Kaspersky: Ransomware that encrypts is booming

Over the past year the number of machines hit by ransomware that encrypts all or part of the hard drive is five-and-a-half times what it was the year before, according to Kaspersky Lab.The number in 2014-2015 was 131,111 compared to 718,536 in 2015-2016, according to the company’s report Ransomware in 2014-2016.+ ALSO ON NETWORK WORLD: Finally reason to hope in fight against ransomware | 5 things to know about ransomware +To read this article in full or to leave a comment, please click here

Kaspersky: Ransomware that encrypts is booming

Over the past year the number of machines hit by ransomware that encrypts all or part of the hard drive is five-and-a-half times what it was the year before, according to Kaspersky Lab.The number in 2014-2015 was 131,111 compared to 718,536 in 2015-2016, according to the company’s report Ransomware in 2014-2016.+ ALSO ON NETWORK WORLD: Finally reason to hope in fight against ransomware | 5 things to know about ransomware +To read this article in full or to leave a comment, please click here

Over 100 DDoS botnets built using Linux malware for embedded devices

LizardStresser, the DDoS malware for Linux systems written by the infamous Lizard Squad attacker group, was used over the past year to create over 100 botnets, some built almost exclusively from compromised Internet-of-Things devices.LizardStresser has two components: A client that runs on hacked Linux-based machines and a server used by attackers to control the clients. It can launch several types of distributed denial-of-service (DDoS) attacks, execute shell commands and propagate to other systems over the telnet protocol by trying default or hard-coded credentials.The code for LizardStresser was published online in early 2015, giving less-skilled attackers an easy way to build new DDoS botnets of their own. The number of unique LizardStresser command-and-control servers has steadily increased since then, especially this year, reaching over 100 by June, according to researchers from DDoS mitigation provider Arbor Networks.To read this article in full or to leave a comment, please click here

Over 100 DDoS botnets built using Linux malware for embedded devices

LizardStresser, the DDoS malware for Linux systems written by the infamous Lizard Squad attacker group, was used over the past year to create over 100 botnets, some built almost exclusively from compromised Internet-of-Things devices.LizardStresser has two components: A client that runs on hacked Linux-based machines and a server used by attackers to control the clients. It can launch several types of distributed denial-of-service (DDoS) attacks, execute shell commands and propagate to other systems over the telnet protocol by trying default or hard-coded credentials.The code for LizardStresser was published online in early 2015, giving less-skilled attackers an easy way to build new DDoS botnets of their own. The number of unique LizardStresser command-and-control servers has steadily increased since then, especially this year, reaching over 100 by June, according to researchers from DDoS mitigation provider Arbor Networks.To read this article in full or to leave a comment, please click here

Worth Reading: Fishing for a cure to DDoS attacks

There is no way you can equate the importance of the Internet to a vital source of daily nutrients for billions of people. Yet the Internet is no doubt a critical ingredient of modern society. And it’s far from being “overfished.” In fact, the Internet is exploding with promising new use cases. Sadly, the Internet is also exploding with menace. -Data Center Journal

The post Worth Reading: Fishing for a cure to DDoS attacks appeared first on 'net work.

Next best thing to Black Friday? Amazon Prime Day comes on July 12

You won't necessarily be able to use Amazon Prime Day on July 12 as an excuse to avoid family, like some do with Black Friday, but Amazon is promising that you'll get to choose from 100,000 great online shopping deals. The second annual Amazon Prime Day is available only to those who have subscribed to Amazon Prime, which gets you free shipping, access to entertainment content and more for $99 a year (though you can also go the free trial route if you just want to dip in for Amazon Prime Day).To read this article in full or to leave a comment, please click here

Sales Engineers In Big Demand But Training is Lacking

Juniper is looking for programmers who can do sales.

HP sells PCs in a new way as it tries to speed up upgrades

As the PC upgrade cycle slows down, HP is making a new devices-and-services pitch in an effort to revive sales. HP's device-as-a-service program, announced Thursday, gives companies the option of buying PCs, support and services via a monthly charge instead of paying for everything upfront.With many businesses waiting five or six years to upgrade PCs, the new plan could push users to refresh hardware at a faster pace. The offering is similar to the software-as-a-service model popularized by software companies. It's like renting a PC and paying in installments, but with added benefits. To read this article in full or to leave a comment, please click here

Custom Silicon Isn’t That Hard After All

Barefoot Networks proves you can make ASICs without a big company.

The post Custom Silicon Isn’t That Hard After All appeared first on EtherealMind.

