9 biggest information security threats through 2019

The information security threat landscape is constantly evolving. To help you navigate the terrain, each year the Information Security Forum (ISF) — a nonprofit association that researches and analyzes security and risk management issues on behalf of its members — puts out its Threat Horizon report to provide members with a forward-looking view of the biggest security threats over a two-year period. What follows are the nine biggest threats on the horizon through 2019 that your organization may have to manage and mitigate.Theme 1: Disruption from an over-reliance on fragile connectivity Organizations today depend of instant and uninterrupted connectivity, smart physical devices and trustworthy people. But that dependence makes them vulnerable to attacks on core internet infrastructure, devices used in daily business and key people with access to mission-critical information.To read this article in full or to leave a comment, please click here

9 biggest information security threats through 2019

The information security threat landscape is constantly evolving. To help you navigate the terrain, each year the Information Security Forum (ISF) — a nonprofit association that researches and analyzes security and risk management issues on behalf of its members — puts out its Threat Horizon report to provide members with a forward-looking view of the biggest security threats over a two-year period. What follows are the nine biggest threats on the horizon through 2019 that your organization may have to manage and mitigate.Theme 1: Disruption from an over-reliance on fragile connectivity Organizations today depend of instant and uninterrupted connectivity, smart physical devices and trustworthy people. But that dependence makes them vulnerable to attacks on core internet infrastructure, devices used in daily business and key people with access to mission-critical information.To read this article in full or to leave a comment, please click here

Refurbishing Samsung Note7s for resale is a ‘disastrous’ plan, analyst says

Just two days before Samsung's launch of the Galaxy S8 on Wednesday, the company announced it will consider using some recalled Galaxy Note7 smartphones for re-sale as refurbished or as rental phones.One analyst bashed the plan as "disastrous," while another said Samsung is performing a "balancing act" following the Note7 fallout when some units overheated and caught fire.Samsung also said in a statement on Monday that it could detach salvageable components from the Note7s for reuse. It may also extract metals like copper, gold, silver and nickel from the devices using environmentally friendly methods.To read this article in full or to leave a comment, please click here

Report: Samsung’s flagship smartphones tank just before Galaxy S8 launch

A financial report cited by South Korea’s Yonhap News says that Samsung’s higher-end smartphones are accounting for a rapidly decreasing share of the company’s sales.Premium smartphones account for just 29% of Samsung’s smartphone sales, down from 75% in mid-2013, Yonhap quotes a Hana Financial Investment report as saying. The disastrous battery problems experienced by the Samsung Galaxy Note 7 undoubtedly have a lot to do with the company’s shrinking premium device sales, but the report indicates that those sales were already in decline before the Note 7 incidents began to attract widespread negative publicity.To read this article in full or to leave a comment, please click here

Amazon Connect brings contact centers to the cloud

Amazon today released Connect, a contact center as a service offering hosted in the Amazon Web Services cloud.The move represents AWS attempting to jump into a burgeoning market for cloud-based contact center software, while continuing to push AWS into the enterprise communications market. Just last month AWS announced Chime, a cloud-based Unified Communication as a Service (UCaaS) offering.+MORE AT NETWORK WORLD: Amazon Web Services vs. Microsoft Azure vs. Google Cloud Platform | This is not the sort of publicity Avaya was seeking +To read this article in full or to leave a comment, please click here

Worth Reading: Odds are in Favor of Quantum Encryption

No kinds of organizations have tighter security than the average casino. After all, the house always wins, and it wants to keep those winnings. A recent Wired article, however, explains how a team of Russian hackers managed to beat a lot of casinos worldwide. They did so by exploiting inherent flaws in the pseudo-random number generators (PRNG) that are integral parts of randomizing every spin of a slot machine. Even if you don’t care about wealthy casino bosses losing money, you still need to be concerned about the drawbacks to using PRNGs because slots aren’t the only things that are vulnerable. Most of the world’s encryption is also based on pseudo-random numbers. —Cloud Security Alliance

The post Worth Reading: Odds are in Favor of Quantum Encryption appeared first on 'net work.

