Long-running malvertising campaign infected thousands of computers per day

Security researchers have shut down a large-scale malvertising operation that used sophisticated techniques to remain undetected for months and served exploits to millions of computers.The operation, dubbed AdGholas, has been running since at least October 2015. According to security vendor Proofpoint, the gang behind it managed to distribute malicious advertisements through more than 100 ad exchanges, attracting between 1 million and 5 million page hits per day.The Proofpoint researchers estimate that 10 to 20 percent of computers that loaded the rogue ads were redirected to servers hosting exploit kits -- web-based attack tools that attempt to silently exploit vulnerabilities in popular applications in order to install malware.To read this article in full or to leave a comment, please click here

Long-running malvertising campaign infected thousands of computers per day

Security researchers have shut down a large-scale malvertising operation that used sophisticated techniques to remain undetected for months and served exploits to millions of computers.The operation, dubbed AdGholas, has been running since at least October 2015. According to security vendor Proofpoint, the gang behind it managed to distribute malicious advertisements through more than 100 ad exchanges, attracting between 1 million and 5 million page hits per day.The Proofpoint researchers estimate that 10 to 20 percent of computers that loaded the rogue ads were redirected to servers hosting exploit kits -- web-based attack tools that attempt to silently exploit vulnerabilities in popular applications in order to install malware.To read this article in full or to leave a comment, please click here

Microsoft brings Edge JavaScript engine to Linux, Mac OS X

If you ever needed a sign that a new era has dawned at Microsoft, this is it: The company announced it is bringing ChakraCore to Linux and OS X. ChakraCore is the main element of the Chakra JavaScript engine used in both the Microsoft Edge browser and the company's Universal Windows Platform. So, the company whose not-invented-here mentality was so iron-clad in the 1990s is now developing a JavaScript browser and app engine for its two competitor desktop operating systems. + Also on Network World: Microsoft cozies up to Linux containers +To read this article in full or to leave a comment, please click here

Florida men sue Microsoft over ‘coerced’ upgrades to Windows 10

Three Florida men have filed a lawsuit in a Florida federal court against Microsoft, charging that the company "coerced" them into upgrading to Windows 10 and that the "unintentional" upgrades damaged their PCs, resulting in lost time and money.The three -- Al Khafaji, Ahmad Abdulreda and Robert Stahl -- were the first to sue Microsoft at the federal level for running a campaign to get Windows 7 and Windows 8.1 users to accept the free upgrade to Windows 10. That offer expires Friday.INSIDER Review: Enterprise guide to Windows 10 "Microsoft engaged in a reckless and negligent premise with catastrophic consequences for some of Defendant's customers whose devices were rendered useless and incapable of normal recovery operations," the complaint stated. "Plaintiffs were coerced into adopting Windows 10 or had Windows 10 installed in various unintentional manners with subsequent damage to their computers after which Plaintiffs sustained unnecessary and avoidable stress, confusion, loss of time and significant monetary damage all at the hands of Defendant."To read this article in full or to leave a comment, please click here

IDG Contributor Network: $1 trillion in IT spending to be ‘affected’ by the cloud

IT is moving to the cloud big time, says research and consulting firm Gartner. And while we’ve been aware of that for a while, the firm has also been coming up with some staggering corroborating numbers.It says that by 2020, $1 trillion in IT spending will be “affected” by the shift to cloud. That’s roughly a little under a third of all IT spending, which in 2015 was $3.41 trillion globally and is projected to be $3.79 trillion in 2020, according to Gartner’s Q2 2016 forecast, published earlier this month.+ Also on Network World: Spending on public cloud IT infrastructure to hit $23.3 billion +To read this article in full or to leave a comment, please click here

IDG Contributor Network: $1 trillion in IT spending to be ‘affected’ by the cloud

IT is moving to the cloud big time, says research and consulting firm Gartner. And while we’ve been aware of that for a while, the firm has also been coming up with some staggering corroborating numbers.It says that by 2020, $1 trillion in IT spending will be “affected” by the shift to cloud. That’s roughly a little under a third of all IT spending, which in 2015 was $3.41 trillion globally and is projected to be $3.79 trillion in 2020, according to Gartner’s Q2 2016 forecast, published earlier this month.+ Also on Network World: Spending on public cloud IT infrastructure to hit $23.3 billion +To read this article in full or to leave a comment, please click here

DC Fabric Segment Routing Use Case (2)

In the first post we covered a bit of the basics around segment routing in the data center. Let’s return to the first use case to see if we can figure out how we’d actually implement the type of traffic steering needed to segregate mouse and elephant flows. Let’s return to our fabric and traffic flows and think about how we could shape traffic using segment routing.

