Your next 10 security pain points

Going to security conferences always stimulates my imagination. It makes me think outside of the box and remove the cruff that develops when I sit inside my lab too long—staring at vCenter monitors, 10 open bash sessions, security consoles, and emails from colleagues swallowing Xanax.+ Also on Network World: Cyber attacks are on the rise +If advanced persistent threats (APTs), certificate authorities (CAs) with IQs of 77, vendor patches bordering on oxymoronic, and hyper-aggressive agile development weren’t enough, I’ll summarize what I believe are your next 10 security pain points.To read this article in full or to leave a comment, please click here

Getting Cloud Out Of A Fugue State

The polyphonic weavings of a fugue in baroque music is a beautiful thing and an apt metaphor for how we want orchestration on cloud infrastructure to behave in a harmonic fashion. Unfortunately, most cloudy infrastructure is in more of a fugue state, complete with multiple personalities and amnesia.

A startup founded by some architects and engineers from Amazon Web Services wants to get the metaphor, and therefore the tools, right and have just popped out of stealth mode with a company aptly called Fugue to do just that.

Programmers are in charge of some of the largest and most profitable

Getting Cloud Out Of A Fugue State was written by Timothy Prickett Morgan at The Next Platform.

How PayPal Scaled to Billions of Transactions Daily Using Just 8VMs

How did Paypal take a billion hits a day system that might traditionally run on a 100s of VMs and shrink it down to run on 8 VMs, stay responsive even at 90% CPU, at transaction densities Paypal has never seen before, with jobs that take 1/10th the time, while reducing costs and allowing for much better organizational growth without growing the compute infrastructure accordingly? 

PayPal moved to an Actor model based on Akka. PayPal told their story here: squbs: A New, Reactive Way for PayPal to Build Applications. They open source squbs and you can find it here: squbs on GitHub.

The stateful service model still doesn't get enough consideration when projects are choosing a way of doing things. To learn more about stateful services there's an article, Making The Case For Building Scalable Stateful Services In The Modern Era, based on an great talk given by Caitie McCaffrey. And if that doesn't convince you here's WhatsApp, who used Erlang, an Akka competitor, to achieve incredible throughput: The WhatsApp Architecture Facebook Bought For $19 Billion.

I refer to the above articles because the PayPal article is short on architectural details. It's more about the factors the led the selection of Akka and the Continue reading

IDG Contributor Network: Blockchain ripe for IoT security and monetization

Both the securing of the Internet of Things, as well as the monetizing of it, are roles for blockchain technology, experts say.In one developing case, the Isle of Man, a self-governing British dependency located just off the U.K. mainland, is testing the use of a blockchain prototype to try to preemptively see-off IoT hacking, according to Financial News, which wrote about the island’s efforts.The island is a financial center and is looking to expand its offerings through fintech. It’s already involved in digital currency.To read this article in full or to leave a comment, please click here

Pokémon Go ransomware creates Windows backdoor account, spreads to all other drives

If you build it and it’s popular, they will come; it being an app, and they being cyber criminals. This time it’s Pokémon Go ransomware, which goes the extra mile by adding a hidden backdoor Windows admin account, spreading to other drives and creating network shares.Michael Gillespie discovered Hidden Tear ransomware disguised as a Pokémon Go app on a Windows Phone. But it’s not the standard ransomware. Bleeping Computer explained, “This developer has put in extra time to include features that are not found in many, if any, other ransomware variants.”To read this article in full or to leave a comment, please click here

Pokémon Go ransomware creates Windows backdoor account, spreads to all other drives

If you build it and it’s popular, they will come; it being an app, and they being cyber criminals. This time it’s Pokémon Go ransomware, which goes the extra mile by adding a hidden backdoor Windows admin account, spreading to other drives and creating network shares.Michael Gillespie discovered Hidden Tear ransomware disguised as a Pokémon Go app on a Windows Phone. But it’s not the standard ransomware. Bleeping Computer explained, “This developer has put in extra time to include features that are not found in many, if any, other ransomware variants.”To read this article in full or to leave a comment, please click here

Pokemon GO ransomware creates Windows backdoor account, spreads to all other drives

If you build it and it’s popular, they will come; it being an app and they being cyber criminals. This time it’s Pokemon GO ransomware which goes the extra mile by adding a hidden backdoor Windows admin account, spreading to other drives and creating network shares.Michael Gillespie discovered Hidden Tear ransomware disguised as a Pokemon Go app on a Windows Phone. But it’s not the standard ransomware. Bleeping Computer explained, “This developer has put in extra time to include features that are not found in many, if any, other ransomware variants.”To read this article in full or to leave a comment, please click here

Back to school stuff for the discerning techie (or techie-in-training)

Techify and Geekify those school supplies!It’s back-to-school time, and that means getting ready by stocking up on new clothes, school supplies (probably the only time you’ll be shopping for colored pencils and glue sticks) and finding the coolest backpack. But these days, it also means picking up new tech, as schooling relies on tech more than ever. To read this article in full or to leave a comment, please click here

Deep Learning Drives Nvidia’s Tesla Business To New Highs

It is a coincidence, but one laden with meaning, that Nvidia is setting new highs selling graphics processors at the same time that SGI, one of the early innovators in the fields of graphics and supercomputing, is being acquired by Hewlett Packard Enterprise.

