Five signs an attacker is already in your network

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.According to some estimates, attackers have infiltrated 96% of all networks, so you need to detect and stop them before they have time to escalate privileges, find valuable assets and steal data. The good news is an attack doesn’t end with an infection or a take-over of an endpoint; that is where it begins. From there an attack is highly active, and the attacker can be identified and stopped if you know how to find them. These five strategies will help.* Search for the telltale signs of a breach.  Look for port scans, excessive failed log-ins and other types of reconnaissance as an attacker tries to map out your network.To read this article in full or to leave a comment, please click here

Five signs an attacker is already in your network

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.According to some estimates, attackers have infiltrated 96% of all networks, so you need to detect and stop them before they have time to escalate privileges, find valuable assets and steal data. The good news is an attack doesn’t end with an infection or a take-over of an endpoint; that is where it begins. From there an attack is highly active, and the attacker can be identified and stopped if you know how to find them. These five strategies will help.* Search for the telltale signs of a breach.  Look for port scans, excessive failed log-ins and other types of reconnaissance as an attacker tries to map out your network.To read this article in full or to leave a comment, please click here

Chef Cooks Up ‘Habitats’ for Applications

It lets app developers off the hook for infrastructure choices.

How to survive multiple-hat security syndrome

At CircleCityCon, CSO's Steve Ragan chats with Amanda Berlin, who was giving a talk about how security staffers given multiple roles can survive beyond the "just putting out the fires" scenario.

How to catch pentest teams and other actors on a network

At CircleCityCon, CSO's Steve Ragan talks with Dave Lewis (CSO blogger) and Jeremy Nielson about tactics, tools and practices that penetration testers (pentesters) use to find vulnerabilities, and how security officials can catch them.

Fed watchdog raises questions about FBI facial recognition accuracy, privacy

The FBI needs to get a better handle on accuracy and privacy issues its facial recognition technology has brought to the law enforcement community. Congressional watchdogs at the Government Accountability Office this week said the current FBI use of face recognition technology “raises potential concerns regarding both the effectiveness of the technology in aiding law enforcement investigations and the protection of privacy and individual civil liberties.” + More on Network World: Quick look: Cisco Tetration Analytics | Cisco platform lets IT rein-in disruptive data center operations, security, applications +To read this article in full or to leave a comment, please click here

Fed watchdog raises questions about FBI facial recognition accuracy, privacy

The FBI needs to get a better handle on accuracy and privacy issues its facial recognition technology has brought to the law enforcement community. Congressional watchdogs at the Government Accountability Office this week said the current FBI use of face recognition technology “raises potential concerns regarding both the effectiveness of the technology in aiding law enforcement investigations and the protection of privacy and individual civil liberties.” + More on Network World: Quick look: Cisco Tetration Analytics | Cisco platform lets IT rein-in disruptive data center operations, security, applications +To read this article in full or to leave a comment, please click here

30 days in a terminal: Day 1 — The essentials

Day 1 of my "I'm a ridiculous person who is going to use nothing but a Linux terminal for 30 days" experiment is complete. And it was not an easy day. Not bad. Just... challenging.The day started as I expected it to. I fired up a terminal window and made it full screen and launched tmux—a terminal multiplexer. (I'm keeping a traditional desktop environment running in the background for a few days as a safety net while I get things working just right.)For those new to the concept of a terminal multiplexer, think of it like a tiled window manager (multiple windows arranged in a non-overlapping fashion)—only just for terminals. That way you can have multiple shell sessions (and multiple applications) running at the same time within the same terminal.To read this article in full or to leave a comment, please click here

ContainerX steps into the limelight with a new container platform for enterprises

Enterprises interested in tapping container technology now have a brand-new option for managing it: ContainerX, a multitenant container-as-a-service platform for both Linux and Windows.Launched into beta last November by a team of engineers from Microsoft, VMware and Citrix, the service became generally available in both free and paid versions on Thursday. Promising an all-in-one platform for orchestration, compute, network, and storage management, it provides a single "pane of glass" for all of an enterprise's containers, whether they're running on Linux or Windows, bare metal or virtual machine, public or private cloud.To read this article in full or to leave a comment, please click here

Special Report: Network Performance Management Takes On Applications Available Now

Download now to learn the latest on the NPM and AP markets.

Moscow, Russia: CloudFlare’s 83rd data center

Здравствуйте! ))) CloudFlare is excited to announce the newest addition to our network in the largest country in the world (by footprint), increasing both our data center and city count to 83. Moscow is not only the capital and largest city in Russia, it is also home to several Internet exchanges which CloudFlare now participates at: the Moscow Internet Exchange (MSK-IX), Data IX and Global IX (Eurasia Peering coming soon). This raises the number of exchanges that CloudFlare is a participant of to over 120, making us one of the top interconnected networks globally.

Здравствуйте! ))) Мы рады объявить о новом пополнении в нашей сети network в самой большой стране мира (по занимаемой площади), увеличивая как количество наших датацентров, так и количество городов на 83. Москва является не только столицей и самым крупным городом в России, но она также является домом для нескольких точек обмена интернет-трафиком. CloudFlare в настоящее время принимает участие в следующих: Moscow Internet Exchange (MSK-IX), Data IX и Global IX (Eurasia Peering на подходе). Это увеличивает количество точек обмена интернет-трафиком, в которых участвует CloudFlare до 120, тем самым продвигая нас на одну из лидирующих позиций наиболее взаимосвязаных сетей в мире.

