexible in dealing with changing conditions, but not all use cases are benefitting at the same rate.Machine learning, and artificial intelligence, has been getting a lot of attention lately and there's a lot of justified excitement about the technology.One of the side effects is that pretty much everything is now being relabeled as "machine learning," making the term extremely difficult to pin down. Just as the word "cloud" has come to mean pretty much anything that happens online, so "artificial intelligence" is rapidly moving to the point where almost anything involving a computer is getting that label slapped on it.To read this article in full or to leave a comment, please click here

AI makes security systems more flexible

Advances in machine learning are making security systems easier to train and more flexible in dealing with changing conditions, but not all use cases are benefitting at the same rate.Machine learning, and artificial intelligence, has been getting a lot of attention lately and there's a lot of justified excitement about the technology.One of the side effects is that pretty much everything is now being relabeled as "machine learning," making the term extremely difficult to pin down. Just as the word "cloud" has come to mean pretty much anything that happens online, so "artificial intelligence" is rapidly moving to the point where almost anything involving a computer is getting that label slapped on it.To read this article in full or to leave a comment, please click here

7 steps to start a bug bounty program

A new approachImage by ThinkstockVulnerability assessment and identification strategies have evolved to include the concept of crowd sourced security testing through bug bounty programs. While bug bounty programs have been used for over 20 years, widespread adoption by enterprise organizations has just begun to take off within the last few. The bug bounty path, paved by tech giants, is widening, enabling security teams of all sizes to create and manage robust security assessment programs, get ahead of adversaries, and level the cybersecurity playing field. As we are clearly still in the early- to mid-adopter phase of this new market, Paul Ross, senior vice preside of marketing at Bugcrowd, breaks down how to get started with a bug bounty program, and how to prepare your organization for this new approach to vulnerability testing.To read this article in full or to leave a comment, please click here

7 steps to start a bug bounty program

A new approachImage by ThinkstockVulnerability assessment and identification strategies have evolved to include the concept of crowd sourced security testing through bug bounty programs. While bug bounty programs have been used for over 20 years, widespread adoption by enterprise organizations has just begun to take off within the last few. The bug bounty path, paved by tech giants, is widening, enabling security teams of all sizes to create and manage robust security assessment programs, get ahead of adversaries, and level the cybersecurity playing field. As we are clearly still in the early- to mid-adopter phase of this new market, Paul Ross, senior vice preside of marketing at Bugcrowd, breaks down how to get started with a bug bounty program, and how to prepare your organization for this new approach to vulnerability testing.To read this article in full or to leave a comment, please click here

New Nintendo 3DS price slashed on Black Friday to $100

Much of the early Black Friday 2016 gaming buzz centers around virtual reality systems and big cuts to Xbox One bundles, but Nintendo this week has grabbed headlines with this holiday blockbuster: slashing the price of its New Nintendo 3DS video game system to $100 (okay, $99.99) starting on Nov. 25.Typically, the Nintendo 3DS sells for about $150 and the 3DS.XL for $200. The special $100 price isn't that much more than for the inferior Nintendo 2DS console, which costs about $80. The original Nintendo 3DS, a portable gaming system that provides 3D-like effects without you needing to don dorky glasses, debuted in 2011 for $250, though the price quickly dropped closer to $170.To read this article in full or to leave a comment, please click here

IDG Contributor Network: The key to winning the war for tech talent: Look where others aren’t

Following years of higher-than-usual unemployment, hiring has been increasing. In fact, in 2015, the U.S. had as many open jobs as it did in 2001—a staggering 5 million.While the number of openings might sound promising, in reality, top talent remains scarce, and organizations are once again finding themselves battling it out for the best people. In no function is this more apparent than IT—where over half a million of those 5 million open jobs are and a demand that continues to increase.+ Also on Network World: IT hiring: 4 things you're doing wrong (and how to fix them) + Data from the U.S. Bureau of Labor Statistics indicates that 1.3 million IT and cybersecurity jobs will have to be filled by 2022. Many of the open jobs are for roles that didn’t exist a decade ago, such as cloud integration specialists and mobile application developers. And we can’t keep pace. According to data from the U.S. Bureau of Labor Statistics, by 2020 there will be 1 million more IT jobs than computer science students in the U.S.To read this article in full or to leave a comment, please click here

1 2,240 2,241 2,242 2,243 2,244 3,464