Top 5 observations from EMC World 2016

Last week’s Interop conference in Las Vegas was filled with with news from different IT vendors trying to one up the competition—as is typically the case.Just a couple of miles down the Strip, though, a second conference took place: EMC’s annual user conference.EMC World happens annually, but this event was somewhat special because next year at this time EMC will be under the ownership of Dell. The conference is in the books now, and here are the most notable things I took away from it.1. Joe Tucci says goodbye. Joe Tucci and Michael DellTo read this article in full or to leave a comment, please click here

JUNOS Disable vs Deactivate interfaces

Confusing between disabling and deactivating interfaces on JUNOS is a common mistake that leads to all sorts of problems during implementing changes on live network boxes. Let’s look and clarify the differences quickly. Disabling an interface: Disabling an interface in JUNOS is equivlaent to interface shutdown in Cisco, it is going to take the interface …

The post JUNOS Disable vs Deactivate interfaces appeared first on Networkers-online.com.

More than Moore: IEEE Set to Standardize on Uncertainty

Several decades ago, Gordon Moore made it far simpler to create technology roadmaps along the lines of processor capabilities, but as his namesake law begins to slow on the rails, the IEEE is stepping in to create a new, albeit more diverse roadmap for future systems.

The organization has launched a new effort to identify and trace the course of what follows Moore’s Law with the International Roadmap for Devices and Systems (IRDS), which will take a workload focused view of the mixed landscape and the systems that will be required. In other words, instead of pegging a

More than Moore: IEEE Set to Standardize on Uncertainty was written by Nicole Hemsoth at The Next Platform.

How news was delivered aboard a cruise ship in 1998

Housecleaning yesterday unearthed this miniature 8-page publication called TimesFax, which was delivered to me by the New York Times aboard a cruise ship somewhere in the Caribbean on May 23, 1998. Measuring 7 by 8.5 inches, it was, as I recall, the only source of news available, and since it lacked a full-service sports section, meant I had to go without the box scores needed to follow my fantasy baseball team (unthinkable today). Such were the limitations of leisure travel in that primitive era, at least the manner of leisure travel that I could afford. While the form factor and delivery method were unusual by today’s standards, the headlines were certainly familiar, as the front page featured accounts of both a school shooting and a Clinton scandal, the latter involving the former president as opposed to the future one, of course. That skimpy sports section did include an Associated Press story about the Williams sisters, Serena and Venus, meeting in the final of the French Open, marking the first time they had ever met in the final of a professional tournament.To read this article in full or to leave a comment, please click here

How news was delivered aboard a cruise ship in 1998

Housecleaning yesterday unearthed this miniature 8-page publication called TimesFax, which was delivered to me by the New York Times aboard a cruise ship somewhere in the Caribbean on May 23, 1998. Measuring 7 by 8.5 inches, it was, as I recall, the only source of news available, and since it lacked a full-service sports section, meant I had to go without the box scores needed to follow my fantasy baseball team (unthinkable today). Such were the limitations of leisure travel in that primitive era, at least the manner of leisure travel that I could afford. While the form factor and delivery method were unusual by today’s standards, the headlines were certainly familiar, as the front page featured accounts of both a school shooting and a Clinton scandal, the latter involving the former president as opposed to the future one, of course. That skimpy sports section did include an Associated Press story about the Williams sisters, Serena and Venus, meeting in the final of the French Open, marking the first time they had ever met in the final of a professional tournament.To read this article in full or to leave a comment, please click here

Aruba fixes networking device flaws that could open doors for hackers

Wireless networking device manufacturer Aruba Networks has fixed multiple vulnerabilities in its software that could, under certain circumstances, allow attackers to compromise devices.The vulnerabilities were discovered by Sven Blumenstein from the Google Security Team and affect ArubaOS, Aruba's AirWave Management Platform (AMP) and Aruba Instant (IAP).There are 26 different issues, ranging from privileged remote code execution to information disclosure, insecure updating mechanism and insecure storage of credentials and private keys. However, Aruba combined them all under two CVE tracking IDs: CVE-2016-2031 and CVE-2016-2032.Common issues that are shared by all of the affected software packages have to do with design flaws in an Aruba proprietary management and control protocol dubbed PAPI.To read this article in full or to leave a comment, please click here

