Worth Reading: The need for loud cyber weapons

In general, a tool used for offensive cyber operations involves a penetration mechanism and a payload. It’s often been observed that tools for exploitation (intelligence collection) and for attack (destruction or degradation) make use of the same techniques for penetration and differ primarily in payload (that is, in what is done to the target after penetration has been achieved). —Lawfare

LinkedInTwitterGoogle+Facebook

The post Worth Reading: The need for loud cyber weapons appeared first on 'net work.

IDG Contributor Network: Containers: IT history seems to be repeating itself

Portworx, a data storage company for containers, released the results of its recently completed survey. Although I can't vouch for the survey instrument, the survey sample or the analysis of the data, the results were interesting and the study appeared to be constructed well.Portworx's analysis of the survey data This is what Portworx had to say about the results of its survey: "The survey identified which business benefits IT professionals are seeking through the deployment of containers. Agility (75 percent) and reduced costs (53 percent) were the top benefits sought.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Blue Pillar IoT ensures hospitals always have power

Surgery requires steady hands—and power.How do hospitals make sure they always have life-saving power? Or that standby generators and switches kick in when needed? How can patient safety be preserved during a power outage?Sprawling hospital campuses, large power needs and zero downtime tolerance make it difficult. It’s so important, though, that there are even federal regulations for hospitals to ensure they’re prepared for potential outages.With IoT-based facility management, though, hospitals concentrate on saving lives and worry less about power issues.The challenge: maintaining equipment Emergency power supply systems (EPSS) are the critical power infrastructure that supports hospitals during a power outage. This standby network of generators and switches ensures critical, life-saving power for equipment is always available. The systems have to be regularly tested and monitored to make sure they are in good working order.To read this article in full or to leave a comment, please click here

Startup Nubeva pitches Security as a Service in the cloud

A team made up of executives from Aruba Networks and Panzura are out with a new self-funded startup this week that aims to deploy security tools that enterprises use in their campus and extend it to the cloud.The idea of Nubeva is to create a Security as a Service platform that takes existing security tools and controls that organizations use in their data centers and other on premises infrastructure and mirror that same stack of security tools in the public cloud. Nubeva has created a platform that automates the deployment of those security resources in the public cloud.+MORE AT NETWORK WORLD: How the Dyn DDoS attack unfolded +To read this article in full or to leave a comment, please click here

Startup Nubeva pitches Security as a Service in the cloud

A team made up of executives from Aruba Networks and Panzura are out with a new self-funded startup this week that aims to deploy security tools that enterprises use in their campus and extend it to the cloud.The idea of Nubeva is to create a Security as a Service platform that takes existing security tools and controls that organizations use in their data centers and other on premises infrastructure and mirror that same stack of security tools in the public cloud. Nubeva has created a platform that automates the deployment of those security resources in the public cloud.+MORE AT NETWORK WORLD: How the Dyn DDoS attack unfolded +To read this article in full or to leave a comment, please click here

Mirai IoT Botnet Description and DDoS Attack Mitigation

Authors:  Roland Dobbins & Steinthor Bjarnason Since its inception in August of 2016, the Mirai ‘Internet-of-Things’ (IoT) botnet, comprised largely of internet-enabled digital video recorders (DVRs), surveillance cameras, and other Internet-enabled embedded devices, has been utilized by attackers to launch multiple high-profile, high-impact DDoS attacks against various Internet properties and services.  Mirai serves as the basis of an ongoing DDoS-for-hire ‘booter’/‘stresser’ […]

These are the 3 big reveals from Microsoft’s Surface event

Microsoft unleashed a ton of Windows and Surface news on the world from New York on Wednesday, revealing new Windows features and brand new hardware. Here's the run-down on the biggest news from the company's two-hour-long presentation.Surface Studio takes a fresh look at the Desktop PC There were a ton of rumors about a forthcoming all-in-one Surface desktop, and Microsoft brought the thunder. The Surface Studio is an all-in-one PC with an ultrathin, 28-inch, 4.5K touchscreen. The screen is mounted on a pair of hinges that let it sit up vertically like a traditional desktop computer, and lower down to a drafting position, where the display is only inclined to the desk by 20 degrees.To read this article in full or to leave a comment, please click here

38% off Nonda USB-C to USB 3.0 Mini Adapter – Deal Alert

This is an essential adapter if you need to connect your standard USB devices to the newer USB-C style connector found on the new Macbooks, Chromebooks and others. This one from Nonda is super small and fast, capable of data transfer speeds of up to 5Gbps with USB 3.0. The adapter averages 4.5 out of 5 stars from reviewers on Amazon (read reviews) and its typical list price of $15.99 has been reduced to $9.99. See it now on Amazon.To read this article in full or to leave a comment, please click here

Google Early Access program: A safe place to develop Android apps

The first version of a new mobile app is often like the first pancake. It tastes good, but looks less than perfect and gets pushed aside at the breakfast table. Launching a new app on the Play Store with its millions of apps and over a billion regular visitors can be like this for a new company with a new app.+ Also on Network World: How to break into Android development + Compounding the problem is the average Play Store user is often less than tolerant of beta versions of software, quickly installing and removing the app and leaving little more than a record that the app with removed within a few seconds. And some leave bad feedback, dissuading more tolerant users from installing the software.To read this article in full or to leave a comment, please click here

