IDG Contributor Network: Recent Amazon outage highlights need for cloud automation

As most internet users are aware, last week Amazon faced one of its largest service outages since the launch of Amazon Web Services (AWS). The list of disrupted businesses read like a dire who's who of the internet, from Netflix to Pinterest to Airbnb. The cause of the AWS S3 outage appears to be a fat-finger typo by an authorized Amazon system administrator who was troubleshooting an unrelated problem.It happens, and it happens often.According to research from Ponemon Institute in 2016, at least 22 percent of data center outages each year are caused by human error. Outages have far-ranging impacts, from business disruption and lost revenue, to end user productivity. The average cost of an outage has increased by 38 percent since 2010 from $505,502 to $740,357 in 2016.To read this article in full or to leave a comment, please click here

Review: QNAP TVS-882T NAS piles on the features

We’ve seen a steady flow of multifunction NAS boxes over the years. What began as relatively straightforward uses of Linux software RAID and mildly customized hardware has blossomed into a crop of multifaceted appliances that sport a full-on rampage of capabilities. In some cases, the NAS functionality may be one of the more minor considerations. QNAP’s TVS-882T is a prime example of this new class of NAS.To read this article in full or to leave a comment, please click here(Insider Story)

Review: QNAP TVS-882T NAS piles on the features

We’ve seen a steady flow of multifunction NAS boxes over the years. What began as relatively straightforward uses of Linux software RAID and mildly customized hardware has blossomed into a crop of multifaceted appliances that sport a full-on rampage of capabilities. In some cases, the NAS functionality may be one of the more minor considerations. QNAP’s TVS-882T is a prime example of this new class of NAS.To read this article in full or to leave a comment, please click here(Insider Story)

Google machine learning gains Kaggle and more

Google has already carved out a niche for itself in machine learning with projects like TensorFlow and Google Brain. Now, it's adding data science provider Kaggle, which runs contests related to machine learning and provides services for data discovery and analysis, to the fold. The company also is moving ahead with other machine learning projects, including an API providing intelligence for video.To read this article in full or to leave a comment, please click here

Profiling 10 types of hackers

Different shapes and sizesImage by ThinkstockHackers, like the attacks they perpetrate, come in many forms, with motivations that range from monetary to political to ethical. Understanding the different types of hackers that exist and what motivates them can help you to identify the attackers you are most susceptible to and properly defend yourself and your organization against cyberattacks. Travis Farral, director of security strategy at Anomali, outlines the top 10 types of hackers you should have on your radar.To read this article in full or to leave a comment, please click here

Profiling 10 types of hackers

Different shapes and sizesImage by ThinkstockHackers, like the attacks they perpetrate, come in many forms, with motivations that range from monetary to political to ethical. Understanding the different types of hackers that exist and what motivates them can help you to identify the attackers you are most susceptible to and properly defend yourself and your organization against cyberattacks. Travis Farral, director of security strategy at Anomali, outlines the top 10 types of hackers you should have on your radar.To read this article in full or to leave a comment, please click here

Bots: Biggest player on the cybercrime block

In the world of cybercrime, ransomware and DDoS attacks had the highest profile by far during the past year. There was an entire day devoted to a ransomware “summit” at the recent RSA conference in San Francisco.But when it comes to money being lost (and made), bot fraud is king – by a lot.Most estimates of losses in the US from ransomware during 2016 were in the $1 billion range. By contrast, a study published in January 2016 by White Ops and the Association of National Advertisers (ANA) titled “Bot Baseline: Fraud in Digital Advertising,” estimated global losses in 2016 would be $7.2 billion.To read this article in full or to leave a comment, please click here

Bots: Biggest player on the cybercrime block

In the world of cybercrime, ransomware and DDoS attacks had the highest profile by far during the past year. There was an entire day devoted to a ransomware “summit” at the recent RSA conference in San Francisco.But when it comes to money being lost (and made), bot fraud is king – by a lot.Most estimates of losses in the US from ransomware during 2016 were in the $1 billion range. By contrast, a study published in January 2016 by White Ops and the Association of National Advertisers (ANA) titled “Bot Baseline: Fraud in Digital Advertising,” estimated global losses in 2016 would be $7.2 billion.To read this article in full or to leave a comment, please click here

Darktrace finds more attacks, cuts response time, saves money for Blackhawk Network

Blackhawk Network, a $1.9 billion multinational in the prepaid-card industry, was undergoing a consolidation of its security architecture in an effort to give better visibility into threats as they unfolded and that would also adapt to the threat environment as attackers changed their strategies. That included hiring a new head of cyber defense, Vari Bindra, in December of 2015, who wanted to create a central security operations center and consolidate the company’s varied data centers down to just two. As he set out on that mission, he came across the Enterprise Immune System made by Darktrace that uses machine learning to detect threats, including those it has never seen before.To read this article in full or to leave a comment, please click here

Darktrace finds more attacks, cuts response time, saves money for Blackhawk Network

Blackhawk Network, a $1.9 billion multinational in the prepaid-card industry, was undergoing a consolidation of its security architecture in an effort to give better visibility into threats as they unfolded and that would also adapt to the threat environment as attackers changed their strategies. That included hiring a new head of cyber defense, Vari Bindra, in December of 2015, who wanted to create a central security operations center and consolidate the company’s varied data centers down to just two. As he set out on that mission, he came across the Enterprise Immune System made by Darktrace that uses machine learning to detect threats, including those it has never seen before.To read this article in full or to leave a comment, please click here

DevOps Equals Happiness

Research has shown that organizations heading toward DevOps maturity have employees who report they are more engaged and happier with their work. In this episode of Talking DevOps, Josh Atwell, Developer Advocate for NetApp SolidFire, explores how DevOps can connect workers more directly to business outcomes, leading to increased job and customer satisfaction.

