Co-workers peering at their smartphones more than ever isn’t an optical illusion, and you’re not imagining seeing a bunch of shiny bald pates or lustrous weaves of hair where there were once friendly faces. Smartphone use increased more over the past year compared to tablets and PCs.That’s among the tidbits in a new comScore study on application use.Other revelations from the report corroborate why audible alerts from smartphones are less common and it's become unusual to hear the beeps of text messages in some places—such as commuter railway cars: Large numbers of people are rejecting notifications, comScore suggests in research it published this month. “Push notification fatigue” is to blame, it says.To read this article in full or to leave a comment, please click here
Cisco has warned of a high priority security hole in its IOS software that could have let attackers snatch memory contents from a variety of products that could lead to the disclosure of confidential information.
+More on Network World: Cisco buys into containers with Container X acquisition+
Specifically Cisco said the vulnerability is due to “insufficient condition checks in the part of the code that handles [Internet Key Exchange] IKEv1 security negotiation requests. An attacker could exploit this vulnerability by sending a crafted IKEv1 packet to an affected device configured to accept IKEv1 security negotiation requests.”To read this article in full or to leave a comment, please click here
Cisco has warned of a high priority security hole in its IOS software that could have let attackers snatch memory contents from a variety of products that could lead to the disclosure of confidential information.
+More on Network World: Cisco buys into containers with Container X acquisition+
Specifically Cisco said the vulnerability is due to “insufficient condition checks in the part of the code that handles [Internet Key Exchange] IKEv1 security negotiation requests. An attacker could exploit this vulnerability by sending a crafted IKEv1 packet to an affected device configured to accept IKEv1 security negotiation requests.”To read this article in full or to leave a comment, please click here
A security researcher going by Minxomat scanned IPv4 addresses and then released a list of nearly 800,000 open FTP servers, meaning no authentication is required to access them. His scan revealed that 4.32 percent of all FTP servers in the IPv4 address space allowed “anonymous” users to log in with no password.“This is a list of all (796,578) FTP servers directly connected to port 21 in the IPv4 address space that allow anonymous logins,” Minxomat wrote on GitHub. “The login must be completed in less than five seconds to qualify for this list.”If an FTP server was meant to be public, he did not include it in the list. In his post describing “mass-analyzing a chunk of the internet,” Minxomat said he set up filters to exclude other results such as “POS system firmware update servers and printers (firmware|printer).”To read this article in full or to leave a comment, please click here
A security researcher going by Minxomat scanned IPv4 addresses and then released a list of nearly 800,000 open FTP servers, meaning no authentication is required to access them. His scan revealed that 4.32 percent of all FTP servers in the IPv4 address space allowed “anonymous” users to log in with no password.“This is a list of all (796,578) FTP servers directly connected to port 21 in the IPv4 address space that allow anonymous logins,” Minxomat wrote on GitHub. “The login must be completed in less than five seconds to qualify for this list.”If an FTP server was meant to be public, he did not include it in the list. In his post describing “mass-analyzing a chunk of the internet,” Minxomat said he set up filters to exclude other results such as “POS system firmware update servers and printers (firmware|printer).”To read this article in full or to leave a comment, please click here
A security researcher going by Minxomat scanned IPv4 addresses and then released a list of nearly 800,000 open FTP servers, meaning no authentication is required to access them. His scan revealed that 4.32% of all FTP servers in the IPv4 address space allowed “anonymous” users to login with no password.“This is a list of all (796,578) FTP servers directly connected to port 21 in the IPv4 address space that allow anonymous logins,” Minxomat wrote on GitHub. “The login must be completed in less than five seconds to qualify for this list.”If an FTP server was meant to be public, he did not include it in the list. In his post describing “mass-analyzing a chunk of the internet,” Minxomat said he set up filters to exclude other results such as “POS system firmware update servers and printers (firmware|printer).”To read this article in full or to leave a comment, please click here
Google this week is expected to release Allo, an AI-powered app previewed in May at the Google I/O confab that's aimed at adding more pizzazz to text messaging.
