HP rolls out patch to fix keylogging bug in certain laptops

Consumers with HP laptops that have been accidentally recording their keystrokes can easily address the problem with a patch from the PC maker.More than two dozen HP laptop models, including the EliteBook, ProBook and ZBook, have an bug in the audio driver that will act as a keylogger, a Swiss security firm said Thursday. A list of affected products can be found here. Fortunately, HP began rolling out fixes through its support page, and in a Windows update, starting on Thursday, HP Vice President Mike Nash said.To read this article in full or to leave a comment, please click here

HP rolls out patch to fix keylogging bug in certain laptops

Consumers with HP laptops that have been accidentally recording their keystrokes can easily address the problem with a patch from the PC maker.More than two dozen HP laptop models, including the EliteBook, ProBook and ZBook, have an bug in the audio driver that will act as a keylogger, a Swiss security firm said Thursday. A list of affected products can be found here. Fortunately, HP began rolling out fixes through its support page, and in a Windows update, starting on Thursday, HP Vice President Mike Nash said.To read this article in full or to leave a comment, please click here

Worth Reading: Improving peering relationships in Japan

Route servers are used by many Internet Exchange Points (IXPs) — including our own at Japan Internet Exchange (JPIX) — to facilitate multilateral peering among various members. To better understand the peering characteristics of our members, we recently studied the routing table of our route servers operating at JPIX Tokyo and JPIX Osaka. —APNIC

The post Worth Reading: Improving peering relationships in Japan appeared first on rule 11 reader.

How a logistics firm leverages SD-WAN for competitive advantage

A gamble on a relatively unknown technology four years ago is paying off for a logistics company, which is using the software to shave millions of dollars off its bandwidth connectivity costs. Today freight forwarding company JAS Global is leveraging a software-defined wide area network (SD-WAN) to run cloud applications, according to JAS CIO Mark Baker. Eventually, Baker hopes to use the SD-WAN as the backbone of a predictive analytics strategy to grow the business.SD-WANs allow companies to set up and manage networking functionality, including VPNs, WAN optimization, VoIP and firewalls, using software to program traffic routing typically conducted by routers and switches. Just as virtualization software disrupted the server market, SD-WANs are shaking the networking equipment market.To read this article in full or to leave a comment, please click here

How a logistics firm leverages SD-WAN for competitive advantage

A gamble on a relatively unknown technology four years ago is paying off for a logistics company, which is using the software to shave millions of dollars off its bandwidth connectivity costs. Today freight forwarding company JAS Global is leveraging a software-defined wide area network (SD-WAN) to run cloud applications, according to JAS CIO Mark Baker. Eventually, Baker hopes to use the SD-WAN as the backbone of a predictive analytics strategy to grow the business.SD-WANs allow companies to set up and manage networking functionality, including VPNs, WAN optimization, VoIP and firewalls, using software to program traffic routing typically conducted by routers and switches. Just as virtualization software disrupted the server market, SD-WANs are shaking the networking equipment market.To read this article in full or to leave a comment, please click here

Microsoft posts PowerShell script that spawns pseudo security bulletins

A Microsoft manager this week offered IT administrators a way to replicate -- in a fashion -- the security bulletins the company discarded last month."If you want a report summarizing today's #MSRC security bulletins, here's a script that uses the MSRC Portal API," John Lambert, general manager of the Microsoft Threat Intelligence Center, said in a Tuesday message on Twitter.Lambert's tweet linked to code depository GitHub, where he posted a PowerShell script that polled data using a new API (application programming interface). Microsoft made the API available in November when it first announced that it planned to axe the security bulletins it had issued since at least 1998.To read this article in full or to leave a comment, please click here

Microsoft posts PowerShell script that spawns pseudo security bulletins

A Microsoft manager this week offered IT administrators a way to replicate -- in a fashion -- the security bulletins the company discarded last month."If you want a report summarizing today's #MSRC security bulletins, here's a script that uses the MSRC Portal API," John Lambert, general manager of the Microsoft Threat Intelligence Center, said in a Tuesday message on Twitter.Lambert's tweet linked to code depository GitHub, where he posted a PowerShell script that polled data using a new API (application programming interface). Microsoft made the API available in November when it first announced that it planned to axe the security bulletins it had issued since at least 1998.To read this article in full or to leave a comment, please click here

Google will review web apps that want access to its users’ data

In response to recent attacks where hackers abused Google's OAuth services to gain access to Gmail accounts, the company will review new web applications that request Google users' data.To better enforce its policy regarding access to user data through its APIs (application programming interfaces), which states that apps should not mislead users when presenting themselves and their intentions, Google is making changes to the third-party app publishing process, its risk assessment systems and the consent page it displays to users.Google is an identity provider, which means other web apps can use Google as the authentication mechanism for users accessing the app. Apps use the OAuth protocol to do this. These apps can also use Google's APIs to send users requests for information stored in Google's services.To read this article in full or to leave a comment, please click here