Aruba fixes networking device flaws that could open doors for hackers

Wireless networking device manufacturer Aruba Networks has fixed multiple vulnerabilities in its software that could, under certain circumstances, allow attackers to compromise devices.The vulnerabilities were discovered by Sven Blumenstein from the Google Security Team and affect ArubaOS, Aruba's AirWave Management Platform (AMP) and Aruba Instant (IAP).There are 26 different issues, ranging from privileged remote code execution to information disclosure, insecure updating mechanism and insecure storage of credentials and private keys. However, Aruba combined them all under two CVE tracking IDs: CVE-2016-2031 and CVE-2016-2032.Common issues that are shared by all of the affected software packages have to do with design flaws in an Aruba proprietary management and control protocol dubbed PAPI.To read this article in full or to leave a comment, please click here

Aruba fixes networking device flaws that could open doors for hackers

Wireless networking device manufacturer Aruba Networks has fixed multiple vulnerabilities in its software that could, under certain circumstances, allow attackers to compromise devices.The vulnerabilities were discovered by Sven Blumenstein from the Google Security Team and affect ArubaOS, Aruba's AirWave Management Platform (AMP) and Aruba Instant (IAP).There are 26 different issues, ranging from privileged remote code execution to information disclosure, insecure updating mechanism and insecure storage of credentials and private keys. However, Aruba combined them all under two CVE tracking IDs: CVE-2016-2031 and CVE-2016-2032.Common issues that are shared by all of the affected software packages have to do with design flaws in an Aruba proprietary management and control protocol dubbed PAPI.To read this article in full or to leave a comment, please click here

Windows 10 free upgrade will not end July 29 for people with accessibility needs

After announcing that 300 million devices are running Windows 10, Microsoft said its free upgrade offer ends on July 29. If you want Windows 10 after that date, then you can purchase the $119 Windows 10 Home version or buy a new device running Windows 10.The free upgrade offer will not end, however, for Windows customers who have accessibility issues. The Microsoft Accessibility Blog wrote:To read this article in full or to leave a comment, please click here

Windows 10 free upgrade will not end July 29 for people with accessibility needs

After announcing that 300 million devices are running Windows 10, Microsoft said its free upgrade offer ends on July 29. If you want Windows 10 after that date, then Microsoft said you can purchase the $119 Windows 10 Home version or buy a new device running Windows 10.The free upgrade offer will not end for Windows customers with accessibility issues. The Microsoft Accessibility Blog wrote:To read this article in full or to leave a comment, please click here

Bangladeshi police accuse SWIFT technicians of leaving central bank vulnerable to hack

Technicians from the SWIFT global financial network connecting it to Bangladesh's central bank made it easier for hackers to attack the bank, Bangladeshi police and a bank official have told Reuters.The technicians worked on Bangladesh's Real-time Gross Settlement (RTGS) system, used to transfer money among Bangladeshi banks, three months before hackers attempted to steal US$951 million from the central bank. The work opened up "a lot of loopholes" in bank computer systems, said the head of the criminal investigation department leading the investigation.Bangladeshi police want to interview the SWIFT technicians to find out whether their actions were intentional or negligent, Mohammad Shah Alam told Reuters.To read this article in full or to leave a comment, please click here

Bangladeshi police accuse SWIFT technicians of leaving central bank vulnerable to hack

Technicians from the SWIFT global financial network connecting it to Bangladesh's central bank made it easier for hackers to attack the bank, Bangladeshi police and a bank official have told Reuters.The technicians worked on Bangladesh's Real-time Gross Settlement (RTGS) system, used to transfer money among Bangladeshi banks, three months before hackers attempted to steal US$951 million from the central bank. The work opened up "a lot of loopholes" in bank computer systems, said the head of the criminal investigation department leading the investigation.Bangladeshi police want to interview the SWIFT technicians to find out whether their actions were intentional or negligent, Mohammad Shah Alam told Reuters.To read this article in full or to leave a comment, please click here

