Cyberthugs targeting companies with ransomware based on extortion amount for data

As if the steady rise of ransomware isn’t alarming enough, businesses that get hit with ransomware may not be unlucky targets of opportunity, but targets of choice as cyberthugs are setting ransom demands based on how much valuable data a business has.That is just one cybersecurity and online privacy trend found in the 2016 Data Protection and Breach Readiness Guide. With a nod to Data Privacy Day, the Online Trust Alliance (OTA) released its new guide as well as key findings from its analysis.To read this article in full or to leave a comment, please click here

The Butcher’s Bill

chopping-block-Dell-EMC

Watching a real butcher work is akin to watching a surgeon. They are experts with their tools, which are cleavers and knives instead of scalpels and stitches. They know how to carve the best cut of meat from a formless lump. And they do it with the expert eye of a professional trained in their trade.

Butcher is a term that is often loaded with all manner of negative connotations. It makes readers think of indiscriminate slaughter and haphazard destruction. But the real truth is that a butcher requires time and training to cut as they do. There is nothing that a butcher does that isn’t calculated and careful.

Quick Cuts

Why all the discussion about butchers? Because you’re going to see a lot more comparisons in the future when people talk about the pending Dell/EMC acquisition. The real indiscriminate cutting has already started. EMC hid an undisclosed number of layoffs in a Dec. 31 press release. VMware is going to take a 5% hit in jobs, including the entire Workstation and Fusion teams.

It’s no secret that the deal is in trouble right now. Investors are cringing at some of the provisions. The Virtustream spin out was rescinded after Continue reading

Let us look at the code running our devices, says Federal Trade Commissioner

Consumers should have the right to inspect the source code for connected devices they own, to ensure it doesn't contain bugs or backdoors, one U.S. Federal Trade Commissioner believes.As we connect our homes, our vehicles and our clothing to the Internet of Things, "We need to be very mindful of consumer data security and be very careful of anything that undermines that data security," said Commissioner Terrell McSweeny.McSweeny was speaking in a personal capacity at the State of the Net conference in Washington, D.C., on Monday, but her position as one of four Commissioners at the U.S. Federal Trade Commission could allow her to influence policy.To read this article in full or to leave a comment, please click here

Worth Reading: Intel becomes irrelevant

We’re approaching the end of the closed, proprietary, single source technology era. ARM processors are freely licensed, more open, and much more cost competitive than similar products from Intel or AMD. If you need 10 million chips for your next product do you buy them from Intel? Or do you get a license from ARM and hire a foundry to make them for you? -va cringely

The post Worth Reading: Intel becomes irrelevant appeared first on 'net work.

U.S. Congress to federal agencies: You have two weeks to tally your backdoored Juniper kit

Around two dozen U.S. government departments and federal agencies are being questioned by the U.S. Congress on whether they were using backdoored Juniper network security appliances. In December, Juniper Networks announced that it had discovered unauthorized code added to ScreenOS, the operating system that runs on its NetScreen network firewalls. The rogue code, which remained undetected for 2 years or more, could have allowed remote attackers to gain administrative access to the vulnerable devices or to decrypt VPN connections. The U.S. House of Representatives' Committee on Oversight and Government Reform wants to determine the impact that this issue had on government organizations and how the affected organizations responded to the incident.To read this article in full or to leave a comment, please click here

U.S. Congress to federal agencies: You have two weeks to tally your backdoored Juniper kit

Around two dozen U.S. government departments and federal agencies are being questioned by the U.S. Congress on whether they were using backdoored Juniper network security appliances. In December, Juniper Networks announced that it had discovered unauthorized code added to ScreenOS, the operating system that runs on its NetScreen network firewalls. The rogue code, which remained undetected for 2 years or more, could have allowed remote attackers to gain administrative access to the vulnerable devices or to decrypt VPN connections. The U.S. House of Representatives' Committee on Oversight and Government Reform wants to determine the impact that this issue had on government organizations and how the affected organizations responded to the incident.To read this article in full or to leave a comment, please click here

Security ‘net: Digital Copyright Edition

security-netThe world of digital copyright is somewhat tangential to “real” security, but it’s a culture issue that impacts every network engineer in myriad ways. For instance, suppose you buy a small home router, and then decide you really want to run your own software on it. For instance, let’s say you really want to build your own router because you know what you can build will outperform what’s commercially available (which, by the way, it will). But rather than using an off box wireless adapter, like the folks at ARS, you really want to have the wireless on board.

Believe it or not, this would be considered, by some folks, as a pretty large act of copyright infringement. For instance, the hardware manufacturer may object to you replacing their software. Or the FCC or some other regulatory agency might even object because they think you’re trying to hog wireless spectrum, or because you don’t like what the wireless providers are doing. The EFF has a good piece up arguing that just such tinkering as replacing the operating system on a commercially purchased device is at the heart of digital freedom.

