Juniper Networks on Sunday informed customers that recent security threats to its ScreenOS were not as widespread as initially believed. The company last week issued an alert following its discovery in ScreenOS of unauthorized code that could allow an attacker to gain administrative control of devices using Netscreen or to decrypt a VPN. The two issues are unrelated to each other.

Portfolios of task-oriented mobile apps for employees, contractors and business partners have been transforming the way enterprises conduct business, Apperian reported last week. Companies that have launched mobility initiatives have customized and deployed one or more apps that have streamlined business operations, according to the firm's analysis of 2 million app deployments.

Cisco and Ericsson on Monday announced a partnership to build out a next-generation network for smart things and the carriers and enterprises that want to support such devices. The deal plays to the companies' strengths in cloud, data center, mobility, management, networking, routing and global services, they said. Each company expects to earn about US$1 billion in revenue by 2018 from the deal.

The European Parliament on Tuesday passed Net neutrality legislation to a chorus of boos from Net neutrality proponents. The European Union has found consensus on the common principles of Net neutrality -- no blocking, no throttling and no prepaid prioritization -- said Commissioner Günther H. Oettinger. However, the rules have three major loopholes, Net neutrality supporters said.

The Linux Foundation has announced a strategic partnership with ON.Lab and its ONOS project community to develop open source network services. They will build infrastructure for software-defined networking and network function virtualization technology. The foundation will provide its global reach, experience and infrastructure to seed ONOS' growing community.

The Linux Foundation's recently published security checklist may draw more attention to best practices for protecting Linux workstations, even if IT pros do not embrace all of its recommendations. Konstantin Ryabitsev, the foundation's director of collaborative IT services, developed the list for the use of LF remote sysadmins, to harden their laptops against attacks.

Shadow IT -- the use of unauthorized online services by company employees -- is a concern of cyberwarriors charged with defending business systems against network attacks. There's new evidence that those concerns are justified. A new attack vector on business systems leverages the synchronization features of services like Dropbox and Google Drive to perform malicious mischief.

The OpenDaylight Project this week announced that AT&T, ClearPath Networks and Nokia Networks have joined, bringing its membership total to 359. OpenDaylight is a collaborative open source project hosted by the Linux Foundation. Its goal is twofold: accelerate the adoption of software-defined networking; and create a solid foundation for network functions virtualization.

With so many cybersecurity pros drowning in an ever-rising tide of hack attacks on their computer systems, an emerging approach to defending those systems may be the life preserver they've been looking for. The approach doesn't involve beefing up perimeter defenses, carefully scrutinizing network traffic, or applying analytics to employee behavior.

The results of a recent survey on container usage trends suggest that a deployment surge is likely within the next two years -- but also that companies have serious concerns about container security, certification and skills. The survey, commissioned by Red Hat and conducted by TechValidate, assessed enterprise adoption plans for application containers.

Cisco on Monday launched Cisco IoT System -- a new Internet of Things initiative comprised of 15 products geared toward improving device interoperability. As many as 50 billion devices and objects could be connected to the Internet by 2020, the company forecast, yet today more than 99 percent of things in the physical world currently are unconnected.

The Linux Foundation on Wednesday announced that it was more than doubling the number of scholarships to be awarded this year for Linux training. The Linux Foundation is a nonprofit organization dedicated to accelerating the growth of Linux and collaborative development. Its announcement opened the door for the submission of applications for the 2015 Linux Training Scholarship Program.

U.S. government agencies have invested time, effort and significant funding in the last several years to meet the challenges of cybersecurity threats, but the payoff has been disappointing, according to a report from the ISC2 Foundation. As part of its seventh Global Information Security Workforce Study, the foundation included a section that involved a survey of 1,800 federal IT professionals.

It was a little over a year ago that the Heartbleed bug shocked the Internet with its potential for mischief. Now another flaw in open source code has sent network administrators into damage control mode. The bug, called "Venom" for "Virtualized Environment Neglected Operations Manipulation," allows an intruder to jump out of a virtual machine and execute malicious code on its host.

There's a common perception that implementing comprehensive IT security to protect against today's sophisticated threats and attacks is a difficult and expensive task, and that the benefits of replacing current solutions (even if highly ineffective) are seldom worthwhile. This mindset has resulted in many businesses dealing with a virtual patchwork of disparate systems.

