17 tools to protect your online security

Last month's news about the massive data breach at Yahoo, which affected at least 500 million user records, making it the largest data breach on record, might finally be what it takes to get the average internet user to take online security into their own hands — if only they knew how.In his new book "The Hackers Are Coming," online security expert Ronald Nutter shares tips on how to boost security for every online account you have, starting with choosing the best password management and two-factor authentication tools for you.To read this article in full or to leave a comment, please click here(Insider Story)

Samsung ‘adjusts’ Note7 production following fresh spate of fire reports

Amid reports of five replacement Galaxy Note7 models catching fire in the U.S. alone, Samsung says it is “temporarily adjusting” the production schedule of its beleaguered smartphone. It’s careful wording, and it follows a report from the Yonhap News Agency that Samsung has suspended production of the phone in cooperation with safety regulators from South Korea, China, and the U.S.MORE: 10 mobile startups to watch The Yonhap News Agency reports production has been “temporarily suspended,” quoting a source at one of Samsung’s suppliers. But for its part, Samsung uses different language in its statement to the press: “We are temporarily adjusting the Galaxy Note7 production schedule in order to take further steps to ensure quality and safety matters.”To read this article in full or to leave a comment, please click here

Microsoft fleshes out seismic change to Windows patching

Microsoft has elaborated on the new patching policy for Windows 7 and Windows 8.1 that takes effect Tuesday.In a post to a company blog accompanied by graphics that resembled a periodic table, Michael Niehaus, a product marketing director for Windows 10, fleshed out the massive change in how Windows 7, the standard in business and the most popular OS on the planet, will be serviced starting with this month's Patch Tuesday.Microsoft announced the new plan two months ago, saying then that as of Oct. 11 it would offer only cumulative security updates for Windows 7 and 8.1, ending the decades-old practice of letting customers choose which patches they apply.To read this article in full or to leave a comment, please click here

Microsoft fleshes out seismic change to Windows patching

Microsoft has elaborated on the new patching policy for Windows 7 and Windows 8.1 that takes effect Tuesday.In a post to a company blog accompanied by graphics that resembled a periodic table, Michael Niehaus, a product marketing director for Windows 10, fleshed out the massive change in how Windows 7, the standard in business and the most popular OS on the planet, will be serviced starting with this month's Patch Tuesday.Microsoft announced the new plan two months ago, saying then that as of Oct. 11 it would offer only cumulative security updates for Windows 7 and 8.1, ending the decades-old practice of letting customers choose which patches they apply.To read this article in full or to leave a comment, please click here

7 ways to take back control of your cloud strategy

The age of shadow ITImage by ThinkstockIn 2015, 35 percent of IT spend was managed outside of IT departments, and by 2017, Gartner predicts that CMOs alone will spend more on IT services than CIOs. This includes both insecure and secure cloud apps and services that employees and business units are increasingly adopting without ITs knowledge or oversight – a movement known as Shadow IT. Today, every department from accounting to engineering is stealthily adopting these cloud services, causing serious problems for IT professionals who have to then quickly gain visibility and control over these services. What’s more, this process threatens to render IT irrelevant in critical IT purchasing and planning decisions.To read this article in full or to leave a comment, please click here

Is tape storage dead … again?

Much like the mainframe, tape still has its place. It’s a veteran technology that is heralded for being cheap, reliable and simple, and advancements continue. Even so, by the time you’ve invested in tape robots for automation and verification steps to make sure your backup actually captured your data, all that labor and infrastructure means tape isn’t as cheap as the per-megabyte costs make it look.To read this article in full or to leave a comment, please click here(Insider Story)

5 ways to better survey IT employees

To keep employees' unhappiness from reaching a tipping point, companies are turning to more frequent surveys to gauge the mood of their staffers, thanks to a slew of new survey and collaboration tools that make pulse-taking easier.To read this article in full or to leave a comment, please click here(Insider Story)

How older workers can thrive in IT

Mark Zuckerberg's infamous foot-in-mouth statement on the importance of being young and technical ("young people are just smarter") landed him in a lot of hot water. But regardless of whether you believe that technology's best left to the young generation or you think that it's wasted on the young, to paraphrase George Bernard Shaw, there's no question that it becomes ever more difficult to find a job in tech the older you get.But as Silicon Valley struggles with its exclusionary image, recruiters and hiring managers are including age -- in addition to gender, race, ethnicity, education and work history -- as an underrepresented group that deserves consideration.To read this article in full or to leave a comment, please click here

Yahoo Mail suspends automatic mail forwarding as privacy controversies swirl

In what can only be called awfully suspicious timing, Yahoo has turned off automatic email forwarding—a crucial feature when changing email accounts—for Yahoo Mail users. Anyone who has already enabled the feature is not affected, but others cannot activate it.On its help pages, Yahoo says mail forwarding is currently under development. “While we work to improve it, we’ve temporarily disabled the ability to turn on Mail Forwarding for new forwarding addresses,” the help page says.To read this article in full or to leave a comment, please click here

Yahoo Mail suspends automatic mail forwarding as privacy controversies swirl

In what can only be called awfully suspicious timing, Yahoo has turned off automatic email forwarding—a crucial feature when changing email accounts—for Yahoo Mail users. Anyone who has already enabled the feature is not affected, but others cannot activate it.On its help pages, Yahoo says mail forwarding is currently under development. “While we work to improve it, we’ve temporarily disabled the ability to turn on Mail Forwarding for new forwarding addresses,” the help page says.To read this article in full or to leave a comment, please click here

Say Cheese: a snapshot of the massive DDoS attacks coming from IoT cameras

Over the last few weeks we've seen DDoS attacks hitting our systems that show that attackers have switched to new, large methods of bringing down web applications. They appear to come from the Mirai botnet (and relations) which were responsible for the large attacks against Brian Krebs.

