0

Sony BMG Rootkit Scandal: 10 Years Later

Ben Edelman/Wikipedia A warning pops up on computer screen about Sony BMG rootkit on music CD Hackers really have had their way with Sony over the past year, taking down its Playstation Network last Christmas Day and creating an international incident by exposing confidential data from Sony Pictures Entertainment in response to The Interview comedy about a planned assassination on North Korea’s leader. Some say all this is karmic payback for what’s become known as a seminal moment in malware history: Sony BMG sneaking rootkits into music CDs 10 years ago in the name of digital rights management.To read this article in full or to leave a comment, please click here

0

A short history of Sony hacks

Target on its backThe giant Japanese electronics company dazzled us with its Walkman and Discman in the late 70s/early 80s, as well as with its TVs, cameras and game consoles over the years. But things took a bad turn in 2005…(SEE ALSO: Sony BMG Rootkit Scandal: 10 Years Later)To read this article in full or to leave a comment, please click here

0

Walmart exec predicts holiday shopping season ‘anarchy’ due to chip credit cards

Just what we don’t need…‘anarchy’ during the holiday shopping season. But a top payment executive at Walmart claimed that is what could happen due to the timing of forcing merchants to have chip-an-pin credit card payment terminals.U.S. banks replaced hundreds of millions of credit and debit cards that rely on magnetic strips, which store data, with new cards that contain a small gold EMV microchip; the new cards are hyped as being much more secure, even though the cards have been hacked through man-in-the-middle attacks. French scientists also discovered how criminals altered stolen credit cards that were supposed to be protected by a security chip and a PIN code the crooks didn’t know.To read this article in full or to leave a comment, please click here

0

Brocade DemoFriday Q&A + Video: Liberate Your Applications with Services Director

Read the full Q&A from Brocade's DemoFriday and watch a demonstration on how to make your application development more efficient with the Services Director.

0

Brocade Featured White Paper: Network Packet Brokers for Next-Gen Networks

A new class of network packet brokers is emerging to meet the demands of software-centric architectures and expanded feature sets.

0

US copyright law exemption allows good-faith car, medical device hacking

The U.S. Copyright Office has given security researchers reason to hope that they'll be able to search for flaws in car systems and medical devices without the threat of legal action.On Tuesday, the Librarian of Congress, who makes final rulings on exemptions to copyright rules, granted several exceptions to Section 1201 of the Digital Millennium Copyright Act (DMCA), which prohibits the circumvention of the technological methods that are used to protect copyright works. The U.S. Copyright Office is a department of the Library of Congress.The exemptions allow for "good-faith security research" to be performed on computer programs that run on lawfully acquired cars, tractors and other motorized land vehicles; medical devices designed to be implanted in patients and their accompanying personal monitoring systems and other devices that are designed to be used by consumers, including voting machines.To read this article in full or to leave a comment, please click here

0

US says it’s ok to hack cars and medical devices (sometimes)

The U.S. Copyright Office has given security researchers reason to hope that they'll be able to search for flaws in car systems and medical devices without the threat of legal action. On Tuesday, the Librarian of Congress, who makes final rulings on exemptions to copyright rules, granted several exceptions to Section 1201 of the Digital Millennium Copyright Act (DMCA), which prohibits the circumvention of the technological methods that are used to protect copyright works. The U.S. Copyright Office is a department of the Library of Congress. The exemptions allow for "good-faith security research" to be performed on computer programs that run on lawfully acquired cars, tractors and other motorized land vehicles; medical devices designed to be implanted in patients and their accompanying personal monitoring systems and other devices that are designed to be used by consumers, including voting machines.To read this article in full or to leave a comment, please click here

0

Five Lessons from Ten Years of IT Failures

IEEE Spectrum has a wonderful article series on Lessons From a Decade of IT Failures. It’s not your typical series in that there are very cool interactive graphs and charts based on data collected from past project failures. They are really fun to play with and I can only imagine how much work it took to put them together.

The overall takeaway of the series is:

Even given the limitations of the data, the lessons we draw from them indicate that IT project failures and operational issues are occurring more regularly and with bigger consequences. This isn’t surprising as IT in all its various forms now permeates every aspect of global society. It is easy to forget that Facebook launched in 2004, YouTube in 2005, Apple’s iPhone in 2007, or that there has been three new versions of Microsoft Windows released since 2005. IT systems are definitely getting more complex and larger (in terms of data captured, stored and manipulated), which means not only are they increasing difficult and costly to develop, but they’re also harder to maintain.

Here are the specific lessons:

0

Featured Interview: Glenn Seiler Speaks to Open Standards & Pitfalls of Open NFV Solutions

Wind River Glenn Seiler defines "open" & gives his two cents on open NFV for TEMs.

