Tech startups need to get serious about security

The head of the nation's primary consumer protection agency on Wednesday paid a visit to San Francisco, where she called on technology startups to do a better job of incorporating security protections as they race to bring new applications into the market.Federal Trade Commission Chairwoman Edith Ramirez's comments amplified the agency's "Start With Security" initiative, a program that aims to encourage businesses to prioritize cybersecurity as an integral part of their product development.[ Related: The 7 deadly sins of startup security ]To read this article in full or to leave a comment, please click here

Reports of attacks on the Department of Energy raise alarms

Attackers successfully infiltrated computer systems at the Department of Energy more than 150 times between 2010 and 2014, according to a review of federal documents by USA Today that  were obtained as a result of a Freedom of Information Act request. In all, DoE networks were targeted 1,131 times over the four-year span.While this sounds worrying -- the DoE oversees the country's power grid and nuclear weapons stockpile, after all -- there are a few things missing from the report. The attacks appear to be against the DoE's office systems and not the real-time systems that control the power grid. Those systems are typically operated by utilities and aren't directly connected to DoE's networks. The attacks in the USA Today report are equivalent to the kind universities, corporations, and other organizations regularly face.To read this article in full or to leave a comment, please click here

Berlin, Germany: CloudFlare’s 44th data center

Our data center in Berlin is our 3rd in Germany following Frankfurt and Düsseldorf, 14th in Europe, and 44th globally. Berlin is of considerable importance not just because it is the capital of Europe's most populous country, but also because it is the 2nd largest city in the European Union by population* trailing only London. As of this moment, CloudFlare has a point of presence (PoP) in 7 out of Europe's 10 most populous cities, and we're headed for a perfect 10-for-10.

Ich bin ein Berliner

"I am one with the people of Berlin," best expresses our sentiments following this latest launch, but is more famously a reference to U.S. President John F. Kennedy's June 26th, 1963 speech in West Berlin (and also the source of an amusing urban legend). The story goes that Kennedy should have said "Ich bin Berliner" ("I am a citizen of Berlin"), but instead remarked "Ich bin ein Berliner" which translates as "I am a jelly doughnut."

The Berliner: we treated ourselves to one a few in celebration of the launch

As it turns out, and despite decades of misinformation, Kennedy was linguistically correct. While in proper German an actual Berliner Continue reading

Why (and how) VMware created a new type of virtualization just for containers

As the hype about containers has mounted over the past year, it has raised questions about what this technology – which is for packaging applications - means for traditional management and virtualization vendors. Some have wondered: Will containers kill the virtual machine?VMware answered that question with a resounding no at its annual conference in San Francisco last week. But, company officials say containers can benefit from having a new type of management platform. And it’s built a whole new type of virtualization just for containers.To read this article in full or to leave a comment, please click here

Cyberattack exposes 10 million records at US health insurer Excellus

Hackers have penetrated the IT systems of U.S. health insurer Excellus BlueCross BlueShield and gained access to personal, financial and medical information of more than 10 million people, the company disclosed Thursday.The initial attack occurred in December 2013, but the company did not learn about it until Aug. 5. Since then it has been working with the FBI and cybersecurity firm Mandiant to investigate the breach.The hackers may have had access to customer records which include names, addresses, telephone numbers, dates of birth, Social Security numbers, member identification numbers, financial accounts and medical claims information.To read this article in full or to leave a comment, please click here

IDG Contributor Network: ‘Get Smart’ when it comes to using cloud-based services for file sharing

For those of you old enough to remember the TV comedy series "Get Smart" featuring a spy that used his shoe for a phone, the good guys belonged to an agency called "Control," and the bad guys were affiliated with "Chaos." This month "Get Smart" celebrates its 50th anniversary, yet CIOs continue to struggle in a seemingly never-ending battle to restore control in a chaotic, cloudy world in which data security is less than transparent.Much like the BYOD trend, the use of cloud-based services for sharing files is widespread and it's likely that if you're a CIO, your employees are already using them, whether they are officially sanctioned or not. Dropbox has led the charge to offer cross-platform file syncing for your personal files, and all the major players have followed suit, from Google (Google Drive), to Microsoft (SkyDrive), to Apple (iCloud). There's also Box, Sugarsync, and many others. For consumers, they are perfect, providing easy instant access to photos and documents from any device. That familiarity and accessibility is why they've crept into the enterprise.To read this article in full or to leave a comment, please click here

Xerox PARC’s new chip will self destruct in 10 seconds

Engineers at Xerox PARC have developed a chip that will self-destruct upon command, providing a potentially revolutionary tool for high-security applications.The chip, developed as part of DARPA’s vanishing programmable resources project, could be used to store data such as encryption keys and, on command, shatter into thousands of pieces so small, reconstruction is impossible.It was demonstrated at DARPA’s Wait, What? event in St. Louis on Thursday.“The applications we are interested in are data security and things like that,” said Gregory Whiting, a senior scientist at PARC in Palo Alto, California. “We really wanted to come up with a system that was very rapid and compatible with commercial electronics.”To read this article in full or to leave a comment, please click here

