Court ruling puts future of H-1B lottery in doubt

The U.S. government's attempt to stop a lawsuit challenging the legality of the H-1B lottery was rejected Thursday by a federal court judge.The government tried to get this case dismissed on legal technicalities but failed. U.S. District Court Judge Michael Simon, in Oregon, denied the government's dismissal motion in a 24-page ruling.This case may now be decided quickly. The plaintiffs are seeking a summary judgment with oral arguments schedule in December. If the summary judgment is granted, the lottery could end -- the plaintiffs hope -- as early as next year.The case was brought by Tenrec Inc., a web development firm, and Walker Macy LLC, a landscape architecture, urban design and planning firm. Both firms filed petitions to hire a person who needed an H-1B visa, but lost the lottery.To read this article in full or to leave a comment, please click here

NY regulation aims to raise bank security standards

Next week, New York State will begin a 45-day public comment period on its new financial industry cybersecurity regulation -- and, so far, security experts have a favorable view of the proposal.Under the new regulations, banks and insurance companies doing business in New York State will need to establish a cybersecurity program, appoint a Chief Information Security Officer and monitor the cybersecurity policies of their business partners.According to New York Gov. Andrew Cuomo, this is the first such regulation in the country. "This regulation helps guarantee the financial services industry upholds its obligation to protect consumers and ensure that its systems are sufficiently constructed to prevent cyber-attacks to the fullest extent possible," he said in a statement.To read this article in full or to leave a comment, please click here

NY regulation aims to raise bank security standards

Next week, New York State will begin a 45-day public comment period on its new financial industry cybersecurity regulation -- and, so far, security experts have a favorable view of the proposal.Under the new regulations, banks and insurance companies doing business in New York State will need to establish a cybersecurity program, appoint a Chief Information Security Officer and monitor the cybersecurity policies of their business partners.According to New York Gov. Andrew Cuomo, this is the first such regulation in the country. "This regulation helps guarantee the financial services industry upholds its obligation to protect consumers and ensure that its systems are sufficiently constructed to prevent cyber-attacks to the fullest extent possible," he said in a statement.To read this article in full or to leave a comment, please click here

Here’s What’s Inside Oracle’s AWS-Killing Bare Metal Cloud

AWS killer or 'minimum viable product?'

Largest DDoS attack ever delivered by botnet of hijacked IoT devices

Securing the internet of things should become a major priority now that an army of compromised devices – perhaps 1 million strong - has swamped one of the industry’s top distributed denial-of-service protection services.A giant botnet made up of hijacked internet-connected things like cameras, lightbulbs, and thermostats has launched the largest DDoS attack ever against a top security blogger, an attack so big Akamai had to cancel his account because defending it ate up too many resources.It wasn’t that Akamai couldn’t mitigate the attack – it did so for three days – but doing so became too costly, so the company made a business decision to cut the affected customer loose, says Andy Ellis the company’s chief security officer.To read this article in full or to leave a comment, please click here

Largest DDoS attack ever delivered by botnet of hijacked IoT devices

Securing the internet of things should become a major priority now that an army of compromised devices – perhaps 1 million strong - has swamped one of the industry’s top distributed denial-of-service protection services.A giant botnet made up of hijacked internet-connected things like cameras, lightbulbs, and thermostats has launched the largest DDoS attack ever against a top security blogger, an attack so big Akamai had to cancel his account because defending it ate up too many resources.It wasn’t that Akamai couldn’t mitigate the attack – it did so for three days – but doing so became too costly, so the company made a business decision to cut the affected customer loose, says Andy Ellis the company’s chief security officer.To read this article in full or to leave a comment, please click here

SDxCentral Weekly News Roundup — September 23, 2016

Microsoft Azure is generally available from the new Microsoft Cloud Germany.

Software Still Hasn’t Hurt Cisco Like It Was Supposed To

Software is treating Cisco well, one analyst notes.

Here’s what you should know, and do, about the Yahoo breach

Yahoo's announcement that state-sponsored hackers have stolen the details of at least 500 million accounts shocks both through scale -- it's the largest data breach ever -- and the potential security implications for users.That's because Yahoo, unlike MySpace, LinkedIn and other online services that suffered large breaches in recent years, is an email provider; and email accounts are central to users' online lives. Not only are email addresses used for private communications, but they serve as recovery points and log-in credentials for accounts on many other websites.To read this article in full or to leave a comment, please click here

Here’s what you should know, and do, about the Yahoo breach

Yahoo's announcement that state-sponsored hackers have stolen the details of at least 500 million accounts shocks both through scale -- it's the largest data breach ever -- and the potential security implications for users.That's because Yahoo, unlike MySpace, LinkedIn and other online services that suffered large breaches in recent years, is an email provider; and email accounts are central to users' online lives. Not only are email addresses used for private communications, but they serve as recovery points and log-in credentials for accounts on many other websites.To read this article in full or to leave a comment, please click here

Cisco & IBM Both Evaluate the Security Company Imperva

Imperva’s stock has shot up 22%.

Plastic Frog on a Plastic Log

The post Plastic Frog on a Plastic Log appeared first on 'net work.

