Flaw in Wix website builder risked computer worm

Wix, the provider of a widely used cloud-based web development platform, appears to have had a significant bug on its hands that could have paved the way for a computer worm to do serious damage to websites around world.The problem was related to an XSS (cross-site scripting) vulnerability that was found in websites built with Wix, according to Matt Austin, a researcher with Contrast Security.Though Wix says it has fixed the issue, it illustrates how a few lines of bad code can  potentially do widespread damage.XSS vulnerabilities are common, and result from flaws in websites' coding.  Hackers can take advantage of them to trick users' browsers into running malicious scripts that, for example, could download a computer virus or expose the internet cookies that are on their machines. Austin found the same kind of problem in websites from Wix, which builds websites and has 87 million users in Europe, Latin America, Asia.To read this article in full or to leave a comment, please click here

Flaw in Wix website builder risked computer worm

Wix, the provider of a widely used cloud-based web development platform, appears to have had a significant bug on its hands that could have paved the way for a computer worm to do serious damage to websites around world.The problem was related to an XSS (cross-site scripting) vulnerability that was found in websites built with Wix, according to Matt Austin, a researcher with Contrast Security.Though Wix says it has fixed the issue, it illustrates how a few lines of bad code can  potentially do widespread damage.XSS vulnerabilities are common, and result from flaws in websites' coding.  Hackers can take advantage of them to trick users' browsers into running malicious scripts that, for example, could download a computer virus or expose the internet cookies that are on their machines. Austin found the same kind of problem in websites from Wix, which builds websites and has 87 million users in Europe, Latin America, Asia.To read this article in full or to leave a comment, please click here

Join the Black Friday club: BJ’s Wholesale, Sam’s reveal tech deals

Wholesale clubs BJ's and Sam's are among the latest retailers to share their Black Friday plans, and tech deals are aplenty.Black Friday watchers such as BFads and Best Black Friday have been tracking new ads closely.BJ's Wholesale Club Black Friday savings start on Nov. 18 and run through Nov. 29, though note that the stores are closed on Thanksgiving day.MORE: Black Friday isn't dead in 2016 | Dell, Amazon, Newegg beat Black Friday 2016 rushTo read this article in full or to leave a comment, please click here

BrandPost: The Ethernet path to Network on Demand

Ethernet is the network computing gift that keeps on giving. From its inception in 1973 as a 3 megabits/sec copper wired local area network technology, it has evolved to accommodate 40 gigabit/sec and 100 gigabit/sec speeds, fiber optic cabling, and wide area networking. The race is on to reach 400 gigabit/sec speeds and enable more on demand Ethernet-based services.Ethernet has achieved its success based on the foundation of openness and standardization and that is an ongoing process enabling continual innovation. Achieving end-to-end on demand Ethernet services that span multiple service providers is a key element in realizing the promise of software-defined networking (SDN) and network functions virtualization (NFV) for geographically dispersed organizations.To read this article in full or to leave a comment, please click here

Security and Delegation with Ansible Tower, Part 1

Ansible Tower - Security and Delegation 

This is part of a series of posts about how Ansible and Ansible Tower enable you to manage your infrastructure simply, securely, and efficiently.

When we talk about Tower, we often talk in terms of control, knowledge, and delegation. But what does that mean? In previous posts in this series, we've talked about the concept of 'control', as it relates to both managing your infrastructure and managing your automation. Today we're going to explain delegation, and the security aspects that go into that.

DELEGATION - THE BASICS

Ansible Playbooks, out of the box, are pretty simple - you run Ansible as a particular user, you pass it whatever inventory you want to manage, and it uses whatever credentials the executing user happens to have on hand. This is great for getting automating quickly, but what if you want to delegate automation to someone else to run as needed? You need to provide an inventory file for Ansible and Playbook to them (hopefully they don't edit them), and give them credentials (hopefully they won't use them for something else).

That's where the control, knowledge, and delegation features of Ansible Tower come into play.

STEP 1: CREDENTIALS

Ansible Tower securely stores credentials for Continue reading

Advances in In Situ Processing Tie to Exascale Targets

Waiting for a simulation to complete before visualizing the results is often an unappealing prospect for researchers.

Verifying that output matches expectations early in a run helps prevent wasted computation time, which is particularly important on systems in high demand or when a limited allocation is availableIn addition, the growth in the ability to perform computation continues to outpace the growth in the ability to performantly store the results. The ability to analyze simulation output while it is still resident in memory, known as in situ processing, is appealing and sometimes necessary for researchers running large-scale simulations.

In light of

Advances in In Situ Processing Tie to Exascale Targets was written by Nicole Hemsoth at The Next Platform.

