Flash Player zero-day exploit is being used in the wild by a cyberespionage group

Adobe Systems warned users Tuesday that an unpatched Flash Player vulnerability is currently being exploited in targeted attacks. The company expects to deliver a patch as soon as Thursday. The exploit was discovered by researchers from antivirus vendor Kaspersky Lab in attacks attributed to a cyberespionage group known in the security industry as ScarCruft. The group is relatively new, but is apparently quite resourceful, as this is possibly the second zero-day -- previously unknown and unpatched -- exploit that it used this year. The other exploit targeted a critical remote code execution vulnerability in Microsoft XML Core Services that was tracked as CVE-2016-0147 and was patched by Microsoft in April.To read this article in full or to leave a comment, please click here

Flash Player zero-day exploit is being used in the wild by a cyberespionage group

Adobe Systems warned users Tuesday that an unpatched Flash Player vulnerability is currently being exploited in targeted attacks. The company expects to deliver a patch as soon as Thursday. The exploit was discovered by researchers from antivirus vendor Kaspersky Lab in attacks attributed to a cyberespionage group known in the security industry as ScarCruft. The group is relatively new, but is apparently quite resourceful, as this is possibly the second zero-day -- previously unknown and unpatched -- exploit that it used this year. The other exploit targeted a critical remote code execution vulnerability in Microsoft XML Core Services that was tracked as CVE-2016-0147 and was patched by Microsoft in April.To read this article in full or to leave a comment, please click here

Directed ARP and ICMP Redirects

One of my readers sent me this question:

When I did my ***redacted*** I encountered a question about Directed ARP. The RFC (https://tools.ietf.org/html/rfc1433) is in the "experimental" stage, and I found it really weird from ***** to include such a hidden gem in the ***redacted***.

Directed ARP is clearly one of those weird things that people were trying out in the early days of networking when packet forwarding and bandwidth were still expensive (read the RFC for more details), but I kept wondering “what exactly is going on when a host receives an ICMP redirect?” Time for a hands-on test.

Safari 10 to turn off Flash by default

Apple's Safari is driving another nail in the coffin of Adobe Flash by no longer telling websites that offer both Flash and HTML5 that the plug-in is installed on users' Macs.The Mac maker is planning similar measures with other plug-ins like Java, Silverlight and QuickTime. This move will force websites with both plug-in and HTML5-based media implementations to use their HTML5, it said.When Safari 10, the new version of its browser,  ships this fall, it will by default behave as though common legacy plug-ins on users’ Macs are not installed, wrote Apple software engineer Ricky Mondello in a post.To read this article in full or to leave a comment, please click here

Safari 10 to turn off Flash by default

Apple's Safari is driving another nail in the coffin of Adobe Flash by no longer telling websites that offer both Flash and HTML5 that the plug-in is installed on users' Macs. The Mac maker is planning similar measures with other plug-ins like Java, Silverlight and QuickTime. This move will force websites with both plug-in and HTML5-based media implementations to use their HTML5, it said. When Safari 10, the new version of its browser,  ships this fall, it will by default behave as though common legacy plug-ins on users’ Macs are not installed, wrote Apple software engineer Ricky Mondello in a post.To read this article in full or to leave a comment, please click here

US company’s China employee allegedly stole code to help local government

The U.S. has charged a Chinese national, Xu Jiaqiang, with economic espionage and theft of the source code of a clustered file system belonging to his former U.S. employer, which he is alleged to have stolen for his own benefit and that of the National Health and Family Planning Commission in China.The charges against Xu highlight the intellectual property risks faced in other countries by development operations of U.S. companies, particularly in those countries the U.S. suspects could be involved in economic espionage.Xu, who was initially arrested by the Federal Bureau of Investigation in December and was charged with one count of theft of trade secrets, is scheduled to be arraigned on a superseding indictment of charges of economic espionage on Thursday in a federal court in New York, the Department of Justice said.To read this article in full or to leave a comment, please click here

US company’s China employee allegedly stole code to help local government

The U.S. has charged a Chinese national, Xu Jiaqiang, with economic espionage and theft of the source code of a clustered file system belonging to his former U.S. employer, which he is alleged to have stolen for his own benefit and that of the National Health and Family Planning Commission in China.The charges against Xu highlight the intellectual property risks faced in other countries by development operations of U.S. companies, particularly in those countries the U.S. suspects could be involved in economic espionage.Xu, who was initially arrested by the Federal Bureau of Investigation in December and was charged with one count of theft of trade secrets, is scheduled to be arraigned on a superseding indictment of charges of economic espionage on Thursday in a federal court in New York, the Department of Justice said.To read this article in full or to leave a comment, please click here

