Bangladesh Bank attackers used custom malware that hijacked SWIFT software

The hackers who stole US $81 million from Bangladesh's central bank likely used custom malware designed to interfere with the SWIFT transaction software used by many financial institutions.The attackers attempted to transfer $951 million out of Bangladesh Bank's account at the Federal Reserve Bank of New York in February, but most of the transfers were blocked before completion. The attackers did manage to send $81 million to accounts in the Philippines, and that money is still missing.Researchers from BAE Systems have recently come across several malware components that they believe are part of a custom attack toolkit that was likely used in the heist.To read this article in full or to leave a comment, please click here

Empty DDoS Threats: Meet the Armada Collective

Beginning in March 2016, we began hearing reports of a gang of cybercriminals once again calling themselves the Armada Collective. The calling card of the gang was an extortion email sent to a wide variety of online businesses threatening to launch DDoS attacks if they weren't paid in Bitcoin.

Scary Wizard Behind the CurtainFrom The Wizard of Oz (1939)

We heard from more than 100 existing and prospective CloudFlare customers who had received the Armada Collective's emailed threats. We've also compared notes with other DDoS mitigation vendors with customers that had received similar threats.

Our conclusion was a bit of a surprise: we've been unable to find a single incident where the current incarnation of the Armada Collective has actually launched a DDoS attack. In fact, because the extortion emails reuse Bitcoin addresses, there's no way the Armada Collective can tell who has paid and who has not. In spite of that, the cybercrooks have collected hundreds of thousands of dollars in extortion payments.

The Threat

The extortion emails sent by the Armada Collective have been remarkably consistent over the last two months. Here's an example:

To: [Victim Org's Role Account]
From: [email protected]
Subject: DDOS ATTACK!!

FORWARD THIS MAIL TO WHOEVER IS IMPORTANT Continue reading

15 ways to not get fired from your dream job

This week a famous pitcher who clearly should have known better, lost his very high paying job at ESPN. It reminded me how many kids fresh out of college undid all of those years in school by getting fired for doing something similar.9. Avoid being a prankster. Every office has one and every once in a while things go terribly wrong. There are some legendary pranks like taking one CEO’s Ferrari apart and then reassembling it in his office.   I’m still a little bit awed about that one; and if you are part of a team of top engineers in the company you might get away with it, if you are a first year employee and you even scratch said Ferrari you’ll likely be toast. I can’t tell you the number of times I’ve seen someone being escorted off campus saying something to the effect of, “it was just a prank.”  To read this article in full or to leave a comment, please click here(Insider Story)

Software audits: How high tech plays hardball

When the software audit request came from Adobe two years ago, Margaret Smith (not her real name) thought it was business as usual. As a governance risk and compliance specialist for a Fortune 500 company, she was used to getting audited several times each year.“Usually these things start out friendly,” she says. “We get a request for an audit, and there’s some negotiation involved. They want do an on-site audit or request specific employee IDs, and we say no. But this time they came out swinging. Within two weeks they were threatening to bring in the lawyers.”[ To build or to buy IT applications? InfoWorld sheds light on this eternal questions. | Get the latest insight on the tech news that matters from InfoWorld's Tech Watch blog. ] Smith’s firm, a maker of consumer goods, had licensed at least 55 different Adobe products in offices around the globe. Now the software maker was accusing her firm of using far more software than it had a right to.To read this article in full or to leave a comment, please click here

Feds seek public input on the future of IoT

The U.S. government believes the Internet of Things (IoT) has enormous economic potential across all industries. Its machine-to-machine technologies can reduce automobile-related injuries, usher in an era of precise weather forecasting and automate all types of processes.But what impact will IoT have on jobs? Will it create more than it destroys? And what happens to all the data devices generate?With those kinds of issues at stake, the U.S. Department of Commerce is now seeking public comment on the "benefits, challenges and potential roles for the government in fostering the advancement of the Internet of Things." There are 28 questions, and multiple sub-parts to some questions. It's a long list.To read this article in full or to leave a comment, please click here

4 tech nightmares keeping IT leaders up at night

Being a CIO isn't an easy job, not when hackers are coming at you from all sides trying to get their hands on that sweet, sweet data. It’s especially nerve-racking because one breach can turn a company from a respectable business to one that looks like it protects its information with a layer of Swiss cheese. Here are four things keeping CIOs up at night – and ways to help them fall back asleep again – or at least into a light doze instead of staring at the ceiling waiting for a hacker to break through.1. Dude, where's my data? Andrew Hay, CISO for DataGravity, says one concern might seem a simple one: "the lack of data awareness that organizations have in terms of where information is stored and what type of sensitive information is accessible by people who shouldn't have it," he says. To read this article in full or to leave a comment, please click here

First Steps In The Program Model For Persistent Memory

In the previous article, we left off with the basic storage model having its objects first existing as changed in the processor’s cache, then being aged into volatile DRAM memory, often with changes first logged synchronously into I/O-based persistent storage, and later with the object’s changes proper later copied from volatile memory into persistent storage. That has been the model for what seems like forever.