Improving performance in Continue reading

Worth Reading: Public cloud versus private data center

Few companies can afford to spend $20 billion a year on global data centers, have the cachet to employ some of the best and brightest engineers and thought leaders of the computing world, the ability to build and deploy their own custom microchips, access to training datasets comprising the web itself or the hardware and personnel capacity to iterate their infrastructure in realtime. Whether you’re talking about Google, Amazon, Microsoft or any of the other cloud vendors, this is the power of the commercial cloud today – trading hardware management for solving problems in realtime at nearly limitless scale. -Forbes

The post Worth Reading: Public cloud versus private data center appeared first on 'net work.

Verizon blames ‘routing’ error for Baltimore 911 outage

Residents of Baltimore who dialed 911 were unable to reach emergency dispatchers for more than two hours Tuesday evening and Verizon is laying the blame on a call-routing error.From the Baltimore Sun: Officials at Verizon — the service provider for the city's 911 system — said the phone company received an automated alert at 7:48 p.m. reporting that 911 calls were failing. Verizon spokesman John O'Malley said the company eventually determined that emergency calls were mistakenly routed to an empty back-up call center in the city.To read this article in full or to leave a comment, please click here

Verizon blames ‘routing’ error for Baltimore 911 outage

Residents of Baltimore who dialed 911 were unable to reach emergency dispatchers for more than two hours Tuesday evening and Verizon is laying the blame on a call-routing error.From the Baltimore Sun: Officials at Verizon — the service provider for the city's 911 system — said the phone company received an automated alert at 7:48 p.m. reporting that 911 calls were failing. Verizon spokesman John O'Malley said the company eventually determined that emergency calls were mistakenly routed to an empty back-up call center in the city.To read this article in full or to leave a comment, please click here

26% off Patriot 128GB USB 3.0 Flash Drive With 150MB/Sec Speed – Deal Alert

This 128GB Supersonic Boost XT flash drive from Patriot is built to be fast and rugged.  It supports USB 3.0 and transfers data at speeds up of up to 150MG/Sec, making it ideal for large files. It's durable rubberized exterior helps protect against shock and provides water resistance, so it travels safely wherever you take it. The unit is plug and play, and supports most major operating systems, so you can count on ease of use as well. It currently averages 4.5 out of 5 stars on Amazon from over 700 people (73% rate it 5 stars: read reviews). With the current 26% discount, its regular list price of $44.40 has been reduced to $32.99. See the Supersonic Boost XT 128GB Flash drive on Amazon to learn more and review buying options.To read this article in full or to leave a comment, please click here

HPE shows off a computer intended to emulate the human brain

Intelligent computers that can make decisions like humans may someday​ be on Hewlett Packard Enterprise's product roadmap.The company has been showing off a prototype computer designed to emulate the way the brain makes calculations. It's based on a new architecture that could define how future computers work.The brain can be seen as an extremely power-efficient biological computer. Brains take in a lot of data related to sights, sounds and smell, which they have to process in parallel without lagging, in terms of computation speed.HPE's ultimate goal is to create computer chips that can compute quickly and make decisions based on probabilities and associations, much like how the brain operates. The chips will use learning models and algorithms to deliver approximate results that can be used in decision-making.To read this article in full or to leave a comment, please click here

DNS Cookies and DDoS Attacks

DDoS attacks, particularly for ransom—essentially, “give me some bitcoin, or we’ll attack your server(s) and bring you down,” seem to be on the rise. While ransom attacks rarely actually materialize, the threat of DDoS overall is very large, and very large scale. Financial institutions, content providers, and others regularly consume tens of gigabits of attack traffic in the normal course of operation. What can be done about stopping, or at least slowing down, these attacks?

To answer, this question, we need to start with some better idea of some of the common mechanisms used to build a DDoS attack. It’s often not effective to simply take over a bunch of computers and send traffic from them at full speed; the users, and the user’s providers, will often notice machine sending large amounts of traffic in this way. Instead, what the attacker needs is some sort of public server that can (and will) act as an amplifier. Sending this intermediate server should cause the server to send an order of a magnitude more traffic towards the attack target. Ideally, the server, or set of servers, will have almost unlimited bandwidth, and bandwidth utilization characteristics that will make the attack appear Continue reading

Why help desk jobs are going unfilled

Help desk jobs have long been seen as a stepping stone to other roles, but that perception is out of date. Today’s help desk professionals are taking on more complex work and they’re in high demand.To read this article in full or to leave a comment, please click here(Insider Story)

Microsoft starts clock ticking on Office 2016’s first upgrade

Microsoft this week released the second upgrade for Office 365 commercial subscribers on the slow train, and warned those still running the original Office 2016 applications that they have four more months before they will be required to update.Alongside a large number of Windows security updates issued Tuesday, Microsoft also released build 1602 of the Office apps to corporate Office 365 subscribers who hew to the "Deferred Channel" track.Deferred Channel is the slower of the two main release tracks Microsoft established for Office 365. (Until February, it was called "Current Branch for Business" to match the name of a slow release track for Windows 10.) Unlike the faster "Current Channel" (CC), which boasts monthly updates to the Office 2016 applications -- Word, Outlook, Excel and the like -- Deferred Channel (DC) only provides updates every four months.To read this article in full or to leave a comment, please click here

Ad hoc operations in the SOC can lead to pain

At CircleCityCon, CSO's Steve Ragan chats with Paul Jorgensen, host of the PVC Security Podcast, about ad hoc processes within many security operations centers (SOCs) and how organizations can prevent these types of mistakes.