NetworkingNexus.net

DDoS-for-hire services thrive despite closure of major marketplace

The closure of a major online marketplace for paid distributed denial-of-service attacks appears to have done little to slow down the illegal activity.In late October, HackForums.net shut down its "Server Stress Testing" section, amid concerns that hackers were peddling DDoS-for-hire services through the site for as little as US$10 a month.According to security experts, the section was the largest open marketplace for paid DDoS attacks -- a notorious hacking technique that can disrupt access to internet services or websites. But since the section's closure, the attacks remain rampant.To read this article in full or to leave a comment, please click here

containerd livestream recap

In case you missed it last month, we announced that Docker is extracting a key component of its container platform, a part of the engine plumbing called containerd – a core container runtime – and committed to donating it to an open foundation.

You can find up-to-date roadmap, architecture and API definitions in the Github repository, and more details about the project in our engineering team’s blog post.

You can also watch the following video recording of the containerd online meetup, for a summary and Q&A with Arnaud Porterie, Michael Crosby, Stephen Day, Patrick Chanezon and Solomon Hykes from the Docker team:

Here is the list of top questions we got following this announcement:

Q. Are you planning to run docker without runC ?

A. Although runC is the default runtime, as of Docker 1.12, it can be replaced by any other OCI-compliant implementation. Docker will be compliant with the OCI Runtime Specification

Q. What major changes are on the roadmap for swarmkit to run on containerd if any?

A. SwarmKit is using Docker Engine to orchestrate tasks, and Docker Engine is already using containerd for container execution. So technically, you are already using Continue reading

Worth Reading: Before you pay that ransom…

A decade ago, if a desktop computer got infected with malware the chief symptom probably was an intrusive browser toolbar of some kind. Five years ago you were more likely to get whacked by a banking trojan that stole all your passwords and credit card numbers. These days if your mobile or desktop computer is infected what gets installed is likely to be “ransomware” — malicious software that locks your most prized documents, songs and pictures with strong encryption and then requires you to pay for a key to unlock the files. —Krebs on Security

The post Worth Reading: Before you pay that ransom… appeared first on 'net work.

Toshiba expands recall of laptop battery packs by 83,000 due to burn/fire risk

The U.S. Consumer Product Safety Commission has issued an alert that Toshiba on Wednesday has greatly expanded its recall of laptop computer battery packs due to burn and fire hazards.More specifically, these are Panasonic lithium-ion battery packs that have been found susceptible to overheating in 41 models of the Toshiba Satellite laptop, which runs Windows. The firm has received five reports of the battery pack overheating and melting, including one additional report since the first recall announcement; no injuries have been reported.MORE: Samsung Note7's phenomenal flame-out timelineTo read this article in full or to leave a comment, please click here

56% off 299-Piece All-Purpose First Aid Kit – Deal Alert

This full-fledged, easy-to-tote first aid softpack is designed to save time and frustration in the midst of an emergency. It's compact and portable, but contains 299 physician-recommended supplies. Among the items neatly organized inside the zippered kit is a first aid guide, vinyl gloves, bandages, cold compress, gauze pads, trauma pad, cotton-tipped applicators, first aid tape roll, antiseptics and all three common OTC pain medications. The kit is currently a #1 best seller on Amazon, averages 4.5 out of 5 stars from over 280 customers, and its typical list price of $26.74 has been reduced 56% to just $11.69. Click over to Amazon to see this deal.To read this article in full or to leave a comment, please click here

AT&T Outlines 5G Goals, Surpasses 2016 Virtualization Goal

The carrier has virtualized 34% of its network.

Intel Launches GO to Accelerate Autonomous Driving

A 40-car BMW fleet is on its way.

PC shipments predicted to return to growth in 2018 after six-year skid

Apple CEO Tim Cook declared the PC dead in a famous 2015 interview. Apparently, he's wrong, and the PC market will live another day.Gartner is projecting annual PC shipments to return to growth in 2018, ending a historic skid that started in 2012, the year Microsoft released Windows 8.The growth in 2018 will be minor. Gartner is projecting shipments of laptops, hybrids, and desktops to be around 272 million in 2018, growing from 266 million in 2017. PC shipments in 2016 were 268 million, according to the research firm.There were a few bright spots in the PC market over the last few years, including the fourth quarter of 2014, when Gartner said shipments grew by 1 percent. But on an annual basis, PC shipments have been dropping and hit double-digit declines in 2015, the year Microsoft released Windows 10.To read this article in full or to leave a comment, please click here

Hottest products from CES 2017

Get your Gadget On!Image by IDG / Network WorldIt's time once again for the International CES, the world's largest consumer electronics trade show. Thousands of people will flock to Las Vegas to see the latest gizmos, gadgets, TVs, computers, smartphones, robots and other devices meant to make our lives easier. Here's a sneak peek at some of the products on display at the show.To read this article in full or to leave a comment, please click here

The Back Door Feature Problem

In Don’t Forget to Lock the Back Door! A Characterization of IPv6 Network Security Policy, the authors ran an experiment that tested for open ports in IPv4 and IPv6 across a wide swath of the network. What they discovered was interesting—

IPv6 is more open than IPv4. A given IPv6 port is nearly always more open than the same port is in IPv4. In particular, routers are twice as reachable over IPv6 for SSH, Telnet, SNMP, and BGP. While openness on IPv6 is not as severe for servers, we still find thousands of hosts open that are only open over IPv6.

