Get the ECT News Network Weekly Newsletter » Subscribe Today
Welcome Guest | Sign In
TechNewsWorld.com
Unsigned Firmware Puts Windows, Linux Peripherals at Risk
February 19, 2020
Eclypsium has released research that identifies and confirms unsigned firmware in WiFi adapters, USB hubs, trackpads and cameras used in Windows and Linux computer and server products from Lenovo, Dell, HP and other major manufacturers. Eclypsium also demonstrated a successful attack on a server via a network interface card with unsigned firmware used by each of the big three server manufacturers.
What's in Your Containers? Try an Open Source Tool to Find Out
January 14, 2020
As most security pros know, application containers -- Docker, rkt, etc. -- and the orchestration elements employed to support them, such as Kubernetes, are used increasingly in many organizations. Often the security organization isn't exactly the first stop on the path to deployment of these tools. If it was in your shop, consider yourself one of the lucky ones.
Tech Firms Join Forces to Create Smart Home Connectivity Standard
December 19, 2019
Amazon, Apple, Google and the Zigbee Alliance are teaming up on a new Internet Protocol-based standard for smart home device connectivity. Connected Home over IP will be an open source project. A working group will define a specific set of IP-based networking technologies for device certification. The goal is to enable communication across smart home devices, mobile apps and cloud services.
Should Discord Be in Your Incident Response Toolbox?
December 11, 2019
Cybersecurity incident response teams have choices when it comes to communication tools: Microsoft Teams, Slack, Zoom and numerous others. Some require a subscription or commercial license -- others are free. Some are niche tools specifically designed for incident response. Some are generic business communication tools that IR teams have adapted for use during a cybersecurity incident.
Amazon Ratchets Up Competition in 5G, Hybrid IT
December 5, 2019
Among the highlights of Amazon Web Services re:Invent are three announcements that strengthen its presence in the enterprise hybrid IT infrastructure market: AWS is teaming with Verizon to deliver 5G edge cloud computing; the first AWS Local Zone is located in Los Angeles; and AWS Outposts are generally available. These moves "close some huge competitive gaps," observed tech analyst Rob Enderle.
Consider Service Mesh as a Security Tool
November 26, 2019
If you're like most security pros, chances are you're starting to get frustrated with microservices a little -- or maybe a lot. Microservice architectures -- that is, architectures that leverage REST to build a number of small, distributed, modular components -- are powerful from a software architect's point of view. Want to make a change to a component quickly? Add new functionality?
5 Things Retailers Can Do Now to Avoid a Cyber Monday Disaster
October 29, 2019
We may just be turning the calendar to November, but if you're like most retailers, you're already deep into planning for the gift-giving season. Black Friday and Cyber Monday are circled and starred as you anticipate, with a mixture of excitement and trepidation, the spike in sales and massive increase in traffic to your website and mobile app -- with good reason.
Adopt a Maintenance Mindset: Protect IT
October 18, 2019
As part of National Cyber Security Awareness Month, the National Cyber Security Alliance is advising all computer users to "Protect IT" by taking precautions such as updating to the latest security software, Web browser and OS. The nonprofit public-private partnership, which works with DHS and private sector sponsors, advised computer users on ways to protect their personal data.
'Serious' Linux Sudo Bug's Damage Potential Actually May Be Small
October 16, 2019
Developers have patched a vulnerability in Sudo, a core command utility for Linux, that could allow a user to execute commands as a root user even if that root access was specifically disallowed. The patch prevents potential serious consequences within Linux systems. However, the Sudo vulnerability posed a threat only to a narrow segment of the Linux user base, according to Todd Miller, a maintainer of the open source Sudo project.
Stop Cyberattacks in Their Tracks: Secure IT
October 10, 2019
Stopping cyberattacks requires diligent behavior. One of the themes of this year's National Cyber Security Awareness Month, or NCSAM, is that all computer users should take steps to Secure IT. That means shaking up the passphrase protocol by using not just strong passwords but strong and unique passphrases. Everyone should double login protection through multifactor authentication.
