Darktrace finds more attacks, cuts response time, saves money for Blackhawk Network

Blackhawk Network, a $1.9 billion multinational in the prepaid-card industry, was undergoing a consolidation of its security architecture in an effort to give better visibility into threats as they unfolded and that would also adapt to the threat environment as attackers changed their strategies. That included hiring a new head of cyber defense, Vari Bindra, in December of 2015, who wanted to create a central security operations center and consolidate the company’s varied data centers down to just two. As he set out on that mission, he came across the Enterprise Immune System made by Darktrace that uses machine learning to detect threats, including those it has never seen before.To read this article in full or to leave a comment, please click here

DevOps Equals Happiness

Research has shown that organizations heading toward DevOps maturity have employees who report they are more engaged and happier with their work. In this episode of Talking DevOps, Josh Atwell, Developer Advocate for NetApp SolidFire, explores how DevOps can connect workers more directly to business outcomes, leading to increased job and customer satisfaction.

Hackers exploit Apache Struts vulnerability to compromise corporate web servers

Attackers are widely exploiting a recently patched vulnerability in Apache Struts that allows them to remotely execute malicious code on web servers.Apache Struts is an open-source web development framework for Java web applications. It's widely used to build corporate websites in sectors including education, government, financial services, retail and media.On Monday, the Apache Struts developers fixed a high-impact vulnerability in the framework's Jakarta Multipart parser. Hours later, an exploit for the flaw appeared on Chinese-language websites and this was almost immediately followed by real-world attacks, according to researchers from Cisco Systems.To read this article in full or to leave a comment, please click here

Hackers exploit Apache Struts vulnerability to compromise corporate web servers

Attackers are widely exploiting a recently patched vulnerability in Apache Struts that allows them to remotely execute malicious code on web servers.Apache Struts is an open-source web development framework for Java web applications. It's widely used to build corporate websites in sectors including education, government, financial services, retail and media.On Monday, the Apache Struts developers fixed a high-impact vulnerability in the framework's Jakarta Multipart parser. Hours later, an exploit for the flaw appeared on Chinese-language websites and this was almost immediately followed by real-world attacks, according to researchers from Cisco Systems.To read this article in full or to leave a comment, please click here

Some notes on the RAND 0day report

The RAND Corporation has a research report on the 0day market [ * ]. It's pretty good. They've got the pricing about right ($1 million for full chain iPhone exploit, but closer to $100k for others). They've got the stats about right (5% chance somebody else will discover an exploit). Yet, they've got some problems, namely phrasing the debate as activists want, rather than a neutral view of the debate.

The report frequently uses the word "stockpile". This is a biased term used by activists. According to the dictionary, it means:
a large accumulated stock of goods or materials, especially one held in reserve for use at a time of shortage or other emergency.
Activists paint the picture that the government (NSA, CIA, DoD, FBI) buys 0day to hold in reserve in case they later need them. If that's the case, then it seems reasonable that it's better to disclose/patch the vuln then let it grow moldy in a cyberwarehouse somewhere.

But that's not how things work. The government buys vulns it has immediate use for (primarily). Almost all vulns it buys are used within 6 months. Most vulns in its "stockpile" have been used in the previous year. These Continue reading

Robot Framework User Guide. Bootstrapped

Eight years ago when I graduated from the University my first job title was a QA Engineer. Lots have been changed since then, but these days I am once again facing some QA tasks. Gladly this time we are talking Test Automation. In particular my team mates and myself are going to develop a set

An Early Look at Startup Graphcore’s Deep Learning Chip

As a thought exercise, let’s consider neural networks as massive graphs and begin considering the CPU as a passive slave to some higher order processor—one that can sling itself across multiple points on an ever-expanding network of connections feeding into itself, training, inferencing, and splitting off into multiple models on the same architecture.

Plenty of technical naysay can happen in this concept, of course, and only a slice of it has to do with algorithmic complexity. For one, memory bandwidth is pushed to limit even on specialized devices like GPUs and FPGAs—at least for a neural net problem. And second,

An Early Look at Startup Graphcore’s Deep Learning Chip was written by Nicole Hemsoth at The Next Platform.

WikiLeaks looks at helping tech vendors disarm CIA hacking tools

WikiLeaks has attracted plenty of haters over its controversial disclosures. But the site may be in a unique position to help tech vendors better secure their products.That’s because WikiLeaks has published secret hacking tools allegedly taken from the CIA, which appear to target smartphones, smart TVs and PCs.Companies including Apple and Cisco have been looking through the stolen documents to address any vulnerabilities the CIA may have exploited. However, WikiLeaks might be able to speed up and expand the whole process.To read this article in full or to leave a comment, please click here

WikiLeaks looks at helping tech vendors disarm CIA hacking tools

WikiLeaks has attracted plenty of haters over its controversial disclosures. But the site may be in a unique position to help tech vendors better secure their products.That’s because WikiLeaks has published secret hacking tools allegedly taken from the CIA, which appear to target smartphones, smart TVs and PCs.Companies including Apple and Cisco have been looking through the stolen documents to address any vulnerabilities the CIA may have exploited. However, WikiLeaks might be able to speed up and expand the whole process.To read this article in full or to leave a comment, please click here

Barev dzez! You are listening to Radio MENQ. The voice of the visually impaired of Armenia.

