Phishing still fools people, but at least more are cautious

While people still have a really hard time telling the difference between legit and phishing emails, at least there is enough awareness of the phishing threat that many people will err on the side of caution when it comes to clicking on links.This was one finding from Carnegie Mellon University's CyLab in a study titled "Quantifying Phishing Susceptibility for Detection and Behavior Decisions" that published recently in the journal Human Factors.MORE: New tech can help catch spearphishing attacksTo read this article in full or to leave a comment, please click here

Phishing still fools people, but at least more are cautious

While people still have a really hard time telling the difference between legit and phishing emails, at least there is enough awareness of the phishing threat that many people will err on the side of caution when it comes to clicking on links.This was one finding from Carnegie Mellon University's CyLab in a study titled "Quantifying Phishing Susceptibility for Detection and Behavior Decisions" that published recently in the journal Human Factors.MORE: New tech can help catch spearphishing attacksTo read this article in full or to leave a comment, please click here

Nokia buys small semiconductor company to land 5G tech

A small semiconductor company based in Cambridge, Mass., was acquired today by Nokia, in a move to make the Finnish giant’s base station technology more energy-efficient.Eta Devices’ technology and institutional expertise appear to be at the heart of the acquisition, for which terms and pricing were not disclosed. Eta has 20 employees, located in Cambridge and at an R&D office in Stockholm, Sweden.+ALSO ON NETWORK WORLD: Satya Nadella's comp package slips 3% to $17.7M + Happy 25th once again to Linux, 'the little OS that definitely could'To read this article in full or to leave a comment, please click here

Nokia buys small semiconductor company to land 5G tech

A small semiconductor company based in Cambridge, Mass., was acquired today by Nokia, in a move to make the Finnish giant’s base station technology more energy-efficient.Eta Devices’ technology and institutional expertise appear to be at the heart of the acquisition, for which terms and pricing were not disclosed. Eta has 20 employees, located in Cambridge and at an R&D office in Stockholm, Sweden.+ALSO ON NETWORK WORLD: Satya Nadella's comp package slips 3% to $17.7M + Happy 25th once again to Linux, 'the little OS that definitely could'To read this article in full or to leave a comment, please click here

IDG Contributor Network: Daisy-chaining APIs makes serverless sense

Enterprise and startups are moving to cloud-based infrastructure to create an API-enabled value chain for new products and workflows. With this has emerged the idea of serverless infrastructure: running functions and applications completely in cloud-based servers where the hosting provider handles all of the sysadmin requirements.This is a new frontier in how business is leveraging cloud, and it is set to explode, especially amongst system integrators and consultants, as more data from sensors and machines are incorporated and as traditional businesses move even more of their IT infrastructure to the cloud.But to take advantage of this opportunity, businesses need to have their services and data accessible via application programming interfaces (API), which for most businesses is still just an emerging trend.To read this article in full or to leave a comment, please click here

AT&T jumps into SD-WAN market; partners with IBM

AT&T today jumped headfirst into the fast-growing software-defined Wide Area Network (SD-WAN) market with a new offering it hopes to bring to market next year based on technology from SD-WAN startup VeloCloud.SD-WAN is gaining steam thanks to its ability to bring software-defined networking (SDN) controls to the wide area network. SD-WANs allow customers to integrate multiple network connection types and let software intelligently route traffic based on application profiles and available network types. Gartner has estimated that SD-WAN can save customers significant costs compared to traditional WAN architectures too. IDC predicts SD-WAN will be a $6 billion market by 2020.To read this article in full or to leave a comment, please click here

AT&T jumps into SD-WAN market; partners with IBM

AT&T today jumped headfirst into the fast-growing software-defined Wide Area Network (SD-WAN) market with a new offering it hopes to bring to market next year based on technology from SD-WAN startup VeloCloud.SD-WAN is gaining steam thanks to its ability to bring software-defined networking (SDN) controls to the wide area network. SD-WANs allow customers to integrate multiple network connection types and let software intelligently route traffic based on application profiles and available network types. Gartner has estimated that SD-WAN can save customers significant costs compared to traditional WAN architectures too. IDC predicts SD-WAN will be a $6 billion market by 2020.To read this article in full or to leave a comment, please click here

Worth Reading: Government lawyers don’t understand the internet

Last year, the FBI nearly destroyed the life of an innocent physicist. In May 2015, agents arrested Xi Xiaoxing, the chairman of Temple University’s physics department, and charged that he was sneaking Chinese scientists details about a piece of restricted research equipment known as a “pocket heater.” An illustrious career seemed suddenly to implode. A few months later, though, the Justice Department dropped all the charges and made an embarrassing admission: It hadn’t actually understood Xi’s work. After defense experts examined his supposed “leaks,” they pointed out that what he’d shared with Chinese colleagues wasn’t a restricted engineering design but in fact a schematic for an altogether different type of device. —Washington Post

The post Worth Reading: Government lawyers don’t understand the internet appeared first on 'net work.

The Business Value of Carrier-Grade NFV Infrastructure

A new ACG Research paper focuses on topics covering carrier-grade NFVi solutions, performance, and availability advantages over enterprise-grade versions.

