Adobe patches critical vulnerability in ColdFusion application server

Adobe Systems released critical security patches for its ColdFusion application server, which has been a target for hackers in the past.The updates are available for ColdFusion versions 10 and 11 and address a critical security vulnerability that could lead to sensitive information disclosure when parsing specially crafted XML entities.Administrators are advised to upgrade their ColdFusion deployments to version 10 update 21 or version 11 update 10, depending on which branch they're using. The ColdFusion 2016 release is not affected, Adobe said in a security advisory.To read this article in full or to leave a comment, please click here

Adobe patches critical vulnerability in ColdFusion application server

Adobe Systems released critical security patches for its ColdFusion application server, which has been a target for hackers in the past.The updates are available for ColdFusion versions 10 and 11 and address a critical security vulnerability that could lead to sensitive information disclosure when parsing specially crafted XML entities.Administrators are advised to upgrade their ColdFusion deployments to version 10 update 21 or version 11 update 10, depending on which branch they're using. The ColdFusion 2016 release is not affected, Adobe said in a security advisory.To read this article in full or to leave a comment, please click here

16% off Logitech Bluetooth Audio Adapter for Bluetooth Streaming – Deal Alert

The Logitech Bluetooth Audio Adapter is all you need to turn your favorite speakers into a wireless sound system for your smartphone and tablet.  It connects to any powered speakers with a standard plug-and-play 3.5 mm or RCA connection—PC speakers, your home stereo system, even your A/V receiver. Simply plug your speakers or stereo system into this small and unobtrusive Bluetooth Audio Adapter, press the pairing button, and you’re ready to stream. Relax in your favorite chair and control your music with a reliable line-of-sight connection up to 50 feet away from your speakers. The Logitech Bluetooth Audio Adapter currently averages 4.5 out of 5 stars from over 2,200 people on Amazon (read reviews).  Check out the discounted Logitech Bluetooth Audio Adapter now on Amazon.To read this article in full or to leave a comment, please click here

Opening up Z-Wave code may help to make IoT hum

Home IoT is still reaching for mainstream use. The main backer of Z-Wave, a widely used in-home networking standard, just did something that might help take it there.On Wednesday, chip vendor Sigma Designs made the interoperability layer of Z-Wave available free to the public. This is the code that allows all Z-Wave products to work together. Now anyone can download the code, develop software with it, and give that code to others.Like others in the fledgling IoT business, Z-Wave's backers want to get more devices working together. This latest move might help to make that happen, plus drive more manufacturers to pick Z-Wave over other IoT network options.To read this article in full or to leave a comment, please click here

Bang & Olufsen puts a new spin on the portable Bluetooth speaker

Audiophiles may roll their eyes at the very idea of portable Bluetooth speakers, but high-design hi-fi firm Bang & Olufsen just unveiled two of them in Berlin.The BeoSound 1 and 2 are certainly not pocket-sized and at €1295 (US$1495) and €1695 (US$1895) respectively they won't fit many pocketbooks either, but then that's never been the company's goal.The smaller of the two speakers, the BeoSound 1 is 327 millimeters high and weighs 3.5 kilograms. It's a sturdy truncated cone of smooth, polished aluminium, surmounted by a disk that appears to float above it. The internal battery will power it for four to 16 hours, depending on how loud you like to listen, and it can be plugged directly into an outlet to recharge: no wall wart or power brick is necessary.To read this article in full or to leave a comment, please click here

Meet the newest member of SAP’s Hana family: a data warehouse

SAP has already placed big bets on Hana, and now it's adding more with a new data warehouse tailored specifically for the in-memory computing platform. Launched on Wednesday, SAP BW/4Hana promises to minimize data movement and duplication by enabling data to be analyzed wherever it resides, whether within or outside the enterprise. It can also integrate live streaming and time-series sensor data collected from internet of things (IoT) environments.  Back in 2014, SAP added Hana support to its longstanding Business Warehouse data warehousing software, but BW/4Hana goes a big step further. Like S4/Hana, the enterprise suite SAP released last year, the new data warehouse is optimized for Hana, and will not run on any other platform.To read this article in full or to leave a comment, please click here

Windows 10 Mobile review: Small fixes show this plucky phone OS won’t give up

A year ago, we characterized Microsoft’s Windows 10 Mobile as a second-tier OS, but not one that’s second rate. Fast-forward nine months later to the Windows 10 Mobile Anniversary Update, and we’re still seeing signs of slow progress—but perhaps not quite fast enough for an operating system the market has largely given up on.My impressions of the Windows 10 AU are of tweaking, patching, and catching up. The most important additions include the new Wallet app, which finally allows tap-to-pay NFC payments for Windows 10 AU smartphones—something that both Android and iOS have had for years. The simplified Skype Preview app debuts, as it also has on PCs. An existing app, Continuum, now projects screens wirelessly onto a PC without the need for a Display Dock, and Windows 10 now exchanges messages and notifications between the phone and PC better than ever. Otherwise, there are other, minor adjustments, scattered throughout the updated OS.To read this article in full or to leave a comment, please click here