There are two obvious ways to shape traffic in this way—

IGP-Prefix segments

The first way would be to impose a label stack that forces traffic along a path that touches, or passes through, each of the devices along the path. In this case, that would mean imposing a path on the traffic originating behind the ToR at A so it must pass through [F,G,D,E]. The flow of traffic through the data center will look something like—

• Somehow classify the traffic as belonging to the flow that should be shaped to follow only the [F,G,D,E] path
• Impose the path as a label stack, so the SR header (really just a label stack in this situation, remember?) will contain [F,G,D,E]
• Forward the packet, with the label, to the next hop in the stack, Continue reading

Baguette vending machine is the greatest invention since sliced bread

I can’t believe this exists. I certainly can’t believe it works well. But, heck, I’d pay good money to find out that I’m wrong. And San Franciscans now have the opportunity.From a report on SFGate: Shut down the tech industry because San Francisco now has the only new piece of innovation it ever needs: a vending machine that dispenses hot baguettes.The Le Bread Xpress vending machine is up and running on Market and 15th at the new Myriad market hall. The baguettes are part-baked at a bakery and finished in the vending machine after you place your order. Bet the name came to them in less time than it takes to bake bread.To read this article in full or to leave a comment, please click here

Google beefs Linux up kernel defenses in Android

Future versions of Android will be more resilient to exploits thanks to developers' efforts to integrate the latest Linux kernel defenses into the operating system. Android's security model relies heavily on the Linux kernel that sits at its core. As such, Android developers have always been interested in adding new security features that are intended to prevent potentially malicious code from reaching the kernel, which is the most privileged area of the operating system. One older example is Security Enhancements for Android (SEAndroid), a set of kernel add-ons and tools that make exploitation of certain vulnerabilities harder by enforcing access controls.To read this article in full or to leave a comment, please click here

Google beefs Linux up kernel defenses in Android

Future versions of Android will be more resilient to exploits thanks to developers' efforts to integrate the latest Linux kernel defenses into the operating system. Android's security model relies heavily on the Linux kernel that sits at its core. As such, Android developers have always been interested in adding new security features that are intended to prevent potentially malicious code from reaching the kernel, which is the most privileged area of the operating system. One older example is Security Enhancements for Android (SEAndroid), a set of kernel add-ons and tools that make exploitation of certain vulnerabilities harder by enforcing access controls.To read this article in full or to leave a comment, please click here

Asana’s new feature lets users mark what tasks are holding them up

One of the biggest issues with collaborative work is sitting around twiddling your thumbs while waiting for someone else to get their work done. Asana announced a new feature on Thursday that's aimed at cutting down on emails asking when a particular task will be finished. Users of the collaboration and tracking software will be able to mark that a task they're assigned to is waiting for someone else to complete their work, using the new Dependencies feature. That way, for example, a designer can say her final layout of a web page is waiting on a marketer to put the finishing touches on the copy and on images that are supposed to be included. To read this article in full or to leave a comment, please click here

Oracle and NetSuite: Longtime ‘sweethearts’ united at last

Oracle's US$9.3 billion purchase of NetSuite may be the most anticipated acquisition in the history of enterprise software."It’s like the high school sweethearts you always knew would get married but they had to get through four years of college first," said analyst Frank Scavo, president of Strativa.There's no denying the two companies share a long history. Not only was Oracle chairman and chief technology officer Larry Ellison an early backer of NetSuite, but both NetSuite founder Evan Goldberg and CEO Zach Nelson spent time at Oracle.To read this article in full or to leave a comment, please click here

Gartner: Amazon’s cloud storage is 1.6x bigger than all other competitors combined

