Cybersecurity firms step up intel sharing despite issues of trust

The war against cybercriminals won’t be won alone. To keep hackers at bay, security vendors are establishing more ways for their customers to cooperate and share data about the latest threats -- even as it sparks concerns about trust and competition.“We have to win this war together,” said Ben Johnson, chief security strategist of Carbon Black.The company is the latest to help pool together security expertise with a new platform called the Detection eXchange.Carbon Black protects the networks of thousands of companies, and it's now opening a line of communication between them. More than a virus signature or an IP address, the exchange aims to foster the sharing of "patterns of attack," which identify behaviors and tactics employed by malicious hackers.To read this article in full or to leave a comment, please click here

Stuxnet the movie: The U.S. has pwned Iran

The new documentary about Stuxnet, ‘Zero Days’, says the U.S. had a far larger cyber operation against Iran called Nitro Zeus that has compromised the country’s infrastructure and could be used as a weapon in any future war.Quoting unnamed sources from inside the NSA and CIA, the movie says the Nitro Zeus program has infiltrated the systems controlling communications, power grids, transportation and financial systems, and is still ready to “disrupt, degrade and destroy” that infrastructure if a war should break out with Iran.The multi-million dollar program was run from within the NSA during the same time Stuxnet was active, and was put in place should the U.S. be drawn into a war there because Israel launched an attack against Iran, according the film by academy award winning director Alex Gibney. The movie opened in U.S. theaters today.To read this article in full or to leave a comment, please click here

Stuxnet the movie: The U.S. has pwned Iran

The new documentary about Stuxnet, ‘Zero Days’, says the U.S. had a far larger cyber operation against Iran called Nitro Zeus that has compromised the country’s infrastructure and could be used as a weapon in any future war.Quoting unnamed sources from inside the NSA and CIA, the movie says the Nitro Zeus program has infiltrated the systems controlling communications, power grids, transportation and financial systems, and is still ready to “disrupt, degrade and destroy” that infrastructure if a war should break out with Iran.The multi-million dollar program was run from within the NSA during the same time Stuxnet was active, and was put in place should the U.S. be drawn into a war there because Israel launched an attack against Iran, according the film by academy award winning director Alex Gibney. The movie opened in U.S. theaters today.To read this article in full or to leave a comment, please click here

Show 296: Never Free From Vendor Lock-In

Todays Weekly Show is a free-wheeling discussion on a variety of topics, including network disaggregation, whether open networking actually means freedom from vendor lock-in (probably not), the rise of 25Gig switching, the end of outsourcing, and more. The post Show 296: Never Free From Vendor Lock-In appeared first on Packet Pushers.

Businesses struggle to hire workers with cloud skills

Cloud services are becoming the cornerstone of an enterprise's IT infrastructure. However, IT leaders are finding it difficult to not only plan for and implement cloud technology, but also to hire qualified candidates. And part of that struggle, according to a recent study from Softchoice of 250 line of business managers and 250 IT decision makers, is a lack of qualified candidates as well as a general misunderstanding of how to create a successful cloud strategy.“There’s incredible opportunity for businesses if they move to the cloud, but with a lack of skilled resources they are not able to realize those benefits as quickly. At best, this impacts revenue and profit potential in isolation. At worst, competitiveness and market relevance suffer,” says Craig McQueen, director of Microsoft Practice at Softchoice.To read this article in full or to leave a comment, please click here

Worth Reading: The lizard brain of lizardstresser

LizardStresser is a botnet originally written by the infamous Lizard Squad DDoS group. The source code was released publicly in early 2015, an act that encouraged aspiring DDoS actors to build their own botnets. Arbor Networks’ ASERT group has been tracking LizardStresser activity and observed two disturbing trends… Utilizing the cumulative bandwidth available to these IOT devices, one group of threat actors has been able to launch attacks as large as 400Gbps targeting gaming sites world-wide, Brazilian financial institutions, ISPs, and government institutions. -Arbor Networks

LinkedInTwitterGoogle+Facebook

The post Worth Reading: The lizard brain of lizardstresser appeared first on 'net work.

68% off Carllte Omnidirectional Condenser Lapel Microphone – Deal Alert

The Carllte Omnidirectional lapel mic has an extra long 59-inch cable and TRRS 3.5mm Jack, making it compatible with most phones, tablets and computers and suitable for a wide range of applications from live-streaming to kareoke. It is made from professional grade polished and protected steel, and captures crystal clear audio without batteries or external power. It averages 4 out of 5 stars from over 100 reviewers (read reviews). Amazon indicates that its $40 list price has been reduced by 68% to just $13.To read this article in full or to leave a comment, please click here

How to secure your router and home network

Many computer users don't realize it, but for most people their internet router is the most important electronic device in their home. It links most of their other devices together and to the world, so it has a highly privileged position that hackers can exploit.Unfortunately many consumer and small-business routers come with insecure default configurations, have undocumented backdoor accounts, expose legacy services and have firmware that is riddled with basic flaws. Some of these problems can't be fixed by users, but there are many actions that can be taken to at least protect these devices from large-scale, automated attacks.Don't let your router be a low-hanging fruit for hackers.To read this article in full or to leave a comment, please click here