Review: SentinelOne blocks and dissects threats

SentinelOne Endpoint Protection Platform (EPP) is an antimalware solution that protects against targeted attacks, malware, and zero-day threats through behavioral analysis and process whitelisting and blacklisting. The client agent, which analyzes the behavior of processes on Windows, OS X, Linux, and Android endpoints, can replace or run alongside other signature-based antimalware solutions. SentinelOne EPP stands out not only for its protection capabilities but also for its excellent forensics and threat analysis.SentinelOne evaluates process behavior based on "dynamic execution patterns." The agent scans endpoints, indexes application files and processes, and sends information about them to the cloud where they are assigned reputation scores. When scores surpass policy thresholds, processes can be killed, files quarantined, and endpoints rolled back to the last known-good state. Metadata about processes and files are pooled among SentinelOne's customers, building an anonymous threat intelligence network that benefits everyone.To read this article in full or to leave a comment, please click here(Insider Story)

Lessons from high-profile IT failures

It has not been a good few months for the health and consistency of airline information technology. Two huge outages within a couple of weeks of each other -- caused by simple component failures -- resulted in massive passenger disruptions and cost two U.S. airlines millions of dollars in lost revenue and customer compensation.To read this article in full or to leave a comment, please click here(Insider Story)

Lessons from high-profile IT failures

It has not been a good few months for the health and consistency of airline information technology. Two huge outages within a couple of weeks of each other -- caused by simple component failures -- resulted in massive passenger disruptions and cost two U.S. airlines millions of dollars in lost revenue and customer compensation.These events, while of course most painful for those who experienced them, present quite a few opportunities for learning and improving our own processes, and that's what I'd like to explore in this piece.[ Further reading: Backup and recovery tools: Users identify the good, bad and ugly ] First, a little background. What ended up being a faulty router took down the entire Southwest Airlines operation for a day on July 21 and caused rippling effects for several days after the original outage. (A fact that might surprise you is that Southwest is by a wide margin the largest domestic carrier of passengers in the United States.) The Dallas Morning News reported the fallout.To read this article in full or to leave a comment, please click here(Insider Story)

How to keep viral memes from spreading malware in your enterprise

Perhaps the worst news about Pokemon Go is how attackers are using it to spread malware. This is not the first time bad-guy hackers have leveraged the popularity of games to spread malicious software. Viral memes spread malware, too, via drive-by attacks as people visit malicious sites that draw them by hosting or linking to the internet-based cultural sensation.Users assume that games and meme sites have integrity. This makes it easy for the hackers to push compromising software onto consumers’ phones and computers and into your organization. Cyber thugs also use man-in-the-middle attacks on game apps to take control of mobile devices and launch attacks on the enterprise.To read this article in full or to leave a comment, please click here

Dropbox changed passwords after 68M accounts were compromised

Dropbox’s move last week to ask users who had signed up before mid-2012 to change their account passwords followed the discovery of a large dump of email addresses and passwords related to these accounts.The online storage company confirmed late Tuesday reports that 68 million user email addresses and hashed and salted passwords from an incident in 2012 had been compromised.Dropbox said that the password reset the company completed last week covered all of the affected users so that the Dropbox accounts are protected.Last week, the company asked users who signed up before mid-2012 to change their passwords if they haven’t done so since then, describing it as a preventive measure and not because there was any indication that their accounts were improperly accessed.To read this article in full or to leave a comment, please click here

Dropbox changed passwords after 68M account records were compromised

Dropbox’s move last week to ask users who had signed up before mid-2012 to change their account passwords followed the discovery of a large dump of email addresses and passwords related to these accounts. The online storage company confirmed late Tuesday reports that 68 million user email addresses and hashed and salted passwords from an incident in 2012 had been compromised. Dropbox said that the password reset the company completed last week covered all of the affected users so that the Dropbox accounts are protected. Last week, the company asked users who signed up before mid-2012 to change their passwords if they haven’t done so since then, describing it as a preventive measure and not because there was any indication that their accounts were improperly accessed.To read this article in full or to leave a comment, please click here

Dropbox changed passwords after 68M account records were compromised

Dropbox’s move last week to ask users who had signed up before mid-2012 to change their account passwords followed the discovery of a large dump of email addresses and passwords related to these accounts. The online storage company confirmed late Tuesday reports that 68 million user email addresses and hashed and salted passwords from an incident in 2012 had been compromised. Dropbox said that the password reset the company completed last week covered all of the affected users so that the Dropbox accounts are protected. Last week, the company asked users who signed up before mid-2012 to change their passwords if they haven’t done so since then, describing it as a preventive measure and not because there was any indication that their accounts were improperly accessed.To read this article in full or to leave a comment, please click here

Planning for Migration into the Cloud?

One of my readers sent me this question:

Have you written something about assessment and planning for migration of traditional in-premise data center network to private or public cloud? There would be hundreds of things to check during assessment and then plan accordingly.

Academically, that’s a wrong way of approaching the problem.

Read more ...
1 2,656 2,657 2,658 2,659 2,660 3,791