Windows users often forget to patch their Apple programs

A survey of applications installed on Windows computers found that a lot of users don't run up-to-date versions of Apple programs. Apple's multimedia program, QuickTime, and its iTunes software were ranked as some of the most "exposed" programs based on risk by Secunia Research, which is now part of Flexera Software. Among U.S. users, some 61 percent of computers detected running QuickTime did not have the latest version. With iTunes, 47 percent of the installations were outdated versions. It's not Apple's fault. Although many software companies alert users to new versions of applications, it's largely up to users to install them.To read this article in full or to leave a comment, please click here

OpenStack Kolla: Dependency Management Done Right With Docker and Ansible

Openstack-Tokyo

Kolla provides production-ready containers and deployment tools for operating OpenStack clouds that are scalable, fast, reliable, and upgradable, using community best practices.  Kolla entered the OpenStack Big Tent during the Liberty cycle by submitting Kolla to OpenStack technical committee oversight --  enabling the Kolla project and its contributors to have access to community resources such as marketing, technical resources, bi-yearly conference space and voting rights in the OpenStack Technical Committee election.

During the creation of the Kolla mission statement, we agreed as a community not to permit the selection of technology choices in our mission statement. Still: we knew we would choose Docker as our container runtime technology, and Ansible as our orchestration system. We made these choices not only because “that’s what all the cool kids are doing’ -- but also because they solve real technical problems for our problem domain.  Docker solves our image management process and Ansible solves our multi-node deployment process.  We could have chosen other technologies to solve these problems, but both Docker and Ansible do something orders of magnitude better than competitors: a complete and absolute focus on simplicity coupled with a high degree of capability.

Since a fundamental factor in outcome of Continue reading

Iranian hackers show strong interest in Android spying tools

Iranian hackers are showing strong interest in malware that can secretly pull data from Android devices, which are popular in the Middle East.The analysis comes from Recorded Future, a cybersecurity intelligence firm based in Somerville, Massachusetts.One of Recorded Future's specialties is monitoring hacking forums, looking for clues and chatter that might indicate future attacks.Over the last six months, there appears to have been high interest on Iranian hacking forums in remote access tools, or programs designed to listen to calls and collect text message and GPS data, according to a blog post.To read this article in full or to leave a comment, please click here

OpenStack Summit 2015 Day 2 Keynote

Mark Collier, COO of the OpenStack Foundation, takes the stage to kick things off. He starts with a story about meeting new people, learning new things, and sharing OpenStack stories, and encourages attendees to participate in all of these things while they are here at the Summit.

Mark then transitions into a discussion of Liberty (the latest release), and revisits Jonathan Bryce’s discussion of the new organizational model (“the Big Tent”). He specifically calls out Astara and Kuryr as new projects in the Big Tent model. Out of curiosity, he looked at development activity for all the various projects to see which project was the “most active”. It turns out that Neutron was the most active project across all of the various OpenStack projects. According to the user survey last year, 68% were running Neutron. In the most recent user survey, that number climbed to 89%—meaning the vast majority of OpenStack clouds in production are now running Neutron.

So why is networking (and Neutron) so hot right now? Mark believes that this is due to the increasing maturity of software-defined networking and network virtualization. Mark shows data from Crehan Research that states SDN is growing twice as fast as server Continue reading

A Quick Look at Carina

Today at the OpenStack Summit in Tokyo, Rackspace announced Carina, a new containers-as-a-service offering that is currently in beta. I took a few minutes to sign up for Carina today and work with it for a little while, and here is a quick introduction.

First, if you’re at all unfamiliar with Docker and/or Docker Swarm, have a look at some of these articles off my site. They’ll help provide some baseline knowledge:

A Quick Introduction to Docker
Running a Small Docker Swarm Cluster

I point out these articles because Carina essentially implements hosted Docker Swarm clusters. You can use the Carina CLI tool (as I will in this article) to create one or more clusters, each of which will expose a Docker API endpoint (just like your own homegrown Docker Swarm cluster) against which you can run the Docker client.

Let’s take a quick look. These instructions assume that you’ve already created an account and downloaded the CLI tool from GitHub. I’m assuming you’re running Linux or OS X; the commands for Windows would be quite different than what I’ll show below.

First, you’ll need to set some environmental variables. I prefer to do this in a file that Continue reading

VRRP on Linux Using Keepalived – The Basics

I’ve recently been working on an implementation of VRRP on Linux using Keepalived to provide IP redundancy for some HA Proxy load balancers. I’ve been pleasantly surprised by how simple and fast it is and thought I’d share the details now I understand why it’s the default choice for many. Keepalived has been around for 15 […]

The post VRRP on Linux Using Keepalived – The Basics appeared first on Packet Pushers.

