Robots present a cyber risk

The prospect of an army of robots marching in unison to launch an attack on an unsuspecting city belongs in the realm of science fiction—as do most images of menacing autonomous machines wreaking all kinds of havoc on civilization.That’s not to say robotics is free from security and safety threats, however. In fact, experts say the growing use of robots by companies such as manufacturers, retailers, healthcare institutions and other businesses can present a number of cyber risks.There are two primary issues related to security and robotics, says Michael Overly, a partner and information security attorney at law firm Foley & Lardner.First, these machines are generally integral to assembly line operations and other similar activities, Overly says. “An attack could literally bring a manufacturing or assembly plant to its knees,” he says. “We have seen this very outcome in a ransomware attack targeted at robotic assemblers in a plant in Mexico.” In that case, the ransomware locked up the specifications files from which the robots drew their operating parameters, he says.To read this article in full or to leave a comment, please click here

Robots present a cyber risk

The prospect of an army of robots marching in unison to launch an attack on an unsuspecting city belongs in the realm of science fiction—as do most images of menacing autonomous machines wreaking all kinds of havoc on civilization.That’s not to say robotics is free from security and safety threats, however. In fact, experts say the growing use of robots by companies such as manufacturers, retailers, healthcare institutions and other businesses can present a number of cyber risks.There are two primary issues related to security and robotics, says Michael Overly, a partner and information security attorney at law firm Foley & Lardner.First, these machines are generally integral to assembly line operations and other similar activities, Overly says. “An attack could literally bring a manufacturing or assembly plant to its knees,” he says. “We have seen this very outcome in a ransomware attack targeted at robotic assemblers in a plant in Mexico.” In that case, the ransomware locked up the specifications files from which the robots drew their operating parameters, he says.To read this article in full or to leave a comment, please click here

Trump tapped the viral anger over H-1B use

President-elect Donald Trump realized early in his campaign that U.S. IT workers were angry over training foreign visa-holding replacements. He knew this anger was volcanic.Trump is the first major U.S. presidential candidate in this race -- or any previous presidential race -- to focus on the use of the H-1B visa to displace IT workers. He asked former Disney IT employees, upset over having to train foreign replacements, to speak at his rallies."The fact is that Americans are losing their jobs to foreigners," said Dena Moore, a former Disney IT worker at a Trump rally in Alabama in February. "I believe Mr. Trump is for Americans first."To read this article in full or to leave a comment, please click here

10 hardest-to-find tech skills

Rumors of Moore's Law's demise have been slightly exaggerated. Advances in computing power, data analytics, the cloud and other technologies just keep marching on -- albeit a bit slower. But as enterprises become more data-driven, it's not the hardware or the infrastructure that's at issue. It's the fact that tech pros with skills relating to organizing, analyzing and securing that data are increasingly harder to find.To read this article in full or to leave a comment, please click here

5 secrets to creating the best project management resume

Your resume is an extension of you professionally, and to some extent personally, and because you only have one chance to create that best first impression on paper, make sure it counts in a big way. Before you actually get an interview, an employer has to value your resume enough to want to pick up the phone. Here are a few secrets to the making of an eye-catching project management resume that will get employers calling.To read this article in full or to leave a comment, please click here(Insider Story)

There’s a war on for cybersecurity talent

Filling cybersecurity jobs is getting so hard managers need to think outside the box if they hope to fill critical positions, experts say.That means redefining jobs, training human resources departments to screen resumes differently, seeking latent talent already inside the organization, and hiring bright, motivated people who can grow into critical roles, according to an expert panel speaking at the recent Advanced Cyber Security Center conference in Boston.+More on Network World: Phishing scheme crimps El Paso for $3.2 million+To read this article in full or to leave a comment, please click here

There’s a war on for cybersecurity talent

Filling cybersecurity jobs is getting so hard managers need to think outside the box if they hope to fill critical positions, experts say.That means redefining jobs, training human resources departments to screen resumes differently, seeking latent talent already inside the organization, and hiring bright, motivated people who can grow into critical roles, according to an expert panel speaking at the recent Advanced Cyber Security Center conference in Boston.+More on Network World: Phishing scheme crimps El Paso for $3.2 million+To read this article in full or to leave a comment, please click here

DevOps Basics: What Is It Exactly?

