Microsoft posts PowerShell script that spawns pseudo security bulletins

A Microsoft manager this week offered IT administrators a way to replicate -- in a fashion -- the security bulletins the company discarded last month."If you want a report summarizing today's #MSRC security bulletins, here's a script that uses the MSRC Portal API," John Lambert, general manager of the Microsoft Threat Intelligence Center, said in a Tuesday message on Twitter.Lambert's tweet linked to code depository GitHub, where he posted a PowerShell script that polled data using a new API (application programming interface). Microsoft made the API available in November when it first announced that it planned to axe the security bulletins it had issued since at least 1998.To read this article in full or to leave a comment, please click here

Google will review web apps that want access to its users’ data

In response to recent attacks where hackers abused Google's OAuth services to gain access to Gmail accounts, the company will review new web applications that request Google users' data.To better enforce its policy regarding access to user data through its APIs (application programming interfaces), which states that apps should not mislead users when presenting themselves and their intentions, Google is making changes to the third-party app publishing process, its risk assessment systems and the consent page it displays to users.Google is an identity provider, which means other web apps can use Google as the authentication mechanism for users accessing the app. Apps use the OAuth protocol to do this. These apps can also use Google's APIs to send users requests for information stored in Google's services.To read this article in full or to leave a comment, please click here

Google will review web apps that want access to its users’ data

In response to recent attacks where hackers abused Google's OAuth services to gain access to Gmail accounts, the company will review new web applications that request Google users' data.To better enforce its policy regarding access to user data through its APIs (application programming interfaces), which states that apps should not mislead users when presenting themselves and their intentions, Google is making changes to the third-party app publishing process, its risk assessment systems and the consent page it displays to users.Google is an identity provider, which means other web apps can use Google as the authentication mechanism for users accessing the app. Apps use the OAuth protocol to do this. These apps can also use Google's APIs to send users requests for information stored in Google's services.To read this article in full or to leave a comment, please click here

iPhone 8 may actually be released on time

Over the past few months, we've seen an endless number of conflicting rumors regarding the iPhone 8's release date. Whereas some reports claimed that Apple's next-gen iPhone would hit store shelves in September, more ominous reports have relayed that the device may be subject to a multi-week delay. In fact, the most pessimistic projection has Apple releasing the iPhone 8 as late as November. According to scattered reports, the rumored iPhone 8 delay was rooted in manufacturing challenges and a shortage of advanced components such as the device's 3D camera sensors.Now to be fair, iPhone rumors are never in short supply, so part of the challenge is knowing which rumors are worth paying attention to. That said, one of the most reliable iPhone leakers in recent years delivered some welcome news for folks who can't wait to get their hands on Apple's next-gen iPhone. According to Steve Hemmerstoffe, who you might know better by his Twitter handle "OnLeaks", mass production on the iPhone 8 is slated to begin in August ahead of a September launch. Again, iPhone release date rumors are a dime a dozen, but Hemmerstoffe has a very strong track record with respect to Apple rumors, so Continue reading

A ransomware attack is spreading worldwide, using alleged NSA exploit

A ransomware attack appears to be spreading around the world, leveraging a hacking tool that may have come from the U.S. National Security Agency.The ransomware, called Wanna Decryptor, struck hospitals at the U.K.’s National Health Service on Friday, taking down some of their network.Spain’s computer response team CCN-CERT has also warned of  a "massive attack" from the ransomware strain, amid reports that local telecommunications firm Telefonica was hit.To read this article in full or to leave a comment, please click here

A ransomware attack is spreading worldwide, using alleged NSA exploit

A ransomware attack appears to be spreading around the world, leveraging a hacking tool that may have come from the U.S. National Security Agency.The ransomware, called Wanna Decryptor, struck hospitals at the U.K.’s National Health Service on Friday, taking down some of their network.Spain’s computer response team CCN-CERT has also warned of  a "massive attack" from the ransomware strain, amid reports that local telecommunications firm Telefonica was hit.To read this article in full or to leave a comment, please click here

Mentorship in the Docker Community: How you can get involved

Mentorship is an important part of the Docker Community. Over the past few global event series like the Docker Birthday #3 and Mentor week last year, advanced users attended their local event and helped attendees work through training materials. As interest in mentorship continues to grow, we’re excited to grow our programs and provide more opportunities for the community to get involved.

Docker Community Mentors

New this year at DockerCon, we organized a Mentor Summit for attendees to learn the ins and outs of being an awesome mentor both in industry and in the Docker Community. Check out the talks below and learn how you can get involved.

Anna Osswoski – How to Mentor and be a Great One

View Anna’s slides here.

