Malware distributors are switching to less suspicious file types

After aggressively using JavaScript email attachments to distribute malware for the past year, attackers are now switching to less suspicious file types to trick users.Last week, researchers from the Microsoft Malware Protection Center warned about a new wave of spam emails that carried malicious .LNK files inside ZIP archives. Those files had malicious PowerShell scripts attached to them.PowerShell is a scripting language for automating Windows system administration tasks. It has been abused to download malware in the past and there are even malware programs written entirely in PowerShell.To read this article in full or to leave a comment, please click here

IDG Contributor Network: How ZeroStack plans to deliver ‘self-driving’ clouds

ZeroStack is an IT management vendor. More specifically, it provides tooling that lets organizations turn bare-metal (i.e., physical) servers into cloud infrastructure. Basically ZeroStack -- like cloud platforms from OpenStack, Microsoft and others -- wants to make physical infrastructure work like the public cloud. ZeroStack offers the operating tools and the self-service platform that helps customers make decisions about capacity planning, troubleshooting and optimized placement of applications. On top of that, ZeroStack offers a Bitnami-like integrated app store that allows organizations to offer their end users a "one-click" installation of popular applications onto their cloud platform. Finally, ZeroStack is integrated with public clouds to offer migration between on-premises and public cloud infrastructure.To read this article in full or to leave a comment, please click here

Part 2 of Thinking Serverless —  Platform Level Issues 

This is a guest repost by Ken Fromm, a 3x tech co-founder — Vivid Studios, Loomia, and Iron.io. Here's Part 1.

Job processing at scale at high concurrency across a distributed infrastructure is a complicated feat. There are many components involvement — servers and controllers to process and monitor jobs, controllers to autoscale and manage servers, controllers to distribute jobs across the set of servers, queues to buffer jobs, and whole host of other components to ensure jobs complete and/or are retried, and other critical tasks that help maintain high service levels. This section peels back the layers a bit to provide insight into important aspects within the workings of a serverless platform.

Throughput

Throughput has always been the coin of the realm in computer processing — how quickly can events, requests, and workloads be processed. In the context of a serverless architecture, I’ll break throughput down further when discussing both latency and concurrency. At the base level, however, a serverless architecture does provide a more beneficial architecture than legacy applications and large web apps when it comes to throughput because it provide for far better resource utilization.

In a post by Travis Reeder on What is Serverless Computing and Why is Continue reading

Prime Members get 35% off Samsung Gear 360, 360-degree High-Res VR Camera – Deal Alert

The Gear 360 is smaller than a baseball, so you can just hold it and shoot. Or set it down on the included tripod and live in the moment. Look all around you -- that’s what you capture with the Gear 360. Every angle, all at once, every time. Play videos back, trim and instantly share your creation on YouTube, Facebook or Samsung VR. Right now, if you're an Amazon Prime member (or have a free trial, located right here) the Gear 360 is significantly discounted from its typical list price of $350. With the current 35% off deal you can get it now for just $225.99 on Amazon, where it averages 4 out of 5 stars (read recent reviews).  See the discounted Samsung Gear 360-degree camera now on Amazon.To read this article in full or to leave a comment, please click here

How To: Setting up a GRE or VXLAN tunnel on Linux


This is a guide to setting up VXLAN/GRE tunnels between two linux machines, be it virtual or physical. There are so many guides and reference pages on the internet but I couldn't find one that is comprehensive yet simple. Most popular method of setting up tunnels in linux seems to be using OpenvSwitch. There are a few interesting posts [redhat][Brent Sailsbury's blog][David Mahler - Youtube] out there that describe tunnel setup using OVS but few that leverages linux network stack directly. The closest I could find were a kernel reference page for VXLAN and a presentation from LinuxCon2013.

