Microsoft says tech companies need to protect and not to help attack customers

No Microsoft patches today, but have you looked at your Office 365 Secure Score? It is one step Microsoft has taken to help customer mitigate risks. And at RSA, the company called on tech companies to be a “neutral Digital Switzerland” and to be committed to “100 percent defense and zero percent offense.”No patches on February Patch TuesdayMicrosoft opted not to release patches on Valentine’s Day, which should have been Patch Tuesday.The “delay” was announced by MSRC: Our top priority is to provide the best possible experience for customers in maintaining and protecting their systems. This month, we discovered a last minute issue that could impact some customers and was not resolved in time for our planned updates today.To read this article in full or to leave a comment, please click here

Toshiba’s in chaos, but not quitting PCs — yet

Toshiba is more than a laptop maker, but the vast Japanese conglomerate shrunk on Tuesday under a wave of bad news.In one day, the company lost its chairman, said it will stop building nuclear power plants, wrote off about US$6.2 billion relating to that business, and postponed its fourth-quarter earnings report for a month.Its financial problems were no secret: Two weeks ago, it revealed plans to sell stakes in its memory chip and SSD businesses to cover the nuclear write-offs.Last June, it sold an 80 percent stake in its domestic appliances business, Toshiba Lifestyle, for $450 million. Before that sale, it had been planning to develop a series of smart appliances that could link up with its TVs and PCs.To read this article in full or to leave a comment, please click here

On the ‘net: I2RS Architecture

The last post on the topic of interface to the routing system (I2RS) discussed use cases; this one will provide an overview of the I2RS architecture, and then consider some challenges in the neighborhood of I2RS. —ECI

The post On the ‘net: I2RS Architecture appeared first on 'net work.

Comcast Works on Virtualizing the Cable Modem Termination System

A virtual CMTS would affect the hardware businesses of some big vendors.

Intel ships latest Itanium chip called Kittson, but grim future looms

Intel's Itanium chip is hanging by a thread, and after more than three years, the company is now shipping the next and possibly final version of the processor, which is code-named Kittson.The chip is now shipping to test customers, and volume shipments will commence later this year, a company spokesman said.Itanium chips have been used in mainframes and mission-critical servers. Hewlett Packard Enterprise will ship servers with Kittson later this year.Itanium has been dying a slow and painful death, and Kittson will likely be the end of the line. Support for the chip has been dwindling, and software development has stalled.Intel may be happy to see Itanium sink as it looks to drop irrelevant products in its pursuit of profitable markets. Intel has been openly lobbying customers to switch from Itanium to x86-based Xeon chips, which commands a server chip market share of more than 90 percent.To read this article in full or to leave a comment, please click here

Russian cyberspies blamed for US election hacks are now targeting Macs

Security researchers have discovered a macOS malware program that's likely part of the arsenal used by the Russian cyberespionage group blamed for hacking into the U.S. Democratic National Committee last year.The group, which is known in the security industry under different names, including Fancy Bear, Pawn Storm, and APT28, has been operating for almost a decade. It is believed to be the sole user and likely developer of a Trojan program called Sofacy or X-Agent.X-Agent variants for Windows, Linux, Android, and iOS have been found in the wild in the past, but researchers from Bitdefender have now come across what appears to be the first macOS version of the Trojan.To read this article in full or to leave a comment, please click here

Russian cyberspies blamed for US election hacks are now targeting Macs

Security researchers have discovered a macOS malware program that's likely part of the arsenal used by the Russian cyberespionage group blamed for hacking into the U.S. Democratic National Committee last year.The group, which is known in the security industry under different names, including Fancy Bear, Pawn Storm, and APT28, has been operating for almost a decade. It is believed to be the sole user and likely developer of a Trojan program called Sofacy or X-Agent.X-Agent variants for Windows, Linux, Android, and iOS have been found in the wild in the past, but researchers from Bitdefender have now come across what appears to be the first macOS version of the Trojan.To read this article in full or to leave a comment, please click here

Want to see your DNS analytics? We have a Grafana plugin for that

Curious where your DNS traffic is coming from, how much DNS traffic is on your domain, and what records people are querying for that don’t exist? We now have a Grafana plugin for you.

Grafana is an open source data visualization tool that you can use to integrate data from many sources into one cohesive dashboard, and even use it to set up alerts. We’re big Grafana fans here - we use Grafana internally for our ops metrics dashboards.

In the Cloudflare Grafana plugin, you can see the response code breakdown of your DNS traffic. During a random prefix flood, a common type of DNS DDoS attack where an attacker queries random subdomains to bypass DNS caches and overwhelm the origin nameservers, you will see the number of NXDOMAIN responses increase dramatically. It is also common during normal traffic to have a small amount of negative answers due to typos or clients searching for missing records.

You can also see the breakdown of queries by data center and by query type to understand where your traffic is coming from and what your domains are being queried for. This is very useful to identify localized issues, and to see how your Continue reading

Forward Networks – A forward approach to formal verification

Forward Networks has stepped out of the shadows to announce their Network Assurance platform, and I was fortunate enough to be a delegate for Networking Field Day 13 to see their first public briefing. We were all excited to set foot onto the Andressen Horowitz campus that day, but none of us were quite sure what exactly to expect.

Forward Networks was founded by David Erickson and Brandon Heller, PhD in Computer Science from Stanford University, who saw the great need for help in the networking market and decided to tackle a challenge that no one else recognized. They worked in Nick McKeown’s Lab at Stanford University back in 2006 before SDN was ever put on a Networking Bingo card, let alone even heard of. They helped create the standards and shape OpenFlow as it came into existence. Working on bleeding edge SDN networks they realized that the tools network engineers were dealing with were wholly insufficient to troubleshoot many advanced and complicated networks.

