Slack bug paved the way for a hack that can steal user access

One bug in Slack, the popular work chat application, was enough for a security researcher to design a hack that could trick users into handing over access to their accounts.Bug bounty hunter Frans Rosen noticed he could steal Slack access tokens to user accounts due to a flaw in the way the application communicates data in an internet browser.“Slack missed an important step when using a technology called postMessage,” Rosen said on Wednesday in an email.  PostMessage is a kind of command that can let separate browser windows communicate with each other. In Slack, it’s used whenever the chat application opens a new window to enable a voice call.To read this article in full or to leave a comment, please click here

Slack bug paved the way for a hack that can steal user access

One bug in Slack, the popular work chat application, was enough for a security researcher to design a hack that could trick users into handing over access to their accounts.Bug bounty hunter Frans Rosen noticed he could steal Slack access tokens to user accounts due to a flaw in the way the application communicates data in an internet browser.“Slack missed an important step when using a technology called postMessage,” Rosen said on Wednesday in an email.  PostMessage is a kind of command that can let separate browser windows communicate with each other. In Slack, it’s used whenever the chat application opens a new window to enable a voice call.To read this article in full or to leave a comment, please click here

Free decryption tools now available for Dharma ransomware

Computer users who have been affected by the Dharma ransomware and have held onto their encrypted files can now restore them for free. Researchers have created decryption tools for this ransomware strain after someone recently leaked the decryption keys.Dharma first appeared in November and is based on an older ransomware program known as Crysis. It's easy to recognize files affected by it because they will have the extension: .[email_address].dharma, where the email address is the one used by the attacker as a point of contact.On Wednesday, a user named gektar published a link to a Pastebin post on the BleepingComputer.com technical support forum. The post, he claimed, contained the decryption keys for all Dharma variants.To read this article in full or to leave a comment, please click here

Free decryption tools now available for Dharma ransomware

Computer users who have been affected by the Dharma ransomware and have held onto their encrypted files can now restore them for free. Researchers have created decryption tools for this ransomware strain after someone recently leaked the decryption keys.Dharma first appeared in November and is based on an older ransomware program known as Crysis. It's easy to recognize files affected by it because they will have the extension: .[email_address].dharma, where the email address is the one used by the attacker as a point of contact.On Wednesday, a user named gektar published a link to a Pastebin post on the BleepingComputer.com technical support forum. The post, he claimed, contained the decryption keys for all Dharma variants.To read this article in full or to leave a comment, please click here

Microsoft, Stanford Researchers Tweak Cloud Economics Framework

Cloud computing makes a lot of sense for a rapidly growing number of larger enterprises and other organizations, and for any number of reasons. The increased application flexibility and agility engendered by creating a pool of shared infrastructure resources, the scalability and the cost efficiencies, are all key drivers in an era of ever-embiggening data.

With public and hybrid cloud environments, companies can offload the integration, deployment and management of the infrastructure to a third party, taking the pressure off their own IT staffs, and in private and hybrid cloud environments, they can keep their most business-critical data securely behind

Microsoft, Stanford Researchers Tweak Cloud Economics Framework was written by Jeffrey Burt at The Next Platform.

IDG Contributor Network: The contact center and CRM collision leads to a new dominant species

Some weeks ago I wrote that CRM and contact center are on a collision course. I argued that as the technologies used in CRM and the contact center will naturally mash up, the vendors of these traditionally distinct technologies will collide.In this post, I will expand upon that idea and talk about the future and a key aspect that will be important to successful synergies: how each domain leverages behaviors.CRM/contact center collision The first post argued that a co-mingling of the technologies used in CRM and the contact center worlds have occurred. This has been more of a lending of functionality. Seldom has true synergy emerged.To read this article in full or to leave a comment, please click here

52% off Logitech Bluetooth Multi-Device Keyboard – Deal Alert

Here's a Bluetooth keyboard for your computer that you can also use with your tablet and smartphone -- switch between all three effortlessly by just turning the dial. And unlike other Bluetooth keyboards, Logitech has integrated a cradle so your device stays propped up at just the right angle as you type. Works with Windows or Mac, Android or iOS, and features a key layout you'll be familiar with on any of those platforms. Logitech's multi-device keyboard currently averages 4 out of 5 stars from over 1,350 people (read reviews) on Amazon, where its typical list price of $49.99 has been recently dropped 52% to just $23.99.  See this deal now on Amazon.To read this article in full or to leave a comment, please click here

Full text of Amazon’s post-mortem from its S3 cloud brownout

As is customary after a major service disruption, Amazon Web Services today released a post-mortem explaining why its Simple Storage Service experienced elevated error rates, causing many sites across the Internet to slow down or stop working on Tuesday.+MORE AT NETWORK WORLD: 5 Lessons from the AWS S3 outage and how to insulate yourself from the next one | Half of the top 100 retail websites had slow load times during the S3 outage, vendor finds +To read this article in full or to leave a comment, please click here

On the ‘net: LinkedIn’s DC Design Principles


Operating a large-scale, rapidly growing network requires a philosophical change in how you plan, deploy, and operate your infrastructure. At LinkedIn, as we scaled our data center network, it became evident that we needed to provision and build networks not only as quickly as possible, but also with the most simple and minimalistic approaches possible — something that previously was not quite apparent to us. Adding a new component, a new feature, or a new service without any traffic loss or architectural change is challenging. —Network Computing

The post On the ‘net: LinkedIn’s DC Design Principles appeared first on 'net work.

