Closing the incident response gap: Q&A with Sean Convery of ServiceNow

A decade ago, security meant a big firewall at a single ingress point.  All devices and applications were under IT’s tight control, so they did not create significant security risks.  Today, everything has changed.  The rise of cloud computing, BYOD, shadow IT, WiFi devices, software defined everything and other trends have blown up the tightly controlled model and created a rather chaotic system. Adding to the challenge is that attackers are getting smarter and targeting IoT systems and end users directly, which often bypasses the security technology.  This is why some security experts say there are two types of organizations, those that have been breached and know about it and those that have been breached and don’t know about it. To read this article in full or to leave a comment, please click here

Your Guide to ContainerCamp UK

#ContainerCamp UK kicks off tomorrow in the heart of London’s Piccadilly and we can hardly contain our excitement. There are loads of Docker talks that you won’t want to miss!

Friday, September 9th

9:55 am: Ben Firshman, Director of Product Management at Docker – Building serverless apps with Docker

Everyone’s talking about serverless right now. For good reason – it’s makes distributed apps much simpler to build, scale, and maintain. In this session, Ben will demonstrate how you can use Docker to mix in serverless techniques – right now – and how serverless is going to change how you build distributed apps in the future.

11:15 am: Nishant Totla, Docker Software Engineer – Orchestrating Linux containers while tolerating failures

Management of containers in production requires special care in order to keep the application up and running. In this session, learn the mechanisms and architecture of the Docker Engine orchestration platform (using a framework called swarmkit) to tolerate failures of services and machines, from cluster state replication and leader-election to container re-scheduling logic when a host goes down.

12:35 pm Lightening Talk: #DockerCaptain Nicholas Deloof – Continuous delivery in a container world

Continue reading

Worth Reading: The Verisign DDoS Report (Q2 2016)

This report contains the observations and insights derived from distributed denial of service (DDoS) attack mitigations enacted on behalf of, and in cooperation with, customers of Verisign DDoS Protection Services from April 1, 2016 through June 30, 2016 (‘‘Q2 2016”) and the security research of Verisign iDefense® Security Intelligence Services conducted during that time. It represents a unique view into the attack trends unfolding online, including attack statistics and behavioral trends for Q2 2016. —Verisign

The post Worth Reading: The Verisign DDoS Report (Q2 2016) appeared first on 'net work.

Box’s developer platform revamped with new content types, UI tools

While Box is probably best known for its user-facing storage and content services, the company is also operating a separate platform for developers, and it received a handful of updates Thursday.The platform, which lets developers integrate Box's tools for managing content into the apps they're building, now supports new content types, annotations, and watermarking. In addition, the company launched a new set of tools for building web user interfaces and a revamped developer console.Continuing to upgrade the platform may make it more appealing to developers, at a time when Box is fighting to be one of the services that developers take to power their applications. The Box Platform gives developers the ability to build Box's file storage and content services capabilities into an application, without having to build all of that themselves.To read this article in full or to leave a comment, please click here

What Apple really just announced: 4 new things to lose

As expected, the iPhone 7 that Apple announced yesterday will ship without a headphone jack. For many people, possibly including me, that will be a deal killer, but not necessarily for the obvious reasons. See also: When it comes to the iPhone’s headphone jack, I’m with Woz Because while there won’t be a headphone jack in the box, there will be an adapter, so you can still connect all those suddenly obsolescent non-Lightning headphones all us Luddites have been spending big bucks on for the past 10 years.To read this article in full or to leave a comment, please click here

Need to build a customer community? This new Salesforce tool can help

Engaging customers is an ongoing challenge for companies large and small, but Salesforce has been working to make it easier. On Thursday, the CRM giant took its efforts a big step further with the launch of Lightning Bolt, a new product designed to jump-start the process of building customer communities, portals, and websites.Last year, Salesforce introduced Lightning Templates for Community Cloud, enabling companies to create customized communities for their customers, partners, and employees. Lightning Bolt takes the template concept up another notch.To read this article in full or to leave a comment, please click here

Government ill-equipped to thwart cyberwarfare

In January, V. Miller Newton, CEO and president of PKWARE, made his annual list of predictions for most likely cyberattacks of the year. Number 3 on the list: The U.S. electrical grid will be attacked. He's been making predictions since 2011, and claims 95 percent accuracy so far (he also predicts that healthcare systems were at risk and that smart watches would be hacked). [ Related: Battling cyberattacks with bombs? ] "This country's infrastructure runs on antiquated technology and systems," he says. "We've already seen an electrical power grid hacked in December of last year in Ukraine," which blacked out 103 cities and partially blacked out an additional 186.To read this article in full or to leave a comment, please click here