In this post both methods - OpenvSwitch & only linux networking will be discussed. When we speak about VXLAN we normally discuss multicast groups and how endpoints (VTEP) learn and populate both the fdb (forwarding database entry) and the mdb (multicast group database entry). This article describes "not using" a multicast group and dynamic learning when setting the tunnel up natively, i.e. without OVS. Both methods require a fairly newer kernel (3.7 and greater) and needs the "vxlan" kernel module to be loaded. lsmod can be used to check if this Continue reading

Why Intel’s Unite software survived last year’s brutal product purge

At first glance, Intel's Unite software comes across as an anomaly. What future does the collaboration software have in the chipmaker's future?For now, the software is linked to Intel's PC chips, which is a core business. But it's emerging as a component of the company's virtual reality, internet of things, and server businesses, which are all central to Intel's future growth strategy after a massive restructuring last year.Unite, which was released in 2015, allows remote and on-site users to log in to meetings and share documents and whiteboards. It works with Macs and Windows PCs as well as iPads and Android tablets, and it supports software like Skype for Business.To read this article in full or to leave a comment, please click here

IDG Contributor Network: The future isn’t cloud. It’s multi-cloud

Cloud computing was supposed to simplify IT environments. Now, according to a recent study by Microsoft and 451 Research, nearly a third of organizations work with four or more cloud vendors. It would seem multi-cloud is the future of cloud computing. But what is driving this trend?Some organizations simply want to have more options—using multiple cloud providers to support different applications and workloads mean they can use the solution best suited to their needs. For example, an organization’s core applications may need resilient applications that can run even if local power is lost or that can expand or contract their capacity depending on workload.To read this article in full or to leave a comment, please click here

RSA Conference: Carbon Black to introduce Streaming Prevention

Carbon Black is introducing at RSA Conference 2017 next week a new way for its gear to detect attacks that don’t make their way into networks via viruses or malicious files that other endpoint security software can detect.Called Streaming Prevention, the technology can find both malware and non-malware attacks by analyzing endpoint activities in the context of the sequences in which they unfold.It does this by having endpoint agents tag events as they occur and streaming them to Carbon Black’s analysis engine in the cloud. There the engine determines whether it falls in a sequence of events that add up to an attack and tells the endpoint to block activity that is deemed malicious.To read this article in full or to leave a comment, please click here

RSA Conference: Carbon Black to introduce Streaming Prevention

Carbon Black is introducing at RSA Conference 2017 next week a new way for its gear to detect attacks that don’t make their way into networks via viruses or malicious files that other endpoint security software can detect.Called Streaming Prevention, the technology can find both malware and non-malware attacks by analyzing endpoint activities in the context of the sequences in which they unfold.It does this by having endpoint agents tag events as they occur and streaming them to Carbon Black’s analysis engine in the cloud. There the engine determines whether it falls in a sequence of events that add up to an attack and tells the endpoint to block activity that is deemed malicious.To read this article in full or to leave a comment, please click here

Hacker hijacks thousands of publicly exposed printers to warn owners

Following recent research that showed many printer models are vulnerable to attacks, a hacker decided to prove the point and forced thousands of publicly exposed printers to spew out rogue messages. The messages included ASCII art depicting robots and warned that the printers had been compromised and they were part of a botnet. The hacker, who uses the online alias Stackoverflowin, later said that the botnet claim was not true and that his efforts served only to raise awareness about the risks of leaving printers exposed to the internet. Stackoverflowin claims to be a high-school student from the U.K. who is interested in security research. He said that for the most part he simply sent print jobs using the Line Printer Daemon (LPD), the Internet Printing Protocol (IPP) and the RAW protocol on communications port 9100 to printers that didn't require authentication.To read this article in full or to leave a comment, please click here

Hacker hijacks thousands of publicly exposed printers to warn owners

Following recent research that showed many printer models are vulnerable to attacks, a hacker decided to prove the point and forced thousands of publicly exposed printers to spew out rogue messages. The messages included ASCII art depicting robots and warned that the printers had been compromised and they were part of a botnet. The hacker, who uses the online alias Stackoverflowin, later said that the botnet claim was not true and that his efforts served only to raise awareness about the risks of leaving printers exposed to the internet. Stackoverflowin claims to be a high-school student from the U.K. who is interested in security research. He said that for the most part he simply sent print jobs using the Line Printer Daemon (LPD), the Internet Printing Protocol (IPP) and the RAW protocol on communications port 9100 to printers that didn't require authentication.To read this article in full or to leave a comment, please click here

