Why email is safer in Office 365 than on your Exchange server

Running your own email servers doesn’t do anything to differentiate your business from the competition (except in a bad way, if you get hacked). But avoiding the effort of managing and monitoring your own mail server isn’t the only advantage of a cloud service. The scale of a cloud mail provider like Office 365 means that malware and phishing attacks are easier to spot — and the protections extend beyond your inbox.To read this article in full or to leave a comment, please click here(Insider Story)

Why email is safer in Office 365 than on your Exchange server

Running your own email servers doesn’t do anything to differentiate your business from the competition (except in a bad way, if you get hacked). But avoiding the effort of managing and monitoring your own mail server isn’t the only advantage of a cloud service. The scale of a cloud mail provider like Office 365 means that malware and phishing attacks are easier to spot — and the protections extend beyond your inbox.Email protection isn’t just about blocking spam anymore. It’s about blocking malicious messages aimed at infecting computers and stealing credentials. Traditional antivirus scanning isn’t the solution either, because attachments aren’t just executable files you can recognize with a signature. Often, scammers use JavaScript and macros (including PowerShell) to trigger a secondary download with the malicious payload. And embedded links often go to legitimate but compromised sites, so you also can’t rely on site reputation.To read this article in full or to leave a comment, please click here(Insider Story)

InfraKit and Docker Swarm Mode: A Fault-Tolerant and Self-Healing Cluster

Back in October 2016, Docker released Infrakit, an open source toolkit for creating and managing declarative, self-healing infrastructure. This is the second in a two part series that dives more deeply into the internals of InfraKit.

Introduction

In the first installment of this two part series about the internals of InfraKit, we presented InfraKit’s design, architecture, and approach to high availability.  We also discussed how it can be combined with other systems to give distributed computing clusters self-healing and self-managing properties. In this installment, we present an example of leveraging Docker Engine in Swarm Mode to achieve high availability for InfraKit, which in turn enhances the Docker Swarm cluster by making it self-healing.  

Docker Swarm Mode and InfraKit

One of the key architectural features of Docker in Swarm Mode is the manager quorum powered by SwarmKit.  The manager quorum stores information about the cluster, and the consistency of information is achieved through consensus via the Raft consensus algorithm, which is also at the heart of other systems like Etcd. This guide gives an overview of the architecture of Docker Swarm Mode and how the manager quorum maintains the state of the cluster.

One aspect of the cluster state Continue reading

Honeypot catches social engineering scams on social media

Say you just got laid off from your job. Bills are piling up and the pressure to get a new job quickly is building. Your desperation has you taking chances you wouldn’t normally take, such as clicking on a link to a job offer — even if something about it doesn't quite look right.Research firm ZeroFOX has found that unless a company has a verified recruiting account, it can be difficult for an applicant to decipher a legitimate account from an impersonator. One way to spot an impersonator is that they commonly provide Gmail, Yahoo, and other free email provider addresses through which applicants can inquire about a job and send their resumes (more advanced scammers can spoof company email domains). Some also include links to official job sites and LinkedIn for follow-up. In most cases, the impersonator uses the company logo to portray themselves as an official recruiter for the company. To read this article in full or to leave a comment, please click here

Honeypot catches social engineering scams on social media

Say you just got laid off from your job. Bills are piling up and the pressure to get a new job quickly is building. Your desperation has you taking chances you wouldn’t normally take, such as clicking on a link to a job offer — even if something about it doesn't quite look right.Research firm ZeroFOX has found that unless a company has a verified recruiting account, it can be difficult for an applicant to decipher a legitimate account from an impersonator. One way to spot an impersonator is that they commonly provide Gmail, Yahoo, and other free email provider addresses through which applicants can inquire about a job and send their resumes (more advanced scammers can spoof company email domains). Some also include links to official job sites and LinkedIn for follow-up. In most cases, the impersonator uses the company logo to portray themselves as an official recruiter for the company. To read this article in full or to leave a comment, please click here

Q&A: Cisco’s David Ulevitch on Security and the Brain in the Cloud

Cisco's new security chief has ambitions bigger than $2B a year.

A Million Steps With The Garmin Fenix 3

The Garmin Fenix 3 is a GPS fitness tracker with limited smartwatch functionality. I bought it in May 2016 to be my constant companion when I hike, trail run, Crossfit, and sleep. Here’s my review after tracking over a million steps with the device.

