The sad reality about Windows Phones

Everybody loves smartphones, but almost nobody loves Windows smartphones.A majority (78 percent) of all mobile phones sold worldwide between January and March were smartphones, and smartphones sales grew by 4 percent compared to the same time period the year previous, according to a recent report by market research firm Gartner. Yet with all that smartphone activity, Windows phone sales fell even further. Actually, the word “fell” is being generous. The truth is they crashed.Hard.MORE ON NETWORK WORLD: 10 (FREE!) Microsoft tools to make admins happier Windows mobile device market share fell below the one percent mark worldwide to 0.7 percent during the first quarter of 2016, according to Gartner. Just one year ago, Windows device sales were anemic at 2.5 percent, but that’s still many times better compared to where they are now.To read this article in full or to leave a comment, please click here

How to go back to Windows 7 or 8 after an unwanted Windows 10 upgrade

Microsoft’s putting away the carrots and breaking out the sticks in its quest to migrate 1 billion users to Windows 10 over the next couple of years.After pushing out the free upgrade as a Recommended update to Windows 7 and 8 users earlier this year—which means that you downloaded the initial installation bits if you use the default Windows Update, like most people should—Microsoft changed its nagging pop-up prompt in an insidious way over the past week. For the past six months, the “Get Windows 10” pop-up asked permission to start an update, but lacked a “No thanks” option, so the only way to avoid it was to close the window by pressing the X in the upper-right hand corner. Now, the pop-up says “We will upgrade you at this time,” and pressing the X counts as consent. You need to click a small, easily missed link in the pop-up to cancel the upgrade, instead.To read this article in full or to leave a comment, please click here

Microsoft updates Dynamics CRM with a new IoT twist

There's an update available for Microsoft's Dynamics CRM 2016, and it brings with it a brand-new tool to help companies tap the Internet of Things for their customer-service efforts.Announced on Monday, the Spring 2016 Wave of Dynamics CRM adds Connected Field Service, a new tool companies can soon use to leverage the potential of predictive maintenance via IoT devices.Available as a preview in June, Connected Field Service continuously monitors IoT-enabled devices for anomalies, generating alerts that trigger automated actions or service tickets and workflow according to service level agreements. Service technicians with the right skills and tools are then matched against the service requirement based on availability and proximity and routed to customer locations for preventive action.To read this article in full or to leave a comment, please click here

Worth Reading: Ambry Open Source Object Store

Today, we are announcing that Ambry is now available as an open source project under the Apache 2.0 license. Ambry is optimized to store and serve media. Media content has become critical for any website to increase user engagement, virality and monetization. Media pipelines will need to be supported by more companies, especially with the advancement of video and virtual reality. -LinkedIn Engineering Blog

LinkedInTwitterGoogle+Facebook

The post Worth Reading: Ambry Open Source Object Store appeared first on 'net work.

What are hackers up to these days?

The long answer is more complex, but security vendor Trustwave offered some insights in its 2016 Trustwave Global Security Report, which was released last month."Criminals are getting a lot savvier," says Karl Sigler, Trustwave's threat intelligence manager. "We're seeing their tactics changing a little bit."New bad news In the study, Trustwave found that compromises affecting corporate and internal networks hit 40 percent in 2015, up from 18 percent from the year before."Criminals are discovering that if they can get themselves embedded into a corporate network, there's a wealth of monetizable data in those networks," says Sigler. This could also be a result of what he calls a "drastic decline" in the rate of point-of-sale breaches, which dropped by 18 percentage points from 2014 to 2015, according to the study. "Criminals don't go away. They just shift targets," he says.To read this article in full or to leave a comment, please click here

What are hackers up to these days?

The long answer is more complex, but security vendor Trustwave offered some insights in its 2016 Trustwave Global Security Report, which was released last month."Criminals are getting a lot savvier," says Karl Sigler, Trustwave's threat intelligence manager. "We're seeing their tactics changing a little bit."New bad news In the study, Trustwave found that compromises affecting corporate and internal networks hit 40 percent in 2015, up from 18 percent from the year before."Criminals are discovering that if they can get themselves embedded into a corporate network, there's a wealth of monetizable data in those networks," says Sigler. This could also be a result of what he calls a "drastic decline" in the rate of point-of-sale breaches, which dropped by 18 percentage points from 2014 to 2015, according to the study. "Criminals don't go away. They just shift targets," he says.To read this article in full or to leave a comment, please click here

How data virtualization delivers on the DevOps promise

Using live data in development means you can test real workloads and get realistic results in transactions and reports. It’s also a significant security risk, as U.K. baby retailer Kiddicare recently found out: The company used real customer names, delivery addresses, email addresses and telephone numbers on a test site, only to have the data extracted and used to send phishing text messages to customers.To read this article in full or to leave a comment, please click here(Insider Story)

How data virtualization delivers on the DevOps promise

Using live data in development means you can test real workloads and get realistic results in transactions and reports. It’s also a significant security risk, as U.K. baby retailer Kiddicare recently found out: The company used real customer names, delivery addresses, email addresses and telephone numbers on a test site, only to have the data extracted and used to send phishing text messages to customers.In 2015, Patreon CEO Jack Conte admitted the names, shipping addresses and email addresses for 2.3 million users of the crowdfunding site had been breached, also “via a debug version of our website that was visible to the public” that had a “development server that included a snapshot of our production database.” And earlier this year a developer at Sydney University in Australia lost a laptop containing an unencrypted copy of a database with the personal and medical details of 6,700 disabled students.To read this article in full or to leave a comment, please click here(Insider Story)