The Galaxy Note 7 implicated in dramatic Jeep and house fires, reports say

Those who have yet to return their faulty Galaxy Note 7 are literally playing with fire. Two incidents this week illustrate just how seriously Note 7 owners ought to take the threat of the phone’s faulty battery. One example comes from a St. Petersburg, Florida man who left his new Note 7 charging inside of his Jeep while unloading furniture. He returned to find the car consumed in flames. The aftermath is pretty devastating. Fox 13 The aftermath of a Jeep that was completely engulfed in flames from what was likely a Note 7 catching fire.To read this article in full or to leave a comment, please click here

Google puts screws to HTTP with new warnings in Chrome

Google today continued its campaign to tighten the screws on unencrypted web traffic as it outlined the next steps it will take with Chrome to warn users of insecure connections.Starting with Chrome 56, which is currently scheduled to ship in stable format on Jan. 31, 2017, the browser will mark sites that transmit either passwords or credit card information over HTTP connections as "non-secure."The move will be "Part of a long-term plan to mark all HTTP sites as non-secure," Emily Schechter, a product manager in the Chrome security team, said in a post to a company blog Thursday. The plan, Schechter continued, "will take place in gradual steps, based on increasingly stringent criteria."To read this article in full or to leave a comment, please click here

Google puts screws to HTTP with new warnings in Chrome

Google today continued its campaign to tighten the screws on unencrypted web traffic as it outlined the next steps it will take with Chrome to warn users of insecure connections.Starting with Chrome 56, which is currently scheduled to ship in stable format on Jan. 31, 2017, the browser will mark sites that transmit either passwords or credit card information over HTTP connections as "non-secure."The move will be "Part of a long-term plan to mark all HTTP sites as non-secure," Emily Schechter, a product manager in the Chrome security team, said in a post to a company blog Thursday. The plan, Schechter continued, "will take place in gradual steps, based on increasingly stringent criteria."To read this article in full or to leave a comment, please click here

FBI arrests hackers who allegedly dumped details on government agents

U.S. authorities have arrested two suspects allegedly involved in dumping details on 29,000 officials with the FBI and the Department of Homeland Security.Andrew Otto Boggs and Justin Gray Liverman have been charged with hacking into the internet accounts of senior U.S. government officials and breaking into government computer systems.Both suspects were arrested on Thursday, according to the U.S. Department of Justice.Boggs, age 22, and Liverman, 24, are from North Carolina and are allegedly part of a hacking group called Crackas With Attitude.From October 215 until February, they used hacking techniques, including "victim impersonation" to trick internet service providers and a government help desk into giving up access to the accounts, the DOJ alleged.To read this article in full or to leave a comment, please click here

FBI arrests hackers who allegedly dumped details on government agents

U.S. authorities have arrested two suspects allegedly involved in dumping details on 29,000 officials with the FBI and the Department of Homeland Security.Andrew Otto Boggs and Justin Gray Liverman have been charged with hacking into the internet accounts of senior U.S. government officials and breaking into government computer systems.Both suspects were arrested on Thursday, according to the U.S. Department of Justice.Boggs, age 22, and Liverman, 24, are from North Carolina and are allegedly part of a hacking group called Crackas With Attitude.From October 215 until February, they used hacking techniques, including "victim impersonation" to trick internet service providers and a government help desk into giving up access to the accounts, the DOJ alleged.To read this article in full or to leave a comment, please click here

20% off Kuna Smart Home Security Outdoor Light & Camera – Deal Alert

Kuna is a smart home security camera in a stylish outdoor light that detects and allows you to interact with people outside your door. The security device includes HD live and recorded video, two-way intercom, alarm, smart motion detection alerts to your phone, and more. Easy 15 minute installation with no batteries to replace so you have continuous protection around the clock. Be protected at all times - Access HD live video with its 720P wide angle camera, communicate via its two way intercom from your mobile device, or activate its 100 dB alarm siren. Smart light control lets you turn on or off your lights remotely, or program a schedule for when you're away. Access live video or review & download events for 2 hours free or up to 30-days on an optional subscription plan, starting as low as $4.99 per month. This Kuna security light averages 4 out of 5 stars from over 330 people (read reviews), and its typical list price of $199 has been reduced 20% to $159. See the discounted Kuna Smart Home Security Light and Camera on Amazon.To read this article in full or to leave a comment, please click here