TL;DR.

I adore the Fenix 3. The watch was an expensive technology purchase, but I feel the money was well-spent. The Fenix 3 has met or exceeded my expectations in every area. Despite my ardent adoration, the F3 is not perfect.

Folks shopping the Garmin product line should know that there is now a Fenix 5 line out. There was never a Fenix 4. However, I’ve not seen anything in the F5 line that makes me want to upgrade from my F3.

How is the Fenix 3 form factor to live with?

The Fenix 3 is big and bulky. I knew this going in, and so I don’t mind. I especially don’t mind because part of that bulk is due to the battery. However, the bulk does make it difficult to wear under cuffed shirts. The watch stands tall, so if you try buttoning a shirt cuff around the Fenix 3, you’re in for a tight Continue reading

Cisco HyperFlex’s some data center muscle, fuels HCI war

It’s safe to say that the hyperconverged infrastructure (HCI) market has heated up in a big way. In September 2016, Nutanix went public and had a fantastic IPO. Since then, the company’s stock has slid due in part to increased competition from the likes of Dell-EMC, which recently extended its HCI products to private clouds, and HP Enterprise, which acquired SimpliVity earlier this year.To read this article in full or to leave a comment, please click here

Cisco HyperFlex’s some data center muscle, fuels HCI war

It’s safe to say that the hyperconverged infrastructure (HCI) market has heated up in a big way. In September 2016, Nutanix went public and had a fantastic IPO. Since then, the company’s stock has slid due in part to increased competition from the likes of Dell-EMC, which recently extended its HCI products to private clouds, and HP Enterprise, which acquired SimpliVity earlier this year.To read this article in full or to leave a comment, please click here

Time for facility inspections to become digital

Whether your company owns or manages property, inspections are an absolute must to keep everything running smoothly. Inspections keep residents happy and can play a critical role in avoiding unfortunate mishaps.Unfortunately, facility inspections are often held back by outdated, inefficient paper-based forms, or maybe an Excel spreadsheet on a laptop. These slow and plodding processes are not only inefficient, but they fail to leverage the business benefits a robust mobile platform provides.+ Also on Network World: Your digitization success depends on co-creating value with customers + Facility inspections aren’t about slogging through a list of issues and hoping you don’t notice anything amiss. They’re about creating and maintaining best practices to keep facilities in such excellent repair as to minimize labor and maximize output. Instead of putting off inspections to avoid facing the music, the way someone running low on cash puts off checking their bank balance until they’re overdrawn, facility owners and managers should perform regular, diligent, thorough inspections to maximize the value of the inspection practice and maintain quality standards that prevent serious issues.To read this article in full or to leave a comment, please click here

Network Virtualization Helps Achieve Compliance Mandates

Organizations that implement network virtualization are starting to appreciate another advantage: It enables them to achieve compliance.

Worth Reading: Ransomware for Dummies

Among today’s fastest-growing cybercrime epidemics is “ransomware,” malicious software that encrypts your computer files, photos, music and documents and then demands payment in Bitcoin to recover access to the files. A big reason for the steep increase in ransomware attacks in recent years comes from the proliferation of point-and-click tools sold in the cybercrime underground that make it stupid simple for anyone to begin extorting others for money. —Krebs on Security

The post Worth Reading: Ransomware for Dummies appeared first on 'net work.

Salesforce launches custom image recognition as Einstein goes GA

Salesforce is getting into the computer vision business with a new tool designed to let users easily train a custom image recognition system.Einstein Vision, as it’s known, allows users to upload sets of images and classify them in a series of categories. After that, the system will create a recognizer based on machine learning technology that will identify future images fed into it.While Salesforce customers will have to wait a couple weeks before Vision is generally available, the company announced Tuesday that other Einstein features based on machine learning techniques are live.To read this article in full or to leave a comment, please click here

23% off iHome Bluetooth Color Changing Alarm Clock with USB Charging – Deal Alert