Founder of Liberty Reserve virtual currency sentenced to 20 years in prison

The founder of now defunct virtual currency Liberty Reserve has been sentenced to 20 years in prison for using his company to run a huge money laundering scheme catering to cybercriminals.Arthur Budovsky, 42, was sentenced Friday in U.S. District Court for the Southern District of New York, with Judge Denise Cote also ordering him to pay a US $500,000 fine.In January, Budovsky pleaded guilty to one count of conspiring to commit money laundering.  During sentencing, Cote noted Budovsky ran an "extraordinarily successful" and "large-scale international money laundering operation."The long sentence shows that "money laundering through the use of virtual currencies is still money laundering, and that online crime is still crime," Leslie Caldwell, assistant attorney general for the U.S. Department of Justice's Criminal Division, said in a press release.To read this article in full or to leave a comment, please click here

Founder of Liberty Reserve virtual currency sentenced to 20 years in prison

The founder of now defunct virtual currency Liberty Reserve has been sentenced to 20 years in prison for using his company to run a huge money laundering scheme catering to cybercriminals.Arthur Budovsky, 42, was sentenced Friday in U.S. District Court for the Southern District of New York, with Judge Denise Cote also ordering him to pay a US $500,000 fine.In January, Budovsky pleaded guilty to one count of conspiring to commit money laundering.  During sentencing, Cote noted Budovsky ran an "extraordinarily successful" and "large-scale international money laundering operation."The long sentence shows that "money laundering through the use of virtual currencies is still money laundering, and that online crime is still crime," Leslie Caldwell, assistant attorney general for the U.S. Department of Justice's Criminal Division, said in a press release.To read this article in full or to leave a comment, please click here

Android’s Stagefright vulnerability hardened against exploits

Last week Google announced fixes to the widely reported Stagefright vulnerability. Fix might not be the right word, though, because as of April 19, 2016, when Google released the Android Security Year in Review for 2015, the company reported: “As of this writing, we have not observed, nor are we aware of, any successful attempts to exploit the Stagefright vulnerabilities against actual user devices.”The status of this exploit seems to contradict the many reports of the Stagefright vulnerability, dating to its announcement at the Black Hat security conference last summer. If all were true, Android phones could be expected to spontaneously combust at any moment.To read this article in full or to leave a comment, please click here

Inside ImageTragick: The Real Payloads Being Used to Hack Websites

Last week multiple vulnerabilities were made public in the popular image manipulation software, ImageMagick. These were quickly named ImageTragick. Although a vulnerability in image manipulation software might not seem like a problem for web site owners it is in fact a genuine security concern.

CloudFlare quickly rolled out a WAF rule to protect our customers from this vulnerability. It was automatically deployed for all customers with the WAF enabled. We know that it takes time for customers to upgrade their web server software and so the WAF protects them in the interim.

Many websites allow users to upload images and the websites themselves often manipulate these images using software like ImageMagick. For example, if you upload a picture of yourself to use as an avatar, it will very likely be resized by the website. ImageMagick is very popular and there are plugins that make it easy to use with PHP, Ruby, Node.js and other languages so it is common for websites to use it for image resizing or cropping.

Unfortunately, researchers discovered that it was possible to execute arbitrary code (CVE-2016-3714) by hiding it inside image files that a user uploads. That means an attacker can make Continue reading

IDG Contributor Network: Opening up networks to choice, at last

Creating choice is one of the fundamental drivers of innovation. Choice sparks debate, fosters competition and drives innovation. There’s always someone else in the market looking to offer us a choice from what is already here, and the decision people typically make is to go with the choice that makes life easier.For example, consider the choices people make when it comes to their mobile device. In the beginning, the majority of us in business had only one choice to access work email and applications—Blackberry. Today, with devices like iPhones and Androids that utilize open APIs, we have more choices than ever. Furthermore, each person’s mobile device can be unique and personalized to their liking.To read this article in full or to leave a comment, please click here

1 2,932 2,933 2,934 2,935 2,936 3,792