NetworkingNexus.net

Dangerous 7-Zip flaws put many other software products at risk

Two vulnerabilities recently patched in 7-Zip could put at risk of compromise many software products and devices that bundle the open-source file archiving library.The flaws, an out-of-bounds read vulnerability and a heap overflow, were discovered by researchers from Cisco's Talos security team. They were fixed in 7-Zip 16.00, released Tuesday.The 7-Zip software can pack and unpack files using a large number of archive formats, including its own 7z format, which is more efficient than ZIP. Its versatility and open-source nature make it an attractive library to include in other software projects that need to process and deal with archived files.To read this article in full or to leave a comment, please click here

Dangerous 7-Zip flaws put many other software products at risk

Buenos Aires Garden

The post Buenos Aires Garden appeared first on 'net work.

Security Sessions: Unique security challenges for healthcare IT

In the latest episode of CSO's Security Sessions, CSO Editor-in-Chief Joan Goodchild sits down with Ellen Derrico from RES to discuss some of the unique security challenges that healthcare IT have to overcome. Topics include ransomware, vulnerabilities, BYOD policies and how to better train clinicians in security practices.

Microservices Network Architecture 101

A new god is rising in the world of application development – Microservices

The new god promises if not happiness in the next life, scalability, agility and fault tolerance in this life. At the heart of all this, is a simple, age-old axiom that is a key design goal of Unix: do one thing, and do it well. In the evolution of application architectures, single monolithic applications made way for client-server applications, which in turn made the way for microservices. The upending of the old world continues in data centers.

Communication is at the heart of this new religion (one popular theory of the etymology of the word religion is the word “religio” which means “to reconnect”). Every religion and every new technology introduces its own new vocabulary.

Microservices are no different!

In the domain of communications, the new lingo involves things such as MacVlan, IPVlan, Weave, Flannel and Swarm, to just name a few. What are they ? How are they connected ? Is IPVlan a new encapsulation format ? If it’s not a new encapsulation format, what is it ? If it is a new encapsulation format, how is it related to VxLAN ? Why were they invented ? Which one should I use ? What Continue reading

Lawmakers probe large data breaches at US bank insurance agency

The personal banking information of about 160,000 U.S. residents walked out the door of the federal government's bank insurance agency on removable media of employees departing in recent months.During the last seven months, seven departing employees at the Federal Deposit Insurance Corporation (FDIC) have left with personal banking information on thumb drives and other removable media, agency officials told a congressional subcommittee Thursday.The FDIC, which provides deposit insurance to U.S. bank accounts, considered the data breaches as "inadvertent" copying of personal banking information that happened when departing employees were copying personal information to removable media, Lawrence Gross Jr., the FDIC's CIO, told the House of Representatives Science, Space, and Technology Committee's oversight subcommittee.To read this article in full or to leave a comment, please click here

Lawmakers probe large data breaches at US bank insurance agency

Who's Hiring?

Site Reliability Engineer Manager. We at Spotify are looking for an engineering leader (Chapter Lead) to manage the NYC part of the Site Reliability Engineering team. This team works with the infrastructure that powers the music service used by millions of users, built by hundreds of engineers. We create tools, develop infrastructure, and teach good practices to help Spotify engineers move faster. As a Chapter Lead your primary responsibility is to the people on your team: ensuring that the members are growing as engineers, doing valuable work, performing well, and generally having a great time at Spotify. Read more and apply here

Site Reliability Engineer. Spotify SREs design, code, and operate tools and systems to reduce the amount of time and effort necessary for our engineers to scale the world’s best music streaming product to 40 million users. We are strong believers in engineering teams taking operational responsibility for their products and work hard to support them in this. We work closely with engineers to advocate sensible, scalable, systems design and share responsibility with them in diagnosing, resolving, and preventing production issues. Read more and apply here

Backend Engineer. We at Spotify are looking for senior backend engineers Continue reading

Worth Reading: SD-WAN Consolidation?

In normal conditions, having as many as 20 companies chasing the same dollars would be unsustainable, so I’ve been waiting for consolidation—that is, for the market to coalesce around a handful (three? four? five?) companies that will emerge as winners after Hunger Games-like forces of capitalism eliminate the other tributes. -via Packet Pushers

The post Worth Reading: SD-WAN Consolidation? appeared first on 'net work.

