Businesses failing to secure privileged accounts

Most companies fail to secure the "keys to the kingdom," according to a new benchmark survey .Last week, privileged account management (PAM) specialist Thycotic and research firm Cybersecurity Ventures released their 2016 State of Privileged Account Management security report, based on the responses of more than 500 IT security professionals who have participated in the Privileged Password Vulnerability Benchmark survey to date.High priority, low compliance While 80 percent of respondents indicated PAM security is a high priority for their organizations, and 60 percent said PAM security is required to demonstrate compliance with government regulations, 52 percent of participants received a failing grade on enforcement of proper privileged credential controls.To read this article in full or to leave a comment, please click here

Businesses failing to secure privileged accounts

Most companies fail to secure the "keys to the kingdom," according to a new benchmark survey .Last week, privileged account management (PAM) specialist Thycotic and research firm Cybersecurity Ventures released their 2016 State of Privileged Account Management security report, based on the responses of more than 500 IT security professionals who have participated in the Privileged Password Vulnerability Benchmark survey to date.High priority, low compliance While 80 percent of respondents indicated PAM security is a high priority for their organizations, and 60 percent said PAM security is required to demonstrate compliance with government regulations, 52 percent of participants received a failing grade on enforcement of proper privileged credential controls.To read this article in full or to leave a comment, please click here

Low-speed Ethernet champions set plugfest ahead of new net standard

Hand-in-hand with the forthcoming adoption of a low-speed Ethernet standard by the IEEE, proponents of the technology will hold an interoperability plugfest in October to tout the readiness of 2.5GBASE-T and 5GBASE-T products.The new specification -- IEEE P802.3bz – defines 2.5GBASE-T and 5GBASE-T, significantly boosting the speed of traditional Ethernet without requiring the tearing out of current cabling.+More on Network World: Ethernet everywhere!+Perhaps most significantly 2.5GbE and 5GbE will allow connectivity to 802.11ac Wave 2 Access Points, considered by many to be the real driving force behind bringing up the speed of traditional NBase-T products.To read this article in full or to leave a comment, please click here

Low-speed Ethernet champions set plugfest ahead of new net standard

Hand-in-hand with the forthcoming adoption of a low-speed Ethernet standard by the IEEE, proponents of the technology will hold an interoperability plugfest in October to tout the readiness of 2.5GBASE-T and 5GBASE-T products.The new specification -- IEEE P802.3bz – defines 2.5GBASE-T and 5GBASE-T, significantly boosting the speed of traditional Ethernet without requiring the tearing out of current cabling.+More on Network World: Ethernet everywhere!+Perhaps most significantly 2.5GbE and 5GbE will allow connectivity to 802.11ac Wave 2 Access Points, considered by many to be the real driving force behind bringing up the speed of traditional NBase-T products.To read this article in full or to leave a comment, please click here

Yahoo’s homepage through the years

A look backImage by YahooWith Yahoo’s sale to Verizon for $4.8 billion confirmed this morning, the Wayback Machine offers us an opportunity to see how one of the Internet’s most iconic address – www.yahoo.com – has evolved over the years.To read this article in full or to leave a comment, please click here

Devices with Qualcomm modems safe from critical ASN.1 telecom flaw

Despite initial concerns, smartphones equipped with Qualcomm modems are not vulnerable to a recently announced vulnerability that could potentially allow attackers to take over cellular network gear and consumer mobile devices. The vulnerability was discovered in ASN1C, a popular compiler that produces C code for parsing ASN.1 encoded data. Abstract Syntax Notation One (ASN.1) is a standard for representing, encoding, transmitting, and decoding data in telecommunications and computer networking. Many devices, from mobile phones to switching equipment inside cellular infrastructure parse ASN.1 data and do so using programs that were created by compilers such as ASN1C, which is developed by U.S.-based Objective Systems.To read this article in full or to leave a comment, please click here

Devices with Qualcomm modems safe from critical ASN.1 telecom flaw

Despite initial concerns, smartphones equipped with Qualcomm modems are not vulnerable to a recently announced vulnerability that could potentially allow attackers to take over cellular network gear and consumer mobile devices. The vulnerability was discovered in ASN1C, a popular compiler that produces C code for parsing ASN.1 encoded data. Abstract Syntax Notation One (ASN.1) is a standard for representing, encoding, transmitting, and decoding data in telecommunications and computer networking. Many devices, from mobile phones to switching equipment inside cellular infrastructure parse ASN.1 data and do so using programs that were created by compilers such as ASN1C, which is developed by U.S.-based Objective Systems.To read this article in full or to leave a comment, please click here

IDG Contributor Network: OK — What is this Nano Server in Windows Server 2016?