Nvidia worked up from GPUs for gaming PCs to supercomputers, and has spread its technology to deep learning, visualization, and virtual desktops, all with much higher margins than GPUs for PCs or any other client device could deliver. SGI, in its various incarnations, stayed at the upper echelons of computing where there is, to a certain

Deep Learning Drives Nvidia’s Tesla Business To New Highs was written by Timothy Prickett Morgan at The Next Platform.

South China Sea conflict could be IT’s Black Swan

The vast majority of the world’s electronics -- its servers, PCs, mobile phones -- are now manufactured in China. This means any inadvertent escalation over the on-going South China Sea territorial dispute could do more than raise geopolitical tensions.It could easily disrupt electronics manufacturing for the world.About 84% of the world’s electronics are made in Asia, and about 85% of those goods are made in China, said Michael Palma, an analyst at IDC. “All that product flows through the South China Sea,” said Palma.China is claiming much of the South China Sea as its own territory after building artificial islands in the Spratly archipelago -- and it's ignoring a recent international tribunal ruling against its territorial claims, further stirring regional tensions.To read this article in full or to leave a comment, please click here

South China Sea conflict could be IT’s Black Swan

The vast majority of the world’s electronics -- its servers, PCs, mobile phones -- are now manufactured in China. This means any inadvertent escalation over the on-going South China Sea territorial dispute could do more than raise geopolitical tensions.It could easily disrupt electronics manufacturing for the world.About 84% of the world’s electronics are made in Asia, and about 85% of those goods are made in China, said Michael Palma, an analyst at IDC. “All that product flows through the South China Sea,” said Palma.China is claiming much of the South China Sea as its own territory after building artificial islands in the Spratly archipelago -- and it's ignoring a recent international tribunal ruling against its territorial claims, further stirring regional tensions.To read this article in full or to leave a comment, please click here

U.S. intelligence to share supply chain threat reports with industry

The U.S. National Counterintelligence and Security Center will soon provide classified supply chain threat reports to critical U.S. telecommunications, energy and financial businesses.The effort is designed to reduce threats against a vast private supply chain of equipment and services that could result in the theft of vital data or disrupt operations in critical systems. Supply chain threats are not well understood by security professionals, yet the supply chain is relatively easy to manipulate by foreign governments like Russia and China, as well as criminal gangs, hackers and even disgruntled workers, according to NCSC officials.The Office of the Director of National Intelligence described the threats to private sector supply chains in a press release on Thursday and released a video on supply chain risk management.To read this article in full or to leave a comment, please click here

10 acquisitions driving Oracle’s cloud strategy

Oracle craves cloud companiesImage by ThinkstockSince 2010, Oracle has been steadily acquiring cloud software companies, particularly SaaS providers that can help the business software maker grow its market share for software rented over the internet. The deals, including last month’s $9.3 billion blockbuster bid for NetSuite, are crucial for the company’s ability to keep pace with challengers such as SAP, Salesforce.com and Microsoft, all of which are forging their own aggressive strategies in the cloud.To read this article in full or to leave a comment, please click here

U.S. intelligence to share supply chain threat reports with industry

The U.S. National Counterintelligence and Security Center will soon provide classified supply chain threat reports to critical U.S. telecommunications, energy and financial businesses.The effort is designed to reduce threats against a vast private supply chain of equipment and services that could result in the theft of vital data or disrupt operations in critical systems. Supply chain threats are not well understood by security professionals, yet the supply chain is relatively easy to manipulate by foreign governments like Russia and China, as well as criminal gangs, hackers and even disgruntled workers, according to NCSC officials.The Office of the Director of National Intelligence described the threats to private sector supply chains in a press release on Thursday and released a video on supply chain risk management.To read this article in full or to leave a comment, please click here

Respect: Windows 10 security impresses hackers

So long as Windows remain a popular attack target, researchers and hackers will keep pounding the platform to uncover advanced strategies to subvert Microsoft's defenses.The bar for security is much higher than it used to be, as Microsoft has added multiple advanced mitigations in Windows 10 that take out entire classes of attacks. While hackers at this year’s Black Hat conference came armed with sophisticated exploitation techniques, there was tacit recognition that developing a successful technique is now much harder with Windows 10. Breaking into Windows through an OS vulnerability is harder than it was even a few years ago.To read this article in full or to leave a comment, please click here

7 bad programming ideas that work

Anyone who has listened to a teenager, sports commentator, or corporate management knows the connection between words and meaning can be fluid. A new dance craze can be both “cool” and “hot” at the same time. A star player’s “sick moves” don’t necessarily require any medical attention. And if a company is going to “reorganize,” it’s not good for anyone, except perhaps the shareholders -- even then it’s not always clear.The computer world has always offered respite from this madness. No one stores “one” in a bit when they mean “zero.” No one types if x = 0 when they really want to say if x != 0. Logic is a bedrock that offers stability in a world filled with chaos and doublespeak.To read this article in full or to leave a comment, please click here

Windows 10 Anniversary Update freezing on you? Microsoft’s looking into it

Have you encountered problems with your computer freezing upon logging in since you installed the Windows 10 Anniversary Update? If so, you’re not alone. And while there’s no proper fix for the issue yet, Microsoft is aware of the problem and is addressing it.According to a thread started by a Microsoft rep and posted on the company’s discussion forums, the freezing issue occurs on machines “with the operating system stored on a solid-state drive (SSD) and apps and data stored on a separate drive.” The issue does not present itself when you boot your PC into Safe Mode.To read this article in full or to leave a comment, please click here

1 2,522 2,523 2,524 2,525 2,526 3,616