Well, I never! iOS 10’s voicemail transcription has a potty mouth

Anyone who has looked at automatically-generated subtitles on YouTube can tell you that asking a computer to describe what a human says can lead to hilarious results. Now, Apple has brought that issue to iOS 10 with support for transcribing voicemails.It's a cool feature that makes it easy to know what your Aunt Matilda said about the gastrointestinal problems her dog is having, without actually having to listen to a three-minute-long, blow-by-blow description. But be careful about trusting it -- or reading the transcriptions around sensitive eyes.I learned that the hard way Thursday when someone left me a message about a reorder special on a wine club shipment. Except my iPhone didn't hear it that way, proudly telling me about "wearing your c**k s**t."To read this article in full or to leave a comment, please click here

Cisco: New net management software lets users spot industrial Ethernet network problems quickly

Cisco has rolled out a Windows-based network management package that gathers Industrial Ethernet network events and alerts IT to the event for quick impact analysis and troubleshooting, the company said.+More on Network World: Ethernet: Are there worlds left to conquer?+The product, Industrial Network Director, builds an integrated topology of all network automation and assets and lets operators zoom in on specific devices for real-time monitoring of device status and traffic statistics, Cisco said. The system can integrate into other existing industrial asset management systems which lets customers and system integrators build dashboards customized to meet specific monitoring and accounting requirements.To read this article in full or to leave a comment, please click here

Cisco: New net management software lets users spot industrial Ethernet network problems quickly

Cisco has rolled out a Windows-based network management package that gathers Industrial Ethernet network events and alerts IT to the event for quick impact analysis and troubleshooting, the company said.+More on Network World: Ethernet: Are there worlds left to conquer?+The product, Industrial Network Director, builds an integrated topology of all network automation and assets and lets operators zoom in on specific devices for real-time monitoring of device status and traffic statistics, Cisco said. The system can integrate into other existing industrial asset management systems which lets customers and system integrators build dashboards customized to meet specific monitoring and accounting requirements.To read this article in full or to leave a comment, please click here

Show 307: Teridion s New Take On SaaS Performance & Quality Of Experience (Sponsored)

Teridion, our sponsor for todays show, is changing the basic idea of how to select best paths across the Internet and deliver content quickly through its global network of virtual cloud routers. The post Show 307: Teridion s New Take On SaaS Performance & Quality Of Experience (Sponsored) appeared first on Packet Pushers.

HPE’s DCN / Nuage SDN – Part 2 – First Steps Creating Virtual/Overlay Customer Network

In the previous part 1, we have installed basic HPE DCN system on a group of ESXi hosts. But we didn’t actually done anything inside it, so lets fix this by creating a first “HelloWorld” customer that we will call “NetworkGeekStuff” and deploy some virtual machines to this virtual network. In this part we are going to fix that and we will create a very basic virtual customer, a username/password for that customers administrator and create a small 3 tier ( database / internal  / dmz) network using HPE DCN’s overlay virtual network. And at the very end, we are going to connect to this network a few virtual machines.

Index of article series:

• HPE’s DCN / Nuage SDN – Part 1 – Introduction and LAB Installation Tutorial
• HPE’s DCN / Nuage SDN – Part 2 – First Steps Creating Virtual/Overlay Customer Network

Starting LAB state

We will start exactly where we ended on previous part 1, but to double-check, I am going to show the main views of my vCenter and VSD environment to show how “empty” it is after a pure install that we did so far. So starting with this, below is my view on vCenter boxes, with Continue reading

An overview of TLS 1.3 and Q&A

The CloudFlare London office hosts weekly internal Tech Talks (with free lunch picked by the speaker). My recent one was an explanation of the latest version of TLS, 1.3, how it works and why it's faster and safer.

You can watch the complete talk below or just read my summarized transcript.

The Q&A session is open! Send us your questions about TLS 1.3 at [email protected] or leave them in the Disqus comments below and I'll answer them in an upcoming blog post.

Summarized transcript

To understand why TLS 1.3 is awesome, we need to take a step back and look at how TLS 1.2 works. In particular we will look at modern TLS 1.2, the kind that a recent browser would use when connecting to the CloudFlare edge.

The client starts by sending a message called the ClientHello that essentially says "hey, I want to speak TLS 1.2, with one of these cipher suites".

The server receives that and answers with a ServerHello that says "sure, let's speak TLS 1.2, and I pick this cipher suite".

Along with that the server sends its key share. The Continue reading

Worth Reading: Google as an advertising gatekeeper

When Google decided in May to stop accepting online ads for short-term, ultra-high-cost personal loans known as payday loans, some people wondered whether the company was acting more like a publisher exercising editorial control than a supposedly neutral search engine. Now that Google’s policy has gone into effect, it’s worth asking: To what extent should the company be a gatekeeper, judging which online ads are okay and which are not? And if the world’s largest Internet search engine is going to be selective about accepting ads, where does it draw the line? —MIT Technology Review

The post Worth Reading: Google as an advertising gatekeeper appeared first on 'net work.

Privacy groups urge US FTC to investigate WhatsApp promises

The U.S. Federal Trade Commission should stop mobile messaging service WhatsApp from sharing user data with parent company Facebook in violation of earlier privacy promises, several privacy groups said.The FTC should step in to stop WhatsApp from violating "commitments the company previously made to subscribers," the 17 groups said in a letter sent to the agency Thursday. WhatsApp has long billed itself as a secure and private messaging service. WhatsApp's recently released plan to share user data with Facebook as a way to target advertising could amount to an "unfair and deceptive" trade practice, said the groups, including the Center for Digital Democracy, Consumer Action, Consumer Watchdog, and Demand Progress.To read this article in full or to leave a comment, please click here