Being a Linux user isn’t weird anymore

A few days ago, I was down at the Starbucks in my local bookstore—sipping on a hot chocolate, using the free (but rather pokey) Wi-Fi, and getting some work done.This is pretty typical for me. Since I work from home, it’s nice to get out of the house and shake things up a little bit. Working for a few hours at a coffee shop tends to be just about right. I’m not the only person in the world who uses coffee shops as short term offices—it’s become so normal, it’s almost a cliché.The one thing that typically sets me apart from the other people working from any given coffee shop is my computer. I run Linux (currently openSUSE with GNOME). And often, I’ll have some sort of unusual Linux-powered gadget with me (such as my PocketCHIP or my trusty old Nokia N810). To read this article in full or to leave a comment, please click here

Ericsson’s Turnaround Plan Includes Around $2B in Charges

The restructuring plan includes the elimination of four members of management.

OpenStack Private Clouds Help Red Hat Achieve 16% Revenue Growth in Q4

Red Hat deals greater than $1 million in fiscal 2017 grew by over 30 percent annually.

The insecurities list: 10 ways to improve cybersecurity

A friend asked me to list all of the cybersecurity things that bug me and what he should be diligent about regarding user security. We talked about access control lists, MAC layer spoofing, and a bunch of other topics and why they mattered. You should come up with a list of head-desk things.After a bit of thought, here’s a list. It’s by NO means comprehensive, and it’s not an organized best practices document. Instead, these are marbles that roll around in my head and bother me a lot.1. Ban and route to null t.co, bit.ly, and other URL shorteners Why? Especially in phishing emails, a user has no idea where the link is going, what’s behind that link, or what kind of benevolent or conversely malicious payload is going to load in the default browser. Sure, your anti-malware or antivirus tool, or even the browser’s own instinct, might prevent a page load that opens a back door into your network. Maybe.To read this article in full or to leave a comment, please click here

The insecurities list: 10 ways to improve cybersecurity

A friend asked me to list all of the cybersecurity things that bug me and what he should be diligent about regarding user security. We talked about access control lists, MAC layer spoofing, and a bunch of other topics and why they mattered. You should come up with a list of head-desk things.After a bit of thought, here’s a list. It’s by NO means comprehensive, and it’s not an organized best practices document. Instead, these are marbles that roll around in my head and bother me a lot.1. Ban and route to null t.co, bit.ly, and other URL shorteners Why? Especially in phishing emails, a user has no idea where the link is going, what’s behind that link, or what kind of benevolent or conversely malicious payload is going to load in the default browser. Sure, your anti-malware or antivirus tool, or even the browser’s own instinct, might prevent a page load that opens a back door into your network. Maybe.To read this article in full or to leave a comment, please click here

Response: AT&T Joins The Linux Foundation as a Platinum Member

Once upon a time its was all vendors in the Linux Foundation.

The Linux Foundation, the nonprofit advancing professional open source management for mass collaboration, today announced that AT&T has become a Platinum member.

This follows news of the company’s contribution of several million lines of ECOMP code to The Linux Foundation, as well as the new Open Network Automation Platform (ONAP) Project based on production-ready code from AT&T and OPEN-O contributors.

Are we really seeing a resurgence of customers doing it for themselves ? In particular, customers that are far larger than the traditional IT vendors are staking out positions in the open source community.

Link: AT&T Joins The Linux Foundation as a Platinum Member | The Linux Foundation – https://www.linuxfoundation.org/announcements/att-joins-linux-foundation-as-a-platinum-member

The post Response: AT&T Joins The Linux Foundation as a Platinum Member appeared first on EtherealMind.

Reaction: The Future is…

This week, I ran across two posts that follow down a path I’ve gone down before—but it is well worth bringing this point up again. Once more into the breach. Tom, over at the Networking Nerd, has this to say on the topic of the future of network engineering—

The syntaxes that power these new APIs aren’t the copyrighted CLIs that networking professionals spend their waking hours memorizing in excruciating detail. JUNOS and Cisco’s “standard” CLI are as much relics of the past as CatOS. At least, that’s the refrain that comes from both sides of the discussion. The traditional networking professionals hold tight to the access methods they have experience with and can tune like a fine instrument. More progressive networkers argue that standardizing around programming languages is the way to go. Why learn a propriety access method when Python can do it for you?