ZeroStack uses machine learning to create self-driving clouds

Cloud mania continues to grow as businesses move more and more workloads to platforms such as Microsoft Azure and Amazon Web Services (AWS). But while public cloud hype is stealing all the headlines, private data centers are quietly plodding along and growing, as well. There is so much data growth today that businesses have to invest in both public clouds and private data centers, hence the high adoption rate of “hybrid” environments. + Also on Network World: The cloud continues to rise—and fast + The landscape for public cloud services is set—Azure and Amazon have won that battle—but private data centers are in a state of change. The legacy model of buying best-of-breed components and cobbling the technology together to build a private cloud is a long, complex process that just can’t keep up with the needs of a digital organization. Turnkey private clouds are becoming increasingly popular because they give businesses an Amazon-like experience but in a private cloud model, so the data and infrastructure stays in the company data center. To read this article in full or to leave a comment, please click here

Hacking the 2016 election: A timeline

History has yet to judge the 2016 presidential election, but from where we sit in the early days of 2017, it’s hard to imagine that it will ever be relegated to a footnote. From how spectacularly polling failed to predict the election’s outcome to how the election was effectively decided by just “77,759 votes in three states,” not to mention that the loser walked away with 2.8 million more votes than the winner, the 2016 election season produced one big story after another. But what may prove to be the biggest story of the 2016 election is the series of hacks that undermined both the democratic process and the Democratic candidate — and the the role of the Russian government in those hacks.To read this article in full or to leave a comment, please click here(Insider Story)

Key tech companies oppose Trump immigration order in court

Google, Facebook, Intel, Netflix, Microsoft, Apple and Twitter are among a large group of companies that have filed a brief in opposition to an immigration order by U.S. President Donald Trump, citing the benefits to industry from liberal immigration rules and the disruption to business as a result of the regulation.A total of 97 companies from the technology and other sectors asked permission late Sunday from the U.S. Court of Appeals for the Ninth Circuit to file an amici curiae, also known as a friends-of-the-court brief, in favor of maintaining a restraining order from a lower court on Trump’s decision that restricts the entry of certain classes of visitors from seven Muslim-majority countries.To read this article in full or to leave a comment, please click here

What deep learning really means

Perhaps the most positive technical theme of 2016 was the long-delayed triumph of artificial intelligence, machine learning, and in particular deep learning. In this article we'll discuss what that means and how you might make use of deep learning yourself.Perhaps you noticed in the fall of 2016 that Google Translate suddenly went from producing, on the average, word salad with a vague connection to the original language to emitting polished, coherent sentences more often than not -- at least for supported language pairs, such as English-French, English-Chinese, and English-Japanese. That dramatic improvement was the result of a nine-month concerted effort by the Google Brain and Google Translate teams to revamp Translate from using its old phrase-based statistical machine translation algorithms to working with a neural network trained with deep learning and word embeddings employing Google's TensorFlow framework.To read this article in full or to leave a comment, please click here

7 ways to save money when you build a PC

For many enthusiasts, part of the fun of building a PC lies in not spending a penny more than necessary. Whether you’re building a basic everyday computer or trying to eke out a $500 gaming rig, shopping smart lets you do more with your money or, well, just plain save some cash on a purchase that’s already pricey enough.Good news: Costs savings abound, especially if you’re not in a rush. You just have to know where—and how—to look. These tips and tricks will help you save money on your next PC build. To read this article in full or to leave a comment, please click here

Montreal sees its future in smart sensors, artificial intelligence (with video)

The Quebecois city of Montreal has long been known as a hotbed of creativity -- home of Cirque du Soleil and a hub for companies in the online gaming and special effects industries, not to mention its place as a financial and trade capital.Creativity played a key role when the city of 2 million (with 4 million regionally) competed against other municipalities globally to win the 2016 title of Intelligent Community of the Year.And now that commitment to creativity is spurring the city to explore a range of unique new smartphone apps and other startup-generated initiatives that leverage sensors, data collection and analysis, and machine learning to deal with snow removal, ever-increasing traffic and other municipal challenges.To read this article in full or to leave a comment, please click here

1 2,187 2,188 2,189 2,190 2,191 3,696