Hackers exploit Apache Struts vulnerability to compromise corporate web servers

Attackers are widely exploiting a recently patched vulnerability in Apache Struts that allows them to remotely execute malicious code on web servers.Apache Struts is an open-source web development framework for Java web applications. It's widely used to build corporate websites in sectors including education, government, financial services, retail and media.On Monday, the Apache Struts developers fixed a high-impact vulnerability in the framework's Jakarta Multipart parser. Hours later, an exploit for the flaw appeared on Chinese-language websites and this was almost immediately followed by real-world attacks, according to researchers from Cisco Systems.To read this article in full or to leave a comment, please click here

Hackers exploit Apache Struts vulnerability to compromise corporate web servers

Attackers are widely exploiting a recently patched vulnerability in Apache Struts that allows them to remotely execute malicious code on web servers.Apache Struts is an open-source web development framework for Java web applications. It's widely used to build corporate websites in sectors including education, government, financial services, retail and media.On Monday, the Apache Struts developers fixed a high-impact vulnerability in the framework's Jakarta Multipart parser. Hours later, an exploit for the flaw appeared on Chinese-language websites and this was almost immediately followed by real-world attacks, according to researchers from Cisco Systems.To read this article in full or to leave a comment, please click here

Some notes on the RAND 0day report

The RAND Corporation has a research report on the 0day market [ * ]. It's pretty good. They've got the pricing about right ($1 million for full chain iPhone exploit, but closer to $100k for others). They've got the stats about right (5% chance somebody else will discover an exploit). Yet, they've got some problems, namely phrasing the debate as activists want, rather than a neutral view of the debate.

The report frequently uses the word "stockpile". This is a biased term used by activists. According to the dictionary, it means:
a large accumulated stock of goods or materials, especially one held in reserve for use at a time of shortage or other emergency.
Activists paint the picture that the government (NSA, CIA, DoD, FBI) buys 0day to hold in reserve in case they later need them. If that's the case, then it seems reasonable that it's better to disclose/patch the vuln then let it grow moldy in a cyberwarehouse somewhere.

But that's not how things work. The government buys vulns it has immediate use for (primarily). Almost all vulns it buys are used within 6 months. Most vulns in its "stockpile" have been used in the previous year. These Continue reading

Robot Framework User Guide. Bootstrapped

Eight years ago when I graduated from the University my first job title was a QA Engineer. Lots have been changed since then, but these days I am once again facing some QA tasks. Gladly this time we are talking Test Automation. In particular my team mates and myself are going to develop a set

An Early Look at Startup Graphcore’s Deep Learning Chip

As a thought exercise, let’s consider neural networks as massive graphs and begin considering the CPU as a passive slave to some higher order processor—one that can sling itself across multiple points on an ever-expanding network of connections feeding into itself, training, inferencing, and splitting off into multiple models on the same architecture.

Plenty of technical naysay can happen in this concept, of course, and only a slice of it has to do with algorithmic complexity. For one, memory bandwidth is pushed to limit even on specialized devices like GPUs and FPGAs—at least for a neural net problem. And second,

An Early Look at Startup Graphcore’s Deep Learning Chip was written by Nicole Hemsoth at The Next Platform.

WikiLeaks looks at helping tech vendors disarm CIA hacking tools

WikiLeaks has attracted plenty of haters over its controversial disclosures. But the site may be in a unique position to help tech vendors better secure their products.That’s because WikiLeaks has published secret hacking tools allegedly taken from the CIA, which appear to target smartphones, smart TVs and PCs.Companies including Apple and Cisco have been looking through the stolen documents to address any vulnerabilities the CIA may have exploited. However, WikiLeaks might be able to speed up and expand the whole process.To read this article in full or to leave a comment, please click here

WikiLeaks looks at helping tech vendors disarm CIA hacking tools

WikiLeaks has attracted plenty of haters over its controversial disclosures. But the site may be in a unique position to help tech vendors better secure their products.That’s because WikiLeaks has published secret hacking tools allegedly taken from the CIA, which appear to target smartphones, smart TVs and PCs.Companies including Apple and Cisco have been looking through the stolen documents to address any vulnerabilities the CIA may have exploited. However, WikiLeaks might be able to speed up and expand the whole process.To read this article in full or to leave a comment, please click here

1 2,233 2,234 2,235 2,236 2,237 3,832