Beyond the Net Journal: Armenia Chapter #3 Episode

When Armenia declared independence in 1991, the Internet access finally became available, allowing people to be part of the world again. The creation of an Internet Availability Center in 2012 (funded by Internet Society’s grant) at the Culture House for the Blind in Yerevan, triggered creative ideas among active members of the center.

They came to conclusion that an Internet radio station would be the greatest opportunity for helping the blind and visually impaired. The project started in January 2016 supported by the Internet Society’s Beyond the Net Funding Programme”. Today, it is a dream come true.

Nicoletta Metri

ARM And AMD X86 Server Chips Get Mainstream Lift From Microsoft

If you want real competition among vendors who supply stuff to you, then sometimes you have to make it happen by yourself. The hyperscalers and big cloud builders of the world can do that, and increasingly they are taking the initiative and fostering such competition for compute.

With its first generation of Open Cloud Servers, which were conceptualized in 2012, put into production for its Azure public cloud in early 2013, and open sourced through the Open Compute Project in January 2014, Microsoft decided to leverage the power of the open source hardware community to make its own server

ARM And AMD X86 Server Chips Get Mainstream Lift From Microsoft was written by Timothy Prickett Morgan at The Next Platform.

Build a custom Linux Router image for UNetLab and EVE-NG network emulators

In their default configuration, the UNetLab and EVE-NG network emulators support Linux nodes running bootable CDROM or DVDROM images that offer a graphical user interface accessible via VNC.

We may add new Linux node types to both UNetLab and EVE-NG by building Linux VM images and creating custom templates. To support Linux networking emulation scenarios, we will build a linux router image that boots from a virtual hard disk, can be accessed via Telnet to simplify configuration and management, and that has a persistent file system onto which we can install software and modify configuration files.

In this post, we will show how to build a Linux router image and create a custom Linux router template that can be used in UNetLab or EVE-NG.

Add a custom Linux server image to UNetLab or EVE-NG by following the procedure below:

  1. Install a Linux server on a virtual machine on your host computer
  2. Start the new virtual machine and configure it so it is accessible via Telnet after it is moved into UNetLAb or EVE-NG:
    • Install and enable Telnet
    • Add a serial interface
    • Add networking software
    • Stop the virtual machine
  3. Copy the new virtual machine’s disk image to the UNetLab or EVE-NG Continue reading

AR & VR outlook: bloody vendor battles, iPhone support & peering into IoT

As anyone who has sampled the immersive worlds of early augmented or virtual reality apps can attest, the experience can be downright exhilarating. So too will be the vendor battles that erupt and the commercial uses to emerge around the technologies. So says Tom Mainelli, program vice president for devices and AR/VR at IDC, which held its annual Directions conference in Boston this week. Mainelli is excited about the prospect that these eventually comingled technologies will enable us to “fundamentally rethink how we create information, share information and absorb information.”VIRTUAL REALITY Mainelli first dove into VR, which he said basically involves “leaving one reality for another.” A recent IDC survey of more than 2,000 U.S. consumers found that three quarters of them said they had heard of VR and knew what it was – not surprising in light of all the new technology rolled out last year from the likes of Samsung, Facebook/Oculus and HTC. So yes, VR has gotten off to a faster start than AR through gaming apps and low-end gear such as Google Cardboard, but it could eventually become a subset of AR, the industry watcher said.To read this article in full Continue reading

Augmented & virtual reality: bloody vendor battles, expected iPhone support & seeing into IoT

As anyone who has sampled the immersive worlds of early augmented or virtual reality apps can attest, the experience can be downright exhilarating. So too will be the vendor battles that erupt and the commercial uses to emerge around the technologies. So says Tom Mainelli, program vice president for devices and AR/VR at IDC, which held its annual Directions conference in Boston this week. Mainelli is excited about the prospect that these eventually comingled technologies will enable us to “fundamentally rethink how we create information, share information and absorb information.”VIRTUAL REALITY Mainelli first dove into VR, which he said basically involves “leaving one reality for another.” A recent IDC survey of more than 2,000 U.S. consumers found that three quarters of them said they had heard of VR and knew what it was – not surprising in light of all the new technology rolled out last year from the likes of Samsung, Facebook/Oculus and HTC. So yes, VR has gotten off to a faster start than AR through gaming apps and low-end gear such as Google Cardboard, but it could eventually become a subset of AR, the industry watcher said.To read this article in full Continue reading

