Time is short to stop expansion of FBI hacking, senator says

The U.S. Congress has a small window of time to stop proposed changes in federal court rules that will expand the FBI's authority to hack into computers during criminal investigations, a senator said Thursday.The rule changes allowing expanded FBI searches of computers, approved by the Supreme Court in April, go into effect in December unless Congress votes against them, and getting Congress to move in a contentious election year will be difficult, said Senator Ron Wyden, an Oregon Democrat and a critic of the changes.To read this article in full or to leave a comment, please click here

Time is short to stop expansion of FBI hacking, senator says

The U.S. Congress has a small window of time to stop proposed changes in federal court rules that will expand the FBI's authority to hack into computers during criminal investigations, a senator said Thursday.The rule changes allowing expanded FBI searches of computers, approved by the Supreme Court in April, go into effect in December unless Congress votes against them, and getting Congress to move in a contentious election year will be difficult, said Senator Ron Wyden, an Oregon Democrat and a critic of the changes.To read this article in full or to leave a comment, please click here

Kaspersky: Ransomware that encrypts is booming

Over the past year the number of machines hit by ransomware that encrypts all or part of the hard drive is five-and-a-half times what it was the year before, according to Kaspersky Lab.The number in 2014-2015 was 131,111 compared to 718,536 in 2015-2016, according to the company’s report Ransomware in 2014-2016.+ ALSO ON NETWORK WORLD: Finally reason to hope in fight against ransomware | 5 things to know about ransomware +To read this article in full or to leave a comment, please click here

Kaspersky: Ransomware that encrypts is booming

Over the past year the number of machines hit by ransomware that encrypts all or part of the hard drive is five-and-a-half times what it was the year before, according to Kaspersky Lab.The number in 2014-2015 was 131,111 compared to 718,536 in 2015-2016, according to the company’s report Ransomware in 2014-2016.+ ALSO ON NETWORK WORLD: Finally reason to hope in fight against ransomware | 5 things to know about ransomware +To read this article in full or to leave a comment, please click here

Over 100 DDoS botnets built using Linux malware for embedded devices

LizardStresser, the DDoS malware for Linux systems written by the infamous Lizard Squad attacker group, was used over the past year to create over 100 botnets, some built almost exclusively from compromised Internet-of-Things devices.LizardStresser has two components: A client that runs on hacked Linux-based machines and a server used by attackers to control the clients. It can launch several types of distributed denial-of-service (DDoS) attacks, execute shell commands and propagate to other systems over the telnet protocol by trying default or hard-coded credentials.The code for LizardStresser was published online in early 2015, giving less-skilled attackers an easy way to build new DDoS botnets of their own. The number of unique LizardStresser command-and-control servers has steadily increased since then, especially this year, reaching over 100 by June, according to researchers from DDoS mitigation provider Arbor Networks.To read this article in full or to leave a comment, please click here

Over 100 DDoS botnets built using Linux malware for embedded devices

LizardStresser, the DDoS malware for Linux systems written by the infamous Lizard Squad attacker group, was used over the past year to create over 100 botnets, some built almost exclusively from compromised Internet-of-Things devices.LizardStresser has two components: A client that runs on hacked Linux-based machines and a server used by attackers to control the clients. It can launch several types of distributed denial-of-service (DDoS) attacks, execute shell commands and propagate to other systems over the telnet protocol by trying default or hard-coded credentials.The code for LizardStresser was published online in early 2015, giving less-skilled attackers an easy way to build new DDoS botnets of their own. The number of unique LizardStresser command-and-control servers has steadily increased since then, especially this year, reaching over 100 by June, according to researchers from DDoS mitigation provider Arbor Networks.To read this article in full or to leave a comment, please click here

Worth Reading: Fishing for a cure to DDoS attacks

There is no way you can equate the importance of the Internet to a vital source of daily nutrients for billions of people. Yet the Internet is no doubt a critical ingredient of modern society. And it’s far from being “overfished.” In fact, the Internet is exploding with promising new use cases. Sadly, the Internet is also exploding with menace. -Data Center Journal

The post Worth Reading: Fishing for a cure to DDoS attacks appeared first on 'net work.

Next best thing to Black Friday? Amazon Prime Day comes on July 12

You won't necessarily be able to use Amazon Prime Day on July 12 as an excuse to avoid family, like some do with Black Friday, but Amazon is promising that you'll get to choose from 100,000 great online shopping deals. The second annual Amazon Prime Day is available only to those who have subscribed to Amazon Prime, which gets you free shipping, access to entertainment content and more for $99 a year (though you can also go the free trial route if you just want to dip in for Amazon Prime Day).To read this article in full or to leave a comment, please click here

Sales Engineers In Big Demand But Training is Lacking

Juniper is looking for programmers who can do sales.