Gartner this week released its Magic Quadrant for public cloud storage and Amazon Web Services is the clear market leader, while Microsoft Azure comes in a close second place.+MORE AT NETWORK WORLD: Mega cloud M&A: Oracle buys NetSuite for $9.3B | Dropbox aims for the enterprise with new team, IT admin features | 25 Surprising facts about Google that you didn't know +To read this article in full or to leave a comment, please click here

IDG Contributor Network: Cloud computing and the ‘last mile’

What does food and beverage production have to do with cloud and the last mile?  There are several interesting parallels.Unknown to most people, the food and beverage industry operates on razor-thin margins. As a result, producers look for any advantage they can get through automation, scale and supply chain optimization. Water is both bulky and heavy while also plentiful and cheap. As the percentage content of water increases in a food or beverage, producers are incented to remove the water during production in a way that it can be reintroduced at the point of consumption. From soups to sodas, this model keeps transportation costs low while expanding profit margins.To read this article in full or to leave a comment, please click here

Worth Reading: Developing the Internet of Things

The Internet is undergoing an evolutionary transformation resulting from the explosive growth of things that are interconnected. From humble beginnings connecting single institutions, and then multiple institutions, to the first major computer-networking explosion in the 90’s, we are now in a period of many connected things, not just a traditional server or computing device. From single purpose sensors through wearable technologies to sophisticated computing devices, we are creating, exchanging, and consuming data at rates that would have been inconceivable just a decade ago. —CircleID

The post Worth Reading: Developing the Internet of Things appeared first on 'net work.

GE Will Let Developers Run Predix Off-Cloud

Another bauble to dangle in front of developers.

JavaScript keeps its spot atop programming language rankings

U.K.-based technology analyst firm RedMonk just released the latest version of its biannual rankings of programming languages, and once again JavaScript tops the list, followed by Java and PHP.Those are same three languages that topped RedMonk’s list in January. In fact, the entire top 10 remains the same as it was it was six months ago. Perhaps the biggest surprise in Redmonk’s list—compiling the “performance of programming languages relative to one another on GitHub and Stack Overflow”—is that there are so few surprises, at least in the top 10. To read this article in full or to leave a comment, please click here

Riverbed acquires Aternity to get an end-user perspective

The IT management industry has been highly fragmented with great point products to monitor pieces of infrastructure. There are network management tools, application performance systems and a wealth of other products available to IT buyers.The problem with this model is the point products provide an incomplete view of what and end user might be experiencing. This leads to what I’ve referred to as “swivel chair management” where an engineer plunks himself down in the middle of several management consoles, watches all the activity and tries to correlate the data manually to understand when problems occur. This is difficult, if not impossible, to do because there is simply too much data to try to analyze manually.To read this article in full or to leave a comment, please click here

Thinking Out Loud: My Career Planning

On average I usually think about my career at least 1 time every year and do an honest and deep “career inventory taking”.  More often (sometimes 2-3 times a year) if my job or environment is changing a lot. Are the questions I ask myself each time the same?  No.  Why?  Well cause time has passed.  What do I mean by this?  This means that over the years what I’ve seen is that my 1 year plan, 3 year plan, 5 year plan and 10 year plans have changed as I have changed.

For example ~26 years ago (when I was 25 years old) my plan was to become CEO of IBM by the time I was 35.  LOL!   (But that is a whole other blog: What’s at the “Top” of Your Ladder?)   Obviously, between then (when I was 25) and now my annual “career planning inventory” questions and my focus on what I want as the “wins” in a job for me….. have radically changed.  

What do I mean by “my focus on what I want as the ‘wins’ in a job?”    Well, again, when I was Continue reading

Oracle to buy cloud provider NetSuite for $9.3 billion

Oracle has entered into an agreement to buy NetSuite, which provides cloud-based accounting, enterprise resource planning, customer relationship management, and other business software packages, for US$9.3 billion.The NetSuite package of products is complementary to Oracle's cloud products and the companies' cloud packages will "coexist in the marketplace forever," Mark Hurd, Oracle's CEO, said in a press release.The deal will allow Oracle to serve a broader range of customers, including smaller businesses, and expand to more industries and more countries, the company said. Asked what additional advantages the deal brings, and Oracle spokeswoman said, "We are declining additional comment today."To read this article in full or to leave a comment, please click here