DHS wants to predict how malware will morph

The Department of Homeland Security (DHS) wants to be able to predict what form malware will morph to so it can plan how to block it when it becomes reality.DHS has granted Charles River Analytics in Cambridge, Mass., $500,000 to develop the technology, known as Predictive Malware Defense (PMD).Charles River will use machine learning and statistical models to predict attacks based on new malware as well as create defenses ahead of time. The models will look at features of families of malware and predict how they might evolve.Once it’s developed, PMD will be turned over to admins in private and public organizations – particularly financial organizations - so they can anticipate attacks before they happen, DHS says.To read this article in full or to leave a comment, please click here

DHS wants to predict how malware will morph

The Department of Homeland Security (DHS) wants to be able to predict what form malware will morph to so it can plan how to block it when it becomes reality.DHS has granted Charles River Analytics in Cambridge, Mass., $500,000 to develop the technology, known as Predictive Malware Defense (PMD).Charles River will use machine learning and statistical models to predict attacks based on new malware as well as create defenses ahead of time. The models will look at features of families of malware and predict how they might evolve.Once it’s developed, PMD will be turned over to admins in private and public organizations – particularly financial organizations - so they can anticipate attacks before they happen, DHS says.To read this article in full or to leave a comment, please click here

Google’s Sundar Pichai has been hacked – which CEO will be next?

Google CEO Sundar Pichai has become the latest tech executive to have a social media account hacked, and the group responsible says more targets will follow.On Sunday, a group of hackers calling themselves OurMine briefly took over Pichai’s  account on Quora, a question-and-answer site."We are just testing your security,” the hackers wrote, with the same message auto-posted via Quora to Pichai’s Twitter account. On Monday, the posts had been deleted.OurMine is the same group that hacked the social media accounts of Facebook CEO Mark Zuckerberg earlier this month, and they've claimed other victims too, including the CEO of Spotify and a prominent Amazon executive.To read this article in full or to leave a comment, please click here

Google’s Sundar Pichai has been hacked – which CEO will be next?

Google CEO Sundar Pichai has become the latest tech executive to have a social media account hacked, and the group responsible says more targets will follow.On Sunday, a group of hackers calling themselves OurMine briefly took over Pichai’s  account on Quora, a question-and-answer site."We are just testing your security,” the hackers wrote, with the same message auto-posted via Quora to Pichai’s Twitter account. On Monday, the posts had been deleted.OurMine is the same group that hacked the social media accounts of Facebook CEO Mark Zuckerberg earlier this month, and they've claimed other victims too, including the CEO of Spotify and a prominent Amazon executive.To read this article in full or to leave a comment, please click here

​Understanding the Brexit impact on IT

The UK referendum vote to leave the European Union (EU) caught many within and outside the UK off guard.CIOs and IT leaders, in particular, may wonder how the pending changes in the financial and political landscapes will impact their organisations, vendors, and technology purchases over the coming months.Gartner research vice president, John-David Lovelock, noted that business discretionary IT investments, which struggled during the run up to the vote, will suffer in the short term and the effects will spread further than Western Europe.“In the wake of the UK’s exit from the EU, some new larger, long-term strategic projects will now be put on pause and likely not restarted until 2017 when the outlook with the UK outside the EU becomes clearer,” he said.To read this article in full or to leave a comment, please click here

IDG Contributor Network: The untold security risk: Medical hijack attacks

Healthcare is now the most frequently attacked industry, beating out financial services, retail and other industries, according to a new report by TrapX. As a result, healthcare organizations are having trouble keeping pace with the number and sophistication of attacks they have to deal with.The report, entitled MEDJACK 2, details the sheer scale of attacks that hospitals and other medical establishments suffer on a regular basis. It is a follow-up to a similar report TrapX released last year.+ Also on Network World: Healthcare needs more IT security pros – stat +To read this article in full or to leave a comment, please click here

IDG Contributor Network: The untold security risk: Medical hijack attacks

Healthcare is now the most frequently attacked industry, beating out financial services, retail and other industries, according to a new report by TrapX. As a result, healthcare organizations are having trouble keeping pace with the number and sophistication of attacks they have to deal with.The report, entitled MEDJACK 2, details the sheer scale of attacks that hospitals and other medical establishments suffer on a regular basis. It is a follow-up to a similar report TrapX released last year.+ Also on Network World: Healthcare needs more IT security pros – stat +To read this article in full or to leave a comment, please click here

BGP Code Dive (1)

I often tell network engineers they need to learn to code—and they sometimes take my advice and run off to buy a book, or start an online program (which reminds me, I’m way, way behind in my own studies about right now). But learning to code, and being able to use that skill for anything are actually two different things. In fact, my major problem with my coding skills is finding projects I can undertake where I don’t feel like I’m wasting my time. Anyone want to write the world’s 25 millionth implementation of inserting the date and time into a document? No, I didn’t really think so.

