NetworkingNexus.net

What are hackers up to these days?

The long answer is more complex, but security vendor Trustwave offered some insights in its 2016 Trustwave Global Security Report, which was released last month."Criminals are getting a lot savvier," says Karl Sigler, Trustwave's threat intelligence manager. "We're seeing their tactics changing a little bit."New bad news In the study, Trustwave found that compromises affecting corporate and internal networks hit 40 percent in 2015, up from 18 percent from the year before."Criminals are discovering that if they can get themselves embedded into a corporate network, there's a wealth of monetizable data in those networks," says Sigler. This could also be a result of what he calls a "drastic decline" in the rate of point-of-sale breaches, which dropped by 18 percentage points from 2014 to 2015, according to the study. "Criminals don't go away. They just shift targets," he says.To read this article in full or to leave a comment, please click here

What are hackers up to these days?

How data virtualization delivers on the DevOps promise

Using live data in development means you can test real workloads and get realistic results in transactions and reports. It’s also a significant security risk, as U.K. baby retailer Kiddicare recently found out: The company used real customer names, delivery addresses, email addresses and telephone numbers on a test site, only to have the data extracted and used to send phishing text messages to customers.In 2015, Patreon CEO Jack Conte admitted the names, shipping addresses and email addresses for 2.3 million users of the crowdfunding site had been breached, also “via a debug version of our website that was visible to the public” that had a “development server that included a snapshot of our production database.” And earlier this year a developer at Sydney University in Australia lost a laptop containing an unencrypted copy of a database with the personal and medical details of 6,700 disabled students.To read this article in full or to leave a comment, please click here(Insider Story)

A recently patched Flash Player exploit is being used in widespread attacks

It took hackers less than two weeks to integrate a recently patched Flash Player exploit into widely used Web-based attack tools that are being used to infect computers with malware.The vulnerability, known as CVE-2016-4117, was discovered earlier this month by security researchers FireEye. It was exploited in targeted attacks through malicious Flash content embedded in Microsoft Office documents.When the targeted exploit was discovered, the vulnerability was unpatched, which prompted a security alert from Adobe Systems and a patch two days later.To read this article in full or to leave a comment, please click here

A recently patched Flash Player exploit is being used in widespread attacks

Users Cite Management Challenges With Network Virtualization

EMA research has found the majority of early adopters have management challenges with NV and SDN.

Brocade Webinar Q&A – Complete Transformation of Mobile Networks Through Innovative Brocade Virtual EPC Solutions

Thanks to all who submitted questions to the Brocade Mega NFV Report Report Pt 2 where we learned about innovative Brocade vEPC solutions.

Identity and access management infrastructure is misaligned with security

Several CISOs I’ve spoken to over the past few years agree that identity is a new security perimeter. The thought here is that a combination of mobile device and cloud use renders existing network perimeters obsolete, so security policy enforcement decisions must be driven by identity attributes (i.e., user identity, role, device identity, location, etc.) rather than IP packet attributes. We see this transition coming to fruition with the concept of a software-defined perimeter (SDP) and technologies such as Google BeyondCorp and Vidder PrecisionAccess. Yup, this makes sense. Armed with identity attributes, organizations can make intelligent network access decisions on who gets access to which IT assets regardless of their location. Unfortunately, there is a big problem here. The identity and access management (IAM) infrastructure was built organically over the last 10-15 years, so it depends upon a morass of disconnected and fragile elements. This situation greatly impacts security. To read this article in full or to leave a comment, please click here

Identity and Access Management infrastructure is misaligned with security

Several CISOs I’ve spoken to over the past few years agree that identity is a new security perimeter. The thought here is that a combination of mobile device and cloud use renders existing network perimeters obsolete, so security policy enforcement decisions must be driven by identity attributes (i.e., user identity, role, device identity, location, etc.) rather than IP packet attributes. We see this transition coming to fruition with the concept of a software-defined perimeter (SDP) and technologies such as Google BeyondCorp and Vidder PrecisionAccess.Yup, this makes sense. Armed with identity attributes, organizations can make intelligent network access decisions on who gets access to which IT assets regardless of their location. Unfortunately, there is a big problem here. The identity and access management (IAM) infrastructure was built organically over the last 10-15 years, so it depends upon a morass of disconnected and fragile elements. This situation greatly impacts security. To read this article in full or to leave a comment, please click here

Identity and Access Management (IAM) Infrastructure is Misaligned with Security

Several CISOs I’ve spoken to over the past few years agree that identity is a new security perimeter. The thought here is that a combination of mobile device and cloud use renders existing network perimeters obsolete so security policy enforcement decisions must be driven by identity attributes (i.e. user identity, role, device identity, location, etc.) rather than IP packet attributes. We see this transition coming to fruition with the concept of a software-defined perimeter (SDP) and technologies such as Google BeyondCorp and Vidder PrecisionAccess.Yup, this makes sense. Armed with identity attributes, organizations can make intelligent network access decisions on who gets access to which IT assets regardless of their location. Unfortunately, there is a big problem here. The IAM infrastructure was built organically over the last 10-15 years so it depends upon a morass of disconnected and fragile elements. This situation greatly impacts security. To read this article in full or to leave a comment, please click here

Golang net package: UDP Client with Specific Source Port

Well you found it if you were looking for it. If you are using the Golang net package and need to set a specific source port for the UDP or TCP dial functions, then look no further. Why might you want to control your source port and not leave it to random selection in the range of 1024-65535? Some server software might be hardwired to listen to communications coming from a specific source port and might not respond to packets originating from any other source port on a client. With the IoT world growing rapidly, this issue bit me recently and I didn’t figure it out immediately. Maybe it’s my old school brain not being down with the kids. Who knows. Solved it in the end, so sharing here to help you!