Our automatic DDoS mitigation systems have been handling these attacks, but we thought it would be interesting to publish some of the details of what we are seeing. In this article we'll share data on two attacks, which are perfect examples of the new trends in DDoS.

CC BY 2.0 image by E Magnuson

In the past we've written extensively about volumetric DDoS attacks and how to mitigate them. The Mirai attacks are distinguished by their heavy use of L7 (i.e. HTTP) attacks as opposed to the more familiar SYN floods, ACK floods, and NTP and DNS reflection attacks.

Many DDoS mitigation systems are tuned to handle volumetric L3/4 attacks; in this instance attackers have switched to L7 attacks in an attempt to knock web applications offline.

Seeing the move towards L7 DDoS attacks we put in place a new system that recognizes and blocks these attacks as they happen. The Continue reading

5 Cisco CCIE Myths Debunked

Webscale Raises $12M for Multi-Cloud App Delivery

The company can also monitor apps using machine learning.

The Emergence Of The Full-Stack Engineer

Samsung discontinues Galaxy Note7 after battery debacle

Samsung Electronics has discontinued production of its Galaxy Note7 smartphone, which has been plagued since its introduction in August by battery problems that caused fires and even explosions.The company confirmed Tuesday that it is discontinuing production, a day after it said that it had advised carriers and retail partners worldwide not to sell or exchange the replacement Note7 phones that were intended to solve an issue of overheating batteries in the previous version.U.S. carriers including Verizon, AT&T and T-Mobile announced over the weekend that they would stop the exchange of the smartphone after reports of fires and explosions involving the replacement smartphones, including a report of a Note7 that caught fire on a Southwest Airlines flight. Samsung said last week it was investigating the reports.To read this article in full or to leave a comment, please click here

A breach alone means liability

Rich Santalesa, a programmer turned writer and lawyer, brought an interesting turn of events to my attention last week. We need to pay heed: A litigant can have standing in a U.S. Federal breach case where no personal fraud or identity theft has yet occurred.Usually, a litigant has to have suffered injury—a breech caused them identity theft or other fraudulent activity based upon information released in a security breach. This means if you’re cracked, you can be liable if personally identifiable information is released, exfiltrated, absconded, whatever. It also means that should you believe the axiom that currently most of us are hacked, we’re in for a litigious treat. To read this article in full or to leave a comment, please click here

A breach alone means liability

Rich Santalesa, a programmer turned writer and lawyer, brought an interesting turn of events to my attention last week. We need to pay heed: A litigant can have standing in a U.S. Federal breach case where no personal fraud or identity theft has yet occurred.Usually, a litigant has to have suffered injury—a breech caused them identity theft or other fraudulent activity based upon information released in a security breach. This means if you’re cracked, you can be liable if personally identifiable information is released, exfiltrated, absconded, whatever. It also means that should you believe the axiom that currently most of us are hacked, we’re in for a litigious treat. To read this article in full or to leave a comment, please click here

IDG Contributor Network: Shining a light on LiFi in the enterprise

Even as we increase data rates and network capacity in Wi-Fi with 802.11ac, 11ad and then 11ax, it’s worth keeping an eye on other communication technologies that may become useful in the enterprise. Visible light communication (VLC) is making progress in the background, and while it is barely out of the lab, it may take off in a few years. The startups working with enterprise VLC are adopting the term “LiFi” (although it has—today—no connection with Wi-Fi). Like all new technologies, there are many possibilities—and the number of potential uses is impressive. Applications include vehicle-to-vehicle, underwater communications, streetlamps, aircraft cabins, and industrial uses where Wi-Fi cannot be used due to RF interference.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Shining a light on LiFi in the enterprise

Even as we increase data rates and network capacity in Wi-Fi with 802.11ac, 11ad and then 11ax, it’s worth keeping an eye on other communication technologies that may become useful in the enterprise. Visible light communication (VLC) is making progress in the background, and while it is barely out of the lab, it may take off in a few years. The startups working with enterprise VLC are adopting the term “LiFi” (although it has—today—no connection with Wi-Fi). Like all new technologies, there are many possibilities—and the number of potential uses is impressive. Applications include vehicle-to-vehicle, underwater communications, streetlamps, aircraft cabins, and industrial uses where Wi-Fi cannot be used due to RF interference.To read this article in full or to leave a comment, please click here

The Two Principles Of Troubleshooting

1. Never trust someone else’s configuration.
2. Don’t trust your own configuration.

But in all seriousness. If you’re migrating configuration, this would be a good place to start:

• Check all your IP addresses are consistent.
• Check your masks are consistent.
• Check your interfaces are correct.
• If you’re working with peers, check your IP addresses for the peers are correct.I mean all 4 octets. Not just the last one, or two, or three. ALL FOUR. If it’s v6, then FML. Bite the bullet and write a script.
• Is there a naming convention to follow? There’s a temptation when migrating to stick with the old name, but new devices may require a different convention is adhered to. Reasons for this range from the whimsical to the valid.

If you’re coming up with something new, and it involves addressing new interfaces then start with this:

• First check your IP allocations are correct. By this, I mean check if you have any hierarchy or ordering. For example, do you reserve addresses by site, geographic location or application? If you do, then make sure these are consistent with what you’ve planned.
• Is your addressing valid? i.e: Are the subnets and host addresses you’ve assigned correct? Continue reading