Perfect for parties or setting the mood while listening at home, the iBT28 from iHome is a Bluetooth-enabled alarm clock with an adjustable LED cabinet.  Send digital audio wirelessly to iBT28 from your iPad, iPhone, and iPod touch, Android, Blackberry or other Bluetooth-enabled audio device, or play directly via its audio input port. The alarm clock includes two independent alarms allowing you wake to Bluetooth audio, FM radio or buzzer at separate times. The multiple color modes include a glowing sequence, a fast change sequence, a selectable color of your choice, or choose no color at all. Its specially designed Reson8 speaker chamber provides richer, more powerful sound and enhanced bass response. The iBT28 averages 4 out of 5 stars from over 145 people on Amazon, where its typical list price of $45.94 has been reduced 23% to $35.56. See the discounted iBT28 color changing Bluetooth alarm clock from iHome now on Amazon.To read this article in full or to leave a comment, please click here

WikiLeaks’ CIA document dump shows agency can compromise Android, TVs

WikiLeaks has released more than 8,700 documents it says come from the CIA's Center for Cyber Intelligence, with some of the leaks saying the agency had 24 "weaponized" and previously undisclosed exploits for the Android operating system as of 2016.Some of the Android exploits were developed by the CIA, while others came from the U.S. National Security Agency, U.K. intelligence agency GCHQ, and cyber arms dealers, according to the trove of documents released Tuesday. Some smartphone attacks developed by the CIA allow the agency to bypass the encryption in WhatsApp, Confide, and other apps by collecting audio and message traffic before encryption is applied, according to the WikiLeaks analysis.To read this article in full or to leave a comment, please click here

WikiLeaks’ CIA document dump shows agency can compromise Android, TVs

WikiLeaks has released more than 8,700 documents it says come from the CIA's Center for Cyber Intelligence, with some of the leaks saying the agency had 24 "weaponized" and previously undisclosed exploits for the Android operating system as of 2016.Some of the Android exploits were developed by the CIA, while others came from the U.S. National Security Agency, U.K. intelligence agency GCHQ, and cyber arms dealers, according to the trove of documents released Tuesday. Some smartphone attacks developed by the CIA allow the agency to bypass the encryption in WhatsApp, Confide, and other apps by collecting audio and message traffic before encryption is applied, according to the WikiLeaks analysis.To read this article in full or to leave a comment, please click here

Cisco reinforces HyperFlex hyperconvergence system with power, management features

It has been almost a year since Cisco jumped into the hyperconverged arena and while the HyperFlex business has done well – landing 1,100 customers -- the company is expecting a burst of upgrades to significantly speed and simplify management of its HyperFlex systems.+More on Network World: Cisco, Mitel, NEC and others are targeting Avaya’s customers as the networking company goes through Chapter 11 bankruptcy+To read this article in full or to leave a comment, please click here

Cisco reinforces HyperFlex hyperconvergence system with power, management features

It has been almost a year since Cisco jumped into the hyperconverged arena and while the HyperFlex business has done well – landing 1,100 customers -- the company is expecting a burst of upgrades to significantly speed and simplify management of its HyperFlex systems.+More on Network World: Cisco, Mitel, NEC and others are targeting Avaya’s customers as the networking company goes through Chapter 11 bankruptcy+To read this article in full or to leave a comment, please click here

Arista puts itself in a container

The network industry is rarely kind to new entrants, as buyers typically have their favorite vendors and seldom give a passing look to someone new. Names like Woven Networks and Consentry come and go while the tried and true live on. One vendor that has bucked this trend—started fast and stayed fast—is Arista Networks. RELATED: Will containers kill the virtual machine? How has Arista avoided the fate of so many before them? One reason is that it’s able to keep ahead of the innovation curve because of the flexible architecture of its operating system, EOS. The flexibility of its software has also enabled Arista to adopt new silicon faster than the competition without having to build entirely new platforms. To read this article in full or to leave a comment, please click here

Android gets patches for critical OpenSSL, media server and kernel driver flaws

A five-month-old flaw in Android's SSL cryptographic libraries is among the 35 critical vulnerabilities Google fixed in its March security patches for the mobile OS.The first set of patches, known as patch level 2017-03-01, is common to all patched phones and contains fixes for 36 vulnerabilities, 11 of which are rated critical and 15 high. Android vulnerabilities rated critical are those that can be exploited to execute malicious code in the context of a privileged process or the kernel, potentially leading to a full device compromise.One of the patched vulnerabilities is located in the OpenSSL cryptographic library and also affects Google's newer BoringSSL library, which is based on OpenSSL. What's interesting is that the flaw, identified as CVE-2016-2182, was patched in OpenSSL back in September. It can be exploited by forcing the library to process an overly large certificate or certificate revocation list from an untrusted source.To read this article in full or to leave a comment, please click here