Microsoft patches 27 flaws in Windows, Office, IE, and Edge

Microsoft released another batch of security patches Tuesday, fixing 27 vulnerabilities in Windows, Microsoft Office, Internet Explorer, and its new Edge browser.The patches are organized in nine security bulletins, five of which are rated critical and the rest important, making this Microsoft patch bundle one of the lightest this year in terms of the number of patches.All of the issues resolved this month are in desktop deployments, but Windows servers might also be affected depending on their configuration."For example, Windows servers running Terminal Services tend to act as both desktop and server environments," said Tod Beardsley, security research manager at Rapid7, via email. However, the majority of Windows server admins out there can roll out patches at a fairly leisurely pace, he said.To read this article in full or to leave a comment, please click here

Microsoft patches 27 flaws in Windows, Office, IE, and Edge

Microsoft released another batch of security patches Tuesday, fixing 27 vulnerabilities in Windows, Microsoft Office, Internet Explorer, and its new Edge browser.The patches are organized in nine security bulletins, five of which are rated critical and the rest important, making this Microsoft patch bundle one of the lightest this year in terms of the number of patches.All of the issues resolved this month are in desktop deployments, but Windows servers might also be affected depending on their configuration."For example, Windows servers running Terminal Services tend to act as both desktop and server environments," said Tod Beardsley, security research manager at Rapid7, via email. However, the majority of Windows server admins out there can roll out patches at a fairly leisurely pace, he said.To read this article in full or to leave a comment, please click here

Label Switched Multicast – Ethernet Header

I got an interesting email from Ying Lu who had read my posts on LSM:

I am curious about the Ethernet DA and codepoint used for multicast MPLS. Previously, I understand that:

– Ethernet DA is unicast MAC of nexthop of each replication leg.

– codepoint is 0x8847

However, looking at RFC5332, I am not so sure…

Quote:

“Ethernet is an example of a multipoint-to-multipoint data link. Ethertype 0x8847 is used whenever a unicast ethernet frame carries an MPLS packet.

Ethertype 0x8847 is also used whenever a multicast ethernet frame carries an MPLS packet, EXCEPT for the case where the top label of the MPLS packet has been upstream-assigned.

Ethertype 0x8848, formerly known as the “MPLS multicast codepoint”, is to be used only when an MPLS packet whose top label is upstream assigned is carried in a multicast ethernet frame.

Interesting question. What is the ethernet destination address (DA) and the value of the ethernet type field (codepoint) when the MPLS packet is being sent on an LSM LSP?

Getting back into the lab, I started a ping from CE1 to a group that CE3 had joined. I then ran a sniff on the segment between P and PE3.

Examining the Continue reading

Datadog Integrates AWS Lambda

Datadog’s latest integration is one of 18 Amazon integrations.

Box extends its global push with new Zones in Canada and Australia

Box has made no secret of its global ambitions, and on Wednesday it advanced them another step by announcing two new regional "Zones" in Canada and Australia."Our mission is to build out the most advanced social cloud," said Aaron Levie, cofounder and CEO of the California-based company, in an interview. "We want to make sure we can deliver no matter what your security, compliance or data-residency requirements."Different countries have established different requirements for the treatment and storage of data, resulting in a complex landscape for companies to navigate. Delivered through partnerships with Amazon Web Services and IBM Cloud, Box Zones essentially allows companies to store data in the location of their choice. When the paid feature was announced in April, the first non-U.S. Zones were in Germany, Ireland, Japan, and Singapore.To read this article in full or to leave a comment, please click here

Why Box’s CEO is so cloud crazy

Aaron Levie, the outspoken founder and CEO of enterprise file sharing and storage powerhouse Box, foresees a time when all enterprise data will head to the cloud, and his company this week is introducing expanded capabilities to speed that transition. Levie talked to Network World this week ahead of the company’s news about its Zones and Accelerator projects, and also discussed start-ups, the march of the public cloud, and even his past work as a professional magician. As for Zones, these allow Box customers to specify a geographic area for their data to be stored in, to help them cope with compliance issues generated by laws that mandate certain information be stored. The project started with Germany, Ireland, Singapore and Japan, and today’s announcements say that Australia and Canada are up next. (Australian service should be available in the third quarter of this year, with Canada to follow in the fourth quarter.) Levie says this makes Box the “most global” solution in its market segment.To read this article in full or to leave a comment, please click here

Self-driving warehouse robots give Giant Eagle a lift

Wheels turning and forklifts filled—that’s one measure of success in any warehouse. If you can increase the amount of product picked up and put away, the more productive and cost efficient you are.For Pittsburgh-based retailer Giant Eagle, the key to making that happen is to operate vision-guided, autonomous vehicles—robots—in its distribution centers.+ Also on Network World: How IoT helps transplant surgeons track organ shipments +To read this article in full or to leave a comment, please click here

Seagate built a whopping 60TB SSD that it aims ship next year

There aren't many shockers when it comes to storage capacity, but try this one on for size: Seagate has announced a 60TB SSD that may ship as early as next year.Seagate showed the drive at the Flash Memory Summit in Silicon Valley on Tuesday. It called it a "technology demonstration," which means there could still be a few kinks to work out.But if Seagate can deliver as planned, the drive would have close to four times the capacity of the largest SSD available currently, Samsung's PM1633a SSD.The drive will be aimed at servers and flash arrays, where it could help meet the growing demand for storage fueled by mobile devices, online video and the emerging internet of things.To read this article in full or to leave a comment, please click here