This result really, on reflection, should not be all that surprising. There are probably thousands of networks in the world with “unintentional” deployments of IPv6. The vendor has shipped new products with IPv6 enabled by default, because one large customer has demanded it. Customers who have not even thought about deploying IPv6, however, end up with an unprotected attack surface.

The obvious solution to this problem is—deploy IPv6 intentionally, including security, and these problems will likely go away.

But the obvious solution, as obvious as it might be, is only one step in the right direction. Instead of just Continue reading

State of DNSSEC Deployment 2016 report shows over 89% of top-level domains signed

Did you know that 89% of top-level domains are now signed with DNSSEC? Or that over 88% of .GOV domains and over 50% of .CZ domains are signed? Were you aware that over 103,000 domains use DANE and DNSSEC to provide a higher level of security for email? Or that 80% of clients request DNSSEC signature records in DNS queries?

All these facts and much more are available in our new State of DNSSEC Deployment 2016 report.

Dan York

How is Writing Lord of the Rings Like Writing Software?

Have you ever read a book and wondered how any human could have written something so brilliant? For me it was Lord of the Rings. I despaired that in a hundred lifetimes I could never write a book so rich, so deep, so beautiful. Since then I've learned a few things about about how LoTr was created that has made me reconsider. The kick-in-the-head is that it's the same lesson I learned long ago about writing software.

I've always been amazed how a program can start as a single source file and after years of continued effort turn into a working system that is so large no human can come close to understanding it. If you had tried from the start to build the system you ended up with you would have never ever got there. That's just not how it works. Software is path dependent.

I've experienced this growth from a single cell to a Cambrian explosion many times so I know it's a thing. What I hadn't considered is how it's also a thing for writing books too.

Creating good software is a process of evolution through the mechanism of constant iteration for the purpose of survival. Continue reading

AWS touts new enterprise workload magnet

Amazon Web Services recently announced a new Managed Services product for its public cloud that aims to ease migration of legacy enterprise applications to that cloud.AWS Managed Services is a series of infrastructure operations management tools meant to provide ongoing management, support, monitoring and security of an AWS cloud environment. It’s delivered jointly by AWS employees and certified AWS partners and is meant to serve AWS’s largest clients who are planning to migrate workloads to Amazon’s public cloud.+MORE AT NETWORK WORLD: 10 Must-watch IaaS cloud trends for 2017 | Why Azure’s chief believes Microsoft is in prime position in IaaS +To read this article in full or to leave a comment, please click here

HTTPS scanning in Kaspersky antivirus exposed users to MITM attacks

Security vendor Kaspersky Lab has updated its antivirus products to fix an issue that exposed users to traffic interception attacks.The problem was found by Google vulnerability researcher Tavis Ormandy in the SSL/TLS traffic inspection feature that Kaspersky Anti-Virus uses to detect potential threats hidden inside encrypted connections.Like other endpoint security products, Kaspersky Anti-Virus installs a self-signed root CA certificate on computers and uses it to issue "leaf," or interception, certificates for all HTTPS-enabled websites accessed by users. This allows the product to decrypt and then re-encrypt connections between local browsers and remote servers.To read this article in full or to leave a comment, please click here

HTTPS scanning in Kaspersky antivirus exposed users to MITM attacks

IDG Contributor Network: Enterprise software: A look forward to 2017

I spend a reasonable amount of time formally or informally consulting to large organizations about their technology choices. These engagements can be as simple as a quick discussion over a coffee or a long-term consulting gig. In either case, vendors seek to leverage the fact that, as an independent observer of the technology space, I can give a broader take on what is going on and what that means for their particular technology requirements.Often technology practitioners within a large organization simply don’t have the time or bandwidth to look broadly, and while they may be deeply aware of what their own particular technology supplier does, they lack a more industry-wide perspective.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Kuzzle wants to productize consulting firm development services

The Consumer Electronics Show (CES) is usually used to launch new hardware—from laptops to mobile phones, from Wi-Fi routers to connected toasters.One thing it doesn’t see much of is the launch of software products. But that is what we’re seeing today with the launch of Kuzzle, a new backend platform that sees itself as the route to “seamless software development across all devices, services and platforms.”That’s a pretty lofty claim (OK, a very lofty one), especially since Kuzzle goes up against a range of tools: Salesforce’s platform, pure mobile backend as a service (MBaaS) solutions like Kinvey, as well as mobile development platforms. So, what is Kuzzle about, and what gives it the confidence to claim differentiation?To read this article in full or to leave a comment, please click here

Worth Reading: The Wandera Report

The Wandera 2017 Mobile Leak Report, a global analysis of almost 4 billion requests across hundreds of thousands of corporate devices, found more than 200 mobile websites and apps leaking personally identifiable information across a range of categories – including those that are essential for work. —The Internet Society

The post Worth Reading: The Wandera Report appeared first on 'net work.

TCL targets Apple, Samsung with new BlackBerry handset

TCL Communication has big plans for BlackBerry, even though it's a brand that's been written off by many.The China-based electronics company recently acquired rights to design, manufacture and sell smartphones under the BlackBerry name with BlackBerry's security and service software installed. The deal puts TCL in the driver's seat on hardware and the first phone under the new deal was previewed on Wednesday.While still in the final stages of development, the new handset sports the physical keyboard that propelled BlackBerry to the top of the smartphone market in the 2000s and is the first to combine that keyboard with the Android operating system.To read this article in full or to leave a comment, please click here

TCL targets Apple, Samsung with new BlackBerry handset

« Previous 1 … 2,368 2,369 2,370 2,371 2,372 … 3,791 Next »