Startup takes heat over online tool that checks Ashley Madison data

A small Washington, D.C.-based startup accused of crude marketing centered around the Ashley Madison data breach said Monday it is changing its tactics amid criticism.Trustify, a 10-person company that launched in March, runs a web-based service for connecting people with private investigators for $67 an hour.Last week, it created an online tool that lets people check if their email address was in the large dump of stolen user information from the extramarital hookup site.The tool was one of many that were created after hackers released information on more than 30 million registered users of the website, one of the largest and most sensitive data breaches on record.To read this article in full or to leave a comment, please click here

HP serves up its open switches

HP this week unveiled networking products aligned with its strategy to disaggregate hardware and software, opening up choices for its customers.HP is introducing two new branded bare metal switches based on the Accton AS5712-54X. HP and Accton revealed their partnership in February.+MORE ON NETWORK WORLD: Enterprise disaggregation is inevitable+The first switch is the Altoline 5712, a 10G switch, and the second is the Altoline 6712, a 40G switch. Both are powered by Intel’s Atom CPU.To read this article in full or to leave a comment, please click here

How Distributed Network Monitoring Boosts Visibility, Speeds Troubleshooting

Active distributed monitoring gathers network and application performance data from multiple locations to give IT better visibility and improve troubleshooting. Find out how NetBeez simplifies distributed monitoring.

The post How Distributed Network Monitoring Boosts Visibility, Speeds Troubleshooting appeared first on Packet Pushers.

Legal teams keep bending old laws to fit cybercrimes

Since cybercrime laws lag behind technology, lawyers are constantly seeking creative ways to stretch old laws to fit new crimes, such as the latest - comparing the movie-sharing app Popcorn Time to a burglar’s tool in order to press criminal charges.Lawyers for an Adam Sandler movie are arguing that Popcorn Time performs the same function as burglars’ tools in order “to commit or facilitate … a theft by physical taking,” language used in an old Oregon law about traditional burglary.The lawyers say Popcorn Time lets users violate the movie’s copyrights by enabling downloads of pirated copies, and so they are suing for the civil crime of copyright infringement.To read this article in full or to leave a comment, please click here

Most Apple devices lack proper security for the enterprise

Nearly half of all U.S. employees use at least one Apple device at work, but most of those gadgets lack common security protocols required by many enterprises, according to a new survey commissioned by Centrify, a company that sells enterprise security and management software for Apple products.MORE ON NETWORK WORLD: Free security tools you should try Last month, Centrify asked 1,004 business professionals about how they use computers and smartphones in the workplace. Respondents used a total of 1,309 Apple devices at work, including 191 Macs, 387 iPads and 731 iPhones, according to Centrify. All of the respondents were employed full-time at companies with at least 20 employees, from various industries including healthcare and financial services, according to Centrify.To read this article in full or to leave a comment, please click here

Worth Reading: Trading Shares in Milliseconds

Today’s stock market has become a world of automated transactions executed at lightning speed. This high-frequency trading could make the financial system more efficient, but it could also turn small mistakes into catastrophes. via technology review


Or as Thomas Sowell says — Stupid people can cause problems, but it usually takes brilliant people to create a real catastrophe.

The post Worth Reading: Trading Shares in Milliseconds appeared first on 'net work.

Court: FTC can bring down the hammer on companies with sloppy cybersecurity

The U.S. Federal Trade Commission has the authority to take action against companies that fail to protect customer data, an appeals court ruled Monday.The U.S. Court of Appeals for the Third Circuit upheld the FTC's 2012 lawsuit against hotel and time-share operator Wyndham Worldwide. The FTC filed a complaint against Wyndham for three data breaches in 2008 and 2009 that led to more than US $10.6 million in fraudulent charges. The appeals court ruling, upholding a 2014 district court decision, suggests the FTC can hold companies responsible for failing to use reasonable security practices.To read this article in full or to leave a comment, please click here

Court: FTC can bring down the hammer on companies with sloppy cybersecurity

The U.S. Federal Trade Commission has the authority to take action against companies that fail to protect customer data, an appeals court ruled Monday.The U.S. Court of Appeals for the Third Circuit upheld the FTC's 2012 lawsuit against hotel and time-share operator Wyndham Worldwide. The FTC filed a complaint against Wyndham for three data breaches in 2008 and 2009 that led to more than US $10.6 million in fraudulent charges. The appeals court ruling, upholding a 2014 district court decision, suggests the FTC can hold companies responsible for failing to use reasonable security practices.To read this article in full or to leave a comment, please click here

Ask HighScalability: Choose an Async App Server or Multiple Blocking Servers?

Jonathan Willis, software developer by day and superhero by night, asked an interesting question via Twitter on StackOverflow

tl;dr Many Rails apps or one Vertx/Play! app?


I've been having discussions with other members of my team on the pros and cons of using an async app server such as the Play! Framework (built on Netty) versus spinning up multiple instances of a Rails app server. I know that Netty is asynchronous/non-blocking, meaning during a database query, network request, or something similar an async call will allow the event loop thread to switch from the blocked request to another request ready to be processed/served. This will keep the CPUs busy instead of blocking and waiting.