Google said back then that it planned to release the app by the end of summer, and that would be this Wednesday, Sept. 21. Reliable mobile news blogger Evan Blass has tweeted "Hello, Allo (launches this week)," and Google watchers have been quick to rehash this.To read this article in full or to leave a comment, please click here
Cisco Systems has patched a vulnerability similar to one exploited by a cyberespionage group believed to be linked to the U.S. National Security Agency.The vulnerability affects networking devices running Cisco's IOS, IOS XE and IOS XR operating systems that process IKEv1 (Internet Key Exchange version 1) packets. When exploited, it allows remote unauthenticated attackers to extract contents from a device's memory, potentially leading to the exposure of sensitive and confidential information.IKE is a key exchange protocol used by several popular features including LAN-to-LAN VPN (Virtual Private Network), remote access VPN, Dynamic Multipoint VPN (DMVPN) and Group Domain of Interpretation (GDOI). It is likely to be enabled on many Cisco devices in enterprise environments.To read this article in full or to leave a comment, please click here
Cisco Systems has patched a vulnerability similar to one exploited by a cyberespionage group believed to be linked to the U.S. National Security Agency.The vulnerability affects networking devices running Cisco's IOS, IOS XE and IOS XR operating systems that process IKEv1 (Internet Key Exchange version 1) packets. When exploited, it allows remote unauthenticated attackers to extract contents from a device's memory, potentially leading to the exposure of sensitive and confidential information.IKE is a key exchange protocol used by several popular features including LAN-to-LAN VPN (Virtual Private Network), remote access VPN, Dynamic Multipoint VPN (DMVPN) and Group Domain of Interpretation (GDOI). It is likely to be enabled on many Cisco devices in enterprise environments.To read this article in full or to leave a comment, please click here
Cisco Systems has patched a vulnerability similar to one exploited by a cyberespionage group believed to be linked to the U.S. National Security Agency.The vulnerability affects networking devices running Cisco's IOS, IOS XE and IOS XR operating systems that process IKEv1 (Internet Key Exchange version 1) packets. When exploited, it allows remote unauthenticated attackers to extract contents from a device's memory, potentially leading to the exposure of sensitive and confidential information.IKE is a key exchange protocol used by several popular features including LAN-to-LAN VPN (Virtual Private Network), remote access VPN, Dynamic Multipoint VPN (DMVPN) and Group Domain of Interpretation (GDOI). It is likely to be enabled on many Cisco devices in enterprise environments.To read this article in full or to leave a comment, please click here
Echo Dot is a hands-free, voice-controlled device that uses Alexa to play & control music (either on its own, or through a connected speaker/receiver), control smart home devices, provide information, read the news, set alarms, and more. If you’re looking to buy them as gifts, or for different homes or rooms, Amazon will throw in a free one ($50 value) when you buy 5, or two free ones when you buy 10 (a $100 value). To take advantage of this limited time offer, select 6 or 12 in the quantity dropdown and add to your Shopping Cart. Enter promo code DOT6PACK or DOT12PACK at checkout where you will see the discount applied. The new Amazon Echo Dot comes in black, and now also white. See the new Amazon Echo Dot now on Amazon.To read this article in full or to leave a comment, please click here
Previous migration efforts are often so bad that the majority of IT pros drag their feet on doing another migration project, even if they need it. That's one of the results of a new study by a cloud migration specialist Vision Solutions.The migration survey -- see chart below -- was part of a larger study, the Vision Solutions' 8th Annual State of Resilience report.The problem, however, lies with many IT shops, according to Vision. They either lack expertise to do the job properly, don't plan well in advance, or both. Of the 935 professionals surveyed, 35 percent say that they lack the experience or the expertise to confidently perform a system migration.To read this article in full or to leave a comment, please click here
Project management involves the use of people, processes and methodologies to plan, initiate, execute, monitor and close activities. It is designed to meet an organization's project goals, and hopefully overall strategic objectives.
Change management, similar to project management, involves people, processes, and tools to effectively help organizations manage all the changes that occur, whether as a result of project initiatives, or other factors that might impact the business.
While project management and change management are two areas often work side-by-side -- and they should -- there are some similarities. However, these are different disciplines. Think about project management in the example of software development and implementation. A project manager works with a project team to plan, communicate and execute the actual development and implementation itself. A change manager will work with the same project management team to identify, communicate, and effectively manage all aspects relating to how any changes will ultimately impact all stakeholders.To read this article in full or to leave a comment, please click here
Trust, but verify, the old adage goes. But in a tight IT talent market, it seems hiring companies are doing a heck of a lot of the former and not enough of the latter. New research shows that organizations are trusting employees when they say they've attained certifications, but aren't investing the time or energy to verify whether or not those credentials have actually been earned."We'd heard this anecdotally, but to see it in the hard data was very concerning, and it made us cringe. The value in the certifications themselves isn't in question, but the lack of action by hiring managers and the fact that some candidates are fudging the truth makes everyone look bad. This has the potential to seriously impede the credibility of certifications to qualify and benchmark candidates," says Jason Hayman, market research manager at TEKSystems, which conducted the research.To read this article in full or to leave a comment, please click here
The days of Microsoft's System Center may be numbered. With the introduction of Windows 10, Microsoft has begun championing a different approach to systems management -- the same approach that Apple created for the iPad and iPhone, and Google later adopted for Android. Organizations adopting Windows 10 can take advantage of this new approach, allowing IT to manage all client devices -- Windows 10 PCs (as older Windows versions are retired), Macs, iOS devices, and Android devices -- from the same consoles, using the same policy-driven technology in what is called an omnidevice strategy.To read this article in full or to leave a comment, please click here(Insider Story)
It's what's inside that countsImage by Mike HomnickIt’s the day everybody dreads: You power up your PC and it sits dormant, failing to boot because your hard drive or SSD is dead. But after you stop cursing and reaching for your backups—you do create backups regularly, right?—you might as well make the best of things.To read this article in full or to leave a comment, please click here
For as long as there have been technology certifications, IT pros have debated their value. Some believe they're the key to a fatter paycheck, while others contend that they're often not worth the paper they're printed on. Others take the middle road and say they can be valuable in the right circumstances, but experience is king.To read this article in full or to leave a comment, please click here(Insider Story)
1. Let two become one—safelyImage by PexelsStephen Boyer, CTO and co-founder of BitSight, knows one of the biggest threats to your company's tech security: the possibility that it might buy another company. He points to a survey from West Monroe Partners that found that 40% of acquiring companies discovered a cybersecurity problem in an acquired company—after a deal went through. It probably shouldn't be surprising that, in a 2014 survey from Freshfields Bruckhaus Deringer, a staggering 78% of respondents said cybersecurity is not analyzed in-depth as part of due diligence in an acquisition.To read this article in full or to leave a comment, please click here
1. Let two become one—safelyImage by PexelsStephen Boyer, CTO and co-founder of BitSight, knows one of the biggest threats to your company's tech security: the possibility that it might buy another company. He points to a survey from West Monroe Partners that found that 40% of acquiring companies discovered a cybersecurity problem in an acquired company—after a deal went through. It probably shouldn't be surprising that, in a 2014 survey from Freshfields Bruckhaus Deringer, a staggering 78% of respondents said cybersecurity is not analyzed in-depth as part of due diligence in an acquisition.To read this article in full or to leave a comment, please click here