How to secure your router and home network

Many computer users don't realize it, but for most people their internet router is the most important electronic device in their home. It links most of their other devices together and to the world, so it has a highly privileged position that hackers can exploit.Unfortunately many consumer and small-business routers come with insecure default configurations, have undocumented backdoor accounts, expose legacy services and have firmware that is riddled with basic flaws. Some of these problems can't be fixed by users, but there are many actions that can be taken to at least protect these devices from large-scale, automated attacks.Don't let your router be a low-hanging fruit for hackers.To read this article in full or to leave a comment, please click here

How to secure your router and home network

Many computer users don't realize it, but for most people their internet router is the most important electronic device in their home. It links most of their other devices together and to the world, so it has a highly privileged position that hackers can exploit.Unfortunately many consumer and small-business routers come with insecure default configurations, have undocumented backdoor accounts, expose legacy services and have firmware that is riddled with basic flaws. Some of these problems can't be fixed by users, but there are many actions that can be taken to at least protect these devices from large-scale, automated attacks.Don't let your router be a low-hanging fruit for hackers.To read this article in full or to leave a comment, please click here

Supercomputing’s Scramble to Keep Thinking in Parallel

As supercomputing centers look to future exascale systems, among the other pressing concerns (power consumption in particular) is adopting the right programming approach to scale applications across millions of cores.

And while this might sound like a big enough challenge on its own, it gets more complicated because it might just be that a new programming model (or system) might not be the scalability and performance answer either. It could just be that tweaking existing tools and methods can move programming evolution to programming revolution, that is, of course, if the supercomputing programmer community can agree.

Like all things in

Supercomputing’s Scramble to Keep Thinking in Parallel was written by Nicole Hemsoth at The Next Platform.

The truth about bug finders: They’re essentially useless

Today's popular bug finders catch only about two percent of the vulnerabilities lurking in software code, researchers have found, despite the millions of dollars companies spend on them each year.Bug finders are commonly used by software engineers to root out problems in code that could turn into vulnerabilities. They'll typically report back how many bugs they found -- what you don't know is how many were missed, leaving success rates an open mystery.So researchers at New York University's Tandon School of Engineering in collaboration with the MIT Lincoln Laboratory and Northeastern University decided to find out how much they are missing.To read this article in full or to leave a comment, please click here

The truth about bug finders: They’re essentially useless

Today's popular bug finders catch only about two percent of the vulnerabilities lurking in software code, researchers have found, despite the millions of dollars companies spend on them each year.Bug finders are commonly used by software engineers to root out problems in code that could turn into vulnerabilities. They'll typically report back how many bugs they found -- what you don't know is how many were missed, leaving success rates an open mystery.So researchers at New York University's Tandon School of Engineering in collaboration with the MIT Lincoln Laboratory and Northeastern University decided to find out how much they are missing.To read this article in full or to leave a comment, please click here

I’ll See You At Cisco Live 2016 Las Vegas

I will be at Cisco Live 2016 in Las Vegas. So far, my calendar has me scheduled to attend some Tech Field Day presentations, visit with vendors, hang out in the Social Media Hub, and host a CloudGenix SD-WAN mixer event (free food and drink for all, plus fellow nerds to network with, just register). I hope to see you at CLUS. Come up and say "hi."

OpenPower Developers Primed for Big Wins at IBM Hackathon

IBM has created a virtual hackathon for all you lovely developers to test drive your data-intensive applications on the OpenPOWER server, GPU and accelerator platform. And there’s $27,000 worth of prizes on the table. Want to give it a go? Check out the competition rules and register for the OpenPOWER Developer Challenge.

The closing deadline is September 1 and already 277 individuals have signed up. So don’t dilly dally: tear down those hardware performance barriers and submit your entry. Choose which track is the one for you and connect with the experts ‘round the clock on Slack to get

OpenPower Developers Primed for Big Wins at IBM Hackathon was written by Nicole Hemsoth at The Next Platform.

Polycom accepts Siris Capital’s $2B offer, cancels Mitel merger

The technology industry is never short of intrigue and drama. There are always rumors of who might buy whom, which executive left to go where and what new product a certain vendor might come out with.The fate of Polycom has been one of the storylines industry watchers have been keeping an eye on. Earlier this year, Mitel announced it agreed to acquire Polycom for $1.96 billion. But alas, all things aren’t meant to be. In Hollywood, Bennifer broke up, and now Mitelocom will, too.On the eve of the deal being finalized, Siris Capital came in, upped the offer to a cool $2 billion and broke up the proposed joint company. Like all things in life, there are some definite pros and cons to this announcement.To read this article in full or to leave a comment, please click here

Live Debugging with Docker

During the DockerCon 2016 keynote, I demonstrated a development workflow with Docker for Mac, going from a fresh laptop to a running app in no time. The especially cool part was when I live-debugged a Node.js app running inside a container from my IDE, despite having no Node.js runtime installed on my laptop. Here I’m going to show you how to do it yourself.

Here’s what you’ll need:

  1. Docker: I recommend Docker for Mac or Windows, which are in public beta.
  2. An IDE which supports Node.js remote debugging: I used Visual Studio Code.
  3. A Node.js application: I’ll create a simple one as part of this tutorial.

 

Example Application

Create a directory to work from:

$ mkdir node-example
$ cd node-example

To get our app running, we’ll need 5 files:

  • A JavaScript file to contain the actual app code
  • A package.json to define the npm dependencies
  • An HTML template
  • A Dockerfile to package the whole app in a container
  • A Compose file to set up a development environment. (The Compose file will also come in very handy if the app ever grows beyond a single container, but we won’t bother with that today.)

Create Continue reading

1 2,825 2,826 2,827 2,828 2,829 3,832