Tackling Economic Security Governance
October 8, 2019
If you've ever played chess, you know that each move you make has to be the best move. At one level, this is painfully obvious -- after all, who would choose to make a terrible move instead of a better one? -- but it's illustrative of an important concept. Specifically, the core reason it's true is that each individual move in a game like chess comes with an associated "opportunity cost."
Multi-Cloud Strategy May Pose Higher Security Risk: Study
September 6, 2019
Users of a multi-cloud storage strategy may be twice as likely to face a security breach as those that use hybrid or single clouds, suggests a report from UK-based security specialist Nominet. Fifty-two percent of survey respondents who adopted a multi-cloud approach suffered a data breach over the past 12 months, compared to 24 percent of hybrid cloud users, and 24 percent of single-cloud users.
Powerful Enterprise-Class Chromebooks May Make Windows Exit Possible
August 27, 2019
A new collaboration between Dell Technologies and Google has produced the world's first enterprise-class Chromebook. The companies have announced their partnership to bring new capabilities and services to Dell's Unified Workspace strategy. Google launched its Chrome Enterprise capabilities in 2017 to give enterprises critical features like advanced security protections and fleet management.
Cloud Users: Read the Click Agreement Terms
August 26, 2019
There is no data showing how many people actually read through click agreements, terms of service and privacy policies -- collectively "online terms" -- before clicking the alluring "accept" button. However, there's research that indicates fewer than 1 percent of people report taking the time to review online terms. Most folks consider online terms an annoying speed bump and frankly don't care.
Security Pros: Be on High Alert for Certificate Changes
August 22, 2019
They say that the key to good security is constant vigilance. As a practical matter, this means that it's important for security and network pros to pay attention to two things: changes in the threat landscape, so they can be on the alert for how their systems might be attacked; and changes and developments in the technologies they employ. These consequences matter quite a bit.
Avoid a Black Friday, Cyber Monday Disaster With Intelligent Testing
August 19, 2019
Many online businesses rely on Black Friday and Cyber Monday to drive their profit margins. During this four-day period, retailers will see traffic on their site skyrocket. How can retailers make sure their sites are robust and won't fail during this critical period? The answer is to ensure your site is completely bombproof and can handle the surge in load without a problem.
Microsoft Exposes Russian Cyberattacks on Phones, Printers, Video Decoders
August 7, 2019
The Russian hacking group known for stealing sensitive emails from the Democratic National Committee during the 2016 presidential election season has been cracking into printers, phones and video decoders to gain access to corporate networks, the Microsoft Security Response Center Team reported. The group is known by a number of names including "Strontium," "Fancy Bear" and "APT 28."
The Router's Obstacle-Strewn Route to Home IoT Security
July 10, 2019
It is newly minted conventional wisdom that not a single information security conference goes by without a presentation about the abysmal state of IoT security. While this is a boon for researchers looking to make a name for themselves, this sorry state of affairs is definitely not beneficial for anyone who owns a connected device. IoT device owners aren't the only ones fed up, though.
Omnichannel Retail: Big Data Is Nice, Fast Data Is Necessary
May 18, 2019
Any retailer that wants to be competitive knows it must offer a seamless omnichannel experience to its customers. However, many retailers aren't aware that the key to powering that customer experience is IT system performance. Why? Omnichannel retailers must process, analyze and use huge amounts of data for a multitude of equally important functions.
Zombieload, Fallout, and 2 Other CPU Flaws Have Intel on the Hop
May 16, 2019
The high-tech industry once again is in a tizzy over flaws discovered in Intel CPUs -- four new MDS vulnerabilities have come to light. MDS is a sub-class of previously disclosed vulnerabilities that sample data leaked from small structures within the CPU using a locally executed speculative execution side channel. The practical exploitation of MDS flaws is a very complex undertaking, however.
Microsoft Becomes Master of Its Own Linux Kernel
May 9, 2019
Microsoft has announced that its own full Linux kernel will power WSL2, the newest version of the Windows Subsystem for Linux. This marks the first time that Microsoft will include the Linux kernel as a component in Windows. Microsoft also introduced a Windows command line terminal that will add functionality to PowerShell and WSL. Both are intended primarily for developers.