One of the most crucial issues in the fight for Continue reading

Symantec partner caught running tech support scam

Tech support scammers are known for their cheek -- making unfounded claims that PCs are infected to scare consumers into parting with their money -- but a Symantec partner took nerve to a new level, a security company claimed last week.According to San Jose, Calif.-based Malwarebytes, Silurian Tech Support ran a scam in which its employees, who billed themselves as support technicians, used obscure but harmless entries in Windows' Event Viewer and Task Manager to claim that a PC had been overwhelmed by malware, then leveraged those bogus threats to sell overpriced copies of Symantec's Norton security software and an annual contract for follow-up phone support.To read this article in full or to leave a comment, please click here

DARPA funds a program so computers can read thoughts

In the future, computers may be able to read your thoughts through a connection with the brain. DARPA wants to create a device that could help make that happen.The device, which will be the size of two stacked nickels, will translate information from a brain into digital signals for use on a computer. The device is being developed as part of a four-year, US$60 million research program funded by DARPA -- the Defense Advanced Research Projects Agency, which operates under the aegis of the U.S. Department of Defense.MORE ON NETWORK WORLD: 13 awesome and scary things in near Earth space The program, called Neural Engineering System Design (NESD), is one of DARPA's many research programs that aims to bring brain-like intelligence to computers. The research program will cover neuroscience, low-power chips, photonics and medical devices.To read this article in full or to leave a comment, please click here

Marvin Minsky, AI pioneer and Turing award winner, dies at 88

Marvin Minsky, a professor emeritus at MIT who pioneered the exploration of the mind and its replication in a computer, died on Sunday from a cerebral hemorrhage at the age of 88, according to MIT Media Lab.In his prologue to his seminal book, Society of Mind, Minsky wrote that the book tries to explain how the mind works, and "that you can build a mind from many little parts, each mindless by itself."+ ALSO: Notable 2015 deaths in technology, science & inventions +To read this article in full or to leave a comment, please click here

Review: Microsoft’s Windows Defender antivirus is less awful than it used to be

We've all loved to hate Microsoft's free Windows Defender software—it's been so mediocre that it's been considered the baseline metric in third-party tests. But recent independent tests show it's actually outperforming a number of third-party suites, some of which charge you money to use them.Results released by AV-test.org for the month of December put Microsoft right in the middle of the pack of its list of antivirus software for home users. Microsoft is still near the bottom of the heap in the business market, however, using the version of Microsoft System Center that’s been integrated into Windows 10’s business editions.To read this article in full or to leave a comment, please click here

8 tips for recruiting cybersecurity talent

Good IT talent is hard to find. You know what's even more difficult? Finding good cybersecurity talent. Demand for skilled cybersecurity professionals is growing at an astonishing rate -- four times faster than the IT jobs market and 12 times faster than the overall labor market, according to research from Burning Glass Technologies.Unfortunately, supply isn't keeping up with demand, according to online cybersecurity training and MOOC platform Cybrary's Cyber Security Job Trends Survey for 2016. Of the 435 senior-level technology professionals who completed the survey between October and December 2015, 68 percent affirmed that there is a global shortage of skilled cybersecurity professionals. Only 13 percent of companies said there was an abundance of cybersecurity talent in their local areas.To read this article in full or to leave a comment, please click here

Disabling SLAAC in Data Center Subnets

Continuing the IPv6 address selection discussion we have a few days ago, Luka Manojlovič sent me a seemingly workable proposal:

I think we were discussing a borderline problem. In a server environment there won’t be any SLAAC, and we could turn off DHCPv6 client on servers with fixed IP addresses.

Sounds great, but as always, the reality tends to be a bit harsher.

Read more ...

Internet Connected Water Heater

So I have to admit that I’m the crusty old curmudgeon who is way behind on things like home automation. After a recent issue with my water heater I opted to replace it with one that utilizes heat pump technology. I know a lot of people are installing tankless models and I strongly considered that path. My challenges were as follows–

  • Relatively High Demand (replacing an 80 Gallon Conventional Electric)
  • Conventional 80 Gallon Electric Models are difficult to purchase (at least in consumer models)
  • Tankless Owners seem to prefer gas over electric models
  • Venting a tankless gas heater would require relocation of plumbing

Given these constraints, I stumbled into the hybrid water heater models. These are big tank models that utilize heat pump technology as a preferred method of moving heat into the water. As demand increases, traditional resistance coils can be invoked to generate heat.

The goal is to be more efficient than tankless models and have the option for rapid recovery. My biggest concern was the added complexity and additional components that could fail. Nonetheless, the energy ratings were very good and there are some rebate programs and tax incentives to offset the cost. I ultimately chose a GE Geospring 80 Continue reading

Why The Industry Needs An Open Source Framework For Switching Silicon

Howdy. Occasionally the topic of open sourcing a driver, library, or SDK to a commodity product comes up as more developers start working on/deploying said product. Typically, the vendor makes a concession and opens up the documentation to increase adoption and supportability. Sometimes this works. Sometimes, it just pisses off the developers to such an […]

The post Why The Industry Needs An Open Source Framework For Switching Silicon appeared first on Packet Pushers.

Why The Industry Needs An Open Source Framework For Switching Silicon

Howdy. Occasionally the topic of open sourcing a driver, library, or SDK to a commodity product comes up as more developers start working on/deploying said product. Typically, the vendor makes a concession and opens up the documentation to increase adoption and supportability. Sometimes this works. Sometimes, it just pisses off the developers to such an […]

The post Why The Industry Needs An Open Source Framework For Switching Silicon appeared first on Packet Pushers.

1 3,100 3,101 3,102 3,103 3,104 3,773