NetworkingNexus.net

Windows 10 free upgrade will not end July 29 for people with accessibility needs

After announcing that 300 million devices are running Windows 10, Microsoft said its free upgrade offer ends on July 29. If you want Windows 10 after that date, then you can purchase the $119 Windows 10 Home version or buy a new device running Windows 10.The free upgrade offer will not end, however, for Windows customers who have accessibility issues. The Microsoft Accessibility Blog wrote:To read this article in full or to leave a comment, please click here

Windows 10 free upgrade will not end July 29 for people with accessibility needs

After announcing that 300 million devices are running Windows 10, Microsoft said its free upgrade offer ends on July 29. If you want Windows 10 after that date, then Microsoft said you can purchase the $119 Windows 10 Home version or buy a new device running Windows 10.The free upgrade offer will not end for Windows customers with accessibility issues. The Microsoft Accessibility Blog wrote:To read this article in full or to leave a comment, please click here

Bangladeshi police accuse SWIFT technicians of leaving central bank vulnerable to hack

Technicians from the SWIFT global financial network connecting it to Bangladesh's central bank made it easier for hackers to attack the bank, Bangladeshi police and a bank official have told Reuters.The technicians worked on Bangladesh's Real-time Gross Settlement (RTGS) system, used to transfer money among Bangladeshi banks, three months before hackers attempted to steal US$951 million from the central bank. The work opened up "a lot of loopholes" in bank computer systems, said the head of the criminal investigation department leading the investigation.Bangladeshi police want to interview the SWIFT technicians to find out whether their actions were intentional or negligent, Mohammad Shah Alam told Reuters.To read this article in full or to leave a comment, please click here

Bangladeshi police accuse SWIFT technicians of leaving central bank vulnerable to hack

Founder of Liberty Reserve virtual currency sentenced to 20 years in prison

The founder of now defunct virtual currency Liberty Reserve has been sentenced to 20 years in prison for using his company to run a huge money laundering scheme catering to cybercriminals.Arthur Budovsky, 42, was sentenced Friday in U.S. District Court for the Southern District of New York, with Judge Denise Cote also ordering him to pay a US $500,000 fine.In January, Budovsky pleaded guilty to one count of conspiring to commit money laundering. During sentencing, Cote noted Budovsky ran an "extraordinarily successful" and "large-scale international money laundering operation."The long sentence shows that "money laundering through the use of virtual currencies is still money laundering, and that online crime is still crime," Leslie Caldwell, assistant attorney general for the U.S. Department of Justice's Criminal Division, said in a press release.To read this article in full or to leave a comment, please click here

Founder of Liberty Reserve virtual currency sentenced to 20 years in prison

NEC/Netcracker’s NFV Platform Dives Into DevOps

The Agile Virtual Platform offers NFV as a service.

Android’s Stagefright vulnerability hardened against exploits

Last week Google announced fixes to the widely reported Stagefright vulnerability. Fix might not be the right word, though, because as of April 19, 2016, when Google released the Android Security Year in Review for 2015, the company reported: “As of this writing, we have not observed, nor are we aware of, any successful attempts to exploit the Stagefright vulnerabilities against actual user devices.”The status of this exploit seems to contradict the many reports of the Stagefright vulnerability, dating to its announcement at the Black Hat security conference last summer. If all were true, Android phones could be expected to spontaneously combust at any moment.To read this article in full or to leave a comment, please click here

Inside ImageTragick: The Real Payloads Being Used to Hack Websites

Last week multiple vulnerabilities were made public in the popular image manipulation software, ImageMagick. These were quickly named ImageTragick. Although a vulnerability in image manipulation software might not seem like a problem for web site owners it is in fact a genuine security concern.

CloudFlare quickly rolled out a WAF rule to protect our customers from this vulnerability. It was automatically deployed for all customers with the WAF enabled. We know that it takes time for customers to upgrade their web server software and so the WAF protects them in the interim.

Many websites allow users to upload images and the websites themselves often manipulate these images using software like ImageMagick. For example, if you upload a picture of yourself to use as an avatar, it will very likely be resized by the website. ImageMagick is very popular and there are plugins that make it easy to use with PHP, Ruby, Node.js and other languages so it is common for websites to use it for image resizing or cropping.

Unfortunately, researchers discovered that it was possible to execute arbitrary code (CVE-2016-3714) by hiding it inside image files that a user uploads. That means an attacker can make Continue reading

IDG Contributor Network: Opening up networks to choice, at last

Creating choice is one of the fundamental drivers of innovation. Choice sparks debate, fosters competition and drives innovation. There’s always someone else in the market looking to offer us a choice from what is already here, and the decision people typically make is to go with the choice that makes life easier.For example, consider the choices people make when it comes to their mobile device. In the beginning, the majority of us in business had only one choice to access work email and applications—Blackberry. Today, with devices like iPhones and Androids that utilize open APIs, we have more choices than ever. Furthermore, each person’s mobile device can be unique and personalized to their liking.To read this article in full or to leave a comment, please click here

How gender differences can make your company stronger

Remember that popular relationship book, “Men are from Mars, Women are from Venus,” which aimed to help couples communicate better by helping them understand the innate differences between the sexes?As it turns out, the neuroscience explored in that book can help businesses create more gender balance in their ranks — not simply by upping the numbers of female hires or treating everyone the same in the hopes of eliminating bias. Rather, the practice, known as gender intelligence, applies gender science to highlight and create an appreciation for the natural differences between male and female attitudes and behaviors, according to Barbara Annis, founding partner of Gender Intelligence Group (GIG) and a pioneer behind this leadership style.To read this article in full or to leave a comment, please click here