With variations, that can be the storage model for Hewlett-Packard Enterprise’s The Machine as well. Since The Machine has a separate class of volatile DRAM memory along with rapidly-accessible, byte-addressable persistent memory accessible globally, the

First Steps In The Program Model For Persistent Memory was written by Timothy Prickett Morgan at The Next Platform.

Review: Hot cloud-based tools for Wi-Fi hotspot management

Wi-Fi hardware vendors are coming out with new cloud-based solutions, primarily to ease the remote management of wireless networks. However, they typically only support their own hardware. Here we take a look at three cloud-based solutions that support wireless routers and access points from multiple vendors.To read this article in full or to leave a comment, please click here(Insider Story)

New products of the week 4.25.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Array Networks APV1600Key features: The APV1600, a fifth-generation application delivery controller (ADC) appliance runs Array’s Version 8.6 software to achieve industry-leading Layer-4 (3.7Gbps), Layer-7 (3Gbps) and SSL (2100TPS) benchmarks for throughput and connection speed. More info.To read this article in full or to leave a comment, please click here

New products of the week 4.25.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Array Networks APV1600Key features: The APV1600, a fifth-generation application delivery controller (ADC) appliance runs Array’s Version 8.6 software to achieve industry-leading Layer-4 (3.7Gbps), Layer-7 (3Gbps) and SSL (2100TPS) benchmarks for throughput and connection speed. More info.To read this article in full or to leave a comment, please click here

OpenStack’s director: Why open source cloud should be the core of your data center

Six years ago over two days engineers from Rackspace and NASA met in Austin, Texas, for the very first OpenStack Summit. Six years later, OpenStack is returning to its roots.As it does so, OpenStack has cemented itself as the dominant open source IaaS platform. But at the same time, more proprietary offerings from vendors like Amazon Web Services, Microsoft Azure and VMware still seem to reign in the broader market.+More on Network World: 15 most powerful OpenStack companies | OpenStack by the numbers: Who’s using open source clouds and for what? +To read this article in full or to leave a comment, please click here

OpenStack by the numbers: Who’s using open source clouds and for what?

The latest bi-annual survey data of OpenStack users shows a continuing march of the open source cloud software into mainstream of enterprises, but also the project’s continued challenges related to ease of deployment and management.+MORE AT NETWORK WORLD: Cool products at OpenStack Austin Summit +One thing that’s clear is that interest in OpenStack continues to grow rapidly. The project is made up of 20 million lines of code; more than 585 companies have supported OpenStack in some way, and the OpenStack Foundation counts almost 40,000 people actively engaged in the community.To read this article in full or to leave a comment, please click here

Scalability of OpenFlow Control Plane Network

This article was initially sent to my SDN mailing list. To register for SDN tips, updates, and special offers, click here.

I got an interesting question from one of my readers:

If every device talking to a centralized control plane uses an out-of-band channel to talk to the OpenFlow controller, isn’t this a scaling concern?

A year or so ago I would have said NO (arguing that the $0.02 CPU found in most networking devices is too slow to overload a controller or reasonably-fast control-plane network).

Read more ...

Prayer Time at the Austin Summit

A large portion of the OpenStack community is gathered in Austin this week for the Spring 2016 OpenStack Summit. As I’ve done at previous Summits (and other events), I’m offering to gather with other Christian believers for a brief time of prayer in the mornings before the sessions kick off each day.

Normally I get these arranged much earlier, so I apologize for not getting this out there sooner. That being said, if you’re a Christian and interested in gathering for a brief time of prayer, we will be meeting outside the Austin Convention Center at 8:30 am. We’ll meet along East 4th Street, on the convention center side of the Downtown Station.

Anyone is welcome to join us, but please note that this will be a distinctly Christian-focused and Christ-centered event.

You don’t need to RSVP or let me know you’ll be there; just feel free to stop by. I hope to see you there!

iPhone 7 Rumor Rollup: Analyst buzzkill; all glass, all the time; cool iOS 10 concept video

A reminder not to put Barclays analyst Mark Moskowitz on your A List if you plan to have an iPhone 7 party – though you might want to put him at the top of the list for the iPhone 8 in 2017.The market watcher has issued a note to investors this week, according to Fortune, in which he says the iPhone 7 smartphone that Apple will reportedly launch later this year will be devoid of “any must-have form factor changes” compared to the iPhone 6s.MORE: Best iPhone 7 Design Concepts of 2016To read this article in full or to leave a comment, please click here

1 3,018 3,019 3,020 3,021 3,022 3,841