Sebastiaan van Stijn – How To Contribute to Open Source

Jérôme Petazzoni – A DockerCon 2017 Recap: give a talk in your local community

Are you an advanced Docker user? Join the Docker Mentor Group!

With over 280 Docker Meetup groups worldwide, the Docker online Community Group + Slack, and other programs, there is always an opportunity for collaboration and knowledge sharing. Mentors should have experience working with Docker Engine, Docker Networking, Docker Hub, Docker Machine, Docker Orchestration Continue reading

England hospitals hit by coordinated ransomware attack

Hospitals across England have fallen victim to what appears to be a coordinated ransomware attack that has affected facilities diverting patients to hospitals not hit by the malware.The attackers are asking for $300 in Bitcoin to decrypt affected machines, payable within 24 hours or the ransom doubles. If the victims don’t pay within seven days, they lose the option to have the files decrypted, according to U.K. press reports.While multiple healthcare facilities have been hit, the country’s health service says other types of groups have also fallen victim.According to The Register, a spokesperson for the country’s National Health Service’s digital division said: "The investigation is at an early stage but we believe the malware variant is Wanna Decryptor.” The spokesperson said the attack was not specifically targeted at the NHS, but affects organizations across a range of sectors, but didn’t specify which.To read this article in full or to leave a comment, please click here

England hospitals hit by coordinated ransomware attack

Hospitals across England have fallen victim to what appears to be a coordinated ransomware attack that has affected facilities diverting patients to hospitals not hit by the malware.The attackers are asking for $300 in Bitcoin to decrypt affected machines, payable within 24 hours or the ransom doubles. If the victims don’t pay within seven days, they lose the option to have the files decrypted, according to U.K. press reports.While multiple healthcare facilities have been hit, the country’s health service says other types of groups have also fallen victim.According to The Register, a spokesperson for the country’s National Health Service’s digital division said: "The investigation is at an early stage but we believe the malware variant is Wanna Decryptor.” The spokesperson said the attack was not specifically targeted at the NHS, but affects organizations across a range of sectors, but didn’t specify which.To read this article in full or to leave a comment, please click here

Tech majority disagrees with AI warnings from Hawkings, Musk and Gates

Tech star personalities Stephen Hawkings, Elon Musk and Bill Gates warned the public about artificial intelligence (AI). The tech-oriented public and AI experts disagree, though, according to a recent research paper, “Tweeting AI: Perceptions of AI-Tweeters (AIT) vs Expert AI-Tweeters (EAIT),” (pdf) published by researchers at the School of Computing, Informatics and Decision Systems Engineering at the University of Arizona. One of the insights from this work, extracted from the tweets analyzed:To read this article in full or to leave a comment, please click here

Stuff The Internet Says On Scalability For May 12th, 2017

Hey, it's HighScalability time:

 

 

Earth's surface is covered with accidental hidden letters. Can you find them? (ABC: The Alphabet from the Sky)

 

If you like this sort of Stuff then please support me on Patreon.
  • 1 million: cord cutters in Q1; 500 billion: FINRA validations of stock trades every day on Lambda; 100k: messages sent per hour at Airbnb; 21.1 billion: transistors in GV100 GPU; 11,500: crashes to train a drone; 84,469: Backblaze hard drives; 8,000: questions per day asked on StackOverflow; 

  • Quotable Quotes:
    • Jonathan Taplin: Google Is as Close to a Natural Monopoly as the Bell System Was in 1956
    • Tom Goldenberg: more companies on the site [StackShare.io] use JavaScript on the back-end (6,000) than Python (4,100) or Java (3,900).
    • Andrew Shafer: The dark ages of of the relational database and the Java middleware stack paused everything for a decade. 
    • @Taytus: "We are early stage investors. Call me when you hit 1 million monthly active users"
    • @chrisjrn: "At this point I was drunk on Perl" @bradfitz #tweetsincontext #oscon
    • Bryan Cantrill: AWS is underwriting a war on big box retail. 
    • Continue reading

Worth Reading: Partner or die

If your job is process oriented, for example, calculating make-goods for improperly filled orders, your whole department will be automated soon. Don’t let the pink slip surprise you. If you analyze numbers in Excel, craft a narrative about them, and move them around spreadsheets, your employable days are numbered. Any white-collar job you can learn to do in a few days is threatened – even if it takes a lifetime to master. (Poker takes minutes to learn and a lifetime to master. So professional pokers players are at risk. Please read “Can Alexa Lie?” for details.) —Shelly Palmer

The post Worth Reading: Partner or die appeared first on rule 11 reader.

1 2,061 2,062 2,063 2,064 2,065 3,835