The point Tom makes is this: programming is not the future of network engineering. But, but… there is so much pressure, and so many people saying “if you do not know how to program, you are going to be out of a job in five years.” I think there are negative and positive Continue reading

Windows Insider Program surpasses 10 million users

Microsoft announced that the Windows Insider Program—its global community of testers who run interim builds of Windows 10 and serve as beta testers/guinea pigs for what might be an unstable build on their personal machines—has passed the 10 million mark.It's taken a while to get here after a fast start. The program launched in September 2014 with the modest hopes of getting 400,000 enthusiasts on board. Instead, it hit 1 million after a few weeks. Back in August 2015, the number stood at 6 million people, and less than a month later Microsoft said it was up to 7 million.RELATED: 11 hidden tips and tweaks for Windows 10 Then things got quiet. Clearly an 18-month lag between the 7 million and 10 million mark means things plateaued, and perhaps Microsoft didn't want to admit it. To read this article in full or to leave a comment, please click here

LastPass is scrambling to fix another serious vulnerability

For the second time in two weeks developers of the popular LastPass password manager are working to fix a serious vulnerability that could allow malicious websites to steal user passwords or infect computers with malware.Like the LastPass flaws patched last week, the new issue was discovered and reported to LastPass by Tavis Ormandy, a researcher with Google's Project Zero team. The researcher revealed the vulnerability's existence in a message on Twitter, but didn't publish any technical details about it that could allow attackers to exploit it.To read this article in full or to leave a comment, please click here

LastPass is scrambling to fix another serious vulnerability

For the second time in two weeks developers of the popular LastPass password manager are working to fix a serious vulnerability that could allow malicious websites to steal user passwords or infect computers with malware.Like the LastPass flaws patched last week, the new issue was discovered and reported to LastPass by Tavis Ormandy, a researcher with Google's Project Zero team. The researcher revealed the vulnerability's existence in a message on Twitter, but didn't publish any technical details about it that could allow attackers to exploit it.To read this article in full or to leave a comment, please click here

ETSI’s MEC Extends Its Focus Beyond Mobile Access Networks

The group will include technologies like LTE, 5G, fixed, and WiFi.

Docker Birthday #4: Thank you Docker Community!

Pақмет сізге, tak, धन्यवाद, cảm ơn bạn, شكرا, mulțumesc, gracias, merci, danke, obrigado, ευχαριστώ, köszönöm, thank you Docker community! From Des Moines to Santiago de Cuba, Budapest to Tel Aviv and Sydney to Cairo, it was so awesome to see the energy from the community coming together to celebrate and learn about Docker!

We originally planned for 50 Docker Birthday #4 celebrations worldwide with 2,500 attendees. But over 9,000 people registered to attend one of the 152 celebrations across 5 continents! A huge thank you to all the Docker meetup organizers who worked hard to make these celebrations happen and offered Docker beginners the  opportunity to participate in hands on Docker labs.

Join in on the fun!

In case you missed it last week, check out the pics from all of the #DockerBday celebrations including the awesome birthday cakes! Check out the Facebook photo album too! Up for a little more reading? Check out these blog posts from Docker Captains Jonas Rosland and Alex Ellis about their experience mentoring at their local event.

None of this would have been possible without the support (and expertise!) of the 500+ advanced Docker users who signed up as mentors to help attendees learn about Docker by Continue reading

May 1 – 5, 2017 Dubai CCDE Bootcamp

Next Onsite Instructor Led CCDE Bootcamp will be held on Dubai.    Class will be 5 days, May 1 to 5, 2017.   Everyday we will have 8 hours. It is going to be very intense.   I am going to cover all CCDE Blueprint topics, many scenarios, all you need to pass CCDE Practical […]

The post May 1 – 5, 2017 Dubai CCDE Bootcamp appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Malware infection rate of smartphones is soaring – Android devices often the target

Smartphones are by far the most popular target of mobile malware, and the infection rate is soaring, according to new research by Nokia.During the second half of 2016, the increase in smartphone infections was 83% following on the heels of a 96% increase during the first half of the year, according to Nokia’s latest Mobile Threat Intelligence Report gathered from devices on which Nokia NetGuard Endpoint Security is deployed in Europe, North America, Asia Pacific and the Middle East.+More on Network World:  Cisco Talos warns of Apple iOS and MacOS X.509 certificate flaw+To read this article in full or to leave a comment, please click here