Texting while driving messes with your sixth sense, Texas researchers say

Researchers from the University of Houston and the Texas A&M Transportation Institute (TTI) say drivers are more distracted when they text than when they are being absent minded or are upset while behind the wheel. The researchers, who based their findings on a study of 59 volunteers/drivers, say a mechanism in the brain automatically corrects for jitter in a driver's arms and hands while steering -- as long as the driver is watching the road. Reading or sending texts while driving takes the driver's eyes off the road, and that's where things becomes unsafe. MORE: Cellphone use involved in more than 1 in 4 crashes | 25 real-life ways people have been hurt using their phonesTo read this article in full or to leave a comment, please click here

Texting while driving messes with your six sense, Texas researchers say

Researchers from the University of Houston and the Texas A&M Transportation Institute (TTI) say drivers are more distracted when they text than when they are being absent minded or are upset while behind the wheel.The researchers, who based their findings on a study of 59 volunteers/drivers, say a mechanism in the brain automatically corrects for jitter in a driver's arms and hands while steering -- as long as the driver is watching the road. Reading or sending texts while driving takes the driver's eyes off the road, and that's where things becomes unsafe.MORE: Cellphone use involved in more than 1 in 4 crashes | 25 real-life ways people have been hurt using their phonesTo read this article in full or to leave a comment, please click here

Introducing Two New Community Repositories: Docker Labs and Docker Community

The sheer amount of Docker content created by the community is amazing. From articles on all the different open source components to slide decks of commercial platforms, chances are the content you’re looking for in the Docker community already … Continued

Nest gives Thread IoT protocol group a new president and a new open-source implementation

Thread, an open wireless protocol for the Internet of things, is getting a boost from one of its biggest boosters, Google-owned Nest Labs. An IPv6 networking protocol built on the 802.15.4 mesh networking standard, Thread is designed to connect hundreds of low-power devices to one other and to the cloud. While the protocol is open, anyone wanting to build Thread-compatible devices had to roll their own software stack implementing it -- until now. Late Wednesday, Nest published the source code for its implementation of the Thread protocol, OpenThread, on Github under a three-clause BSD license, allowing anyone to reuse, modify or redistribute it in source or binary form.To read this article in full or to leave a comment, please click here

Nest gives Thread IoT protocol group a new president and a new open-source implementation

8 awesome (and sometimes free) conference call services

Conference calls are a big part of work life today — sometimes too big. Because we spend so much time in meetings, we want conference-calling systems that that launch quickly and work flawlessly so we can get the information we need and move on to other pressing matters. The capability to browse a post-meeting transcript or zoom through an audio recording would be big bonuses, especially for fastidious note-takers who don't always catch everything in real time.The good news is that the leading conference call services are full of features that take the sting out of group calls and online meetings. Standard features typically include audio recording capability, support for screen-sharing, automated transcripts (created by converting digital recordings into text), Web interfaces with hosting tools for managing calls and keeping track of participants, and 24/7 availability. Some services also offer personalized greetings to participants who dial in, customized hold music, operator assistance and a participant “dial-out” feature, where the service calls participants to bring them into the meeting (also referred to as "call me" functionality).To read this article in full or to leave a comment, please click here

Researchers reveal flaws in 7-Zip, users and security vendors affected

Cisco’s Talos researchers discovered two vulnerabilities in 7-Zip, the popular open-source file archiver known for having a high compression ratio and option to password protect compressed files.Even if users hurry to download the newest 16.0 version of 7-Zip, in which the vulnerabilities are reportedly fixed, that doesn’t take care of many products that have used the old 7-Zip libraries and are still vulnerable. Unless vendors do some work, they are vulnerable and users of their products are as well.To read this article in full or to leave a comment, please click here

Researchers reveal flaws in 7-Zip, users and security vendors affected

SolarWinds CEO reflects on taking the company private

Dell may be the largest tech company to ever go private, but it is by no means the only vendor that has decided it would be better off to pursue strategic options without the constant second guessing of public investors. To learn more about the trend, Network World Editor in Chief John Dix talked with Seth Boro, a Managing Partner at Private Equity firm Thoma Bravo, which has taken Riverbed, Dynatrace and other network companies private, and with Kevin Thompson, CEO of SolarWinds, a supplier of IT management tools that Thoma Bravo helped take private in a $4.5 billion deal last February. Below is the interview with Thompson from SolarWinds. Click here for the interview with Boro from Thoma Bravo.To read this article in full or to leave a comment, please click here

The perils of the public market: Investor reflects on why vendors are going private

Dell may be the largest tech company to ever go private, but it is by no means the only vendor that has decided it would be better off to pursue strategic options without the constant second guessing of public investors. To learn more about the trend, Network World Editor in Chief John Dix talked with Seth Boro, a Managing Partner at private equity firm Thoma Bravo, which has taken Riverbed, Dynatrace and many other network companies private, and with Kevin Thompson, CEO of SolarWinds, a supplier of IT management tools that Thoma Bravo helped take private in a $4.5 billion deal last February. Below is the interview with Boro. Click here for the interview with Thompson from SolarWinds.To read this article in full or to leave a comment, please click here

SolarWinds CEO reflects on his company’s decision to join the ranks of tech companies that have gone private

« Previous 1 … 2,967 2,968 2,969 2,970 2,971 … 3,839 Next »