Server Makers Try To Adapt To A Harsher Climate

So, who was the biggest revenue generator, and showing the largest growth in sales, for servers in the final quarter of 2016? Was it Hewlett Packard Enterprise? Was it Dell Technologies? Was it IBM or Cisco Systems or one of the ODMs? Nope. It was the Others category comprised of dozens of vendors that sit outside of the top tier OEMs we know by name and the collective ODMs of the world who some of us know by name.

This is a sign that the server ecosystem is getting more diverse under pressure as the technical and economic climate changes

Server Makers Try To Adapt To A Harsher Climate was written by Timothy Prickett Morgan at The Next Platform.

Cisco expands Docker partnership, rolls Contiv open source container networking software

Cisco and Docker today announced an expanded partnership that will see further integration of container management software from Docker with infrastructure equipment.Cisco also released a 1.0 version of an open source container networking project named Contiv.+More on Network World: 5 Lessons from Amazon’s S3 Cloud blunder – and how to protect yourself from the next one +The integration of Cisco hardware with Docker software is codified through new Cisco Validated Designs (CVD). One CVD includes a Cisco UCS deployment pre-integrated to support Docker Datacenter, a container management platform that includes the Docker runtime Engine, a Trusted Registry and a Universal Control Plane. Cisco announced another CVD that includes its FlexPod hyperconverged infrastructure with NetApp storage and support for Docker software.To read this article in full or to leave a comment, please click here

Understanding Windows 10’s Unified Update Platform

The Unified Update Platform (UUP) was introduced to the Windows 10 Insider Preview with Build 14986 on December 11, 2016. It changes how Windows Update works in a profound and interesting way. This is explained in some detail in a Windows Insider blog post entitled "Introducing Unified Update Platform (UUP)" that posted on November 3, 2016, so I'll just hit some high points here. The original post is well worth a read, if you're into the nitty-gritty details.To read this article in full or to leave a comment, please click here(Insider Story)

How to format an SD card in Linux

As I was working on a tutorial about installing Raspbian on Raspberry Pi 3, I realized that I had to format the Micro SD card with fat32 partition. Another tutorial was in order!Since different desktop environments use different tools to perform the same task, I resorted to one method that can be consistent across desktop environments: command line.So here is how you format an SD card, USB drive or Micro SD card with fat32 file system from the command line in Linux.RELATED: 11 pointless but awesome Linux terminal tricks 1. Plug in your removable flash drive and run the ‘lsblk’ command to identify the device.To read this article in full or to leave a comment, please click here

‘Paging Dr. VT320, paging Dr. VT320’

 Writes a contributor to Reddit’s section devoted to all things “mildly interesting:”“This is the computer (pictured above) which controls the paging system at the hospital where I work.”The audience found this much more than mildly interesting, as the post attracted more than 500 comments and 13,000 up-votes.The comments were split between those who see a disaster in the making:“You may find it funny, but aging hardware and obsolete systems plague medical facilities, and when those critical old pieces fail, it costs the facility many times more capital and labor power to restore critical systems, and risks patient health and safety.”To read this article in full or to leave a comment, please click here

‘Paging Dr. VT320, paging Dr. VT320’

 Writes a contributor to Reddit’s section devoted to all things “mildly interesting:”“This is the computer (pictured above) which controls the paging system at the hospital where I work.”The audience found this much more than mildly interesting, as the post attracted more than 500 comments and 13,000 up-votes.The comments were split between those who see a disaster in the making:“You may find it funny, but aging hardware and obsolete systems plague medical facilities, and when those critical old pieces fail, it costs the facility many times more capital and labor power to restore critical systems, and risks patient health and safety.”To read this article in full or to leave a comment, please click here

HPE refocuses tech services group on cloud, big data

Hewlett Packard Enterprise has revamped its existing technology services unit to focus on helping customers adopt emerging technologies, including cloud computing, the internet of things, and big data.HPE's new Pointnext technology services division, announced Thursday, is designed to help businesses speed up their adoption of several technologies, also including hybrid IT services and analytics, the company said. HPE announced the rebranded services unit with an "unboxing" video.To read this article in full or to leave a comment, please click here

1 2,259 2,260 2,261 2,262 2,263 3,841