0

First look: Microsoft Azure Active Directory Domain Services puts it all in the cloud

On Oct. 14, Microsoft announced the preview release of Azure Active Directory Domain Services or, as I like to call it, a domain in a cloud.Next up, you will need to either create a new virtual network or select an existing virtual network. This network has to be in the U.S. or Asia Azure regions. (These are the only geographic locales that the preview supports; of course, this feature will likely be available globally when the code comes out of the preview phase).To read this article in full or to leave a comment, please click here(Insider Story)

0

6 tips for your security awareness training

Keep a sharp eye out forImage by ThinkstockSecurity experts remind us that awareness is an ongoing effort. Here are some best practices for keeping your organization educated and aware year-round.Get the C-Suite involvedImage by ThinkstockTo read this article in full or to leave a comment, please click here

0

Split between EU privacy watchdogs on Safe Harbor worries business lobby

German data protection authorities' decision to break ranks with their counterparts in other European Union countries and block alternatives to Safe Harbor has business lobbyists worried.The striking down of the Safe Harbor data sharing agreement by the European Union's highest court on Oct. 6 left a legal vacuum that European Commission officials immediately sought to fill with a reminder of the legal alternatives available and promises of coordinated action by national privacy regulators, who responded with their own reassurances on Oct. 16.To read this article in full or to leave a comment, please click here

0

InteliSecure building a high-end security-services boutique

Data-loss-prevention provider InteliSecure is taking in new money, new employees and an entire U.K. security company in an effort to establish itself as a high-end security boutique.The company has raised $22 million in equity financing and a $6 million debt financing in order to buy Pentura – a U.K. managed security service provider – as well as expand its operations globally and hire additional hard-to-find security personnel. CEO Rob Eggebrecht Its premiere service, protecting data by identifying the most critical assets, configuring the infrastructure to enforce security policies and managing it, is highly customized, says CEO Rob Eggebrecht.To read this article in full or to leave a comment, please click here

0

CISA legislation would lift liability for businesses sharing cyber threat information

A bill that encourages businesses to share threat intelligence with each other and the government is closer to becoming a law than it has been for years now that it offers businesses near immunity from liability if the data they share is stolen and causes harm, but such sharing is still fraught with problems. Nathan Taylor The proposed Cybersecurity Information Sharing Act (CISA) proposal doesn’t force anyone to participate in sharing, but it creates incentives for businesses to do so willingly, says Nathan Taylor, a partner in the law firm Morrison & Foerster, who is following the bill as it wends its way through Congress.To read this article in full or to leave a comment, please click here

0

IT Security Horror Stories

In honor of Halloween and Cybersecurity Awareness Month, these tales from the IT crypt are sure to haunt your nightmares.

0

Techies back Democrats in Presidential race

It will be many months before presidential candidates face their respective conventions, but for the time being the Democrats are winning the wallets of technology workers. Finance reform bars corporations from directly funding campaigns, but that doesn’t stop individuals from backing candidates of their choice. And according to Network World’s analysis of candidates’ most recent filings to the Federal Elections Commission, those technology workers donated far more to Democratic presidential candidates than did their Republican counterparts since the inception of each candidate’s campaign. The two frontrunning Democrats outpaced the three Republicans examined: $393,444 to $36,588. Network World reviewed the campaign finance reports of the two candidates from each party who are currently leading the polls and also included former HP chief Carly Fiorina.To read this article in full or to leave a comment, please click here

0

Examining 5 Presidential candidates’ support from tech company employees

Money talksImage by WikimediaIn a review of the Presidential candidates’ latest campaign finance reports, which list employee donations by company, we found seven tech companies that were common across most of the five candidates examined. Here’s a look at how much employees have contributed since the campaigns of Bernie Sanders, Donald Trump, Hillary Clinton, Carly Fiorina and Ben Carson began.To read this article in full or to leave a comment, please click here

0

DockerCon EU 2015: Docker, Docker, Docker!

DockerCon EU 2015 is only 20 days away! The Docker team can’t contain their excitement, especially for all of the presentations. We just posted all of the abstracts for every talk in the Docker, Docker, Docker track – click here to check out the full … Continued

0

Survey: Vendor NETCONF and REST API Support

Time for another fill-in-the-blanks survey: how many vendors support NETCONF and/or REST API in their data center switches, routers, firewalls and load balancers?

Please help me complete the tables by writing a comment – and do keep in mind that it only counts if it’s documented in a public configuration guide on vendor’s web site.

Also, I’m not aware of any vendor using standard NETMOD YANG models. If someone does, please let me know.

Read more ...

0

A Few Easy Steps: Cisco IOS, Setup for Automation

In this session of A Few Easy Steps, we will be doing the initial setup for automation on a Cisco IOS Device. In General this will work on any Cisco IOS Device.  Session Prerequisites: You have a Cisco Console Cable You have a serial port You have a Terminal Program that you can access your …