HP sells PCs in a new way as it tries to speed up upgrades

As the PC upgrade cycle slows down, HP is making a new devices-and-services pitch in an effort to revive sales. HP's device-as-a-service program, announced Thursday, gives companies the option of buying PCs, support and services via a monthly charge instead of paying for everything upfront.With many businesses waiting five or six years to upgrade PCs, the new plan could push users to refresh hardware at a faster pace. The offering is similar to the software-as-a-service model popularized by software companies. It's like renting a PC and paying in installments, but with added benefits. To read this article in full or to leave a comment, please click here

Custom Silicon Isn’t That Hard After All

Barefoot Networks proves you can make ASICs without a big company.

The post Custom Silicon Isn’t That Hard After All appeared first on EtherealMind.

Integration projects that went terribly wrong

Large IT modernization projects often failImage by ThinkstockAccording to the 2011 Institute for Defense Analysis report, business transformation projects are routinely “over budget, behind schedule, and have not met performance expectations.”To read this article in full or to leave a comment, please click here

Integration projects that went terribly wrong

Large IT modernization projects often failImage by ThinkstockAccording to the 2011 Institute for Defense Analysis report, business transformation projects are routinely “over budget, behind schedule, and have not met performance expectations.”To read this article in full or to leave a comment, please click here

IDG Contributor Network: How computer chips can be hacked

Mass implementation of Trojan viruses, introduced in the chip manufacturing process, will be responsible for allowing attackers and others to obtain leaky data and to control processes from IoT devices and beyond, a German security expert says.Christof Parr, who is head of embedded security at Ruhr-Universität Bochum in Germany, has obtained special grant funding to explore the controversial subject, the university says in a release.Hardware Trojans, or backdoors, could be “integrated into the devices by the manufacturers from the outset, or included during chip manufacturing,” the university says.To read this article in full or to leave a comment, please click here

Younger generation more optimistic about big data, study says

IT professionals aged 18 to 34 are much more optimistic than their elders that "big data" analysis will fundamentally change how business is conducted in the next few years, according to an IDG Enterprise survey.To read this article in full or to leave a comment, please click here(Insider Story)

IT Resume Makeover: How to show employers the real you

Joshua Jacobs, a senior security systems administrator, was once told by a hiring manager that when looking at his resume, he assumed Jacobs was "just another sys admin," but after interviewing him, he realized he was much more than that. That's when Jacobs knew it was time to work on his resume. We heard Jacobs plight and teamed him up with Andrew Ysasi, president of Admovio and executive director of Kent Record Management, who took on the task of reformatting Jacobs' resume to reflect his impressive background and skills.To read this article in full or to leave a comment, please click here(Insider Story)

HTTP/2 Server Push with multiple assets per Link header

In April we announced that we had added experimental support for HTTP/2 Server Push to all CloudFlare web sites. We did this so that our customers could iterate on this new functionality.

CC BY 2.0 image by https://www.flickr.com/photos/mryipyop/

Our implementation of Server Push made use of the HTTP Link header as detailed in W3C Preload Working Draft.

We also showed how to make Server Push work from within PHP code and many people started testing and using this feature.

However, there was a serious restriction in our initial version: it was not possible to specify more than one asset per Link header for Server Push and many CMS and web development platforms would not allow multiple Link headers.

We have now addressed that problem and it is possible to request that multiple assets be pushed in a single Link header. This change is live and was used to push assets in this blog post to your browser if your browser supports HTTP/2.

When CloudFlare reads a Link header sent by an origin web server it will remove assets that it pushes from the Link header passed on to the web browser. That made it a little difficult Continue reading

Google age-discrimination lawsuit may become a monster

Just over a year ago, two job applicants filed a lawsuit against Google. They claimed they were rejected because of their age. Both were over 40.A federal court in San Jose, Calif., is now being asked to decide whether many others who sought jobs at Google and were also rejected can join this case.On Wednesday, a motion for conditional certification of collective action status was filed. This motion, similar to a class action, seeks to include "all individuals who interviewed in-person for any software engineer, site reliability engineer, or systems engineer position with Google in the United States during the time period from August 13, 2010 through the present; were age 40 or older at the time of the interview; and were refused employment by Google."To read this article in full or to leave a comment, please click here

Modern meetings: How to share your screen to your conference TV

Go to almost any meeting these days and you'll see a sea of laptops around the table and sometimes some iPads or other tablets. That lets people look up information, take notes, and do on-the-fly research during the meeting.To read this article in full or to leave a comment, please click here(Insider Story)

Security Sessions: Is hospital security on life support?

In this episode of Security Sessions, CSO Editor-in-Chief Joan Goochild speaks with Ted Harrington from Independent Security Evaluators about how vulnerable hospitals are in protecting patient health.