Here’s your augmented & virtual reality: bloody vendor battles, expected iPhone support & seeing into IoT

As anyone who has sampled the immersive worlds of early augmented or virtual reality apps can attest, the experience can be downright exhilarating. So too will be the vendor battles that erupt and the commercial uses to emerge around the technologies.So says Tom Mainelli, program vice president for devices and AR/VR at IDC, which held its annual Directions conference in Boston this week. Mainelli is excited about the prospect that these eventually comingled technologies will enable us to “fundamentally rethink how we create information, share information and absorb information.”VIRTUAL REALITY Mainelli first dove into VR, which he said basically involves “leaving one reality for another.” A recent IDC survey of more than 2,000 U.S. consumers found that three quarters of them said they had heard of VR and knew what it was – not surprising in light of all the new technology rolled out last year from the likes of Samsung, Facebook/Oculus and HTC. So yes, VR has gotten off to a faster start than AR through gaming apps and low-end gear such as Google Cardboard, but it could eventually become a subset of AR, the industry watcher said.To read this article in full Continue reading

Here’s your augmented & virtual reality: bloody vendor battles, expected iPhone support & seeing in to IoT

As anyone who has sampled the immersive worlds of early augmented or virtual reality apps can attest, the experience can be downright exhilarating. So too will be the vendor battles that erupt and the commercial uses to emerge around the technologies.So says Tom Mainelli, program vice president for devices and AR/VR at IDC, which held its annual Directions conference in Boston this week. Mainelli is excited about the prospect that these eventually comingled technologies will enable us to “fundamentally rethink how we create information, share information and absorb information.”VIRTUAL REALITY Mainelli first dove into VR, which he said basically involves “leaving one reality for another.” A recent IDC survey of more than 2,000 U.S. consumers found that three quarters of them said they had heard of VR and knew what it was – not surprising in light of all the new technology rolled out last year from the likes of Samsung, Facebook/Oculus and HTC. So yes, VR has gotten off to a faster start than AR through gaming apps and low-end gear such as Google Cardboard, but it could eventually become a subset of AR, the industry watcher said.To read this article in full Continue reading

Apple has already fixed most of the iOS exploits the CIA used

WikiLeaks is back at it again, this time with more than 8,700 leaked documents apparently from inside the CIA’s Center for Cyber Intelligence. According to those documents, the CIA had knowledge of zero-day exploits it could use to hack iPhones. But Apple said many of those bugs have already been patched with the latest version of iOS.The WikiLeaks documents didn’t include details of the bugs or whether the CIA has actually used them, so it’s unclear if or how Apple knows the exploits have been patched. But the company released a statement to multiple media outlets following the WikiLeaks dump on Tuesday: “Apple is deeply committed to safeguarding our customers’ privacy and security. The technology built into today’s iPhone represents the best data security available to consumers, and we’re constantly working to keep it that way. Our products and software are designed to quickly get security updates into the hands of our customers, with nearly 80 percent of users running the latest version of our operating system. While our initial analysis indicates that many of the issues leaked today were already patched in the latest OS, we will continue work to rapidly address any identified vulnerabilities. We always urge Continue reading

20% off Pre-order of Mass Effect Andromeda – Deal Alert

Mass Effect Andromeda will be releasing on March 21, 2017 and is currently available for pre-order on Amazon. If you're an Amazon Prime Member (or have a free trial -- get one here) you'll see the price drop an extra 20% on Mass Effect Andromeda (PC, PlayStation 4 or Xbox One). Price drop activates when you add it to your cart, and sinks the price from $59.99 to $39.99.To read this article in full or to leave a comment, please click here

Apple has already fixed most of the iOS exploits the CIA used

WikiLeaks is back at it again, this time with more than 8,700 leaked documents apparently from inside the CIA’s Center for Cyber Intelligence. According to those documents, the CIA had knowledge of zero-day exploits it could use to hack iPhones. But Apple said many of those bugs have already been patched with the latest version of iOS.The WikiLeaks documents didn’t include details of the bugs or whether the CIA has actually used them, so it’s unclear if or how Apple knows the exploits have been patched. But the company released a statement to multiple media outlets following the WikiLeaks dump on Tuesday: “Apple is deeply committed to safeguarding our customers’ privacy and security. The technology built into today’s iPhone represents the best data security available to consumers, and we’re constantly working to keep it that way. Our products and software are designed to quickly get security updates into the hands of our customers, with nearly 80 percent of users running the latest version of our operating system. While our initial analysis indicates that many of the issues leaked today were already patched in the latest OS, we will continue work to rapidly address any identified vulnerabilities. We always urge Continue reading

1 2,083 2,084 2,085 2,086 2,087 3,680