In 2013 they founded Forward networks with the goal of understanding how networks work at the functional level. They’ve written an algorithm that can take in large amounts of data from your devices and build a Continue reading

9 Security Startups Worth Watching In 2017

Legacy security products are not keeping up.

IDG Contributor Network: Komprise scoops up $12M upon general availability of its data management platform

It's been a year or so since I last caught up with Komprise, the data management vendor that was founded by Krishna Subramanian, a well-respected Silicon Valley veteran who has successfully founded, built, merged and acquired businesses -- both as founder/CEO of a startup backed by tier-one VCs and as corporate development leader at Sun.Her previous startup, Kaviza, was focused on eliminating the cost and complexity of my personal pet hate, virtual desktops, and -- notwithstanding my distaste for the space -- was acquired by Citrix in 2011. Subramanian then did her obligatory two years of duty within Citrix before embarking on her new thing.To read this article in full or to leave a comment, please click here

Juniper Enlists Partners for Software-Defined Secure Networks

The network is your security tool. Sound familiar?

Why tech companies are uniting to fight Trump’s immigration ban

In less than a month since being sworn in as the 45th President of the United States, Donald Trump has struck an emotional chord with tech companies, generating an unparalleled unifying force of opposition. The Trump administration’s executive order banning all people from seven predominantly Muslim countries from the entering the United States has created a rift between political and business interests, and one that many technology leaders consider a threat to their very existence.A group of 127 technology companies last week filed an official friend-of-the-court brief in the lawsuits opposing the administration’s executive order in Minnesota and Washington. Apple, Facebook, Google, LinkedIn, Microsoft, Snap and Twitter are all on board, but there are some conspicuous absences. Enterprise leaders IBM and Oracle haven’t joined the effort and all of the major telecom and cable providers have held out thus far as well. Amazon was asked not to join the filing because it’s a witness in the original lawsuit, according to Mashable.To read this article in full or to leave a comment, please click here

Google’s new cloud service is a unique take on a database

Google has turned a database service that it uses to run some of its mission-critical products into an offering for its public cloud customers.On Tuesday, the company launched Cloud Spanner, a new, fully managed database that’s supposed to provide the transactional consistency of a traditional database plus the scalability and performance of a NoSQL database. It’s based on the same systems that run the company’s own Spanner database internally.Usually, businesses have to pick either a traditional or a NoSQL database, and each comes with particular trade-offs. Traditional databases provide better transactional consistency, but can be hard to scale. NoSQL databases are better at scaling but sacrifice consistency.To read this article in full or to leave a comment, please click here

Sponsored Post: Aerospike, GoCardless, Auth0, InnoGames, Contentful, Stream, Scalyr, VividCortex, MemSQL, InMemory.Net, Zohocorp

Who's Hiring?

Worth Reading: A Field Guide to Internet Governance in 2017

The global debate on Internet Governance has come a long way since 2005. In the 12 years following the World Summit on the Information Society (WSIS) in Tunis, governments have paid more attention than ever to policies that can promote economic development, security, and innovation. You may not have felt the progress, however; if it is hard to see a reduction in the confusion and “soup of forums” described on this site nearly six years ago, this is because as we have made progress, the scope of the issues addressed have increased to match. On the spectrum between a sprint and a marathon, Internet Governance may have become the Self-Transcendence 3100 Mile Race. —CircleID

The post Worth Reading: A Field Guide to Internet Governance in 2017 appeared first on 'net work.

IDG Contributor Network: Accelerating digital transformation using the Medici Effect

The King Abdullah University of Science and Technology, known as KAUST, is a fascinating place. A literal and figurative oasis about an hour north of Jeddah, Saudi Arabia, KAUST is a tier-one research university with a mission to inspire discoveries that address global challenges and to serve as a beacon of knowledge that bridges people and cultures for the betterment of humanity.Last week, KAUST brought together nearly 100 leaders from industry, government, education and other research institutions to help it craft its forward-looking IT strategy. But more than just helping craft their strategy, this summit proved to be a model for executing a digital transformation.To read this article in full or to leave a comment, please click here

Wireless charging for iPhones & iPads might finally be coming together for Apple

Apple joining the Wireless Power Consortium in advance of the group's conference this week in London, combined with new research out of MIT designed to safeguard wireless charging, has to be encouraging news for iPhone and iPad users tired of being tethered.Apple showing up on the Wireless Power Consortium's member list took place without any fanfare from the vendor itself, but the revelation did add strength to analyst claims that wireless charging could be coming to the iPhone 8 (or iPhone X) and other new Apple smartphones this year.To read this article in full or to leave a comment, please click here

Microsoft’s president wants a Geneva Convention for cyberwar

Microsoft is calling for a Digital Geneva Convention, as global tensions over digital attacks continue to rise. The tech giant wants to see civilian use of the internet protected as part of an international set of accords, Brad Smith, the company’s president and chief legal officer, said in a blog post. The manifesto, published alongside his keynote address at the RSA conference in San Francisco on Tuesday, argued for codifying recent international norms around cyberwarfare and for establishing an independent agency to respond to and analyze cyberattacks.To read this article in full or to leave a comment, please click here

Microsoft’s president wants a Geneva Convention for cyberwar

Microsoft is calling for a Digital Geneva Convention, as global tensions over digital attacks continue to rise. The tech giant wants to see civilian use of the internet protected as part of an international set of accords, Brad Smith, the company’s president and chief legal officer, said in a blog post. The manifesto, published alongside his keynote address at the RSA conference in San Francisco on Tuesday, argued for codifying recent international norms around cyberwarfare and for establishing an independent agency to respond to and analyze cyberattacks.To read this article in full or to leave a comment, please click here