New products of the week 11.02.2015

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.FullContactPricing: FullContact is free to download and use. FullContact Premium is available by subscription — two subscription options:  FullContact Premium monthly for $9.99; FullContact Premium annually for $99.99To read this article in full or to leave a comment, please click here

New products of the week 11.02.2015

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.FullContactPricing: FullContact is free to download and use. FullContact Premium is available by subscription — two subscription options:  FullContact Premium monthly for $9.99; FullContact Premium annually for $99.99To read this article in full or to leave a comment, please click here

LightCyber game lets IT pros become the attacker

It’s only a game, but LightCyber hopes its Cyber Attack Training System (CATS) helps IT folks think like attackers in order to better defend their networks.The online game sets players up with stolen login credentials for a networked machine and turns them loose with Metasploit tools. The idea is for security pros to discover and compromise other devices on the network with the goal of capturing a specific file.Public access to CATS is available for 12 hours only on Nov. 10 and is open to anyone who can provide a legitimate corporate email address. The first 100 players who successfully find the target file win a black hoodie.The game will give network security pros who spend their days searching logs for indicators of compromise the chance to better understand the mindset of attackers so they are better prepared to search for their footprints.To read this article in full or to leave a comment, please click here

Stretched Firewalls across Layer-3 DCI? Will the Madness Ever Stop?

I got this question from one of my readers (and based on these comments he’s not the only one facing this challenge):

I was wondering if you can do a blog post on Cisco's new ASA 5585-X clustering. My company recently purchased a few of these with the intent to run their cross data center active/active firewalls but found out we cannot do this without OTV or a layer 2 DCI.

A while ago I expressed my opinion about these ideas, but it seems some people still don’t get it. However, a picture is worth a thousand words, so maybe this will work:

Read more ...

IDG Contributor Network: 3 ways you can sell your own personal data

It's not just the lowlifes and thieves making money from stolen data; you might be able to make a few bucks selling your own personal data, too.Now, I'm not suggesting you place an ad for your Personally Identifiable Information (PII) on Craigslist, but there are actually outlets that will let you, or plan to let you, sell some of your data. It's used for marketing.Personal data marketplace One such company is the U.S.-based Datacoup, which says it lets you connect your apps and services via APIs in order to sell data. Datacoup pitches itself as the world's first personal data marketplace.To read this article in full or to leave a comment, please click here

Robots invade the real world

From C-3PO to the Terminator to Star Trek’s Data, robots have entertained us on the big screen for years. But, unlike our cinematic cyborg heroes, the real thing has been something of a disappointment because the technology has failed to live up to the Hollywood hype. But this is not true anymore. Robots have arrived.To read this article in full or to leave a comment, please click here(Insider Story)

10 real-world robots

Robots have arrivedFrom C-3PO to the Terminator to Star Trek’s Data, robots have entertained us on the big screen for years. But, unlike our cinematic cyborg heroes, the real thing has been something of a disappointment because the technology has failed to live up to the Hollywood hype. But this is not true anymore. Robots have arrived. Here are examples of robots being deployed in the real world. (Read the full story.)To read this article in full or to leave a comment, please click here

CISA won’t do much to turn threat intelligence into action

With the Cybersecurity Information Sharing Act (CISA) the feds are trying to make it more attractive to share threat intelligence, but it won’t do much to help businesses deal with the high cost of sorting through what can be an overwhelming flow of possible security incidents and find which ones need to be checked out.And deciding what data to share, what threat intelligence feeds to subscribe to and what tools are needed to turn potentially valuable information into action takes sizeable resources, experts say.To read this article in full or to leave a comment, please click here

CloudFlare is now PCI 3.1 certified

PCI Certified badge

The Payment Card Industry Data Security Standard (PCI DSS) is a global financial information security standard that keeps credit card holders safe. It ensures that any company processing credit card transactions adheres to the highest technical standards.

PCI certification has several levels. Level one (the highest level) is reserved for those companies that handle the greatest numbers of credit cards. Companies at level one PCI compliance are subject to the most stringent checks.

CloudFlare’s mission leads it to provide security for some of the most important companies in the world. This is why CloudFlare chose to be audited as a level one service provider. By adhering to PCI’s rigorous financial security controls, CloudFlare ensures that security is held to the highest standard and that those controls are validated independently by a recognised body.

If you are interested in learning more, see these details about the Payment Card Industry Data Security Standard.

This year’s update from PCI 2.0 to 3.1 was long overdue. PCI DSS 2.0 was issued in October 2010, and the information security threat landscape does not stand still—especially when it comes to industries that deal with financial payments or credit cards. New attacks are almost Continue reading

Apple users having trouble auto-updating QuickTime on Windows 8, 10

A glitch with Apple's QuickTime multimedia program has left some Windows users wondering why they're having trouble updating to the latest version.QuickTime has an auto-update mechanism, but it appears to not work on Windows 8 and 10, wrote Alton Blom, a Sydney-based security researcher, in a blog post.Blom wrote that he found inconsistencies in how QuickTime and Apple's Software Update tool interacted with each other depending on the versions of Windows and QuickTime installed.For example, on Windows 8, QuickTime reported that it was up to date, but Apple's Software Update tool said the application needed to be upgraded to 7.7.8, which is the latest version, Blom wrote.To read this article in full or to leave a comment, please click here

UK police arrest third person in TalkTalk breach investigation

UK police arrested a third suspect on Saturday relating to the breach at communications provider TalkTalk, which said the amount of data exposed is less than initially thought.A 20-year-old man was arrested after police executed a search warrant at an address in south Staffordshire, the Metropolitan Police said Sunday.The man, who was not identified, was arrested on suspicion of violations of the Computer Misuse Act and was later bailed.  UK police arrested a 15-year-old boy in County Antrim, Northern Ireland, on Oct. 26, and a 16-year-old boy in Feltham, England, on Thursday. Both boys have been bailed.To read this article in full or to leave a comment, please click here

Snapchat now has the rights to store and share selfies taken via the app

If you still believe your snaps will self-destruct, you might want to review Snapchat’s newest policy changes as the company can now potentially keep your photos forever and share them. Oh, and by using the app, you grant Snapchat the rights to your photos.Users who update their Snapchat app must tap “Accept” to signify agreeing with the app’s newly updated Privacy Policy and Terms of Service. “Scary stuff,” is what actor Kal Penn, the former White House Associate Director of Public Engagement, called Snapchat’s new privacy and legal policies. Kal Penn Snapchat, which became popular because messages were supposed to go poof after 10 seconds, gave rise to other third-party apps meant to capture and keep the messages. If you recall “The Snappening” in Oct. 2014, the third party app Snapsaved was hacked and selfies that were supposed to self-destruct were instead leaked. But it couldn't be considered a “leak” if users agree to Snapchat’s newly revised privacy policy and terms of service that take the company on a radical shift away from the idea upon which it was founded.To read this article in full or to leave a comment, please click here