Raspberry Pi in the sky: How to build this awesome $115 airplane tracker

If you've ever looked up at a plane and wondered where it's headed, this simple project is for you. Thanks to cheap, miniaturized electronics, you can now build a receiver that connects to your smartphone and shows details about all the aircraft in the sky around you. It takes less than an hour and costs about $115. The device receives and decodes ADS-B, a data broadcast from aircraft that transmits a callsign, location, altitude, speed and a few other bits of information. If you live near an airport or under a flight path, there's a good chance you can receive these transmissions easily.To read this article in full or to leave a comment, please click here

ThousandEyes Touts Enhanced End-User Experience

The Endpoint Agent specifically monitors the web/application layer and network layer from the end-user’s perspective

The 16 most pivotal events in Windows history

Thirty years of WindowsImage by Jeff ChristensenFor better or for worse, Windows has defined the modern era of personal computing. Microsoft’s signature OS runs on the vast majority of PCs worldwide, and it has also worked its way into servers, tablets, phones, game consoles, ATMs, and more. To read this article in full or to leave a comment, please click here

IDG Contributor Network: Datadog integrates with AWS Lambda, enables support for serverless architectures

I'm a big fan of so-called serverless architectures. The idea of these products is that developers don't have to think about spinning up servers to do some processing—rather a construct that goes something along the lines of "when trigger A happens, set off process B, and when process B is complete, your job is done" can be enabled.Amazon Web Services (AWS) was the first of the public cloud vendors to launch a serverless offering, AWS Lambda. Since then, it is an approach other players have followed.But while serverless offerings add massive value in terms of simplicity and economics, they provide challenges. The servers that run the actual code to process these events are not exposed to developers. As such, developers have zero visibility into how those servers are working and what they're up to.To read this article in full or to leave a comment, please click here

Review: 13 primo Python web frameworks

If you are developing a web application and have picked Python as the language to build it in, that’s a smart move. Python’s maturity of development, robust libraries, and breadth of real-world adoption have helped make it a no-brainer for web development.Zope2. Zope is not for simple RESTful APIs (per Bottle or Flask) or even basic websites with interactivity (à la Django). Rather, it’s meant to be a full-blown, enterprise-grade application server stack, similar to offerings for Java. The documentation describes the framework as “most useful for component developers, integrators, and web designers.” One major third-party product, the Plone CMS, uses Zope as its substrate and serves as a major driver of Zope’s continued development.To read this article in full or to leave a comment, please click here(Insider Story)

Bridging IT’s growing generation gap

Do millennials make up a substantial portion of your IT staff? If not, they will soon. Within a few years, millennials — roughly defined as people born after 1981 — will comprise the biggest demographic in the country, overtaking the baby boomers, who are today's most populous generation. By 2020, one-third of U.S. adults will be millennials, according to researchers at the University of Southern California. PricewaterhouseCoopers predicts that they will also account for more than 50% of the workforce by that time.To read this article in full or to leave a comment, please click here(Insider Story)

When will car manufacturers secure your vehicle?

Reduction in sales and damage to brand are potential bottom line impacts that auto manufacturers need to be concerned about when it comes to security risks and connected cars. According to a newly released IOActivereport , "Commonalities in Vehicle Vulnerabilities", authored by senior security consultant Corey Thuen, "39 percent of vulnerabilities are related to the network. This is a general category that includes all network traffic, such as Ethernet or web."Using security best practices publications to design connected cars can mitigate up to 45 percent of vulnerabilities, yet OBD2 adapters, telematics systems and other embedded devices remain security problems in the modern vehicle.To read this article in full or to leave a comment, please click here

When will car manufacturers secure your vehicle?

Reduction in sales and damage to brand are potential bottom line impacts that auto manufacturers need to be concerned about when it comes to security risks and connected cars. According to a newly released IOActivereport , "Commonalities in Vehicle Vulnerabilities", authored by senior security consultant Corey Thuen, "39 percent of vulnerabilities are related to the network. This is a general category that includes all network traffic, such as Ethernet or web."Using security best practices publications to design connected cars can mitigate up to 45 percent of vulnerabilities, yet OBD2 adapters, telematics systems and other embedded devices remain security problems in the modern vehicle.To read this article in full or to leave a comment, please click here

Cloud Migration Key Points To Consider

Managing Network Sprawl

Oracle says it didn’t ask employee to cook cloud accounts

Oracle has denied in a California federal court charges leveled by a former manager that she was sacked after she refused to cook accounts in the company’s cloud business and threatened to blow the whistle on the accounting practices.The software and cloud computing giant appears to be fleshing out its original stand that the employee had been terminated for poor performance and not as a whistleblower, which would give her a number of protections under securities laws.In a filing in June in the U.S. District Court for the Northern District of California, Svetlana Blackburn, a senior finance manager for North America SaaS/Cloud Revenue, alleged that her superiors had instructed her to “to add millions of dollars in accruals to financial reports, with no concrete or foreseeable billing to support the numbers," an act that she had warned was improper and suspect accounting.To read this article in full or to leave a comment, please click here

Ring Message Bus on RS-232

After I completed the LAN-over-RS-232 project, it was obvious (well, not in retrospect) that the solution to every problem must be Z80 computers connected with some crazy RS-232 wiring. A few years later we had to write an application to support rally races. Guess what the solution was ;)