Strengthen your network security with Passive DNS

Over the past few years, we’ve witnessed increasing attacks against DNS infrastructure: DDoS attacks against authoritative name servers, name servers used as amplifiers in DDoS attacks, compromised registrar accounts used to modify delegation information, cache poisoning attacks, and abuse of name servers by malware. Thankfully, we’ve also seen the concurrent development of powerful new mechanisms for combating those threats, including the DNS Security Extensions, response policy zones, and response rate limiting.Perhaps the most promising means of enhancing DNS security, and the security of the Internet generally, has yet to be fully exploited. That’s Passive DNS data.To read this article in full or to leave a comment, please click here

Worth Reading: Making the Case for Open Home Access Devices

In a letter submitted to the Federal Communications Commission (FCC), Dave Täht, co-founder of the Bufferbloat Project, and Dr. Vinton Cerf, co-inventor of the Internet, along with more than 260 other global network and cybersecurity experts, responded to the newly proposed FCC rules laid out in ET Docket No. 15-170 for RF Devices such as Wi-Fi routers by unveiling a new approach to improve the security of these devices and ensure a faster, better, and more secure Internet. via businesswire

Continue reading

Microsoft’s advice: Hang up on tech support scammers

Microsoft's best advice to combat tech support scams? Hang up the phone."You get a call from someone that's unsolicited, talking about technical support, hang up," said David Finn, the executive director of Microsoft's Digital Crime Unit, during a hearing held by the U.S. Senate last week. "That's the first thing. That is not a legitimate effort to sell something to you."Finn was one of several people who testified last Wednesday before the Senate's Special Committee on Aging, which held a hearing on technical support scams, which disproportionately target the elderly.Such scams, Finn said during his prepared testimony, are the "single largest consumer fraud perpetrated in America today." They victimize an estimated 3.3 million people and rake in $1.5 billion annually. "This translates to a victim nearly every 10 seconds, with an average loss of $454 per consumer," Finn said.To read this article in full or to leave a comment, please click here

IDG Contributor Network: How hackers compromised chipped credit cards, and how the authorities discovered it

Chipped cards have been hacked in the past, despite the security rhetoric from banks and merchants.Until recently, it was done through a Man-in-the-Middle attack.'Man-in-the-Middle' is where an attacker changes the communication between parties who think they're talking with each other directly.Security measures are now in place to stop this kind of chip scam, but it was not until scientists studied the forensics that the police could even figure it out.Second chip It turns out that the fraud worked through a second chip embedded in the card, installed there by the crook.The glued-on dummy chip answered affirmatively when polled. It let a transaction go through when the terminal asked the card's original chip if the entered PIN was correct, Catalin Cimpanu explained in a Softpedia article.To read this article in full or to leave a comment, please click here

South Korean manufacturing industry targeted with new backdoor program

South Korean organizations are being targeted in attacks with a new stealthy backdoor program that gives attackers full access to infected computers.The malware has been dubbed Duuzer and while it's not exclusively used against targets in South Korea, it does seem that the hacker group behind it have a preference for that country's manufacturing industry, according to security firm Symantec.Duuzer was designed to work on both 32-bit and 64-bit Windows versions and opens a back door through which attackers can gather system information; create, list and kill processes; access, modify and delete files; execute commands and more."It’s clearly the work of skilled attackers looking to obtain valuable information," researchers from Symantec's security response team said in a blog post.To read this article in full or to leave a comment, please click here

Cybersecurity careers: Where are the women?

There is a serious and growing gap between men and women when it comes to choosing a cybersecurity career – then again there’s also a serious disinterest in the field altogether from millennials.+More on Network World: What’s hot in driverless cars?+Those were the chief findings of a global study issued by Raytheon (NYSE: RTN) and the National Cyber Security Alliance (NCSA) this week that noted: In the U.S., 74% of young women and 57% of young men said schools did not offer the skills that are needed to pursue a degree in computer sciences.To read this article in full or to leave a comment, please click here

Sponsored Post: Digit, iStreamPlanet, Instrumental, Redis Labs, Jut.io, SignalFx, InMemory.Net, VividCortex, MemSQL, Scalyr, AiScaler, AppDynamics, ManageEngine, Site24x7

Who's Hiring?

  • Digit Game Studios, Irish’s largest game development studio, is looking for game server engineers to work on existing and new mobile 3D MMO games. Our most recent project in development is based on an iconic AAA-IP and therefore we expect very high DAU & CCU numbers. If you are passionate about games and if you are experienced in creating low-latency architectures and/or highly scalable but consistent solutions then talk to us and apply here.

  • As a Networking & Systems Software Engineer at iStreamPlanet you’ll be driving the design and implementation of a high-throughput video distribution system. Our cloud-based approach to video streaming requires terabytes of high-definition video routed throughout the world. You will work in a highly-collaborative, agile environment that thrives on success and eats big challenges for lunch. Please apply here.

  • As a Scalable Storage Software Engineer at iStreamPlanet you’ll be driving the design and implementation of numerous storage systems including software services, analytics and video archival. Our cloud-based approach to world-wide video streaming requires performant, scalable, and reliable storage and processing of data. You will work on small, collaborative teams to solve big problems, where you can see the impact of your work on the business. Continue reading

Join the Packet Pushers – Live SD-WAN Podcast with Viptela Nov. 4 in NYC

Next week, the Packet Pushers will be recording a podcast live in front of a crowd in NYC. We'll be talking SD-WAN deployment with Viptela customers who have been actively rolling out the solution. With this show, we want to move from "what is SD-WAN?" to "how is SD-WAN working for you?" Sign up to attend this event here:
http://viptela.com/sd-wan-evening-with-packet-pushers-part-2/

The post Join the Packet Pushers – Live SD-WAN Podcast with Viptela Nov. 4 in NYC appeared first on Packet Pushers.

1 3,260 3,261 3,262 3,263 3,264 3,832