Security blogger Krebs says IoT DDoS attack was payback for a blog

Security blogger Brian Krebs says a massive distributed denial-of-service attack that took down his Web site last week was likely the consequences for his outing of two Israelis who ran a DDoS-for-hire business.+More on Network World: The IoT is uranium+The pair, whom he identifies as Itay Huri and Yarden Bidani, both 18, were arrested in Israel at the request of the FBI six days after Krebs posted his blog and are now under house arrest.To read this article in full or to leave a comment, please click here

Security blogger Krebs says IoT DDoS attack was payback for a blog

Security blogger Brian Krebs says a massive distributed denial-of-service attack that took down his Web site last week was likely the consequences for his outing of two Israelis who ran a DDoS-for-hire business.+More on Network World: The IoT is uranium+The pair, whom he identifies as Itay Huri and Yarden Bidani, both 18, were arrested in Israel at the request of the FBI six days after Krebs posted his blog and are now under house arrest.To read this article in full or to leave a comment, please click here

Who’s Hot In Infrastructure? 25 Vendors To Watch

Q&A: The Making Of A Networking Nerd

How to build a budget PC for less than $300

These days, practically every household needs a computer. Even if your job doesn’t require you to peddle presentations after hours, everything from shopping to budgeting to keeping in touch with friends is a vastly more convenient with a keyboard and mouse. And who can resist the occasional foray into the spectacular world of YouTube “fail” videos?PCs can be expensive, though. That’s why hundreds of millions of people rely on 5-year-old-plus computers. For many folks, PCs are appliances rather than toys—pricey tools that are replaced only when they break, and reluctantly even then.To read this article in full or to leave a comment, please click here

Fortinet Introduces Partner Program to Integrate Its Security Fabric

These security companies will now be able to have FortiSIEM run alongside their own existing security products.

10 ways to secure a mobile workforce

Super mobile workerImage by ThinkstockWe are entering the age of “supermobility,” in which mobile devices will provide all of the tools and technology that employees need to be productive on the go. And while workplace flexibility and convenience are at an all-time high, super-mobile employees are actually putting enormous amounts of company data at risk.To read this article in full or to leave a comment, please click here

10 ways to secure a mobile workforce

Super mobile workerImage by ThinkstockWe are entering the age of “supermobility,” in which mobile devices will provide all of the tools and technology that employees need to be productive on the go. And while workplace flexibility and convenience are at an all-time high, super-mobile employees are actually putting enormous amounts of company data at risk.To read this article in full or to leave a comment, please click here

How to mitigate hackers who farm their victims

Nation-states and savvy criminal hackers don’t pull uninformed, spur-of-the-moment smash-and-grab jobs on data networks. They reconnoiter and position themselves to slowly implement precise surgical maneuvers to exfiltrate your information treasures. Most of these attackers are capable of ensuring you remain unaware of their movements until it is to their benefit for you to know.High-profile attacks that leveraged extended dwell time inside the networks of large retail chains such as Target are examples of how hackers farm or manage victim organizations in this manner.Hackers farm their targets by maintaining a veiled presence in sensitive places in and around government and enterprise networks, revealing their position in a calculated way at an optimal time to achieve some strategic goal, says Danny Rogers, CEO at Terbium Labs.To read this article in full or to leave a comment, please click here

How to mitigate hackers who farm their victims

Nation-states and savvy criminal hackers don’t pull uninformed, spur-of-the-moment smash-and-grab jobs on data networks. They reconnoiter and position themselves to slowly implement precise surgical maneuvers to exfiltrate your information treasures. Most of these attackers are capable of ensuring you remain unaware of their movements until it is to their benefit for you to know.High-profile attacks that leveraged extended dwell time inside the networks of large retail chains such as Target are examples of how hackers farm or manage victim organizations in this manner.Hackers farm their targets by maintaining a veiled presence in sensitive places in and around government and enterprise networks, revealing their position in a calculated way at an optimal time to achieve some strategic goal, says Danny Rogers, CEO at Terbium Labs.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Always be prepared: Monitor, analyze and test your security

This is the final entry in our series on the 20 Critical Security Controls devised by the Center for Internet Security (CIS) as best practices to help the public and private sectors tighten their cybersecurity.We started down the path of building a solid security foundation by taking inventory of hardware and software, we looked at vulnerability assessment and administrative privileges, and we discussed how to build malware defenses. We also explored how to create a data recovery plan, how to protect your data, and the importance of monitoring and training employees.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Always be prepared: Monitor, analyze and test your security

This is the final entry in our series on the 20 Critical Security Controls devised by the Center for Internet Security (CIS) as best practices to help the public and private sectors tighten their cybersecurity.We started down the path of building a solid security foundation by taking inventory of hardware and software, we looked at vulnerability assessment and administrative privileges, and we discussed how to build malware defenses. We also explored how to create a data recovery plan, how to protect your data, and the importance of monitoring and training employees.To read this article in full or to leave a comment, please click here

