SaferVPN says it takes the risk out of using public Wi-Fi connections  

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  Bring-your-own-device (BYOD) has become a fairly standard practice in most businesses today. Who among us hasn’t pulled out their cell phone to do a quick check of company email while killing time in a restaurant or a checkout line? The prevalence of public Wi-Fi makes it so easy to connect and tend to a little business while on the go.Many people look at public Wi-Fi as a convenience, or even as a requirement, when choosing where to spend time and money. Look in the window of any coffee shop today and count how many people are engaged with a laptop, tablet or mobile phone. How many of them would still be there if the shop didn’t provide free Wi-Fi?To read this article in full or to leave a comment, please click here

March 2017: The month in hacks and breaches

March came in like a lion with news breaking on March 6 that spamming operation River City Media exposed 1.34 billion email accounts, some of which included personal information including full names and addresses. How did this happen? The company failed to properly configure their Rsync backups, wrote CSO’s Steve Ragan.Later that week, WikiLeaks released a trove of information on the CIA’s hacking tools, including descriptions of how the agency targeted iPhones, Android phones, Samsung smart TVs, and routers.To read this article in full or to leave a comment, please click here(Insider Story)

March 2017: The month in hacks and breaches

March came in like a lion with news breaking on March 6 that spamming operation River City Media exposed 1.34 billion email accounts, some of which included personal information including full names and addresses. How did this happen? The company failed to properly configure their Rsync backups, wrote CSO’s Steve Ragan.To read this article in full or to leave a comment, please click here(Insider Story)

Windows 7 is in no rush to leave

Microsoft Windows 7 may not go quietly into the night, according to data published Saturday.March's Windows 7 user share -- an estimate of the percentage of the world's personal computers powered by the 2009 operating system -- was 49%, said analytics vendor Net Applications. However, Windows 7 ran 54% of all Windows machines: The difference between the user share of all PCs and only those running Windows stemmed from Windows powering 92% of the globe's personal computers, not 100%.More importantly, Windows 7's share has barely moved in the last 12 months. Since this time in 2016, it's dropped just 2.5 percentage points, representing a meager 5% decline. As a portion of just Windows personal computers, Windows 7 has been even more obstinate, remaining steady over the past year at 54%.To read this article in full or to leave a comment, please click here

We Are None Of Us Imposters: An Allegory

Sitting in the conference room, I looked up at the whiteboard covered in a clever design. I hadn’t understood the design immediately, but then as my mentor explained it to me, I comprehended the brilliance of it.

“That was…that was clever. Really. Elegant even. I never would have come up with that on my own. I learned something from you today, and I appreciate it. Thanks for taking the time.”

“Oh, I can’t take credit for the design. I got most of it from this book here. If anything, the credit goes to the author.”

And so I took a look at the book, and searched online for the author’s name. Her information popped up in my browser, and I sent her an e-mail.

“Thanks for the design you recommended in your book. It’s very clever, and we’re going to be testing it for use in our company. I think you’ve solved some problems for us. We really appreciate it.”

After a few days, her reply came back.

“Naturally, I’m happy that the book is a benefit to you, but honestly, that design is a reflection of an interview I had with a research team. They did all the heavy lifting and Continue reading

Beyond Trust: privilege, vulnerability management available through Azure

Users of Azure cloud services have a new option for stopping the misuse of privileges as well as managing vulnerabilities through an alliance with Beyond Trust.Azure customers who buy Beyond Trust licenses can host PowerBroker, the company’s privileged access management (PAM) and its vulnerability management (VM) platform, Retina, in their Azure cloud instances.They can host BeyondSaaS perimeter vulnerability scanning in Azure as well. Both are available via the Azure Marketplace.These new services give Beyond Trust customers a third option for how they deploy PAM and VM. Before they could extend a local instance of Beyond Trust’s security to the Azure cloud via software connectors or deploy it within the cloud using software agents deployed on virtual machines there.To read this article in full or to leave a comment, please click here

Beyond Trust: privilege, vulnerability management available through Azure

Users of Azure cloud services have a new option for stopping the misuse of privileges as well as managing vulnerabilities through an alliance with Beyond Trust.Azure customers who buy Beyond Trust licenses can host PowerBroker, the company’s privileged access management (PAM) and its vulnerability management (VM) platform, Retina, in their Azure cloud instances.They can host BeyondSaaS perimeter vulnerability scanning in Azure as well. Both are available via the Azure Marketplace.These new services give Beyond Trust customers a third option for how they deploy PAM and VM. Before they could extend a local instance of Beyond Trust’s security to the Azure cloud via software connectors or deploy it within the cloud using software agents deployed on virtual machines there.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Speed up slow web pages with this simple trick

Increasing the size of images and text will speed up web page delivery, say scientists. This counter-intuitive idea has been put forward as a solution to latency in browser page loading.The reason the idea works, in theory at least, is that the larger image pushes subsequent, following images farther down the page and out of the browser’s work area. Consequently the browser has less to do, pulls less data and provides a faster delivery of content.The researchers, who are from Northwestern’s McCormick School of Engineering, say this fiendishly simple idea will work particularly well for developers working with airplane networks, where it will stop browsers struggling to load a page. Airplane Wi-Fi can be hindered by latency, they explain.To read this article in full or to leave a comment, please click here

UEFI flaws can be exploited to install highly persistent ransomware

Over the past few years, the world has seen ransomware threats advance from living inside browsers to operating systems, to the bootloader, and now to the low-level firmware that powers a computer's hardware components.Earlier this year, a team of researchers from security vendor Cylance demonstrated a proof-of-concept ransomware program that ran inside a motherboard's Unified Extensible Firmware Interface (UEFI) -- the modern BIOS.On Friday, at the Black Hat Asia security conference, the team revealed how they did it: by exploiting vulnerabilities in the firmware of two models of ultra compact PCs from Taiwanese computer manufacturer Gigabyte Technology.To read this article in full or to leave a comment, please click here