Ashley Madison coding blunder made over 11 million passwords easy to crack

Until today, the creators of the hacked AshleyMadison.com infidelity website appeared to have done at least one thing well: protect user passwords with a strong hashing algorithm. That belief, however, was painfully disproved by a group of hobbyist password crackers.The 16-man team, called CynoSure Prime, sifted through the Ashley Madison source code that was posted online by hackers and found a major error in how passwords were handled on the website.They claim that this allowed them to crack over 11 million of the 36 million password hashes stored in the website's database, which has also been leaked.A few weeks ago such a feat seemed impossible because security experts quickly observed from the leaked data that Ashley Madison stored passwords in hashed form -- a common security practice -- using a cryptographic function called bcrypt.To read this article in full or to leave a comment, please click here

Oracle VirtualBox Network Modes

There’s been a whole heap (programming pun intended) of blogs around automation and virtualisation over the last few years, with some rather good ones of late centred around the now classic mix of VirtualBox, Vagrant and Ansible*|**. I’m particularly enjoying the Hey, I can DevOPS my Network too! series by Larry Smith Jr. at the moment. I may […]

The post Oracle VirtualBox Network Modes appeared first on Packet Pushers.

Security experts mostly critical of proposed threat intelligence sharing bill

This fall, the Senate is expected to take another look at the Cybersecurity Information Sharing Act, or CISA, but many security experts and privacy advocates are opposed.Cybersecurity has been in the news a lot this summer, and not just with several new high-profile breaches in government and the in private sector.Last month alone, the Pentagon began requiring defense contractors to report breaches, the White House Office of Management and Budget proposed new cybersecurity rules for contractor supply chains, and a court agreed that the Federal Trade Commission has the authority to enforce cybersecurity standards.MORE ON CSO:Millions of records compromised in these data breaches And many security experts agree that it's important for companies to share cybersecurity information, in real time, without risk of being publicly embarrassed, fined, or sued.To read this article in full or to leave a comment, please click here

10 things to do before you lose your laptop

Whether you’re in the office, at home, in school, or at coffee shops and hotels around the world, laptops are everywhere. The portable computer allows you to stay in touch and do productive work regardless of where you may be physically – especially when you factor in the extended battery life and cloud-based computing applications and services.On the other hand, the sheer portability of the laptop also makes it vulnerable to unauthorized access or outright theft or lost. Gartner recently estimated that a laptop is lost every 53 seconds.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords While nobody plans to lose a laptop, there are some things that you can do to reduce both the risk and the potential legal repercussions should your laptop ever be misplaced or stolen. As with most security measures, the best defense is a good offense. Here are 10 things to do before you lose your laptop.To read this article in full or to leave a comment, please click here

Presidential longshot at CTIA 2015 promising nothing less than immortality

I hadn’t come to room 3301 of the Sands Expo to see Zoltan Istvan speak. I had come because the official CTIA Super Mobility 2015 conference app had pinged a notification to me that Mike Tyson – a boxer of some repute – was due to participate in a panel discussion and I wanted to startle my editors by landing a quote from Iron Mike.What I found, instead – I have no notion where Tyson was at the appointed time – was Zoltan Istvan, who is running for president. He is polished, polite and friendly. He was also gracious and patient with a reporter who bumbled into his speech by accident and essentially asked, “What the heck is going on here?”For those unfamiliar with his work, Istvan is a columnist for Vice, former reporter for National Geographic and author of a novel called The Transhumanist Wager, which lays out his hyper-futurist philosophy. In essence, he believes that humanity’s goal must be to create technology so advanced that we become immortal – conquering death with the infinitely sharp sword of logic. Through advances in medical science, the gentle melding of humans and machines and various other technological Continue reading

Apple Keynote 2015 – Enterprise & Personal

Excerpt: I am fascinated by Apple's business strategy and product management. Every year Apple makes a huge multi-billion dollar bet on delivering complex technology products into the hands of untrained users in the one of the toughest computing platforms - the smartphone. Plus they build custom silicon, new materials and software features in every version. And this time, they have an Enterprise product.

The post Apple Keynote 2015 – Enterprise & Personal appeared first on EtherealMind.

Risky Business #382 — Charlie Miller talks car hax, Uber

On this week's show we're checking in with Charlie Miller. We chat car hacking and we also (kind of) find out what he's up to now he's working at Uber.

This week's show is brought to you by HackLabs, an Australian security consultancy. They're a key sponsor of Australia's Cyber Security Challenge, which is basically a CTF for Australian CS students. What makes this one a bit different is it's being run by the Prime Minister's Office, which is, yeah, unexpected. Chris joins us later to discuss the challenge, that's this week's sponsor interview.

read more

1 3,322 3,323 3,324 3,325 3,326 3,837