What you need to know about microservices

Black Friday and Cyber Monday are a shoppers’ delight and many retailers’ busiest time of the year. For Hudson’s Bay Company (HBC), which owns and operates Lord & Taylor, Saks 5th Avenue and several other brands, last year’s holiday rush turned out to be the perfect time to try out new web site features. HBC uses a fairly typical Oracle WebLogic application server and an ecommerce platform named Blue Martini from RedPrairie. Basically the stack has been developed and refined over the years. It worked but it was “hard to deploy to, hard to change and … hard to upgrade,” said Matthew Pick, who manages an infrastructure engineering team at HBC and spoke about the company’s digital transformation at a conference hosted by cloud vendor Joyent earlier this year.To read this article in full or to leave a comment, please click here

Network Automation: Lego Bricks and Death Stars

One of the challenges traditional networking engineers face when starting their network automation journey is the “build or buy” decision: should I use a plethora of small open-source or commercial tools and components and build my own solution, or should I buy a humongous platform from a reassuringly-expensive $vendor.

Most of us were used to buying platforms ranging from CiscoWorks to HP OpenView (oops, Business Technology Optimization Software) or now Cisco’s NSO, so it’s natural that we’re trying to map this confusing new world into old patterns, leading to interesting discussions like the one I had during one of my workshops:

Today Unlock An 80% Discount on Amazon Dash Buttons, Just $0.99 With Our Code – Deal Alert

Today and tomorrow only (11/9 & 11/10), Amazon Prime members (or those with a free trial: here you go) get Amazon Dash buttons for $0.99 instead of $4.99 when you use our code IDGDASH at checkout. Limit 3 buttons on the deal. And Amazon pays you a $4.99 credit after your first button push, so you sort of make money on this deal, don't you. Amazon Dash is a simple Wi-Fi connected gadget that lets you order your favorite things with just the push of a button. Keep it by your washing machine, your pet food, or in the bathroom closet. When you notice you're running low, just press the button and Amazon ships it right out. Each button gets tied to a specific product from Amazon's library of over 200 brands, in categories such as (click each category to see samples) household supplies, beverage & grocery, health & personal care, beauty products, pets, kids & baby, and more. Visit Amazon now, select up to 3 buttons and use IDGDASH to sink the price from $4.99/button to just $0.99. (Access this deal on Amazon)To read this article in full or to leave a comment, please click here

Microsoft is working on tools to help people use cloud-based FPGAs

Earlier this year, Microsoft made a splash at its Ignite conference for IT professionals when it announced that it has been racking cards of programmable chips together with servers in its cloud data centers. The chips, called field-programmable gate arrays (FPGAs), can be reconfigured after being deployed to optimize them for particular applications such as networking and machine learning. Now, Microsoft is investing in tools that would allow customers to program the FPGAs, said Scott Guthrie, the executive vice president in charge of Microsoft's cloud and enterprise division, during a talk at the Structure conference in San Francisco.To read this article in full or to leave a comment, please click here

Facebook and AT&T herald a new day of open networking

Modular and open-source are now the watchwords for network infrastructure, whether you’re delivering internet connections or VR cat videos.On Tuesday at the Structure 2016 conference in San Francisco, Facebook announced its most powerful modular data-center switch yet, and AT&T gave an update on its huge migration from dedicated servers to a software-based architecture.Once the same kind of hardware can do different things in a network, everyone gets more freedom to accomplish what needs to get done.That’s true for Facebook, which built on its own switch innovations and software stack in the new Backpack switch, and for AT&T, which says enterprises can now order and turn on services in 90 seconds instead of 90 days. Agility is also the key selling point for cloud companies like Google, which hopes its customers can ignore hardware altogether in a few years.To read this article in full or to leave a comment, please click here

