Largest DDoS attack ever delivered by botnet of hijacked IoT devices

Securing the internet of things should become a major priority now that an army of compromised devices – perhaps 1 million strong - has swamped one of the industry’s top distributed denial-of-service protection services.A giant botnet made up of hijacked internet-connected things like cameras, lightbulbs, and thermostats has launched the largest DDoS attack ever against a top security blogger, an attack so big Akamai had to cancel his account because defending it ate up too many resources.It wasn’t that Akamai couldn’t mitigate the attack – it did so for three days – but doing so became too costly, so the company made a business decision to cut the affected customer loose, says Andy Ellis the company’s chief security officer.To read this article in full or to leave a comment, please click here

Here’s what you should know, and do, about the Yahoo breach

Yahoo's announcement that state-sponsored hackers have stolen the details of at least 500 million accounts shocks both through scale -- it's the largest data breach ever -- and the potential security implications for users.That's because Yahoo, unlike MySpace, LinkedIn and other online services that suffered large breaches in recent years, is an email provider; and email accounts are central to users' online lives. Not only are email addresses used for private communications, but they serve as recovery points and log-in credentials for accounts on many other websites.To read this article in full or to leave a comment, please click here

Here’s what you should know, and do, about the Yahoo breach

Yahoo's announcement that state-sponsored hackers have stolen the details of at least 500 million accounts shocks both through scale -- it's the largest data breach ever -- and the potential security implications for users.That's because Yahoo, unlike MySpace, LinkedIn and other online services that suffered large breaches in recent years, is an email provider; and email accounts are central to users' online lives. Not only are email addresses used for private communications, but they serve as recovery points and log-in credentials for accounts on many other websites.To read this article in full or to leave a comment, please click here

Well, I never! iOS 10’s voicemail transcription has a potty mouth

Anyone who has looked at automatically-generated subtitles on YouTube can tell you that asking a computer to describe what a human says can lead to hilarious results. Now, Apple has brought that issue to iOS 10 with support for transcribing voicemails.It's a cool feature that makes it easy to know what your Aunt Matilda said about the gastrointestinal problems her dog is having, without actually having to listen to a three-minute-long, blow-by-blow description. But be careful about trusting it -- or reading the transcriptions around sensitive eyes.I learned that the hard way Thursday when someone left me a message about a reorder special on a wine club shipment. Except my iPhone didn't hear it that way, proudly telling me about "wearing your c**k s**t."To read this article in full or to leave a comment, please click here

Cisco: New net management software lets users spot industrial Ethernet network problems quickly

Cisco has rolled out a Windows-based network management package that gathers Industrial Ethernet network events and alerts IT to the event for quick impact analysis and troubleshooting, the company said.+More on Network World: Ethernet: Are there worlds left to conquer?+The product, Industrial Network Director, builds an integrated topology of all network automation and assets and lets operators zoom in on specific devices for real-time monitoring of device status and traffic statistics, Cisco said. The system can integrate into other existing industrial asset management systems which lets customers and system integrators build dashboards customized to meet specific monitoring and accounting requirements.To read this article in full or to leave a comment, please click here

Cisco: New net management software lets users spot industrial Ethernet network problems quickly

Cisco has rolled out a Windows-based network management package that gathers Industrial Ethernet network events and alerts IT to the event for quick impact analysis and troubleshooting, the company said.+More on Network World: Ethernet: Are there worlds left to conquer?+The product, Industrial Network Director, builds an integrated topology of all network automation and assets and lets operators zoom in on specific devices for real-time monitoring of device status and traffic statistics, Cisco said. The system can integrate into other existing industrial asset management systems which lets customers and system integrators build dashboards customized to meet specific monitoring and accounting requirements.To read this article in full or to leave a comment, please click here

HPE’s DCN / Nuage SDN – Part 2 – First Steps Creating Virtual/Overlay Customer Network

In the previous part 1, we have installed basic HPE DCN system on a group of ESXi hosts. But we didn’t actually done anything inside it, so lets fix this by creating a first “HelloWorld” customer that we will call “NetworkGeekStuff” and deploy some virtual machines to this virtual network. In this part we are going to fix that and we will create a very basic virtual customer, a username/password for that customers administrator and create a small 3 tier ( database / internal  / dmz) network using HPE DCN’s overlay virtual network. And at the very end, we are going to connect to this network a few virtual machines.

Index of article series:

Starting LAB state

We will start exactly where we ended on previous part 1, but to double-check, I am going to show the main views of my vCenter and VSD environment to show how “empty” it is after a pure install that we did so far. So starting with this, below is my view on vCenter boxes, with Continue reading

An overview of TLS 1.3 and Q&A

The CloudFlare London office hosts weekly internal Tech Talks (with free lunch picked by the speaker). My recent one was an explanation of the latest version of TLS, 1.3, how it works and why it's faster and safer.