Nutanix CEO skewers box-based hyperconvergence rivals

Nutanix founder and CEO Dheeraj Pandey doesn’t want you to get too excited by today’s hyperconverged infrastructure offerings because they’re just ‘a pit stop’ on the way to making all infrastructure invisible. Pandey, whose company is preparing for an initial public offering, talked with IDG Chief Content Officer John Gallant about the competitive landscape in hyperconvergence today and he pulled no punches in assessing rivals like Simplivity and VCE. In Pandey’s view, only VMware is on the same path of building, essentially, the operating system for hybrid cloud but Nutanix is starting from a clean slate. Pandey also discussed Nutanix’s partnership with Dell Technologies and explained why Cisco has no love for his company these days.To read this article in full or to leave a comment, please click here(Insider Story)

Nutanix CEO skewers box-based hyperconvergence rivals

Nutanix founder and CEO Dheeraj Pandey doesn’t want you to get too excited by today’s hyperconverged infrastructure offerings because they’re just ‘a pit stop’ on the way to making all infrastructure invisible. Pandey, whose company is preparing for an initial public offering, talked with IDG Chief Content Officer John Gallant about the competitive landscape in hyperconvergence today and he pulled no punches in assessing rivals like Simplivity and VCE. In Pandey’s view, only VMware is on the same path of building, essentially, the operating system for hybrid cloud but Nutanix is starting from a clean slate. Pandey also discussed Nutanix’s partnership with Dell Technologies and explained why Cisco has no love for his company these days.To read this article in full or to leave a comment, please click here(Insider Story)

How Do I Get a Grasp of SDN and NFV?

One of my readers had problems getting the NFV big picture (and how it relates to SDN):

I find the topic area of SDN and NFV a bit overwhelming in terms of information, particularly the NFV bit.

NFV is a really simple concept (network services packaged in VM format), what makes it complex is all the infrastructure you need around it.

IBM promises a one-stop analytics shop with AI-powered big data platform

Big data is in many ways still a wild frontier, requiring wily smarts and road-tested persistence on the part of those hoping to find insight in all the petabytes. On Tuesday, IBM announced a new platform it hopes will make things easier.Dubbed Project DataWorks, the new cloud-based platform is the first to integrate all types of data and bring AI to the table for analytics, IBM said.Project DataWorks is available on IBM's Bluemix cloud platform and aims to foster collaboration among the many types of people who need to work with data. Tapping technologies including Apache Spark, IBM Watson Analytics and the IBM Data Science Experience launched in June, the new offering is designed to give users self-service access to data and models while ensuring governance and rapid-iteration capabilities.To read this article in full or to leave a comment, please click here

Yahoo’s claim of ‘state-sponsored’ hackers meets with skepticism

Yahoo has blamed its massive data breach on a "state-sponsored actor." But the company isn't saying why it arrived at that conclusion. Nor has it provided any evidence.The lingering questions are causing some security experts to wonder why Yahoo isn't offering more details on a hack that stole account information from 500 million users."I think there's a lot of fishiness going on here," said Michael Lipinski, the chief security strategist at Securonix.Yahoo didn't respond to a request for comment. The company has protocols in place that can detect state-sponsored hacking into user accounts. In a December 2015 blog post, the company outlined its policy, saying it will warn users when this is suspected. To read this article in full or to leave a comment, please click here

Yahoo’s claim of ‘state-sponsored’ hackers meets with skepticism

Yahoo has blamed its massive data breach on a "state-sponsored actor." But the company isn't saying why it arrived at that conclusion. Nor has it provided any evidence.The lingering questions are causing some security experts to wonder why Yahoo isn't offering more details on a hack that stole account information from 500 million users."I think there's a lot of fishiness going on here," said Michael Lipinski, the chief security strategist at Securonix.Yahoo didn't respond to a request for comment. The company has protocols in place that can detect state-sponsored hacking into user accounts. In a December 2015 blog post, the company outlined its policy, saying it will warn users when this is suspected. To read this article in full or to leave a comment, please click here

GE, Bosch and open source could bring more IoT tools

Partnerships that could shape the internet of things for years are being forged just as enterprises fit IoT into their long-term plans.A majority of organizations have included IoT as part of their strategic plans for the next two to three years, IDC said last week. No one vendor can meet the diverse IoT needs of all those users, so they're joining forces and also trying to foster broader ecosystems. General Electric and Germany's Bosch did both on Monday.The two companies, both big players in industrial IoT, said they will establish a core IoT software stack based on open-source software. They plan to integrate parts of GE's Predix operating system with the Bosch IoT Suite in ways that will make complementary software services from each available on the other.To read this article in full or to leave a comment, please click here

Puppet CEO Luke Kanies Steps Aside

Phase II really begins as Sanjay Mirchandani takes over.