So what can you do with coding skills? One thing you can do is <em?read the source. Thus, I’m starting an entirely new feature here at ‘net Work. Every now and again (which means I don’t know how often), I’m going to poke at some routing or control plane code or another, and try to figure out what it actually does. Why not just go through a single protocol line by line? Because—honestly—it’s not a useful way to approach a protocol in code. Rather—here is my first bit of advice—you want Continue reading

Chick-fil-A stays cool (and safe) with IoT sensors

Food safety was thrust into the public consciousness in 2015 after salmonella and E.coli outbreaks sickened people at Chipotle. Determined to avoid such public relations disasters, quick-service restaurants are taking extra precautions to keep customers healthy and ensure that their products comply with health inspection standards. Chick-fil-A, whose commercials feature chicken-shilling cattle, is using wireless sensors to monitor the temperature of walk-in coolers and freezers. Yes -- the Internet of Chicken has arrived.  Chick-fil-A franchisee Matthew Michaels, who equipped his two Texas stores with the sensors 18 months ago, notes that several prominent incidents have underscored the importance of adhering to food safety standards, both in stores and in the supply chain. "There are stories about food safety gone wrong all over the place,” Michaels tells CIO.com. "You've got to be really careful with that stuff.”To read this article in full or to leave a comment, please click here

Microsoft moves on open source .Net, ramps up multilanguage tools

Microsoft today will release the 1.0 versions of its open source .Net Core and ASP. Net Core technologies, which open up its .Net software development platform and extend it to Linux and popular mobile platforms. The company also is working on a protocol that enables multiple language support in any tool..Net Core provides a modular subset of the company's .Net Framework programming model and is intended to to promote code reuse and code-sharing. ASP.Net Core is for building cloud-based, internet-connected applications including web apps. These technologies have transformed .Net into a platform for building applications for Windows, Linux, and MacOS, said Joseph Sirosh, corporate vice president of the Microsoft Data Group.To read this article in full or to leave a comment, please click here

Google is building its own smartphone, report says

We may soon see a true Google phone. Yes, there’s the Nexus line, which are phones that Google sells in close partnership with a rotating cast of hardware makers. But according to a Telegraph report, Google is going to build its own smartphone from scratch, just as it’s done with the Pixel Chromebooks and tablet. The thinking is that this would allow Google to more directly compete with Apple for the high end of the smartphone market, which is still dominated by the iPhone in many Western markets. The Telegraph claims that “a senior source” tells it to expect the phone by the end of the year.To read this article in full or to leave a comment, please click here

Is Desktop-as-a-Service ready for business?

For companies looking to reduce the cost and complexity of Virtual Desktop Infrastructure (VDI), the attraction of Desktop-as-a-Service (DaaS) is that you can greatly reduce up-front investment. “It’s pay as you go and you only pay for what you need,” says Mark Lockwood, research director at Gartner.To read this article in full or to leave a comment, please click here(Insider Story)

Bart ransomware shows it can be effective without sophisticated encryption

A new ransomware program making the rounds uses a simple, yet effective technique to make user files inaccessible: locking them in password-protected ZIP archives.The new threat is called Bart and shares some similarities -- in the ransom note in particular -- with Locky, a much more widespread ransomware program. It is distributed through spam emails that masquerade as photos.The emails have ZIP attachments that contain JavaScript files. These files can be run directly on Windows without the need of additional software and are an increasingly common way to distribute malware.To read this article in full or to leave a comment, please click here

Bart ransomware shows it can be effective without sophisticated encryption

A new ransomware program making the rounds uses a simple, yet effective technique to make user files inaccessible: locking them in password-protected ZIP archives.The new threat is called Bart and shares some similarities -- in the ransom note in particular -- with Locky, a much more widespread ransomware program. It is distributed through spam emails that masquerade as photos.The emails have ZIP attachments that contain JavaScript files. These files can be run directly on Windows without the need of additional software and are an increasingly common way to distribute malware.To read this article in full or to leave a comment, please click here

Network Design And Second Opinions

9 Raspberry Pi programming tools bundled with Raspbian

Raspbian 8.0Image by Mark GibbsIn my Ultimate Guide to Raspberry Pi Operating Systems (Part 1, Part 2, and Part 3; 58 choices in total!) I listed pretty much every noteworthy OS available for the Raspberry Pi family of single board computers. Of these OSes the 800-pound gorilla has to be Raspbian. Based on Debian, Raspbian 8.0 ("Jessie") on a Raspberry Pi boasts an amazing and rich set of tools, including some of the most widely used programming languages. Let's take a look at what you get out of the box with Raspbian 8.0 …To read this article in full or to leave a comment, please click here

New Arista Channel Helps Providers Deliver More Agile & Scalable Cloud Networks

We’re excited to announce a new way to keep you current on developments in software-driven cloud networking for data center storage and computing environments.

MEDJACK 2: Old malware used in new medical device hijacking attacks to breach hospitals

Attackers are packaging the newest and most sophisticated attack tools in long out-of-date malware wrappers, targeting medical devices running legacy operating systems, to breach hospital networks for advanced persistent attacks.Last year, TrapX Security revealed how attackers were infecting medical devices with malware, then moving laterally through hospital networks to steal confidential data. They called it MEDJACK for medical device hijack. Attackers have evolved, so today the firm released a MEDJACK 2 report, “Anatomy of an Attack - Medical Device Hijack 2."To read this article in full or to leave a comment, please click here

MEDJACK 2: Old malware used in new medical device hijacking attacks to breach hospitals

Attackers are packaging the newest and most sophisticated attack tools in long out-of-date malware wrappers, targeting medical devices running legacy operating systems, to breach hospital networks for advanced persistent attacks.Last year, TrapX Security revealed how attackers were infecting medical devices with malware, then moving laterally through hospital networks to steal confidential data. They called it MEDJACK for medical device hijack. Attackers have evolved, so today the firm released a MEDJACK 2 report, “Anatomy of an Attack - Medical Device Hijack 2."To read this article in full or to leave a comment, please click here

DARPA wants radical propulsion system capable of Mach/hypersonic speeds

Fast, faster, fastest might be an accurate description of the type of propulsion system researchers from DARPA are looking to build in the next few years.The radical research agency will next month detail what it calls the Advanced Full Range Engine which, in a nutshell, is a dual personality propulsion system that combines a turbine engine for low speed operations with a ramjet/scramjet for high speed, supersonic operations.+More on Network World: DARPA moves “aircraft-like” spacecraft technology to next phase+To read this article in full or to leave a comment, please click here