Major Windows 10 update nears as Microsoft stops adding features

Microsoft is hurtling towards the consumer release of its big Windows 10 Anniversary Update with the latest beta build for its operating system that launched on Tuesday. The launch of build 14366 signals a temporary end to Microsoft releasing new features for Windows 10, according to a blog post by Dona Sarkar, the voice of the Windows Insider Program. The focus of this update is on a "Bug Bash" event this week that's supposed to help beta testers find bugs so Microsoft can fix them before broadly releasing its big Anniversary Update. To read this article in full or to leave a comment, please click here

The future of Office may lie in ‘decomposable’ documents

Microsoft wants you to spend less time thinking about Office and more time getting things done.An executive who helped design one of Office's most iconic features outlined a plan for its future on Tuesday, one that calls for smarter software assisted by AI and "decomposable" documents that are easier to find."No one wants to necessarily learn about the ins and outs of the tool; they have something that they're trying to get done," said Julie Larson-Green, chief experience officer for Microsoft Office, when asked about the future of the software at a Bloomberg conference.Microsoft has already added AI-powered features to the latest versions of Office that help people find functions they're looking for, and more AI is coming. To read this article in full or to leave a comment, please click here

Raspberry Pi maker gets bought for $867 million

A key manufacturer of the Raspberry Pi is being acquired for US$867 million, but the foundation that develops the ultra-cheap computers says it hopes that business will continue as usual.Premier Farnell of the U.K. has manufactured the Raspberry Pi under contract to the Raspberry Pi Foundation since the product first shipped about four years ago. The boards start for as low as $5, and more than 8 million have been sold. They're particularly popular among hobbyists, who use them to build cheap gaming consoles, laptops and smart glasses.To read this article in full or to leave a comment, please click here

Raspberry Pi maker gets bought for $867 million

A key manufacturer of the Raspberry Pi is being acquired for $867 million, but the foundation that develops the ultra-cheap computers says it hopes that business will continue as usual.Premier Farnell of the U.K. has manufactured the Raspberry Pi under contract to the Raspberry Pi Foundation since the product first shipped about four years ago. The boards start for as low as $5, and more than 8 million have been sold. They're particularly popular among hobbyists, who use them to build cheap gaming consoles, laptops and smart glasses.To read this article in full or to leave a comment, please click here

VMware Acquires Virtual Network Manager Arkin Net

Gartner: Colin Powell says he used insecure email during State Department tenure; Oh and we should vote out Congress

National Harbor, Md. -- Former Secretary of State Colin Powell acknowledged using insecure email during his tenure at the State Department – but as a way to create more immediate communication among those within and outside the department.During his keynote address at Gartner Security and Risk Management Summit he told the 3,400 in attendance that he had two computers on his desk, one the official secure computer – “clunky and difficult to use” – and the other a laptop with a phone line and modem that he used exclusively for his AOL account.+More on Network World: Gartner: ‘Insider threat is alive and well on the dark Web’+To read this article in full or to leave a comment, please click here

47 must-see PC gaming gems revealed at E3 2016: Watch every trailer

PCs everywhere, out of sightE3 is a console show. It’s common knowledge. The big-name publishers trip over themselves to announce PlayStation and Xbox exclusivity deals during blockbuster “Day Zero” conferences, and Sony, Nintendo, and Microsoft’s booths eat up mammoth chunks of the conference floor.But here’s the thing: While consoles get all the E3 hype, the vast majority of the games revealed at the show actually wind up on PCs as well, thanks to the inclusion of AMD hardware in every major next-gen console. Every time you hear the term “console exclusive” at E3—rather than PlayStation or Xbox exclusive, specifically—that means the game’s destined for computers, too. And this year there were a whole lot of “console exclusives,” not to mention a whole show devoted solely to PC gaming.To read this article in full or to leave a comment, please click here