Spring Cleaning Your Network Security
May 7, 2019
Spring may be my favorite time of year. The snow is melting, the sun is shining, and the air smells just a little bit fresher. It's as though the world is setting an example for the rest of us, letting us know that it's time to start fresh. It's time for spring cleaning -- and in the security world, spring cleaning means more than just wiping down countertops and lighting a few scented candles.
4 Techniques for Validating Enterprise Blockchain
January 21, 2019
There's been a lot of hype about blockchain over the past few years. Nowadays though, there are signs that we may be on the cusp of moving from the "blockchain will solve all your problems" segment of the hype cycle into the "blockchain may be useful for a few targeted applications" segment. Utility-based Darwinism is at work -- we're starting to see the less likely applications fall away.
AWS Thinks Inside the Box With Outposts Data Center Revival
November 30, 2018
Amazon introduced AWS Outposts at its AWS re:Invent conference in Las Vegas. The new system, which provides AWS-branded boxes for use in traditional data centers, will allow the company to make advances into the world of on-premises storage, taking on legacy hardware vendors including Cisco, Dell, and Hewlett Packard Enterprise. Outposts technology can run on rival vendors' data center equipment.
Amazon's Shift
November 29, 2018
Andy Jassy, CEO of Amazon Web Services, announced that AWS customers would be off all Oracle databases by the end of 2019 and running on one of Amazon's database products. This is not the first time the market has heard something like this, but this time could be different. The statement comes on the heels of Amazon spending significant coin on Oracle licenses a few months ago.
When Is the Time to Hire a Cyber Specialist?
November 14, 2018
Cybersecurity has been becoming a larger and larger concern for organizations. Nowadays, most organizations -- regardless of size, industry, location, or profit vs. nonprofit status -- find themselves directly or indirectly impacted by cybersecurity. Even though the topic itself is increasing in importance, many smaller organizations don't have specialized security expertise on staff.
Whether Intended or Accidental, Internet Traffic Rerouting Can Be Costly
November 14, 2018
An apparent prefix leak from an errant router misconfiguration caused Google to lose control of several million of its IP addresses for more than an hour on Monday. During the event, Internet traffic was misrouted to China and Russia from Nigeria. The incident initially sparked concerns that it might have been a hijacking. The mishap made Google services unavailable to many users intermittently.
Will Oracle Roil the DB Market?
October 23, 2018
When we write the history of the IT era, the big factor that has played an important but not well recognized role will be hardware -- specifically, the Oracle Exadata appliance that puts databases into memory. All of the cloud software starting with the autonomous database on view this week at OpenWorld would be vastly different if the database was still running primarily on disk drives.
6 Tips for Managing Data Before an Emergency Strikes
October 18, 2018
Think about planning for a natural disaster emergency that might affect your home. You'd likely store some water, flashlights, food, blankets and other essentials. The key element of your planning would be proactivity. You'd do all of the work before an emergency occurred, not during the actual crisis. If your supplies were used up after the emergency passed, then you quickly would restock.
Software Security Best Practices Are Changing, Finds New Report
October 2, 2018
Independent software vendors, along with Internet of Things and cloud vendors, are involved in a market transformation that is making them look more alike. The similarities are evident in the way they approach software security initiatives, according to a report from Synopsys. Synopsys has released its ninth annual Building Security in Maturity Model, or BSIMM9.
See More Articles in Network Management Section >>
NICE inContact February 12 webinar
How worried are you about climate change?
I believe it will cause global catastrophe in my lifetime.
I'm very worried but I believe nations will come together to reverse it.
I'm very worried and I think the private sector is our best hope.
I'm somewhat worried but I don't think it will affect me much personally.
I've changed my own behavior to do what I can to help the planet.
I'm not worried -- it's a natural cycle.
I'm not worried -- it's a media hoax.
Amazon Advertising: Strategies to Drive Success
NICE inContact February 12 webinar