Nano is a prefix that means small, really small. Maybe even microscopic small. So that means we know right away Nano Server is very small version of Windows Server 2016. But wait, didn’t we already have that with Windows Server 2012 Core. Nano Server is a nice GUI-less version of the server technology.+ Also on Network World: Is Windows Nano Server a data center game-changer? +Nano makes Server Core look bloated and massive. Don’t believe me? Let’s looks at some numbers.The full GUI Server version of Windows Server has required the following:To read this article in full or to leave a comment, please click here

Five years until transistors stop shrinking, predicts last Moore’s Law roadmap

Moore’s Law, which says the number of transistors within an integrated circuit will double every two years, had a good long run but its end may be near – very near – potentially a mere five years away. By 2021, even if chip makers could further shrink and add more transistors, the high cost of manufacturing would make it financially impractical.That’s not the only problem, according to the last installment of the International Technology Roadmap for Semiconductors 2.0 (pdf).By 2020 to 2025, it will be “practically impossible” to reduce device dimensions. While one solution is to stack the transistors, it can’t get so hot that it burns up either.To read this article in full or to leave a comment, please click here

Operationalizing Micro-segmentation – NSX Securing “Anywhere” – Part III

hand-813525_1280Welcome to part 3 of the Micro-Segmentation Defined – NSX Securing “Anywhere” blog series. This installment covers how to operationalize NSX Micro-Segmentation. Be sure to check out Part 1 on the definition of micro-segmentation and Part 2 on securing physical workloads with NSX.

This blog covers the following topics:

  1. Micro-segmentation design patterns
  2. Determining appropriate security groups and policies
  3. Deploying micro-segmentation
  4. Application lifecycle management with vRealize Automation and NSX
  5. Day 2 operations for micro-segmentation

Micro-segmentation design patterns

Micro-segmentation can be implemented based on various design patterns reflecting specific requirements.  The NSX Distributed Firewall (DFW) can be used to provide controlled communication between workloads independent of their network connectivity. These workloads can, for example, all connect to a single VLAN. Distributed logical switches and routers can be leveraged to provide isolation or segmentation between different environments or application tiers, regardless of the underlying physical network, as well as many other benefits.  Furthermore, the NSX Edge Service Gateway (ESG) can provide additional functionality such as NAT or load balancing and the NSX Service Insertion framework enables partner services such as L7 firewalling, agent-less anti-virus or IPS/IDS applied to workloads that need additional security controls.

Picture1
Figure 1: Leveraging the DFW to provide Continue reading

Microservices Gone Wild – Tech Dive Part 3

Tech Dive - Microservices

In this third post in the series about microservices, I’ll finish building my main application so that I can demonstrate a microservices-based application in action, albeit for a very basic set of functions. This post may be a little go-heavy in places, but bear with it and I’ll get to the demo soon enough. It doesn’t really matter what language is being used; I just used go because it’s good practice for me.

Building The Main Application

As a reminder, the main application will need to accept two numbers on the command line then will need to multiply the two numbers and then square that product. The two mathematical functions (multiply and square) are now offered via a REST API, and each one has its own separate Docker container with apache/PHP to service those requests.

I have created hostnames for the two microservice containers (DNS is the only smart way to address a microservice, after all) and they are accessed as:

  • multiply.userv.myapp:5001
  • square.userv.myapp:5002

The API path is /api/ followed by the name of the function, multiply or square, and the values to feed to the function are supplied as the query string. Most APIs tend Continue reading

Worth Reading: How Facebook makes you miss out on life

People spend nearly an hour on Facebook every day. Maybe that doesn’t automatically sound impressive. But when you parse the numbers, the significance becomes clear: as James B. Stewart wrote for the New York Times, “That’s more than any other leisure activity surveyed by the Bureau of Labor Statistics, with the exception of watching television programs and movies (an average per day of 2.8 hours). It’s more time than people spend reading (19 minutes); participating in sports or exercise (17 minutes); or social events (four minutes). It’s almost as much time as people spend eating and drinking (1.07 hours).” —The Federalist

LinkedInTwitterGoogle+Facebook

The post Worth Reading: How Facebook makes you miss out on life appeared first on 'net work.

Yahoo abandons fight, sells internet business to Verizon for $4.8B

Ailing Yahoo is selling off its operating business for about $4.8 billion to Verizon Communications, in a cash deal that will reduce the storied tech firm to mainly holding its cash, stakes in Alibaba and Yahoo Japan and non-core patents.For Verizon, the acquisition will help it gain Yahoo’s 1 billion monthly active users, its internet properties and key applications like search and email, and its advertising systems. Verizon is not unfamiliar to the acquisition and integration of web companies after its 2015 acquisition of AOL for $4.4 billion, when it acquired similar assets.MORE ON NETWORK WORLD: 5 free Ethernet tools you should check out The transaction is expected to be completed by the first quarter of next year, subject to regulatory approvals, ending a long-drawn out bidding process for the company. After the transaction is closed, Yahoo will be integrated with AOL under Marni Walden, its executive vice president and president of the Product Innovation and New Businesses organization at Verizon, the communications company said Monday.To read this article in full or to leave a comment, please click here

A look at the new Verizon/Yahoo homepage

As press reports confirm Verizon’s long-anticipated acquisition of fallen Internet icon Yahoo, here’s a look at the Verizon-festooned Yahoo homepage that is already active.The URL is www.verizon.yahoo.com. Note the prominent Verizon logo, as well as links to Verizon FiOS and other Verizon services.To read this article in full or to leave a comment, please click here

1 2,772 2,773 2,774 2,775 2,776 3,818