A recently patched Flash Player exploit is being used in widespread attacks

It took hackers less than two weeks to integrate a recently patched Flash Player exploit into widely used Web-based attack tools that are being used to infect computers with malware.The vulnerability, known as CVE-2016-4117, was discovered earlier this month by security researchers FireEye. It was exploited in targeted attacks through malicious Flash content embedded in Microsoft Office documents.When the targeted exploit was discovered, the vulnerability was unpatched, which prompted a security alert from Adobe Systems and a patch two days later.To read this article in full or to leave a comment, please click here

A recently patched Flash Player exploit is being used in widespread attacks

It took hackers less than two weeks to integrate a recently patched Flash Player exploit into widely used Web-based attack tools that are being used to infect computers with malware.The vulnerability, known as CVE-2016-4117, was discovered earlier this month by security researchers FireEye. It was exploited in targeted attacks through malicious Flash content embedded in Microsoft Office documents.When the targeted exploit was discovered, the vulnerability was unpatched, which prompted a security alert from Adobe Systems and a patch two days later.To read this article in full or to leave a comment, please click here

Identity and access management infrastructure is misaligned with security

Several CISOs I’ve spoken to over the past few years agree that identity is a new security perimeter. The thought here is that a combination of mobile device and cloud use renders existing network perimeters obsolete, so security policy enforcement decisions must be driven by identity attributes (i.e., user identity, role, device identity, location, etc.) rather than IP packet attributes. We see this transition coming to fruition with the concept of a software-defined perimeter (SDP) and technologies such as Google BeyondCorp and Vidder PrecisionAccess. Yup, this makes sense. Armed with identity attributes, organizations can make intelligent network access decisions on who gets access to which IT assets regardless of their location. Unfortunately, there is a big problem here. The identity and access management (IAM) infrastructure was built organically over the last 10-15 years, so it depends upon a morass of disconnected and fragile elements. This situation greatly impacts security. To read this article in full or to leave a comment, please click here

Identity and Access Management infrastructure is misaligned with security

Several CISOs I’ve spoken to over the past few years agree that identity is a new security perimeter. The thought here is that a combination of mobile device and cloud use renders existing network perimeters obsolete, so security policy enforcement decisions must be driven by identity attributes (i.e., user identity, role, device identity, location, etc.) rather than IP packet attributes. We see this transition coming to fruition with the concept of a software-defined perimeter (SDP) and technologies such as Google BeyondCorp and Vidder PrecisionAccess.Yup, this makes sense. Armed with identity attributes, organizations can make intelligent network access decisions on who gets access to which IT assets regardless of their location. Unfortunately, there is a big problem here. The identity and access management (IAM) infrastructure was built organically over the last 10-15 years, so it depends upon a morass of disconnected and fragile elements. This situation greatly impacts security. To read this article in full or to leave a comment, please click here

Identity and Access Management (IAM) Infrastructure is Misaligned with Security

Several CISOs I’ve spoken to over the past few years agree that identity is a new security perimeter.  The thought here is that a combination of mobile device and cloud use renders existing network perimeters obsolete so security policy enforcement decisions must be driven by identity attributes (i.e. user identity, role, device identity, location, etc.) rather than IP packet attributes.  We see this transition coming to fruition with the concept of a software-defined perimeter (SDP) and technologies such as Google BeyondCorp and Vidder PrecisionAccess.Yup, this makes sense.  Armed with identity attributes, organizations can make intelligent network access decisions on who gets access to which IT assets regardless of their location.  Unfortunately, there is a big problem here.  The IAM infrastructure was built organically over the last 10-15 years so it depends upon a morass of disconnected and fragile elements.  This situation greatly impacts security. To read this article in full or to leave a comment, please click here

Golang net package: UDP Client with Specific Source Port

Well you found it if you were looking for it. If you are using the Golang net package and need to set a specific source port for the UDP or TCP dial functions, then look no further. Why might you want to control your source port and not leave it to random selection in the range of 1024-65535? Some server software might be hardwired to listen to communications coming from a specific source port and might not respond to packets originating from any other source port on a client. With the IoT world growing rapidly, this issue bit me recently and I didn’t figure it out immediately. Maybe it’s my old school brain not being down with the kids. Who knows. Solved it in the end, so sharing here to help you!

It was late on a Saturday night

Pizza had been eaten. Pepsi was being consumed. A crazy Saturday evening one would say. Alas, a friend and I had decoded the communications of an IoT device and wanted to write some better client software. The software client happened to carry out discovery using a specific source port destined to the same port, then when the mode changed from discovery Continue reading

IDG Contributor Network: JFrog Xray provides application transparency

Applications today look different from how they looked only a few short years ago. Instead of generally monolithic architecture, modern applications take on a far more modular approach leveraging component third-party services, new ways to deploy and interactions with an increasing number of third-party systems and tools. All of this complexity makes it hard for developers, operations teams or a combination thereof to really see what is going on.For that reason, vendors are increasingly looking to offer visibility as a specific product. That is the case for JFrog, which today announced Xray, a tool that aims to deliver transparency across applications. JFrog offers software management and distribution tools. Given that it already helps organizations deploy applications and manage those applications, it is a natural progression to offer visibility across those apps.To read this article in full or to leave a comment, please click here

1 2,946 2,947 2,948 2,949 2,950 3,841