Archive

Category Archives for "Networking"

Tech support scammers put Mac owners in crosshairs

Technical support scammers have begun targeting Mac owners, a security researcher said today, adding them to much larger pool of potential victims running Windows because Apple's operating system has been relatively untouched by malware."These scams aren't being done with cold calls, but by aggressive malvertising," said Jerome Segura, a senior security researcher with San Jose, Calif.-based Malwarebytes. In some cases, Segura said, legitimate online ad networks are being abused by criminals.Mac owners who browse to what Segura called "lower-quality websites" may encounter attack code or scripts that hijack the browser to display scary, but bogus, warnings that their machine is at risk, then offer a telephone number to call for technical assistance.To read this article in full or to leave a comment, please click here

Are wearables worth the cybersecurity risk in the enterprise?

The Internet of Things and wearable technology are becoming more integrated into our everyday lives. If you haven't already, now is the time to begin planning for their security implications in the enterprise. According to research firm IHS Technology, more than 200 million wearables will be in use by 2018. That's 200 million more chances of a security issue within your organization. If that number doesn't startle you, Gartner further predicts that 30% of these devices will be invisible to the eye. Devices like smart contact lenses and smart jewelry will be making their way into your workplace. Will you be ready to keep them secure even if you can't see them?To read this article in full or to leave a comment, please click here

HP just dropped out of the public cloud – now what?

While HP’s announcement that it will shutter its Helion Public Cloud early next year didn’t surprise those who watch the market closely, the move does raise questions about what’s next for HP and other cloud vendors.HP plans to focus on two major areas: Bringing efficiencies to customers’ on-premises environments, and arming its partners with HP hardware and software to build out hosted clouds.Analysts say HP is the latest example of a legacy IT vendor that has had to adjust its cloud ambitions in light of how dominant Infrastructure-as-a-Service players Amazon Web Services and Microsoft have become. The consolation prize is that there’s still plenty of opportunity left in the private, managed and hybrid cloud markets.To read this article in full or to leave a comment, please click here

Pressure grows to eradicate vile tech support scam

Despite aggressive law enforcement and Federal Trade Commission actions to battle it, the scourge known as the “Tech Support Scam” is growing – with older individuals a rising target.The tech support scam basically involves tricking people into believing their computer has problems, and then charging them hundreds of dollars for unnecessary, worthless, and in some cases destructive applications such as malware, spyware, adware, keystroke loggers, and other harmful applications.+More on Network World: What’s hot in driverless cars?+To read this article in full or to leave a comment, please click here

7 big threats to innovation and how to overcome them

Innovation is the cornerstone of a successful business, so why is it so elusive to many companies? To determine the biggest roadblocks, consulting firm Imaginatik conducted a study of 200 professionals in its "State of Global Innovation" report. 35 percent of those surveyed were senior management, board members or C-Suite executives, and 76 percent of respondent's organizations had 1,000 employees or more. The results offer insight into what makes innovation stall at large companies.There's little doubt that business leaders see the value of innovation -- 95 percent of respondents say it's important enough to be a priority for C-level executives. However, while nearly every professional agreed that innovation was key, 44 percent reported that their business invested less than 2 percent of its annual operating budgets in innovation and 63 percent said their company didn't have a formal innovation-management structure in place.To read this article in full or to leave a comment, please click here

On the hunt for merger or acquisition? Make sure your target is secure

Security experts regularly exhort organizations to improve their security not just internally but externally as well, in their business relationships with third parties.In many cases, it is more than an exhortation – it’s a mandate. Last year’s updated standards for the payment card industry (PCI) made a point of addressing third-party risks.But some evidence suggests an area of third-party relationships where security still lags is mergers and acquisitions (M&A).In a survey of, “214 global deal-makers from corporates, financial institutions, investors and legal services providers,” the London-based law firm Freshfields Bruckhaus Deringer found that while there is plenty of awareness (74 percent of acquirers and 60 percent of sellers) about the effect that cyber security risks can have on a pending deal, a large majority of respondents – 78 percent – “believe cyber security is not analyzed in great depth or specifically quantified as part of the M&A due diligence process.”To read this article in full or to leave a comment, please click here

Attackers hijack CCTV cameras and network-attached storage devices to launch DDoS attacks

We've reached a point that security researchers have long warned is coming: insecure embedded devices connected to the Internet are routinely being hacked and used in attacks.The latest example is a distributed denial-of-service (DDoS) attack detected recently by security firm Imperva. It was a traditional HTTP flood aimed at overloading a resource on a cloud service, but the malicious requests came from surveillance cameras protecting businesses around the world instead of a typical computer botnet.The attack peaked at 20,000 requests per second and originated from around 900 closed-circuit television (CCTV) cameras running embedded versions of Linux and the BusyBox toolkit, researchers from Imperva's Incapsula team said in a blog post Wednesday.To read this article in full or to leave a comment, please click here

Was CLNP Really Broken?

One of my readers sent me this question after listening to the podcast with Douglas Comer:

Professor Comer mentioned that IP choose a network attachment address model over an endpoint model because of scalability. He said if you did endpoint addressing it wouldn’t scale. I remember reading a bunch of your blog posts about CNLP (I hope I’m remembering the right acronym) and I believe you liked endpoint addressing better than network attachment point addressing.

As always, the answer is “it depends” (aka “we’re both right” ;).

Read more ...

Microsoft to pay up to US$15K for bugs in two Visual Studio tools

Microsoft has started a three-month bug bounty program for two tools that are part of Visual Studio 2015.The program applies to the beta versions of Core CLR, which is the execution engine for .NET Core, and ASP.NET, Microsoft's framework for building websites and web applications. Both are open source."The more secure we can make our frameworks, the more secure your software can be," wrote Barry Dorrans, security lead for ASP.NET, in a blog post on Tuesday.All supported platforms that .NET Core and ASP.NET run on will be eligible for bounties except for beta 8, which will exclude the networking stack for Linux and OS X, Dorrans wrote.To read this article in full or to leave a comment, please click here

Researchers warn computer clocks can be easily scrambled

In 2012, two servers run by the U.S. Navy rolled back their clocks 12 years, deciding it was the year 2000.The servers were very important: they're part of a worldwide network that helps computers keep the right time using the Network Time Protocol (NTP).Computers that checked in with the Navy's servers and adjusted their clocks accordingly had a variety of problems with their phones systems, routers and authentication systems.The incident underscored the serious problems that can occur when using NTP, one of the oldest Internet protocols published in 1985.The protocol is fairly robust, but researchers from Boston University said on Wednesday they've found several flaws in NTP that could undermine encrypted communications and even jam up bitcoin transactions.To read this article in full or to leave a comment, please click here

Researchers warn computer clocks can be easily scrambled

In 2012, two servers run by the U.S. Navy rolled back their clocks 12 years, deciding it was the year 2000.The servers were very important: they're part of a worldwide network that helps computers keep the right time using the Network Time Protocol (NTP).MORE: 10 Cool Network & Computing Research ProjectsComputers that checked in with the Navy's servers and adjusted their clocks accordingly had a variety of problems with their phones systems, routers and authentication systems.To read this article in full or to leave a comment, please click here

1 2,941 2,942 2,943 2,944 2,945 3,476