Google will review web apps that want access to its users’ data

In response to recent attacks where hackers abused Google's OAuth services to gain access to Gmail accounts, the company will review new web applications that request Google users' data.To better enforce its policy regarding access to user data through its APIs (application programming interfaces), which states that apps should not mislead users when presenting themselves and their intentions, Google is making changes to the third-party app publishing process, its risk assessment systems and the consent page it displays to users.Google is an identity provider, which means other web apps can use Google as the authentication mechanism for users accessing the app. Apps use the OAuth protocol to do this. These apps can also use Google's APIs to send users requests for information stored in Google's services.To read this article in full or to leave a comment, please click here

iPhone 8 may actually be released on time

Over the past few months, we've seen an endless number of conflicting rumors regarding the iPhone 8's release date. Whereas some reports claimed that Apple's next-gen iPhone would hit store shelves in September, more ominous reports have relayed that the device may be subject to a multi-week delay. In fact, the most pessimistic projection has Apple releasing the iPhone 8 as late as November. According to scattered reports, the rumored iPhone 8 delay was rooted in manufacturing challenges and a shortage of advanced components such as the device's 3D camera sensors.Now to be fair, iPhone rumors are never in short supply, so part of the challenge is knowing which rumors are worth paying attention to. That said, one of the most reliable iPhone leakers in recent years delivered some welcome news for folks who can't wait to get their hands on Apple's next-gen iPhone. According to Steve Hemmerstoffe, who you might know better by his Twitter handle "OnLeaks", mass production on the iPhone 8 is slated to begin in August ahead of a September launch. Again, iPhone release date rumors are a dime a dozen, but Hemmerstoffe has a very strong track record with respect to Apple rumors, so Continue reading

Show 339: Cumulus & Web-Scale Techniques For Better Networking (Sponsored)

Todays Weekly Show is a conversation with JR Rivers, cofouner and CTO of Cumulus Networks, our sponsor for this episode. We talk Web-scale IT, automation, Free Range Routing & more. The post Show 339: Cumulus & Web-Scale Techniques For Better Networking (Sponsored) appeared first on Packet Pushers.

Microsoft Guns for Oracle Customers with Database Migration Service

Both Microsoft and Oracle claim to be the fastest growing cloud company.

Slinking Into a Session Entitled ‘What is OpenStack?’

I wasn't the only one seeking some OpenStack basics.

Radio MENQ, Voices of Armenia’s Blind, Selected as WSIS Prizes 2017 Champion

A ransomware attack is spreading worldwide, using alleged NSA exploit

A ransomware attack appears to be spreading around the world, leveraging a hacking tool that may have come from the U.S. National Security Agency.The ransomware, called Wanna Decryptor, struck hospitals at the U.K.’s National Health Service on Friday, taking down some of their network.Spain’s computer response team CCN-CERT has also warned of  a "massive attack" from the ransomware strain, amid reports that local telecommunications firm Telefonica was hit.To read this article in full or to leave a comment, please click here

A ransomware attack is spreading worldwide, using alleged NSA exploit

A ransomware attack appears to be spreading around the world, leveraging a hacking tool that may have come from the U.S. National Security Agency.The ransomware, called Wanna Decryptor, struck hospitals at the U.K.’s National Health Service on Friday, taking down some of their network.Spain’s computer response team CCN-CERT has also warned of  a "massive attack" from the ransomware strain, amid reports that local telecommunications firm Telefonica was hit.To read this article in full or to leave a comment, please click here

Turtle Fountain

The post Turtle Fountain appeared first on rule 11 reader.

Mentorship in the Docker Community: How you can get involved

Mentorship is an important part of the Docker Community. Over the past few global event series like the Docker Birthday #3 and Mentor week last year, advanced users attended their local event and helped attendees work through training materials. As interest in mentorship continues to grow, we’re excited to grow our programs and provide more opportunities for the community to get involved.

New this year at DockerCon, we organized a Mentor Summit for attendees to learn the ins and outs of being an awesome mentor both in industry and in the Docker Community. Check out the talks below and learn how you can get involved.

Anna Osswoski – How to Mentor and be a Great One

View Anna’s slides here.

Sebastiaan van Stijn – How To Contribute to Open Source

Jérôme Petazzoni – A DockerCon 2017 Recap: give a talk in your local community

Are you an advanced Docker user? Join the Docker Mentor Group!

With over 280 Docker Meetup groups worldwide, the Docker online Community Group + Slack, and other programs, there is always an opportunity for collaboration and knowledge sharing. Mentors should have experience working with Docker Engine, Docker Networking, Docker Hub, Docker Machine, Docker Orchestration Continue reading

England hospitals hit by coordinated ransomware attack

Hospitals across England have fallen victim to what appears to be a coordinated ransomware attack that has affected facilities diverting patients to hospitals not hit by the malware.The attackers are asking for $300 in Bitcoin to decrypt affected machines, payable within 24 hours or the ransom doubles. If the victims don’t pay within seven days, they lose the option to have the files decrypted, according to U.K. press reports.While multiple healthcare facilities have been hit, the country’s health service says other types of groups have also fallen victim.According to The Register, a spokesperson for the country’s National Health Service’s digital division said: "The investigation is at an early stage but we believe the malware variant is Wanna Decryptor.” The spokesperson said the attack was not specifically targeted at the NHS, but affects organizations across a range of sectors, but didn’t specify which.To read this article in full or to leave a comment, please click here

England hospitals hit by coordinated ransomware attack

Hospitals across England have fallen victim to what appears to be a coordinated ransomware attack that has affected facilities diverting patients to hospitals not hit by the malware.The attackers are asking for $300 in Bitcoin to decrypt affected machines, payable within 24 hours or the ransom doubles. If the victims don’t pay within seven days, they lose the option to have the files decrypted, according to U.K. press reports.While multiple healthcare facilities have been hit, the country’s health service says other types of groups have also fallen victim.According to The Register, a spokesperson for the country’s National Health Service’s digital division said: "The investigation is at an early stage but we believe the malware variant is Wanna Decryptor.” The spokesperson said the attack was not specifically targeted at the NHS, but affects organizations across a range of sectors, but didn’t specify which.To read this article in full or to leave a comment, please click here