You can watch the complete talk below or just read my summarized transcript.

The Q&A session is open! Send us your questions about TLS 1.3 at [email protected] or leave them in the Disqus comments below and I'll answer them in an upcoming blog post.

Summarized transcript

TLS 1.2 ECDHE

To understand why TLS 1.3 is awesome, we need to take a step back and look at how TLS 1.2 works. In particular we will look at modern TLS 1.2, the kind that a recent browser would use when connecting to the CloudFlare edge.

TLS 1.2 ECDHE exchange

The client starts by sending a message called the ClientHello that essentially says "hey, I want to speak TLS 1.2, with one of these cipher suites".

The server receives that and answers with a ServerHello that says "sure, let's speak TLS 1.2, and I pick this cipher suite".

Along with that the server sends its key share. The Continue reading

Worth Reading: Google as an advertising gatekeeper

When Google decided in May to stop accepting online ads for short-term, ultra-high-cost personal loans known as payday loans, some people wondered whether the company was acting more like a publisher exercising editorial control than a supposedly neutral search engine. Now that Google’s policy has gone into effect, it’s worth asking: To what extent should the company be a gatekeeper, judging which online ads are okay and which are not? And if the world’s largest Internet search engine is going to be selective about accepting ads, where does it draw the line? —MIT Technology Review

LinkedInTwitterGoogle+Facebook

The post Worth Reading: Google as an advertising gatekeeper appeared first on 'net work.

Privacy groups urge US FTC to investigate WhatsApp promises

The U.S. Federal Trade Commission should stop mobile messaging service WhatsApp from sharing user data with parent company Facebook in violation of earlier privacy promises, several privacy groups said.The FTC should step in to stop WhatsApp from violating "commitments the company previously made to subscribers," the 17 groups said in a letter sent to the agency Thursday. WhatsApp has long billed itself as a secure and private messaging service. WhatsApp's recently released plan to share user data with Facebook as a way to target advertising could amount to an "unfair and deceptive" trade practice, said the groups, including the Center for Digital Democracy, Consumer Action, Consumer Watchdog, and Demand Progress.To read this article in full or to leave a comment, please click here

Privacy groups urge US FTC to investigate WhatsApp promises

The U.S. Federal Trade Commission should stop mobile messaging service WhatsApp from sharing user data with parent company Facebook in violation of earlier privacy promises, several privacy groups said.The FTC should step in to stop WhatsApp from violating "commitments the company previously made to subscribers," the 17 groups said in a letter sent to the agency Thursday. WhatsApp has long billed itself as a secure and private messaging service. WhatsApp's recently released plan to share user data with Facebook as a way to target advertising could amount to an "unfair and deceptive" trade practice, said the groups, including the Center for Digital Democracy, Consumer Action, Consumer Watchdog, and Demand Progress.To read this article in full or to leave a comment, please click here

50% off Inateck USB 3.0 Dual-Bay Hard Drive Cloning Station – Deal Alert

This gadget from Inateck will duplicate any 2.5 inch or 3.5 inch SATA HDD/SSD drive quickly and automatically without the need for a computer, by just pushing a button. Once cloning has started, an LED indicator shows you 25%, 50%, 75%, and 100% completion status. Or don't kick off the cloning process, and the unit allows you to move files freely between drives as you would an external HDD/SSD. Built-in safeguards protect against overheating, overvoltage, current leaks, short circuits, peak voltage, and other disturbances to ensure safe data access and transfers. The unit currently averages 4.5 out of 5 stars on Amazon from over 530 customers (read reviews). With a typical list price of $69.99, this 50% off deal puts it at just $34.99. See the discounted Inateck HDD/SSD cloning station now on Amazon.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Mainframes 2026: What the future holds for big iron

For more than 50 years mainframes have powered thousands of organizations around the world, from banks to militaries to government agencies. Looking looking back at all that history makes me think about the critical role that big iron has played in the world, but it also gets me thinking about the future and what the next 10 years holds for the mainframe industry.+ Also on Network World: The future of virtualization: Don’t forget the so-called 'old' +What makes me so confident that mainframing even has a 2026 worth looking forward to? After all, hasn’t the cloud revolutionized data storage and processing and ushered in the end of mainframes? The truth is that not every disruptive development replaces what it disrupted—sometimes not immediately and sometimes not at all. Globalization did not kill American IT jobs, Metallica didn’t negate Van Halen, and the cloud won’t kill mainframes because mainframes have something that the cloud will need over the next decade: power.To read this article in full or to leave a comment, please click here

1 2,642 2,643 2,644 2,645 2,646 3,835