UEFI flaws can be exploited to install highly persistent ransomware

Over the past few years, the world has seen ransomware threats advance from living inside browsers to operating systems, to the bootloader, and now to the low-level firmware that powers a computer's hardware components.Earlier this year, a team of researchers from security vendor Cylance demonstrated a proof-of-concept ransomware program that ran inside a motherboard's Unified Extensible Firmware Interface (UEFI) -- the modern BIOS.On Friday, at the Black Hat Asia security conference, the team revealed how they did it: by exploiting vulnerabilities in the firmware of two models of ultra compact PCs from Taiwanese computer manufacturer Gigabyte Technology.To read this article in full or to leave a comment, please click here

What’s New in Ansible Tower 3.1

Ansible Tower by Red Hat

Ansible Tower 3.1 adds a variety of new features that make it easier than ever to share and scale IT automation. Tower now includes multi-Playbook workflows to streamline jobs, clustering to easily scale-out Tower instances, enhanced search and more.

For this post, we asked members of the Tower engineering team to highlight what’s new with the latest release and share what they're most excited about.

Engineered for the enterprise

Tim Cramer, Senior Director of Engineering, shares a quick overview of the Tower 3.1 enhancements designed to help teams harness the power of Ansible automation across servers, applications, environments and networks:

 

Scale-out clustering

Matt Jones, Principal Software Engineer, explains how scale-out clustering enables you to support a larger number of Tower jobs:

 

Multi-Playbook workflows

Chris Meyers, Senior Software Engineer, describes how Tower's new multi-Playbook workflows promote greater re-use of existing job templates and allow you to build a CI/CD testing workflow:

 

And more...

“One of the things we are most excited about in Ansible Tower 3.1 is localization. This is the first release of Tower that has been localized. Tower is now available in Japanese and French. We went through a lot of thought as to where we wanted Continue reading

Microsoft shutters CodePlex in favor of GitHub

Microsoft announced on Friday it is shutting down CodePlex, its code hosting site for open-source projects, in favor of the more widely used GitHub. The move is something of a formality, since Microsoft has already been transitioning its open-source projects to GitHub for some time and you never hear about CodePlex any more. The company has had problems with the site, with spammers hitting it in 2015 seeking to take advantage of the CodePlex.com domain to boost their illicit activities. And Microsoft admits over the past few years, it has watched many CodePlex projects migrate to GitHub. Brian Harry, a corporate vice president at Microsoft, wrote in his blog announcing the closing of CodePlex that there has been a substantial decrease in usage. To read this article in full or to leave a comment, please click here

Serverless computing in practice

Alpha Vertex is a year-old New York City startup with an ambitious agenda: It wants to create a graph database of global financial knowledge.CTO Michael Bishop says the goal is to use predictive modeling to help companies judge risk and investors get insight on what drives the market. To do so has required the company to build a massive technical back-end that uses some hottest emerging technologies. Two of the most important are Google’s cloud-based machine learning algorithms and IBM’s OpenWhisk, a serverless or Function-as-a-Service platform.+MORE AT NETWORK WORLD: Serverless explainer: The next-generation of cloud infrastructure +To read this article in full or to leave a comment, please click here

An NDSS Newcomer’s Perspective

[Editor’s Note: A limited number of student grants are available to help pay for travel, accommodations, and NDSS Symposium registration fees for full-time students attending the 24th annual Network and Distributed System Security (NDSS) Symposium. Watch the NDSS website at https://www.internetsociety.org/events/ndss-symposium for information and deadlines as the process opens for NDSS 2018 in February of next year. The following post is a guest contribution from one 2017 grantee.]

Muhammad Talha Paracha

Serverless explainer: The next generation of cloud infrastructure

The first thing to know about serverless computing is that "serverless" is a pretty bad name to call it.Contrary to the vernacular, the technology that has burst onto the cloud computing scene in the past two years still does in fact run on servers. The name serverless instead highlights the fact that end users don’t have to manage servers that run their code anymore.+MORE AT NETWORK WORLD: Serverless computing in practice | This company runs its app without managing servers or virtual machines +To read this article in full or to leave a comment, please click here

Distributed Denial of Service Open Threat Signaling (DOTS)

When the inevitable 2AM call happens—”our network is under attack”—what do you do? After running through the OODA loop (1, 2, 3, 4), used communities to distribute the attack as much as possible, mitigated the attack where possible, and now you realist there little you can do locally. What now? You need to wander out on the ‘net and try to figure out how to stop this thing. You could try to use flowspec, but many providers do not like to support flowspec, because it directly impacts the forwarding performance of their edge boxes. Further, flowspec, used in this situation, doesn’t really work to walk the attack back to its source; the provider’s network is still impact by the DDoS attack.

This is where DOTS comes in. There are four components of DOTS, as shown below (taken directly from the relevant draft)—

The best place to start is with the attack target—that’s you, at 6AM, after trying to chase this thing down for a few hours, panicked because the office is about to open, and your network is still down. Within your network there would also be a DOTS client; this would be a small piece of software running Continue reading

30% off Garmin Forerunner 230 Running and Activity Tracking Watch – Deal Alert

Forerunner 230 is a running watch and activity tracker with smart features. It records steps, even when you’re not running. Tracks distance, pace, time, heart rate and VO2 Max on your runs. And when paired to your phone see incoming email, text messages, call alerts, calendar reminders and more. Right now its $250 list price on Amazon has been reduced 30% down to $175.84. See it now and learn more on Amazon.To read this article in full or to leave a comment, please click here

1 2,179 2,180 2,181 2,182 2,183 3,845