Is it time to give up on WordPress sites?

It’s being reported by Malwarebytes’ CyberheistNews and other sources that a unexpectedly large wave of hacking has been hitting thousands of WordPress sites (described as the “Weird WordPress Hack” just to fit in with the Buzzfeed style of headlines). The attacks are described as: "WordPress sites are injected with huge blurbs of rogue code that perform a silent redirection to domains appearing to be hosting ads," Malwarebytes Senior Security Researcher Jérôme Segura wrote in a blog post published Wednesday. "This is a distraction (and fraud) as the ad is stuffed with more code that sends visitors to the Nuclear Exploit Kit." To read this article in full or to leave a comment, please click here

9 technologies that could cut demand for lawyers, lower legal fees

Lawyers are embracing technology that makes them more efficient and less trapped in 100-hour work weeks but that also reduces the need for them in certain types of cases or turns their counsel into a commodity.These technologies and services include a Web platform that searches patents more quickly than lawyers can, an app to find flaws in contracts, low-cost access to ask legal questions and an arbitration network to keep from having to hire legal representation to go to small-claims court.Attorneys from across the country heard about these at the recent LegalTech conference where some of the attendees indicated that the innovations could save money for law firms and even change their hiring practices by cutting the need for full-timers. One attorney joked that the innovations are disrupting the profession so much that he’ll be retiring early.To read this article in full or to leave a comment, please click here

Moving from ifconfig to ip


Have you started using CentOS7.2? If you are a networking ninja and were all mojo about "ifconfig and route" commands, you are going to be in for a not-so-pleasant surprise in the later versions of Linux. Release after release the community talked about moving to "ip" commands and removing  net-tools package that houses commands "ifconfig and route" from minimalistic installs and going with the iproute package. And now finally with CentOS7.2 these packages aren't there anymore. It is however still possible to get these programs by installing the "net-tools" package, which I do quite often but I also suggest trying to use the "ip" suite that comes with iproute package instead. Not only does it give extended functionality but it comes-with and so you would not have to install new packages.

I will try to describe the 1:1 mapping of the most common commands I use to just figure out what a linux box is configured with. There are tons of articles & cheat sheets out there which can be used too.

ifconfig commands - See & set interface properties

NASA’s Skylab marks 42nd anniversary of last space mission

The month marks the 42 anniversary of the last manned occupation of the US’ first big attempt to live in outer space – Skylab.+History in pictures: Skylab: NASA's first space station marks 40 years+Launched on May 14, 1973, the Skylab saw three crewed manned missions—the last being concluded in February 1974. In terms of technology the lab was pretty advanced for the time. According to IBM, two Big Blue computers controlled the orientation of the laboratory throughout the mission. The onboard computers, which were arranged redundantly, were models of IBM's System/4Pi, a computer designed for the special weight and environmental requirements of aerospace applications. Each of the IBM computers aboard Skylab weighed 100 pounds and measured 19 by 7.3 by 31.8 inches. They were capable of handling more than 100 signals to Skylab attitude control equipment, IBM says.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Algorithm developed to predict future botnet attacks

Six botnets have been discovered and traced back to their perpetrators by an algorithm produced by researchers at Israel's Ben-Gurion University (BGU) of the Negev. The scientists who built the formula say it will allow law enforcement to trace administrators responsible for future attacks.The key to the work is analyzing data produced by previous attacks, the cybersecurity researchers say.Malicious botnets are groups of Internet-connected computers that have been secretly compromised to forward traffic to other computers. Payloads can include spam and viruses. The PCs can become remote controlled and also proffer private information.To read this article in full or to leave a comment, please click here

Spectrum 101

A tremendous amount of ink has been ‘shed’ over the last 3+ years debating the various technical proposals for LTE operation in unlicensed spectrum (Ruckus has certainly weighed in when we’ve had something worthwhile to say). But maybe it’s time...

Report examines the massive future cybersecurity problem of connected cars

If you are interested in the Internet of insecure Things, then you might like a new report which looks at the cybersecurity of connected vehicles, calling it "one of the biggest issues facing manufacturers today." Cyber Security in the Connected Vehicle attributed that threat to complexity, connectivity, and content. There's a "massive future security problem just around the corner," and it can't be fixed by trying to bolt on security during the implementation phase.Complexity was called "the worst enemy of security," as a connected car could have "approximately 100 million lines of code," compared to 8 million for an F-35 fighter jet. There has been a dramatic increase in Electronic Computing Units, with some high-end vehicles currently having about 100 ECUs. There has also been a rise in the diversity of in-vehicle systems which provide both luxury and critical features.To read this article in full or to leave a comment, please click here

Webinar Q&A: Docker Basics – Orchestration

As the need for greater agility and portability drives the growth of containerization within enterprises world-wide, container orchestration tools have become increasingly important. With multiple nodes running multiple containers, enterprises now need a way to manage and deploy containers at … Continued

Webinar Q&A: Docker Basics – Orchestration

As the need for greater agility and portability drives the growth of containerization within enterprises world-wide, container orchestration tools have become increasingly important. With multiple nodes running multiple containers, enterprises now need a way to manage and deploy containers at … Continued