Integration projects that went terribly wrong

Large IT modernization projects often failImage by ThinkstockAccording to the 2011 Institute for Defense Analysis report, business transformation projects are routinely “over budget, behind schedule, and have not met performance expectations.”To read this article in full or to leave a comment, please click here

Integration projects that went terribly wrong

Large IT modernization projects often failImage by ThinkstockAccording to the 2011 Institute for Defense Analysis report, business transformation projects are routinely “over budget, behind schedule, and have not met performance expectations.”To read this article in full or to leave a comment, please click here

IDG Contributor Network: How computer chips can be hacked

Mass implementation of Trojan viruses, introduced in the chip manufacturing process, will be responsible for allowing attackers and others to obtain leaky data and to control processes from IoT devices and beyond, a German security expert says.Christof Parr, who is head of embedded security at Ruhr-Universität Bochum in Germany, has obtained special grant funding to explore the controversial subject, the university says in a release.Hardware Trojans, or backdoors, could be “integrated into the devices by the manufacturers from the outset, or included during chip manufacturing,” the university says.To read this article in full or to leave a comment, please click here

Younger generation more optimistic about big data, study says

IT professionals aged 18 to 34 are much more optimistic than their elders that "big data" analysis will fundamentally change how business is conducted in the next few years, according to an IDG Enterprise survey.To read this article in full or to leave a comment, please click here(Insider Story)

IT Resume Makeover: How to show employers the real you

Joshua Jacobs, a senior security systems administrator, was once told by a hiring manager that when looking at his resume, he assumed Jacobs was "just another sys admin," but after interviewing him, he realized he was much more than that. That's when Jacobs knew it was time to work on his resume. We heard Jacobs plight and teamed him up with Andrew Ysasi, president of Admovio and executive director of Kent Record Management, who took on the task of reformatting Jacobs' resume to reflect his impressive background and skills.To read this article in full or to leave a comment, please click here(Insider Story)

HTTP/2 Server Push with multiple assets per Link header

In April we announced that we had added experimental support for HTTP/2 Server Push to all CloudFlare web sites. We did this so that our customers could iterate on this new functionality.

CC BY 2.0 image by https://www.flickr.com/photos/mryipyop/

Our implementation of Server Push made use of the HTTP Link header as detailed in W3C Preload Working Draft.

We also showed how to make Server Push work from within PHP code and many people started testing and using this feature.

However, there was a serious restriction in our initial version: it was not possible to specify more than one asset per Link header for Server Push and many CMS and web development platforms would not allow multiple Link headers.

We have now addressed that problem and it is possible to request that multiple assets be pushed in a single Link header. This change is live and was used to push assets in this blog post to your browser if your browser supports HTTP/2.

When CloudFlare reads a Link header sent by an origin web server it will remove assets that it pushes from the Link header passed on to the web browser. That made it a little difficult Continue reading

Google age-discrimination lawsuit may become a monster

Just over a year ago, two job applicants filed a lawsuit against Google. They claimed they were rejected because of their age. Both were over 40.A federal court in San Jose, Calif., is now being asked to decide whether many others who sought jobs at Google and were also rejected can join this case.On Wednesday, a motion for conditional certification of collective action status was filed. This motion, similar to a class action, seeks to include "all individuals who interviewed in-person for any software engineer, site reliability engineer, or systems engineer position with Google in the United States during the time period from August 13, 2010 through the present; were age 40 or older at the time of the interview; and were refused employment by Google."To read this article in full or to leave a comment, please click here

Modern meetings: How to share your screen to your conference TV

Go to almost any meeting these days and you'll see a sea of laptops around the table and sometimes some iPads or other tablets. That lets people look up information, take notes, and do on-the-fly research during the meeting.To read this article in full or to leave a comment, please click here(Insider Story)

Security Sessions: Is hospital security on life support?

In this episode of Security Sessions, CSO Editor-in-Chief Joan Goochild speaks with Ted Harrington from Independent Security Evaluators about how vulnerable hospitals are in protecting patient health.

Chuck Robbins sets Cisco up to take off

It’s been about a year since Chuck Robbins took over as CEO of Cisco. Following in the footsteps of John Chambers certainly could not have been easy. Chambers was perhaps the most visible, thought-leading CEO in all of technology. Also, he had been at the post for about 20 years, something rare in business today, and had reached quasi celebrity status. When Robbins took the helm, many customers, analysts and investors asked me whether I thought Robbins would maintain the status quo or shake things up. I didn’t know Robbins all that well when he took the job. But Cisco had tremendous success during the Chambers tenure, so the natural assumption was Robbins wouldn’t do anything to disrupt what was already working. I thought he might make a few tweaks here and there, but I wasn’t expecting big changes.To read this article in full or to leave a comment, please click here

Forgotten ‘maintenance’ password for Junos Space

The maintenance users password can be reset in Junos Space if you still have access via the CLI:

• SSH to the Space host
• Log in as the admin user
• Choose the debug option on the menu (6 or 7, depending on whether this is a VM or an appliance).  Just press the number, not the number followed by return!
• Put in the admin user’s password again.  You’re now in the Centos shell.
• Issue the command ‘htpasswd -sb /var/www/maintenance/maintPW maintenance <newpassword>‘

Simple as that…   I was never sure why an additional maintenance password was required as well as the admin user and the GUI super user password.  Makes it a pain to keep a record of, but there you go – presumably there’s a good reason.