Ericsson will lay off 3,000 this summer, says Swedish newspaper

Ericsson is preparing to lay off between 3,000 and 4,000 staff this summer, according to Swedish newspaper Svenska Dagbladet. Thousands more may have to go at the network equipment manufacturer as management look for additional cost savings of 10 billion Swedish kronor (US$1.2 billion), the newspaper said, citing anonymous sources. Ericsson had around 115,000 staff in April, 17,000 of them in Sweden A spokeswoman declined to discuss Tuesday's news report, saying the company does not comment on rumors and speculation. Ericsson is facing increasing competition from a more focused Nokia, which swallowed its Franco-American rival, Alcatel-Lucent, earlier this year, and especially from Chinese vendors such as Huawei Technologies or ZTE. It's a critical time for wireless infrastructure vendors and their carrier customers, as they taper off investment in fourth-generation networks in preparation for the next, still largely undefined, generation of technology.To read this article in full or to leave a comment, please click here

Ericsson will lay off 3,000 this summer, says Swedish newspaper

Ericsson is preparing to lay off between 3,000 and 4,000 staff this summer, according to Swedish newspaper Svenska Dagbladet. Thousands more may have to go at the network equipment manufacturer as management look for additional cost savings of 10 billion Swedish kronor (US$1.2 billion), the newspaper said, citing anonymous sources. Ericsson had around 115,000 staff in April, 17,000 of them in Sweden A spokeswoman declined to discuss Tuesday's news report, saying the company does not comment on rumors and speculation. Ericsson is facing increasing competition from a more focused Nokia, which swallowed its Franco-American rival, Alcatel-Lucent, earlier this year, and especially from Chinese vendors such as Huawei Technologies or ZTE. It's a critical time for wireless infrastructure vendors and their carrier customers, as they taper off investment in fourth-generation networks in preparation for the next, still largely undefined, generation of technology.To read this article in full or to leave a comment, please click here

Microsoft covets LinkedIn’s algorithms

Microsoft yesterday announced it would buy the business social network LinkedIn for a company acquisition record of $26.2 billion, a purchase triggered by Microsoft's appetite for algorithms, an analyst argued. "There are two components to LinkedIn that Microsoft wanted," said Jenny Sussin, a Gartner research director, in an interview. "One is the data component, the other is the algorithm component." An algorithm is a set of operations that tells a computer what calculations to run on what data, then how to process that data to generate a result. Algorithms are the "secret sauce" of many technology firms, the fiercely-guarded crown jewels on which a company's fortunes rest. Google's page-ranking algorithms, for example, are as secret as the recipe for Coca-Cola, and just as critical to Google's ability to generate relevant search results as the sugar water formula is to Coke's bottom line.To read this article in full or to leave a comment, please click here

38% off REC TEC Wood Pellet Grill and Smoker – Deal Alert

The computer-controlled REC TEC wood pellet grill averages 5 out of 5 stars on Amazon from nearly 250 customers (93% rate it 5 stars - read reviews) and promises to change the way you eat. The grill starts with the push of a button and accurately maintains temperatures between 180 and 500-degrees, in 5-degree increments, by self-feeding from a hopper of real hardwood pellets available in apple, oak, pecan and more. This precision instrument is built with high temp durable powder coat finish, stainless steel handles, and features a 40-pound capacity hopper for long lasting grill or smoking sessions, and a large 19.5x36" grilling area. To help win your confidence they offer an "unmatched" 6-year limited warranty. With a regular list price of $1,598, it's currently discounted by a whopping 38% to $998 making it an attractive option, if you're in the market. Learn more about the discounted REC TEC grill at Amazon.To read this article in full or to leave a comment, please click here

A Universal Snap Works Across All Linux Distributions

Canonical contributed the initial code for the snap.

Is It Real, or Is It Cumulus VX?

Phew! Cumulus Linux 3.0 has just been released! A big shout out to all of my engineering colleagues who worked so hard to make this happen. JR Rivers gave an overview of all the goodies included in 3.0 in his recent blog post. Stay tuned for more blog posts from other engineers for details on all of those new features.

But Cumulus Linux isn’t the only beneficiary of all the 3.0 work. Cumulus VX, our free virtual machine-based version of Cumulus Linux, also has some pretty cool new tricks. When we launched Cumulus VX last August we thought it would be a way for people to get hands on with a Linux-based switch operating system, in their own environment and without any commitment. Boy, Were we surprised at how it quickly became so much more. With over 3,800 unique users, Cumulus VX is being deployed in all sorts of ways we never dreamed of. As just one example, existing customers are using it to validate their configurations before upgrading their physical switches from one release to another.

What’s New?

And that brings me to the first change we’ve made: concurrent releases. Our plan from now on Continue reading