DDoS attacks from webcams, routers hit Singapore’s StarHub

Following Friday's massive internet disruption in the U.S., a Singapore-based broadband provider reports it faced two distributed denial-of-service attacks, forcing users offline.The attacks, which occurred Saturday and then on Monday, targeted Singapore's StarHub, briefly cutting internet access for the company's home broadband subscribers before services were restored."These two recent attacks that we experienced were unprecedented in scale, nature and complexity," StarHub said in a Facebook posting on Wednesday.In addition, the company has reportedly said that malware-infected broadband routers and webcams were involved in the two attacks, producing a spike in internet traffic that overwhelmed the company's services.To read this article in full or to leave a comment, please click here

DDoS attacks from webcams, routers hit Singapore’s StarHub

Following Friday's massive internet disruption in the U.S., a Singapore-based broadband provider reports it faced two distributed denial-of-service attacks, forcing users offline.The attacks, which occurred Saturday and then on Monday, targeted Singapore's StarHub, briefly cutting internet access for the company's home broadband subscribers before services were restored."These two recent attacks that we experienced were unprecedented in scale, nature and complexity," StarHub said in a Facebook posting on Wednesday.In addition, the company has reportedly said that malware-infected broadband routers and webcams were involved in the two attacks, producing a spike in internet traffic that overwhelmed the company's services.To read this article in full or to leave a comment, please click here

The gender gap in tech is getting worse but it’s fixable

With all the recent attention paid to the IT skills gap and the need for more women and underrepresented minorities in technology, you'd think that the IT industry would have innovative solutions, programs and processes in place to fix it. You'd be wrong.New research from global professional services company Accenture and not-for-profit organization Girls Who Code, unveiled at the Grace Hopper Celebration of Women in Computing, held in Houston last week, that despite heightened awareness of the problem, without interventions, strategic planning and targeted tactics, the share of women in the U.S. computing workforce will decline from the current rate of 24 percent to 22 percent by 2025.To read this article in full or to leave a comment, please click here

Do you know where your sensitive documents are?

No organization wants to see sensitive information walk out its doors, yet it happens with alarming frequency.According to a recent study by Accusoft, a provider of document and imaging software, 34 percent of IT managers say their organization "has had sensitive information compromised due to poor file management practices." Yet 90 percent of them report being "confident they have the tools they need to protect their organizations’ documents."The survey of more than 100 U.S. IT managers and 250 full-time employees revealed an alarming disconnect between IT managers and their users. "Seventy-four percent of IT managers report that their firms have a formalized document management solution," according to the report. "At the same time, less than half (49 percent) of end users believed these resources were available." And 20 percent of employees "claim they don’t know what document management tools their employer uses."To read this article in full or to leave a comment, please click here(Insider Story)

Emergency Flash Player patch fixes zero-day critical flaw

Adobe Systems has released an emergency patch for Flash Player in order to fix a critical vulnerability that attackers are already taking advantage of.The vulnerability, tracked as CVE-2016-7855 in the Common Vulnerabilities and Exposures database, is a use-after-free error that could lead to arbitrary code execution."Adobe is aware of a report that an exploit for CVE-2016-7855 exists in the wild, and is being used in limited, targeted attacks against users running Windows versions 7, 8.1 and 10," the company warned in a security advisory Wednesday.Users are advised to upgrade to Flash Player 23.0.0.205 on Windows and Mac and to version 11.2.202.643 on Linux. The Flash Player runtime bundled with Google Chrome and Microsoft Edge or Internet Explorer 11 on Windows 10 and 8.1 will be updated automatically through those browsers' update mechanisms.To read this article in full or to leave a comment, please click here

Emergency Flash Player patch fixes zero-day critical flaw

Adobe Systems has released an emergency patch for Flash Player in order to fix a critical vulnerability that attackers are already taking advantage of.The vulnerability, tracked as CVE-2016-7855 in the Common Vulnerabilities and Exposures database, is a use-after-free error that could lead to arbitrary code execution."Adobe is aware of a report that an exploit for CVE-2016-7855 exists in the wild, and is being used in limited, targeted attacks against users running Windows versions 7, 8.1 and 10," the company warned in a security advisory Wednesday.Users are advised to upgrade to Flash Player 23.0.0.205 on Windows and Mac and to version 11.2.202.643 on Linux. The Flash Player runtime bundled with Google Chrome and Microsoft Edge or Internet Explorer 11 on Windows 10 and 8.1 will be updated automatically through those browsers' update mechanisms.To read this article in full or to leave a comment, please click here

Raspberry Pi Roundup: Watching for the meter-reader, driving Lego cars and sweet art

Being a person that lives in San Francisco, we’re reliably informed, is one of the best ways to spend lots of money, while simultaneously competing with other persons for very limited living space. The situation is much the same for cars, apparently, because one clever San Franciscan developed a Raspberry Pi-based gadget to help him hold onto parking spaces for as long as possible.The resident parking spaces near developer John Naulty’s home in the Castro have a two-hour limit, but he realized that those two hours didn’t start until San Francisco’s parking enforcement interceptors – distinctive little vehicles that monitor parked cars – drove past and noted his position.To read this article in full or to leave a comment, please click here

Attackers are now abusing exposed LDAP servers to amplify DDoS attacks

Attackers are abusing yet another widely used protocol in order to amplify distributed denial-of-service attacks: the Lightweight Directory Access Protocol (LDAP), which is used for directory services on corporate networks.DDoS mitigation provider Corero Network Security has recently observed an attack against its customers that was reflected and amplified through Connectionless LDAP (CLDAP), a variant of LDAP that uses the User Datagram Protocol (UDP) for transport.DDoS reflection is the practice of sending requests using a spoofed source IP address to various servers on the Internet, which will then direct their responses to that address instead of the real sender. The spoofed IP address is that of the intended victim.To read this article in full or to leave a comment, please click here

1 2,570 2,571 2,572 2,573 2,574 3,843