Google launches Project Fi, its combo cellular and Wi-Fi network

Google launched its own ambitious wireless network primarily in the U.S. on Wednesday in partnership with Sprint and T-Mobile. Calling it Project Fi, Google promised seamless wireless connections, initially for Nexus 6 smartphone users, whether they are within more than 1 million free and open Wi-Fi hotspots or within an LTE cellular network operated by Sprint or T-Mobile. In a blog, Google asked customers to sign up online to join an Early Access Program for the service. The service will initially be available on the Nexus 6 smartphone that Google builds with Motorola. Potential customers must request an invitation from Google on a separate site to get started.To read this article in full or to leave a comment, please click here

How to properly scope your PCI assessment

To scope or not to scope - the security leader’s dilemmaImage by ThinkstockPCI is both a globally recognized standard and a lightening rod for discussion. In recent weeks, I’ve engaged in conversations exploring the scope of PCI assessments. On twitter, the discussion focused on the need to include everything in scope, as a means to force companies to improve security. Contrast that with a recent column explaining the benefit to speed, price, and quality of properly scoping your PCI assessment (read it here).To read this article in full or to leave a comment, please click here

Man fires 8 gunshots into his Dell PC after Blue Screens of Death push him over edge

A Colorado man says he has no regrets after unloading eight rounds into his dysfunctional Dell desktop, though he faces a fine for doing so.“I just had it,” Lucas Hinch, 38, told The Smoking Gun (via Ars Technica). Apparently the PC had thrown up one too many blue screens of death in recent months, so Hinch took it into an alley, loaded up a 9mm Hi-Point pistol that he’d purchased on Craiglist, and let the bullets fly.“It was glorious,” Hinch told the Los Angeles Times. “Angels sung on high.”To read this article in full or to leave a comment, please click here

Controlling HP Moonshot with ipmitool

I've been driving the HP Moonshot environment over the network with ipmitool, and found it not altogether straightforward. One of the HP engineers told me:
Yeah, we had to jump through some hoops to extend IPMI’s single-system view of the world into our multi-node architecture.
That is exactly why it's confusing. Everything here works reasonably well, but users have to jump through all of the hoops that the product engineers lined up for us.

Compatibility
The build of ipmitool that ships with OS X (2.5b1) doesn't support the Moonshot's double-bridged topology, so I'm using the one that ships with macports (1.8.12). To check whether your version of ipmitool is compatible, run ipmitool -h and look to see whether it supports both the single-bridge (-b, -t) and double-bridge (-B, -T) command line options. If it does, then it's probably okay.

Bridging
Using IPMI over the network with a regular rack server is pretty straightforward. You specify the device by name or IP, the user credentials and the command/query you want to run. That's about it. Such a command might look like this:

 ipmitool —H <IPMI_IP> -U <user> —P <password> —I lanplus chassis identify force

The command above Continue reading

Malware used in White House and State Department hacks possibly linked to Russia

The group of attackers behind cyberintrusions at the White House and the Department of State last year used malware that bears strong similarities to cyberespionage tools suspected to be of Russian origin.Security researchers from Kaspersky Lab have dubbed the cyberespionage group CozyDuke and said that it has blatantly targeted high-profile victims since the second half of last year. Its toolset includes malware droppers, information-stealing programs and backdoors that have antivirus evasion capabilities and make use of cryptography, the researchers said Tuesday a blog post.To read this article in full or to leave a comment, please click here

Qualys devises a virtual patch to protect against vulnerabilities

If you can’t wait for that critical patch to secure your system from some just-discovered bug, IT security firm Qualys may have an answer, through new security software that can secure the trouble spot until the patch arrives.The feature, called virtual patching, comes with the newly released version 2 of the company’s Web Application Firewall, a set of software for securing Web applications against malicious behavior.Virtual patching can address one of the most thorny problems in enterprise IT security, that of protecting against a recently discovered software flaw. Sometimes attackers can start misusing a software bug as soon as it is discovered —- this is called a zero day flaw.To read this article in full or to leave a comment, please click here

SSL certificate flaw allows hackers to crash devices running iOS 8

A flaw in iOS 8 would allow attackers to render devices running the mobile OS useless if they’re within range of a fake wireless hotspot, according to researchers from security firm Skycure.The vulnerability exploits an issue in how iOS 8 handles SSL certificates. By manipulating the certificates, researchers found they were able to get apps running on iPads, iPhone and iPods as well as the OS to crash. In other instances, the researchers placed the devices in a constant reboot cycle.Yair Amit and Adi Sharabani, Skycure’s CTO and CEO, respectively, discussed the flaw, called “No iOS Zone,” Tuesday during a session at the RSA conference and talked about their findings in a blog post on Wednesday.To read this article in full or to leave a comment, please click here

Senate leader introduces bill to extend Patriot Act surveillance

The majority leader of the U.S. Senate has introduced a bill that would extend the surveillance provisions of the Patriot Act until 2020, instead of expiring on June 1.The bill, introduced by Senator Mitch McConnell Tuesday night, would extend section 215 of the Patriot Act, the controversial part of the law that the U.S. National Security Agency has used to collect U.S. telephone records in bulk. Many digital and civil rights groups have protested the NSA phone records collection program, saying it violates the Fourth Amendment of the U.S. Constitution protecting the country’s residents against unreasonable searches and seizures.To read this article in full or to leave a comment, please click here

The VPLS & MPLS IP VPN Buyers Field Guide

VPLS & MPLS IP VPN Procurement step by step – every IT Managers key area documented.

Author information

Sponsored Blog Posts

The Packet Pushers work with our vendors to present a limited number of sponsored blog posts to our community. This is one. If you're a vendor and think you have some blog content you'd like to sponsor, contact us via [email protected].

The post The VPLS & MPLS IP VPN Buyers Field Guide appeared first on Packet Pushers Podcast and was written by Sponsored Blog Posts.

EMC Syncplicity lets enterprises manage their own encryption keys

Some enterprises that are happy to put their data in a public cloud prefer to keep the keys to that data under their own control. That’s the message online file sync and sharing services are sending lately.On Wednesday, EMC’s Syncplicity division announced Customer Managed Keys, a feature that lets enterprises store the encryption keys for their Syncplicity shared data on a rights management server on their own premises. It’s a new option in addition to having the keys stored in Syncplicity’s cloud.The announcement came just a couple of months after rival Box released its own private key-management feature into beta testing. That system, called EKM (Enterprise Key Management), may become generally available on Wednesday at the Box Dev conference in San Francisco. EKM likewise was added as an alternative to keeping keys in the vendor’s cloud.To read this article in full or to leave a comment, please click here

EMC Syncplicity lets enterprises manage their own encryption keys

Some enterprises that are happy to put their data in a public cloud prefer to keep the keys to that data under their own control. That’s the message online file sync and sharing services are sending lately.On Wednesday, EMC’s Syncplicity division announced Customer Managed Keys, a feature that lets enterprises store the encryption keys for their Syncplicity shared data on a rights management server on their own premises. It’s a new option in addition to having the keys stored in Syncplicity’s cloud.The announcement came just a couple of months after rival Box released its own private key-management feature into beta testing. That system, called EKM (Enterprise Key Management), may become generally available on Wednesday at the Box Dev conference in San Francisco. EKM likewise was added as an alternative to keeping keys in the vendor’s cloud.To read this article in full or to leave a comment, please click here

1 3,479 3,480 3,481 3,482 3,483 3,793