Facebook and AT&T herald a new day of open networking

Modular and open-source are now the watchwords for network infrastructure, whether you’re delivering internet connections or VR cat videos.On Tuesday at the Structure 2016 conference in San Francisco, Facebook announced its most powerful modular data-center switch yet, and AT&T gave an update on its huge migration from dedicated servers to a software-based architecture.Once the same kind of hardware can do different things in a network, everyone gets more freedom to accomplish what needs to get done.That’s true for Facebook, which built on its own switch innovations and software stack in the new Backpack switch, and for AT&T, which says enterprises can now order and turn on services in 90 seconds instead of 90 days. Agility is also the key selling point for cloud companies like Google, which hopes its customers can ignore hardware altogether in a few years.To read this article in full or to leave a comment, please click here

Thinking Out Loud: The Future of Kubernetes

I’ve just wrapped up KubeCon/CloudNativeCon 2016 in Seattle, WA. There’s no doubt the Kubernetes community is active and engaged, and the project itself is charging forward. As both the community and the project grow, though, what does that mean for the future of Kubernetes?

Here are my thoughts, hopefully presented in a somewhat logical fashion.

It seems to me that Kubernetes has been successful thus far because of a strong focus on the problem it’s trying to solve. You can see this in the Kubernetes web site, where phrases like “Production-Grade Container Orchestration” and “Automated container deployment, scaling, and management” are found. You can see this in the API abstractions Kubernetes uses (a pod as a group of co-located containers, a service as a stable access point for sets of pods, etc.). You can see it in the real-world customer deployments and use cases. Kubernetes seems focused on addressing the needs of container-based microservices-centric application architectures.

However, there now seem to be some efforts to push Kubernetes to support other types of applications as well. One could look at DaemonSets (which are used to ensure that a particular pod is always running on every node; useful for “infrastructure” services Continue reading

Microsoft patches 68 vulnerabilities, two actively exploited ones

Microsoft has patched 68 vulnerabilities in Windows, Office, Edge, Internet Explorer and SQL Server, two of which have already been exploited by attackers and three that have been publicly disclosed.The patches are covered in 14 security bulletins, one dedicated to Adobe Flash Player which is upgraded through Windows Update in Windows 10 and 8.1. Six of the bulletins are rated critical and eight are rated important.Administrators should prioritize the Windows patches in the MS16-135 bulletin, because they address a zero-day vulnerability that's already being exploited by a group of attackers known in the security industry as Fancy Bear, APT28 or Strontium.To read this article in full or to leave a comment, please click here

Microsoft patches 68 vulnerabilities, two actively exploited ones

Microsoft has patched 68 vulnerabilities in Windows, Office, Edge, Internet Explorer and SQL Server, two of which have already been exploited by attackers and three that have been publicly disclosed.The patches are covered in 14 security bulletins, one dedicated to Adobe Flash Player which is upgraded through Windows Update in Windows 10 and 8.1. Six of the bulletins are rated critical and eight are rated important.Administrators should prioritize the Windows patches in the MS16-135 bulletin, because they address a zero-day vulnerability that's already being exploited by a group of attackers known in the security industry as Fancy Bear, APT28 or Strontium.To read this article in full or to leave a comment, please click here

Facebook Intros Backpack, an Open 100G Modular Switch

If there's a place you gotta go ... Backpack probably won't be much help.

BrandPost: Converging all communications over IP

With the changing rules of business and the competitive environment, businesses need a high performance network today – and for tomorrow. Many, though, are still operating separate voice and data networks that limit flexibility and inhibit agility.Carriers such as AT&T have long digitized voice traffic over their long-haul networks. On the AT&T network, the volume of data traffic exceeded voice traffic in 2000 as the Internet transformation took hold and businesses increasingly looked to data networks to handle voice, video, telepresence and other sophisticated applications such as virtual white boards.To read this article in full or to leave a comment, please click here

Microsoft Research Pens Quill for Data Intensive Analysis

Collecting data is only useful to the extent that the data is analyzed. These days, human Internet usage is generating more data (particularly for advertising purposes) and Internet of Things devices are providing data about our homes, our cars, and our bodies.

Analyzing that data can become a challenge at scale. Streaming platforms work well with incoming data but aren’t designed for post hoc analysis. Traditional database management systems can perform complex queries against stored data, but cannot be put to real-time usage.

One proposal to address these challenges, called Quill, was developed by Badrish Chandramouli and colleagues at Microsoft …

Microsoft Research Pens Quill for Data Intensive Analysis was written by Nicole Hemsoth at The Next Platform.