Crowdstrike on Wednesday made public its discovery of yet another long-buried Linux vulnerability. "Venom," as it has been dubbed, was unearthed by the firm's senior security researcher, Jason Geffner. It is listed as vulnerability CVE-2015-3456. Venom exists in the virtual floppy drive code used by virtualization platforms based on QEMU, or quick emulator. It has been around since 2004.

U.S. government agencies can significantly improve their ability to deal with cybersecurity problems by utilizing big data analytics. However, agencies are finding it difficult to fully benefit from these advanced analytical tools for a variety of reasons -- including dealing with the sheer volume of data. Cyberthreats hide in plain sight, suggests a recent report from MeriTalk.

Microsoft on Monday announced a slew of products and services for IT professionals at its first Ignite conference, being held in Chicago through Friday. Among them were the Microsoft Azure Stack, its next-generation hybrid cloud, and Windows Update for Business, a new management option for Windows 10 that will keep devices up to date with the latest security updates and Windows features.

I've been traversing North America keynoting a series of cloud events hosted by Oracle. At every stop of the roadshow my comments regarding the opportunity to transform traditional product businesses into powerful information services via cloud-based alternatives has generated the greatest interest among enterprise decision-makers and software developers alike.

I don't know how many old movies there are in which the good guys say, "You're surrounded, come out with your hands up!" Somehow being surrounded is a bad thing -- or at least it was -- until it became a hot trend in the back office. Let me explain. Surrounding legacy systems, such as conventional ERP, is proving to be a good idea for a bunch of reasons.

This past week's International CES brought even greater attention to the seemingly infinite opportunities being created by the rapidly evolving Internet of Things. However, it also created plenty of hype that can become pitfalls for companies that are not properly prepared to achieve the promise of the IoT. There are 10 steps IT organizations must take to help pave the way to success.

Check Point Software Technologies recently revealed a flaw in millions of routers that allows the devices to be controlled by hackers. The company detected 12 million Internet-connected devices that have the flaw. The vulnerability, which Check Point dubbed "Misfortune Cookie," can be found in the code of a commonly used embedded Web server, RomPager from AllegroSoft.

The Practice of Cloud System Administration, Volume 2 is a look into IT gone bad in some companies, and how doing it right can salvage enterprise use of cloud computing. The authors make 11 statements about computers and their networks on the first page of the book's preface. They ask which statements are true. You most likely will get numerous wrong answers.

Has software glut got you down? Do you reuse passwords because creating unique ones for all your online accounts would cause a memory overload? If so, you may be interested in a bit of jewelry called the "Everykey," by a startup with the same name. Everykey is a wristband that removes the need to remember the countless log-in credentials we use every day.

The days of in-boxes flooded with spam messages on an assortment of sordid subjects are a faint memory to most email users, but what spam has lost in volume it's gained in power. More than two-thirds of some 200 IT decision makers in companies with five to 1,000 employees said a spam incident in the last year had severely disrupted their business operations -- or halted them entirely.

Banks and businesses toiled over the weekend to crush a bug in a widely used open source operating system. The flaw has been in Unix for some 25 years, but it was revealed just last week. If exploited, the vulnerability could be used to inject malicious code or take command of a system or device. Dubbed "Shellshock," it requires patching systems and devices running Apple's OS X, Linux and Unix.

If you want to see an IT pro twitch, bring up Shadow IT in a conversation. "Shadow IT" is a term applied to technology deployed by an organization's users outside the purview of the IT department. It's bothersome to system shepherds because it can open up an organization to data leakages. It's also growing. Many Shadow IT programs run in the cloud, but all clouds are not created equal.

Millions of users were unable to access the Web Tuesday, according to reports. The websites of eBay, Amazon, Autotrader, LinkedIn, Time Warner and Verizon were among those hit. The problem is due to a combination of factors: router configuration; the explosive growth of connected devices; and IPv4 running out of addresses. "The industry faces many limitations," said tech analyst Rob Enderle.

U.S. government agencies are struggling to manage the huge amount of data they generate or process, despite the goals of a program designed to operate thousands of data centers more efficiently. The idea behind the FDCCI was to save space, energy and IT costs by consolidating woefully underutilized electronic data storage centers into fewer sites and servers.

Current approaches to Java application protection place security at the application or the network layer, both of which are problematic. The first approach has proven to be too complex, too time consuming and too risky -- in other words, "too hot." Meanwhile, network level security that consists of perimeter devices lacks the intelligence to know what's going on inside the application.