It was late on a Saturday night

Pizza had been eaten. Pepsi was being consumed. A crazy Saturday evening one would say. Alas, a friend and I had decoded the communications of an IoT device and wanted to write some better client software. The software client happened to carry out discovery using a specific source port destined to the same port, then when the mode changed from discovery Continue reading

IDG Contributor Network: JFrog Xray provides application transparency

Applications today look different from how they looked only a few short years ago. Instead of generally monolithic architecture, modern applications take on a far more modular approach leveraging component third-party services, new ways to deploy and interactions with an increasing number of third-party systems and tools. All of this complexity makes it hard for developers, operations teams or a combination thereof to really see what is going on.For that reason, vendors are increasingly looking to offer visibility as a specific product. That is the case for JFrog, which today announced Xray, a tool that aims to deliver transparency across applications. JFrog offers software management and distribution tools. Given that it already helps organizations deploy applications and manage those applications, it is a natural progression to offer visibility across those apps.To read this article in full or to leave a comment, please click here

EIGRP Feasible Successor

One of the advantages of EIGRP Feasible Successor is that it speeds up the EIGRP. In fact, if there is a Feasible Successor in the EIGRP network, such network converges faster than OSPF or IS-IS. But what is EIGRP Feasible Successor and how can we find EIGRP Feasible Successor? Or, if there is EIGRP Feasible […]

The post EIGRP Feasible Successor appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

How Microsoft’s tricky new Windows 10 pop-up deceives you into upgrading

This morning, the unthinkable happened: My wife, an avowed PC user who long ago swore to never touch an Apple device, started shopping around for a Mac Mini. And it’s all thanks to Windows 10. Or rather, the nasty new way that Microsoft’s tricking Windows 7 and 8 users into automatically updating to Windows 10.I adore Windows 10, but I’ve long been a vocal critic of the heavy-handed tactics that Microsoft’s been using to force people into the upgrade, all to hit a goal of migrating 1 billion users to an operating system brimming with freemium services and ads. The annoying “Get Windows 10” pop-up began using deceiving malware-like tactics months ago, but it recently received an overhaul that seems purposefully designed to confuse users who have been wearily slogging through the nagging for half a year now.To read this article in full or to leave a comment, please click here

6 ways to add a second line to your smartphone

About a year ago I started a new business offering interactive "escape room" challenges in the Detroit area. Although I'd hoped to keep it strictly an online affair, with an informative website and simple ticketing system, it quickly became clear I'd need a phone line. Customers needed a way to reach me with questions, booking issues and so on.To read this article in full or to leave a comment, please click here(Insider Story)

7 programming languages we love to hate — but can’t live without

The well-meaning advice to not carry a grudge certainly didn’t come from anyone who’s wrestled with a computer for a living. Toil for anytime with the infernal logic of a programming language and you’ll know the horrors of the inky void where the worst bugs dwell.Sure, everyone loves a computer language when they first encounter it. And why wouldn’t we, with all those “hello world” examples that show how powerful the language can be in three lines of code. Programming languages are defined to be implicitly logical, but that doesn’t mean they spread logic everywhere they go. A pleasant barkeep may make the lives of everyone at the bar happier. A brave firefighter radiates bravery. But the logical mechanisms of programming languages often breed illogic, confusion, and doubt.To read this article in full or to leave a comment, please click here

Open source job market booming

Recruiting open source talent is a top priority for IT recruiters and hiring managers in 2016. According to the 2016 Open Source Jobs Report released today by IT hiring platform Dice.com and The Linux Foundation, 65 percent of hiring managers say open source hiring will increase more than any other part of their business over the next six months, and 79 percent of hiring managers have increased incentives to hold on to their current open source professionals.To read this article in full or to leave a comment, please click here

Recruiters increasingly rely on social media to find talent

When you decide to start looking for a new job, Twitter and Facebook might be the last places you'd expect to connect with recruiters. But that's quickly becoming the reality, as more recruiters turn to social media to find viable candidates to fill open job requisitions. Alexander Mann Solutions, a talent acquisition and management service; and Social Talent, a recruiting software and analytics company, released their 2016 Global Recruiting Survey, which shed light on how some recruiters use social media in their efforts.To read this article in full or to leave a comment, please click here

Lustre to DAOS: Machine Learning on Intel’s Platform

Training a machine learning algorithm to accurately solve complex problems requires large amounts of data. The previous article discussed how scalable distributed parallel computing using a high-performance communications fabric like Intel Omni-Path Architecture (Intel OPA) is an essential part of what makes the training of deep learning on large complex datasets tractable in both the data center and within the cloud. Preparing large unstructured data sets for machine learning can be as intensive a task as the training process – especially for the file-system and storage subsystem(s). Starting (and restarting) big data training jobs using tens of thousands of clients …

Lustre to DAOS: Machine Learning on Intel’s Platform was written by Nicole Hemsoth at The Next Platform.

« Previous 1 … 2,941 2,942 2,943 2,944 2,945 … 3,836 Next »