NetworkingNexus.net

Cisco discloses PIX firewall, IOS software security holes

Cisco has warned of a high priority security hole in its IOS software that could have let attackers snatch memory contents from a variety of products that could lead to the disclosure of confidential information. +More on Network World: Cisco buys into containers with Container X acquisition+ Specifically Cisco said the vulnerability is due to “insufficient condition checks in the part of the code that handles [Internet Key Exchange] IKEv1 security negotiation requests. An attacker could exploit this vulnerability by sending a crafted IKEv1 packet to an affected device configured to accept IKEv1 security negotiation requests.”To read this article in full or to leave a comment, please click here

Cisco discloses PIX firewall, IOS software security holes

Teenager claims he accessed FTPs, downloaded data from every state with .us domain

A security researcher going by Minxomat scanned IPv4 addresses and then released a list of nearly 800,000 open FTP servers, meaning no authentication is required to access them. His scan revealed that 4.32 percent of all FTP servers in the IPv4 address space allowed “anonymous” users to log in with no password.“This is a list of all (796,578) FTP servers directly connected to port 21 in the IPv4 address space that allow anonymous logins,” Minxomat wrote on GitHub. “The login must be completed in less than five seconds to qualify for this list.”If an FTP server was meant to be public, he did not include it in the list. In his post describing “mass-analyzing a chunk of the internet,” Minxomat said he set up filters to exclude other results such as “POS system firmware update servers and printers (firmware|printer).”To read this article in full or to leave a comment, please click here

Teenager claims he accessed FTPs, downloaded data from every state with .us domain

Teenager claims to have accessed FTPs, downloaded data from every state with .us domain

A security researcher going by Minxomat scanned IPv4 addresses and then released a list of nearly 800,000 open FTP servers, meaning no authentication is required to access them. His scan revealed that 4.32% of all FTP servers in the IPv4 address space allowed “anonymous” users to login with no password.“This is a list of all (796,578) FTP servers directly connected to port 21 in the IPv4 address space that allow anonymous logins,” Minxomat wrote on GitHub. “The login must be completed in less than five seconds to qualify for this list.”If an FTP server was meant to be public, he did not include it in the list. In his post describing “mass-analyzing a chunk of the internet,” Minxomat said he set up filters to exclude other results such as “POS system firmware update servers and printers (firmware|printer).”To read this article in full or to leave a comment, please click here

Google Allo AI-powered messenging app expected this week

Google this week is expected to release Allo, an AI-powered app previewed in May at the Google I/O confab that's aimed at adding more pizzazz to text messaging. Google said back then that it planned to release the app by the end of summer, and that would be this Wednesday, Sept. 21. Reliable mobile news blogger Evan Blass has tweeted "Hello, Allo (launches this week)," and Google watchers have been quick to rehash this.To read this article in full or to leave a comment, please click here

Cisco patches Equation group exploit in IOS, IOS XE and IOS XR devices

Cisco Systems has patched a vulnerability similar to one exploited by a cyberespionage group believed to be linked to the U.S. National Security Agency.The vulnerability affects networking devices running Cisco's IOS, IOS XE and IOS XR operating systems that process IKEv1 (Internet Key Exchange version 1) packets. When exploited, it allows remote unauthenticated attackers to extract contents from a device's memory, potentially leading to the exposure of sensitive and confidential information.IKE is a key exchange protocol used by several popular features including LAN-to-LAN VPN (Virtual Private Network), remote access VPN, Dynamic Multipoint VPN (DMVPN) and Group Domain of Interpretation (GDOI). It is likely to be enabled on many Cisco devices in enterprise environments.To read this article in full or to leave a comment, please click here

Cisco patches Equation group exploit in IOS, IOS XE and IOS XR devices

1 Free Amazon Echo Dot When You Buy 5 – Deal Alert

Echo Dot is a hands-free, voice-controlled device that uses Alexa to play & control music (either on its own, or through a connected speaker/receiver), control smart home devices, provide information, read the news, set alarms, and more. If you’re looking to buy them as gifts, or for different homes or rooms, Amazon will throw in a free one ($50 value) when you buy 5, or two free ones when you buy 10 (a $100 value). To take advantage of this limited time offer, select 6 or 12 in the quantity dropdown and add to your Shopping Cart. Enter promo code DOT6PACK or DOT12PACK at checkout where you will see the discount applied. The new Amazon Echo Dot comes in black, and now also white. See the new Amazon Echo Dot now on Amazon.To read this article in full or to leave a comment, please click here

Bad migration experiences leave IT bosses gun-shy

Previous migration efforts are often so bad that the majority of IT pros drag their feet on doing another migration project, even if they need it. That's one of the results of a new study by a cloud migration specialist Vision Solutions.The migration survey -- see chart below -- was part of a larger study, the Vision Solutions' 8th Annual State of Resilience report.The problem, however, lies with many IT shops, according to Vision. They either lack expertise to do the job properly, don't plan well in advance, or both. Of the 935 professionals surveyed, 35 percent say that they lack the experience or the expertise to confidently perform a system migration.To read this article in full or to leave a comment, please click here

What’s the difference between project management and change management?