Microsoft Dynamics 365 will be unveiled later this month

Microsoft will kick off its Dynamic Communities’ Summit 16 event on Oct. 11 in Tampa Bay, Florida—hurricane notwithstanding—with the introduction of Dynamics 365, the main suite in its line-of-business applications.Scott Guthrie, executive vice president of the cloud and enterprise group at Microsoft, will lead the keynote, which will include live demos of the software and panel discussions for deep dives on what's new. The Summit is entirely devoted to Microsoft's Dynamics line-of-business apps, which includes Dynamics AX, CRM, GP and NAV.To read this article in full or to leave a comment, please click here

FBI arrests an NSA contractor suspected of stealing hacking tools

The FBI has arrested a U.S. government contractor for allegedly stealing classified documents, possibly including hacking tools.Harold Thomas Martin III, 51, has been charged with stealing government materials, including top secret information, the U.S. Department of Justice said on Wednesday.Martin, who held a top-secret national security clearance, allegedly took six classified documents produced in 2014."These documents were produced through sensitive government sources, methods, and capabilities, which are critical to a wide variety of national security issues," the DOJ said. To read this article in full or to leave a comment, please click here

FBI arrests an NSA contractor suspected of stealing hacking tools

The FBI has arrested a U.S. government contractor for allegedly stealing classified documents, possibly including hacking tools.Harold Thomas Martin III, 51, has been charged with stealing government materials, including top secret information, the U.S. Department of Justice said on Wednesday.Martin, who held a top-secret national security clearance, allegedly took six classified documents produced in 2014."These documents were produced through sensitive government sources, methods, and capabilities, which are critical to a wide variety of national security issues," the DOJ said. To read this article in full or to leave a comment, please click here

IDG Contributor Network: Many people abandon security, risky behavior surges

People are sick and tired of being told to be more secure in their use of computers and when participating in online activities. So much so that they’re simply ignoring the blitz of annoying demands and are carrying on as imprudently as they’ve always done, according to National Institute of Standards and Technology (NIST) researchers.The U.S. Department of Commerce-operated lab recently published a report (subscription) on the subject in IEEE’s IT Professional Journal.The study’s participants “expressed a sense of resignation and loss of control” when the scientists asked them about their online activity, such as shopping and banking.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Many people abandon security, risky behavior surges

People are sick and tired of being told to be more secure in their use of computers and when participating in online activities. So much so that they’re simply ignoring the blitz of annoying demands and are carrying on as imprudently as they’ve always done, according to National Institute of Standards and Technology (NIST) researchers.The U.S. Department of Commerce-operated lab recently published a report (subscription) on the subject in IEEE’s IT Professional Journal.The study’s participants “expressed a sense of resignation and loss of control” when the scientists asked them about their online activity, such as shopping and banking.To read this article in full or to leave a comment, please click here

AT&T Chooses VeloCloud to Deliver SD-WAN

VeloCloud also joins the AIC ecosystem.

HPE, Dell & Cisco Lead Cloud Infrastructure Sales

Non-cloud infrastructure, meanwhile, is on the decline.

Happy 25th once again to Linux, ‘the little OS that definitely could’

Aug. 25 may be Linux's official birthday, but Oct. 5 is in many ways the day it began to make a real mark on the world. That's when Linux creator Linus Torvalds officially released the first Linux kernel into the wild."As I mentioned a month(?) ago, I'm working on a free version of a minix-lookalike for AT-386 computers," Torvalds wrote in a newsgroup post on Oct. 5, 1991. "It has finally reached the stage where it's even usable (though may not be depending on what you want), and I am willing to put out the sources for wider distribution."To read this article in full or to leave a comment, please click here

Hacking DRBL Client PXE Boot Password

In a previous tutorial I showed installation of Clonezilla Server Edition on Ubuntu using my own Bash script. We configured PXE (Pre eXecution Environment)) password for clients so when the clients booted a password had to be entered to startup. This tutorial explains two different ways how to get and crack the PXE boot password.



Picture 1 - Client Requires to Enter PXE Password During Startup

First, we should mention some facts. The PXE client password is stored in plain text in a configuration file /etc/drbl/drblpush.conf. The password is secretpassword and it can be found in a dictionary rockyout.txt.

Picture 2 - Plain Text PXE Client Boot Password

The same PXE client password is stored as a hash in a file /tftpboot/nbi_img/prelinux.cfg/default.

Picture 3 - PXE Client Boot SHA-1 Base64 Encoded Salted Hash

The hash is created by utility /usr/sbin/sha1pass on DRBL server. It is a Perl script which takes two arguments from STDIN - a password and salt and it creates SHA-1 base64 salted hash.

Picture 4 - Perl Script fo Generating Hash from Password and Salt

Explanation:

• $4$ - SHA-1 base64 encoded salted hash
• 2mNryVVj - salt
• WIWlkNc6cA9+eQqcf9xU0d5IvVQ - hash

They are several methods how to obtain PXE boot Continue reading

Why it takes a cloud service to manage cloud services

How many cloud services is your business using right now?To read this article in full or to leave a comment, please click here(Insider Story)

Satya Nadella’s comp package slips 3% to $17.7M

Microsoft CEO Satya Nadella received a compensation package for the year ending June 30 worth approximately $17.7 million, a 3% reduction from 2015, according to security filings.A preliminary proxy statement submitted Monday to the U.S. Securities & Exchange Commission showed that Nadella's pay cut was about a third of the 9% downturn in Microsoft's revenue during the same period.The chief executive received $1.2 million in salary, the same as the year before; $4.5 in a cash performance bonus, or 3% more than in 2015; and $12 million in stock awards, or 6% less.To read this article in full or to leave a comment, please click here