I'm arguing in favor or using something such as the Play! Framework or Vertx.io, something that is non-blocking... Scalable. My team members, on the other hand, are saying that you can get the same benefit by using multiple instances of a Rails app, which out of the box only comes with one thread and doesn't have true concurrency as do apps on the JVM. They are saying just use enough app instances to match the performance of one Play! application (or however many Play! apps Continue reading

Windows Hello uses your webcam even if you disabled your camera

The newest Windows 10 privacy freak out involves Windows Hello which is supposed to be a convenient security feature turned on or off by selecting Settings > Accounts > Sign-in options.  Windows Hello replaces traditional passwords with biometric recognition, allowing users to unlock their PC with a swipe or glance. You’ve likely seen Microsoft’s 30 second Windows 10 commercial which shows a toddler who “won’t have to obsess over security” as she will be able to unlock Windows 10 with a smile.To read this article in full or to leave a comment, please click here

Mobile devices pose biggest cybersecurity threat to the enterprise, report says

Earlier this month, Check Point Software released its 2015 security report which found that mobile devices have become the biggest threat for today's enterprises. I like the fact that more vendors are doing their own studies and sharing the findings. Cybersecurity has so many facets that it's very challenging for IT departments to understand where to focus their energy, so surveys like this help.The survey revealed something that I think many businesses have turned a bit of a blind eye to, and that's the impact of mobile devices, primarily due to the wide acceptance of BYOD. The last Network Purchase Intention Study by ZK Research (disclosure: I'm an employee of ZK Research) showed that 82% of businesses now have some kind of BYOD plan in place. Even heavily regulated industries like healthcare and financial services are putting BYOD programs in place because of pressure from the lines of business. Years ago, CEOs and managers didn't want consumer devices in the workplace as they were considered a distraction. Today, businesses that do not allow workers to use mobile devices are putting themselves at a competitive disadvantage.To read this article in full or to leave a comment, please click here

Facebook’s Threat Intelligence Sharing Potential

Enterprise organizations are actively consuming external threat intelligence, purchasing additional threat intelligence feeds, and sharing internally-derived threat intelligence with small circles of trusted third-parties.  Based upon these trends, it certainly seems like the threat intelligence market is well- established but in this case, appearances are far from reality.In my humble opinion, threat intelligence consumption and sharing is extremely immature today with the market divided by a few haves (i.e. large banks, defense contractors, large IT vendors, intelligence agencies) and a large majority of have-nots – everyone else.This immaturity is illustrated by some recent ESG research (note: I am an ESG employee).  A panel of cybersecurity professionals working at enterprise organizations (i.e. more than 1,000 employees) were asked to identify weaknesses associated with their firm’s threat intelligence consumption and sharing programs.  The data indicates:To read this article in full or to leave a comment, please click here

Securing the enterprise digital footprint

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

In late 2007, AOL security researcher William Salusky and his team discovered one of the first reported instances of malvertising -- a digital ad running on aol.com had been configured to serve up malware to unsuspecting visitors. This turned out to be the beginning of a new era where attackers use a company’s digital footprint (web infrastructures and mobile apps) to distribute malware and commit fraud.

For security teams, protecting the digital footprint, which resides outside the firewall, poses three distinct challenges. Namely, securing assets you know about, securing assets you don’t know about (like those created by someone within the organization or by an authorized third-party), and identifying rogue assets that are impersonating the organization’s brand or sub-brands.

To read this article in full or to leave a comment, please click here

Securing the enterprise digital footprint

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.In late 2007, AOL security researcher William Salusky and his team discovered one of the first reported instances of malvertising -- a digital ad running on aol.com had been configured to serve up malware to unsuspecting visitors. This turned out to be the beginning of a new era where attackers use a company’s digital footprint (web infrastructures and mobile apps) to distribute malware and commit fraud.For security teams, protecting the digital footprint, which resides outside the firewall, poses three distinct challenges. Namely, securing assets you know about, securing assets you don’t know about (like those created by someone within the organization or by an authorized third-party), and identifying rogue assets that are impersonating the organization’s brand or sub-brands.To read this article in full or to leave a comment, please click here

Tips for protecting your business against cyber extortion

CrytoLocker is malware cyber criminals use to encrypt the contents of a computer until users pay up.But that's only one type of cyber extortion, according to Tim Francis, enterprise cyber lead at Hartford, Conn.-based insurance company Travelers.Criminals can also threaten to shut down computer systems or erase data, to infect a company with a virus, to publish proprietary information or personally identifiable information of customers or employees, launch a denial-of-service attack, or hold social media accounts hostage.Criminals can also start the attack first, and refuse to stop until the money is paid.MORE ON CSO:Lost in the clouds: Your private data has been indexed by Google It's no longer just a lone disgruntled employee targeting a single company, Francis said. CryptoLocker is just one example of how cyber extortion technology has been commodified, making it accessible to a wider variety of criminals.To read this article in full or to leave a comment, please click here

1 3,349 3,350 3,351 3,352 3,353 3,844