Ixia’s Flex Tap Secure+ protects against injection breaches

We’ve probably all used the phrase “too much of anything is a bad thing.” Too much ice cream makes you fat, too many cats and you get called crazy, and too much NFL football on Sunday gets you banned to the doghouse by your wife. + Also on Network World: Network World annual State of the Network survey results + In IT, too much network traffic is certainly a bad thing. We need networks and rely on them to access cloud applications, call people on via videoconferencing and do a whole bunch of other tasks. However, too much traffic and the network becomes unusable and a source of frustration for workers. To read this article in full or to leave a comment, please click here

Ixia’s Flex Tap Secure+ protects against injection breaches

We’ve probably all used the phrase “too much of anything is a bad thing.” Too much ice cream makes you fat, too many cats and you get called crazy, and too much NFL football on Sunday gets you banned to the doghouse by your wife. + Also on Network World: Network World annual State of the Network survey results + In IT, too much network traffic is certainly a bad thing. We need networks and rely on them to access cloud applications, call people on via videoconferencing and do a whole bunch of other tasks. However, too much traffic and the network becomes unusable and a source of frustration for workers. To read this article in full or to leave a comment, please click here

The future of Drupal could be cooking in this lab

Acquia Labs has no illusions of making self-driving cars or shooting things into space like Google X, but the budding applied research arm of enterprise open-source Drupal provider Acquia does have designs on a slew of new applications for what it anticipates will be an increasingly browserless world. Preston So, development manager at Acquia Labs and a 9-year veteran of the Drupal community, shared his vision for Acquia’s skunkworks-plus outfit at the company’s annual Engage event for customers held in Boston this week.To read this article in full or to leave a comment, please click here

Worth Reading: Insurance companies and free stuff

When your “smart” home is hacked, who is to blame — and importantly — who pays for it? As connected items in our homes move beyond laptops and mobile phones to baby monitors, refrigerators, door locks, intruder alarms and thermostats, insurance companies are evolving along with them. The insurance industry is increasingly incorporating these devices into home coverage. According to new figures from research firm Accenture, insurance pilot projects for connected homes increased from 9% in 2014 to 22% in 2015. —Market Watch

LinkedInTwitterGoogle+Facebook

The post Worth Reading: Insurance companies and free stuff appeared first on 'net work.

IDG Contributor Network: Novelty seeking and networking

You’re seated in a restaurant you’ve never visited before, and the waiter hands you the menu. As you scan the items, do you look for something familiar you know you’ll like? Or do you want something you’ve never tried before?People respond differently to new situations and opportunities, sometimes with opposite reactions. “Better safe than sorry,” caution some, while others urge, “Nothing ventured, nothing gained.”+ Also on Network World: 3 tips to foster a culture of innovation + Such reactions, engrained deep in our temperament, are described by psychologist and neuroscientists as our degree of novelty seeking. The trait is associated with positive aspects, such as curiosity, and negative aspects, such as impulsivity. It follows a normal distribution in the population, and scientific research even suggests a genetic basis, which makes sense considering our species has sought novelty strongly enough to inhabit almost every part of the planet and beyond.To read this article in full or to leave a comment, please click here

Kindle Discount Ends Tonight: Up To 36% off Various Models – Deal Alert

Amazon has quietly released another good set of deals on its popular Kindle series of e-readers, but the deal is scheduled to end tonight at 6pm ET.  Kindle's price sinks from $80 to $60, Kindle Paperwhite from $120 down to $100, the Kindle Voyage drops from $200 to just $180, and the worry-free Kindle for Kids Bundle is reduced from $125 to just $80. The Kindle discounts are almost over for now, so if you're in the market for one right now, you may want to consider pulling the trigger soon.To read this article in full or to leave a comment, please click here

HTC pushes VR arcades with new Vive software

One of the biggest issues with high-end virtual reality experiences right now is that they often require people invest thousands of dollars in powerful computers in order to work. One solution to this is the VR arcade, where operators buy machines and then rent time on them to the public.HTC announced a new software platform Thursday that aims to help with the creation of such arcades. Viveport Arcade is designed to help arcade operators find games that are well-suited to the sort of public experience that they're building, while also helping developers better monetize their creations. It's built for the Taiwanese hardware maker's Vive headset, one of the leading offerings in the realm of high-end virtual reality headgear.To read this article in full or to leave a comment, please click here

New smartphone attachment can detect cancer

Researchers at Washington State University have developed a portable sensor that uses a smartphone's camera to detect a biological indicator for several types of cancers with 99% accuracy, yielding laboratory quality results.The sensor, a light spectrometer, can process up to eight blood or tissue samples at the same time (or one sample in eight wells) and can detect the human protein  interleukin-6 (IL-6). That protein is a known biological marker for lung, prostate, liver, breast and epithelial cancers. Washington State University The spectrometer attached to an iPhone 5.To read this article in full or to leave a comment, please click here

1 2,403 2,404 2,405 2,406 2,407 3,695