Project management involves the use of people, processes and methodologies to plan, initiate, execute, monitor and close activities. It is designed to meet an organization's project goals, and hopefully overall strategic objectives. Change management, similar to project management, involves people, processes, and tools to effectively help organizations manage all the changes that occur, whether as a result of project initiatives, or other factors that might impact the business. While project management and change management are two areas often work side-by-side -- and they should -- there are some similarities. However, these are different disciplines. Think about project management in the example of software development and implementation. A project manager works with a project team to plan, communicate and execute the actual development and implementation itself. A change manager will work with the same project management team to identify, communicate, and effectively manage all aspects relating to how any changes will ultimately impact all stakeholders.To read this article in full or to leave a comment, please click here

When it comes to IT certifications, trust but verify

Trust, but verify, the old adage goes. But in a tight IT talent market, it seems hiring companies are doing a heck of a lot of the former and not enough of the latter. New research shows that organizations are trusting employees when they say they've attained certifications, but aren't investing the time or energy to verify whether or not those credentials have actually been earned."We'd heard this anecdotally, but to see it in the hard data was very concerning, and it made us cringe. The value in the certifications themselves isn't in question, but the lack of action by hiring managers and the fact that some candidates are fudging the truth makes everyone look bad. This has the potential to seriously impede the credibility of certifications to qualify and benchmark candidates," says Jason Hayman, market research manager at TEKSystems, which conducted the research.To read this article in full or to leave a comment, please click here

Why (and how) you should manage Windows PCs like iPhones

The days of Microsoft's System Center may be numbered. With the introduction of Windows 10, Microsoft has begun championing a different approach to systems management -- the same approach that Apple created for the iPad and iPhone, and Google later adopted for Android. Organizations adopting Windows 10 can take advantage of this new approach, allowing IT to manage all client devices -- Windows 10 PCs (as older Windows versions are retired), Macs, iOS devices, and Android devices -- from the same consoles, using the same policy-driven technology in what is called an omnidevice strategy.To read this article in full or to leave a comment, please click here(Insider Story)

See how an SSD works

It's what's inside that countsImage by Mike HomnickIt’s the day everybody dreads: You power up your PC and it sits dormant, failing to boot because your hard drive or SSD is dead. But after you stop cursing and reaching for your backups—you do create backups regularly, right?—you might as well make the best of things.To read this article in full or to leave a comment, please click here

Free and cheap ways to study for IT certifications

For as long as there have been technology certifications, IT pros have debated their value. Some believe they're the key to a fatter paycheck, while others contend that they're often not worth the paper they're printed on. Others take the middle road and say they can be valuable in the right circumstances, but experience is king.To read this article in full or to leave a comment, please click here(Insider Story)

How to keep IT security at the forefront during a merger

1. Let two become one—safelyImage by PexelsStephen Boyer, CTO and co-founder of BitSight, knows one of the biggest threats to your company's tech security: the possibility that it might buy another company. He points to a survey from West Monroe Partners that found that 40% of acquiring companies discovered a cybersecurity problem in an acquired company—after a deal went through. It probably shouldn't be surprising that, in a 2014 survey from Freshfields Bruckhaus Deringer, a staggering 78% of respondents said cybersecurity is not analyzed in-depth as part of due diligence in an acquisition.To read this article in full or to leave a comment, please click here

How to keep IT security at the forefront during a merger

Settings in iOS 10: Every notable change you need to know

iOS’s Settings app is the quiet MVP of Apple’s mobile operating system: It’s the place you go to when you need to get something done, and get it done your way. So whenever you update iOS on your iPhone or iPad, it pays to peruse the settings to find, enable, and configure any new features just to your liking. The biggies for iOS 10? Maps, with its plethora of new features, and Siri, since she now supports third-party app integration.Here’s a rundown of the major changes in Settings in iOS 10, as well as some key settings that didn’t change, but you still might want to revisit. If you’ve got any questions, hit us up in the comments. To read this article in full or to leave a comment, please click here

What to think about when moving to the cloud

Well, it's 2016, and a few years ago Gartner reported that "By 2016, poor return on equity will drive more than 60 percent of banks worldwide to process the majority of their transactions in the cloud."Enterprises across all sectors are either in the cloud, transitioning to the cloud, or thinking about making the idea of cloud a reality. For those who are preparing to make the move, there are a variety of concerns to consider and plan for in order to make for a smooth transition. In addition to deciding on the right cloud provider and whether to go with a private or a public cloud, CISOs also need to think about implementing solutions for controls on access, encryption, legal and compliance issues.To read this article in full or to leave a comment, please click here

« Previous 1 … 2,616 2,617 2,618 2,619 2,620 … 3,794 Next »