Cybercriminals adopt spies’ techniques to pull off online bank heists

The times when stealthy, persistent and advanced malware was associated only with cyberespionage are gone. Criminals are now using similar threats and techniques to steal millions of dollars from financial institutions.Last year researchers from security vendor Kaspersky Lab were called in to investigate unusual thefts from 29 banks and other organizations located in Russia, leading to the discovery of three new sophisticated attack campaigns. Their findings were presented Monday during the company's annual Security Analyst Summit.One group of attackers is using a modular malware program known as Metel or Corkow to infect computer systems belonging to banks and to reverse ATM transactions. During a single night, the gang stole millions of rubles from a Russian bank using this hard-to-detect transaction rollback trick.To read this article in full or to leave a comment, please click here

What’s Next? The NFL’s Magic Yellow Line Shows the Way to Augmented Reality

 

What’s next? Mobile is entering its comforting middle age period of development. Conversational commerce is a thing, a good thing, but is it really a great thing?

What’s next may be what has been next for decades: Augmented reality (AR) (and VR). AR systems will be here sooner than you might think. A matter of years, not decades. Robert Scoble, for example, thinks Meta, an early startup in AR industry, will be bigger than the Macintosh. More on that in a later post. Magic Leap has no product and $1.3 billion in funding. Facebook has Oculus. Microsoft has HoloLens. Google may be releasing a VR system later this year. Apple is working on VR. Becoming the next iPhone is up for grabs.

AR is a Huge Opportunity for Programmers and Startups 

This is a technological revolution that will be bigger than mobile. Opportunities in mobile for developers have largely played out. Experience shows the earlier you get in on a revolution the better the opportunity will be. Do you want to be writing free iOS apps forever?

It’s so early we don’t really have an idea what AR is or what the market will be Continue reading

Worth Reading: Should Firewalls Track Sequence Numbers?

Firewalls that include application level gateways (example: FTP command session inspection), web application firewalls (including stuff marketed as next-generation whatever) or any other devices that performs deep packet inspection have to include full-blown TCP stack including retransmissions, packet reordering and IP fragment reassembly. A device that doesn’t do all of the above will eventually be spoofed (aka Fernando Gont will eventually get you with the right sequence of extension headers).

The post Worth Reading: Should Firewalls Track Sequence Numbers? appeared first on 'net work.

In defense of assuming another’s identity

My father, Burke McNamara, passed away back in December at age 89 after a long period of declining health.As I continue to deal with the closing of his financial affairs, I’d like to offer this bit advice to all of you: If you're ever in the unfortunate position of having to close accounts, such as a VISA account, for a family member who has died, do not under any circumstances approach the task in an honest and straightforward manner.Lie to them.Call the help desk and assume the identity of the loved one who has passed. Cancel the account. Simple, done. Otherwise, if you tell them the truth, stupid-ass companies, such as VISA, will tell you that they require you to send them a copy of the (expletive deleted) death certificate.To read this article in full or to leave a comment, please click here

Worth Reading: Beyond Open Standards

Traditionally, open standards organizations (particularly the IETF) have been populated by vendors selling software embedded in hardware. What happens to open standards when the software is separated from the software through a trend like NFV? Does this mean the end of open standards? As we are currently moving towards disaggregation at LinkedIn, the relationship between open standards and the disaggregation process has become for me a matter that requires some serious thought. -via network computing

LinkedInTwitterGoogle+FacebookPinterest

The post Worth Reading: Beyond Open Standards appeared first on 'net work.

Java installer flaw shows why you should clear your Downloads folder

On most computers, the default download folder quickly becomes a repository of old and unorganized files that were opened once and then forgotten about. A recently fixed flaw in the Java installer highlights why keeping this folder clean is important.On Friday, Oracle published a security advisory recommending that users delete all the Java installers they might have laying around on their computers and use new ones for versions 6u113, 7u97, 8u73 or later.The reason is that older Java installers are designed to look for and automatically load a number of specifically named DLL (Dynamic Link Library) files from the current directory. In the case of Java installers downloaded from the Web, the current directory is typically the computer's default download folder.To read this article in full or to leave a comment, please click here

Cultivate questions

Imagine that you’re sitting in a room interviewing a potential candidate for a position on your team. It’s not too hard to imagine, right, because it happens all the time. You know the next question I’m going to ask: what questions will you ask this candidate? I know a lot of people who have “set questions” they use to evaluate a candidate, such as “what is the OSPF type four for,” or “why do some states in the BGP peering session not have corresponding packets?” Since I’ve worked on certifications in the past (like the CCDE), I understand the value of these sorts of questions. They pinpoint the set and scope of the candidate’s knowledge, and they’re easy to grade. But is easy to grade what we should really be after?

Let me expand the scope a little: isn’t this the way we see our own careers? The engineer with the most bits of knowledge stuffed away when they die wins? I probably need to make a sign that says that, actually, just to highlight the humor of such a thought.

The problem is it simply isn’t a good way to measure an engineer, including the engineer reading this Continue reading

1 3,146 3,147 3,148 3,149 3,150 3,839