An Improved Way to use YAML with Vagrant

In this post, I’d like to share with you an improved way to use YAML with Vagrant. I first discussed the use of YAML with Vagrant in a post on simplifying multi-machine Vagrant environments, where I simply factored out variable data into an external YAML file. The original approach I described had (at least) one significant drawback, though, which this new approach adddresses.

(By the way, this “improved” way is probably just a matter of better coding. I’m not an expert with Ruby, so Ruby experts may look at this and find it to be quite obvious.)

Here’s the original snippet of a Vagrantfile that I shared in that first Vagrant/YAML post:

# -*- mode: ruby -*-
# # vi: set ft=ruby :
# Specify minimum Vagrant version and Vagrant API version
Vagrant.require_version ">= 1.6.0"
VAGRANTFILE_API_VERSION = "2"
# Require YAML module
require 'yaml'
# Read YAML file with box details
servers = YAML.load_file('servers.yaml')
# Create boxes
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
# Iterate through entries in YAML file
servers.each do |servers|
config.vm.define servers["name"] do |srv|
 Continue reading

This is how much spear phishing costs companies

New research from messaging security provider Cloudmark and technology research company Vanson Bourne provides new insight into IT professionals' views and experiences with spear phishing attacks, as well as the security and financial impact of these attacks on their organizations."With the wealth of information about individuals and organizations now available online, cybercriminals can easily craft targeted attacks to gain access to valuable personal and financial information. Spear phishing has emerged as one of the largest threats facing enterprises today," said George Riedel, CEO of Cloudmark.Vanson Bourne surveyed 300 IT decision makers at organizations with more than 1,000 employees in the U.S. and the U.K. to assess the impact of spear phishing attacks, as well as what measures enterprises were taking to combat them.To read this article in full or to leave a comment, please click here(Insider Story)

Industry group certifies five new manufacturers of DOCSIS 3.1 modems

The DOCSIS 3.1 cable Internet standard just moved a little bit closer to American homes, with the news today that industry research group CableLabs has certified five new manufacturers of DOCSIS 3.1 modems.Askey, Castlenet, Netgear, Technicolor and Ubee Interactive were all approved by CableLabs to manufacture DOCSIS 3.1 hardware, the group said in its announcement, which was issued less than a month after Comcast successfully tested a modem using the new technology in a consumer environment. CableLabs credited “highly effective collaboration” from vendors for the quick turn-around.+ALSO ON NETWORK WORLD: Microsoft: Upgrade to IE11 even if you dump our browser + Alternative education can help close IT skills gapTo read this article in full or to leave a comment, please click here

High-tech plays big role in transportation safety wish list

In its annual Most Wanted List of Transportation Safety Improvements, safety officials said they want to see more high-tech answers to car-crash prevention and operator monitoring capabilities.+More on Network World: Will your car become a mini-data center? IBM thinks that’s just the beginning+The National Transportation Safety Board’s (NTSB) annual wish list looks at what it considers to be the nation’s top transportation safety concerns. It has for years spoken out about distracted driving and the need to remove any and all items from car driver compartments that might cause crashes. And this years list included yet another call for more action.To read this article in full or to leave a comment, please click here

60% of companies cannot detect compromised credentials, survey says

Sixty percent of companies cannot detect compromised credentials, according to Rapid7’s incident detection and response survey results. Rapid7 That is just one of the "yikes" revealed when 271 security professionals from all size organizations and industries responded to the survey so Rapid7 could learn more about challenges to security teams, strategic initiatives, and current security tools being used. It is little wonder why over 90% of respondents admitted to being worried about attacks that use compromised credentials.To read this article in full or to leave a comment, please click here

60% of companies cannot detect compromised credentials say security pros surveyed

60% of companies cannot detect compromised credentials, according to Rapid7’s incident detection and response survey results. Rapid7 That is just one of the yikes revealed when 271 security professionals from all size organizations and industries responded to the survey so Rapid7 could learn more about challenges to security teams, strategic initiatives and current security tools being used. It is little wonder why over 90% of respondents admitted to being worried about attacks that use compromised credentials.To read this article in full or to leave a comment, please click here

How secure are wearables, anyway?

Congratulations on getting that new wearable device over the holidays. You're on your way to a new, trackable, data-filled life. Or you’re about to be hacked. "Every digital technology, as its use has expanded, has drawn attention from hackers and criminals," says Stephen Cobb of ESET. "So if wearables get to the point where criminals can see a way to exploit them for gain, they will try to do that." In his role as senior security researcher at ESET, Cobb says he hasn't seen that happen yet, but that doesn't mean it isn't on the horizon. He points to a recent issue with VTech, which makes a wearable for kids. Its customer database, which includes the information of 5 million parents and 200,000 children, was recently compromised. To read this article in full or to leave a comment, please click here

Seagate inhales, uses helium to create 10TB HDD

Seagate today announced its first use of helium in a hard disk drive (HDD), making it the company's highest capacity drive to date with 10TB of storage space.The new Enterprise Capacity 3.5-in. HDD is being targeted for use in cloud-based data centers. The HDD contains seven platters and 14 read/write heads. It uses a hermetically sealed case and helium to create a turbulence-free interior, which decreases friction on the platters.By using helium, Seagate was able to increase disk density by 25% over previous air-filled HDDs. The HDD also delivers higher performance and reduced power and weight, the company stated.To read this article in full or to leave a comment, please click here

Faulty ransomware renders files unrecoverable, even by the attacker

A cybercriminal has built a ransomware program based on proof-of-concept code released online, but messed up the implementation, resulting in victims' files being completely unrecoverable.Researchers from antivirus vendor Trend Micro recently spotted a new file-encrypting ransomware program distributed as a Flash Player update through a compromised website in Paraguay.After they analyzed the program's code, they realized that it was a modification of a proof-of-concept file encryptor application called Hidden Tear that was published on GitHub in August by a Turkish security enthusiast.Hidden Tear comes with a disclaimer that the code may only be used for education purposes and a warning that people using it as ransomware could go to jail.To read this article in full or to leave a comment, please click here

1 3,136 3,137 3,138 3,139 3,140 3,793