Microsoft strips Store blocking from Windows 10 Pro

Microsoft last week confirmed that it has stopped letting business customers block the Windows Store in Windows 10 Pro, removing a feature that had been present in the operating system's initial summer 2015 release.Instead, the ability to turn off the Store -- Microsoft's distribution channel for not only apps but also games, music and movies, and about as consumer-grade as a Windows component gets -- has been restricted to Windows Enterprise, the top-tier SKU (stock-keeping unit) available only to large customers.IT administrators had been using Group Policy to block the Store within Windows 10 Pro, largely to keep workers from installing apps not on their company's approved software list. Some admins, however, had ditched the Store for other reasons, including bandwidth consumption as scores of apps frequently updated.To read this article in full or to leave a comment, please click here

First look: Microsoft’s API mashup tool for the rest of us

Not all cloud applications need to be cloud-scale. They’re often simple routing and switching apps that take information from one source, process it minimally, then pass it on. That’s where tools like IFTTT and Yahoo Pipes came into play, allowing you to quickly build and share information flows that linked one service to another. Sadly, Yahoo Pipes has been shut down, and IFTTT has concentrated on simple links to the Internet of things.That means there’s space in the market for a new tool -- one focused on working with applications and services, and capable of handling more complex chains of operations than IFTTT’s basic one input to one output mapping. You could build microservices on Node.js to automate these sorts of connections between applications and between APIs, but that would be overkill. So would Azure Logic Apps or AWS Lambda.To read this article in full or to leave a comment, please click here

20 fixes for a Windows 10 update meltdown

If you’re having problems with Windows 10’s forced updates, you’re not alone. Thankfully, with 11 cumulative updates behind us, we’ve accumulated some coping experience.Each cumulative update is different, but there’s a handful of tricks that can help jolt your system back into consciousness when a troubling cumulative update strikes. If you’re having problems, the following solutions are worth a try. If you can’t get back on course, follow the instructions at the end to find more personalized help -- and the hope to live to fight another day.[ Your one-stop shop for Microsoft knowledge: Everything you need to know about Windows 10, in a handy PDF. Download it today! | Survive and thrive with the new OS: The ultimate Windows 10 survivor kit. | Stay up on key Microsoft technologies with the Windows newsletter. ] I’ve avoided recommendations that seem old-in-the-tooth nowadays. As best I can tell, few recent cumulative update problems are solved by creating a new user account (although there are exceptions). Nor have I hit any mass resets of file associations, which is a problem that plagued earlier cumulative updates. I’m also stepping lightly over Windows Mobile -- sorry, it’s a very different Continue reading

Newspaper chain sending IT jobs overseas

The McClatchy Company, which operates a major chain of newspapers in the U.S., is moving IT work overseas.The number of affected jobs, based on employee estimates, range from 120 to 150.The chain owns about 30 newspapers, including The Sacramento Bee, where McClatchy is based; The Fresno Bee, The News & Observer in Raleigh, N.C., The State in Columbia, S.C. and the Miami Herald.In March, McClatchy IT employees were told that the company had signed a contract with Wipro, an India-based IT services provider.+ ALSO ON NETWORK WORLD The IT outsourcing price wars are on +To read this article in full or to leave a comment, please click here

7 ways to prevent mobile break-in

Looking over your shoulderImage by Louis OliveiraAs mobile devices continue to penetrate our society, mobile security is becoming increasingly difficult to manage. Every mobile device, whether it’s a phone or a tablet, provides hackers with a new avenue to seize private information. We’ve seen many banks, hospitals, and other large organizations have enormous data breaches that caused a lot of damage and recovery time, and they don’t appear to be slowing down anytime soon. For this reason, it is important to take these steps to keep mobile devices protected. Sinan Eren, vice president of Avast Software and general manager of Avast Mobile Enterprise, provides advice on how to do so.To read this article in full or to leave a comment, please click here

Can UC keep remote workers engaged?

So you have a dispersed workforce. Maybe you're part of a big company with several offices. Or maybe your employer has a liberal work-from-home policy. Or perhaps you work with key contractors who may not always be in your office. Whatever the reason, you need unified communication (UC) technology. And so do a lot of other companies. But a recent study by IT consultancy Softchoice suggests that not many companies are getting the tools they need. Softchoice surveyed 250 IT managers and 750 line-of-business professionals in North America, and 44 percent of the IT managers polled said that they found it difficult to deploy UC technology. To read this article in full or to leave a comment, please click here

Apple’s most revolutionary iPhone innovations

The 7 best iPhone innovationsEver since the original iPhone hit stores shelves back in 2007, Apple has skillfully managed to introduce new technologies to successive iPhone models to keep the refresh cycle strong and consumers excited about the latest and greatest model. Not only that, but most new iPhone releases are accompanied by new and innovative technologies that raise the technological bar for all organizations industry-wide. To this end, Apple’s influence within the smartphone industry is immense.To read this article in full or to leave a comment, please click here

Improving BGP Security: 6 Quick Tips

The routing protocol has well-known security issues. Here are some ways to mitigate the risk.

New products of the week 5.9.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow. Absolute Endpoint Data Discovery (EDD)Key features: Endpoint Data Discovery (EDD) allows organizations to identify and protect sensitive data stored on an endpoint. More info.To read this article in full or to leave a comment, please click here

« Previous 1 … 2,907 2,908 2,909 2,910 2,911 … 3,766 Next »