20% off Kuna Smart Home Security Outdoor Light & Camera – Deal Alert

Kuna is a smart home security camera in a stylish outdoor light that detects and allows you to interact with people outside your door. The security device includes HD live and recorded video, two-way intercom, alarm, smart motion detection alerts to your phone, and more. Easy 15 minute installation with no batteries to replace so you have continuous protection around the clock. Be protected at all times - Access HD live video with its 720P wide angle camera, communicate via its two way intercom from your mobile device, or activate its 100 dB alarm siren. Smart light control lets you turn on or off your lights remotely, or program a schedule for when you're away. Access live video or review & download events for 2 hours free or up to 30-days on an optional subscription plan, starting as low as $4.99 per month. This Kuna security light averages 4 out of 5 stars from over 330 people (read reviews), and its typical list price of $199 has been reduced 20% to $159. See the discounted Kuna Smart Home Security Light and Camera on Amazon.To read this article in full or to leave a comment, please click here

Open source algorithm helps spot social media shams

Researchers from Carnegie Mellon University say they have developed an open source algorithm that can help spot social media frauds trying to sway valuable community influence.+More on Network World: Star Trek turns 50!+“Given the rise in popularity of social networks and other web services in recent years, fraudsters have strong incentives to manipulate these services. On several shady websites, anyone can buy fake Facebook page-likes or Twitter followers by the thousands. Yelp, Amazon and TripAdvisor fake reviews are also available for sale, misleading consumers about restaurants, hotels, and other services and products. Detecting and neutralizing these actions is important for companies and consumers alike,” the researchers wrote in a paper outlining their algorithm known as FRAUDAR.To read this article in full or to leave a comment, please click here

Open source algorithm helps spot social media shams

Researchers from Carnegie Mellon University say they have developed an open source algorithm that can help spot social media frauds trying to sway valuable community influence.+More on Network World: Star Trek turns 50!+“Given the rise in popularity of social networks and other web services in recent years, fraudsters have strong incentives to manipulate these services. On several shady websites, anyone can buy fake Facebook page-likes or Twitter followers by the thousands. Yelp, Amazon and TripAdvisor fake reviews are also available for sale, misleading consumers about restaurants, hotels, and other services and products. Detecting and neutralizing these actions is important for companies and consumers alike,” the researchers wrote in a paper outlining their algorithm known as FRAUDAR.To read this article in full or to leave a comment, please click here

Cybersecurity Goes Private: McAfee and RSA

There are some interesting industry dynamics going on in the cybersecurity market.  Just a few months ago, Symantec bought Blue Coat taking a private company public and forming a cybersecurity industry colossus in the process. Now two other historical cybersecurity powerhouses are heading in the other direction and going private.  When the Dell/EMC deal was approved this week, industry veteran RSA became the security division of the world’s largest diversified private technology company.  Not to be outdone, Intel and partner TPG are spinning out McAfee as an independent private company.The good news for both companies is that the market for cybersecurity products and services is quite healthy, and large customers are looking for enterprise-class security vendors with integrated product suites, managed/professional services, and business process experience to partner with.  Cybersecurity vendors like Cisco and IBM that fit this description are doing quite well in the enterprise so McAfee and RSA (as well as Forcepoint, Palo Alto Networks, Symantec, Trend Micro, and a few others) could join this exclusive club. To read this article in full or to leave a comment, please click here

Cybersecurity Goes Private: McAfee and RSA

There are some interesting industry dynamics going on in the cybersecurity market.  Just a few months ago, Symantec bought Blue Coat taking a private company public and forming a cybersecurity industry colossus in the process. Now two other historical cybersecurity powerhouses are heading in the other direction and going private.  When the Dell/EMC deal was approved this week, industry veteran RSA became the security division of the world’s largest diversified private technology company.  Not to be outdone, Intel and partner TPG are spinning out McAfee as an independent private company.The good news for both companies is that the market for cybersecurity products and services is quite healthy, and large customers are looking for enterprise-class security vendors with integrated product suites, managed/professional services, and business process experience to partner with.  Cybersecurity vendors like Cisco and IBM that fit this description are doing quite well in the enterprise so McAfee and RSA (as well as Forcepoint, Palo Alto Networks, Symantec, Trend Micro, and a few others) could join this exclusive club. To read this article in full or to leave a comment, please click here

Google to Glom Apigee for $625M

Another addition to the Google Cloud ranks.

iPhone 7 announcement: Could Apple be the next Nokia?

If the next Apple announcement is like this, it should be broadcast on Cable TV so viewers can fast forward through the many boring parts. A GEICO insurance commercial would have been a relief from the tedium of watching Tim Cook, Jony Ive, and Phil Schiller shoveling superlative adjectives on features copied from Android phone makers and other product companies.Apple isn’t selling innovation. It’s selling its annual iPhone annual upgrade plan, which costs users twice as much over a three-year period, in order to turn around declining sales. Apple’s innovation engine has stalled at producing features that drive users to upgrade, so Apple is resorting to a financial gimmick.To read this article in full or to leave a comment, please click here