Articles about Endpoints

Don't lose control of those fast-breeding endpoints

Sysadmin blog So you want to know about security? Well you have come to the right place. I have been here for a while and I can tell you that outside these gates it’s full of cowboys, sharks and pirates, none of whom will hesitate to take what is yours and call it their own. The above is is a quote from a brochure I wrote in an attempt to …
Aaron Milne, 22 Oct 2013

Catch 'em while you can! Presenting Druva's virtual open door detector

Think checking doors and windows every night so as to stop burglars scrambling through to rob you. Well, now your personal data can be handled in the same way, with Druva's end-point protection services identifying risky exposure to sensitive information loss by scanning backed-up data and alerting compliance teams. Its inSync …
Chris Mellor, 22 Jul 2015
Thumbs Up Desktop Phone

Microsoft to bake Skype into IE, without plugins

Microsoft is going to try to bake Skype into Internet Explorer. In a post issued yesterday, Redmond indicates it's going to use the Object Real-Time Communications API for WebRTC (ORTC API for WebRTC) to ensure it becomes possible to “... simply open IE and make a Skype call”. The ORTC API is a W3C effort, as is WebRTC, so …
Simon Sharwood, 28 Oct 2014
Tornado

Asigra's fast BaaS on-ramp for Cloud Service Providers

Managed and cloud service providers have a lightning fast on-ramp to providing backup services via three Asigra appliances. These are converged backup systems using commodity servers, FreeBSD Unix, the ZFS file system and Asigra's agentless cloud backup and recovery software. There are three models, arranged by capacity: 1800 …
Chris Mellor, 16 Jun 2015
Dunce's cap graffiti by https://www.flickr.com/photos/lord-jim/ cc 2.0 attribution https://creativecommons.org/licenses/by/2.0/

Wind River VxWorks patches some TCP sequence spoofing bugs

Intel-owned embedded software outfit Wind River has been caught with an embarrassing bug in its VxWorks OS. According to the ICS-Cert advisory, the bug's only been identified in kit from Schneider Electric at this stage. It relates to how various VxWorks versions handle their TCP flows. Discovered by a bunch of researchers from …

Forget passwords, let's use SELFIES, says Obama's cyber tsar

US cyber security tsar Michael Daniel wants passwords to die in a fire and be replaced by other mechanisms, including selfies. In an interview with the Christian Science Monitor Daniel said the death of passwords could signal a useful purpose for the much-beleaguered selfie. "Frankly I would really love to kill the password …
Darren Pauli, 15 Oct 2014

US is the world's botnet mothership, says Level 3

Level 3 Communications says America is home to more botnet command and control servers, edging out the Ukraine, with Russia only managing third place. Command and control servers, used to maintain vast botnet scourges, are active for about 30 days before being taken down by operators located all over the world or by local police …
Darren Pauli, 22 Jun 2015
Puppets by Jim McDougall License https://creativecommons.org/licenses/by/2.0/

EMC dangles Puppet out of its Enterprise Hybrid Cloud

Puppet Enterprise is getting a boost in its global sales footprint, with EMC deciding its customers need a bit of devops love and adding the automation suite to its hybrid clouds. Puppet Enterprise is going to be available as part of EMC's Federation Enterprise Hybrid Cloud solution, the two companies will launch a DevOps …

Boffins sting spooks with 'HORNET' onion router

Five academics have developed a Tor alternative network that can handle up to 93Gb/s of traffic while maintaining privacy. The HORNET system is more resistant to passive attacks than existing anonymity networks like Tor and delivers faster node speeds for a "practically unlimited" number of sources. It is the brainchild of …
Darren Pauli, 24 Jul 2015
Fastpass logical diagram

Kill queues for fast data centres: MIT boffins

MIT researchers hope to speed up networking inside the data centre with concepts that will look familiar to old networking hacks: they propose a central arbiter for network traffic that picks out a predetermined path before a packet is transmitted. The boffins call the scheme Fastpass, and its other characteristic is that the …

$125m VC war chest awaits NTT Com Security's outgoing boss

The hedge fund that outgoing NTT Com Security overlord Simon Church is joining has $125m to splash on new investments in cyber defence and data services. Church, who provided consultancy for C5 Capital since its inception last year, and was made an advisory board member in April, is to become an "exec in residence" at the equity …
Paul Kunert, 24 Jun 2015

Avaya joins SDN club with ONA-nism

Avaya is the latest of the big names to drink the software-defined networks (SDN) Kool-Aid, launching its Open SDN Fx architecture on a waiting world. Along the way, the company is giving various open projects a kick along. Its SDN Fx Fabric Orchestrator Ethernet controller appliance offers northbound and southbound interfaces, …
Chrome remote desktop running on an iPad

Adults-only Chrome add-on grabs you by the Googlies

Google's Chrome Remote Desktop app does what it says on the can: install it in Google's browser and it becomes possible to drive the host Mac, PC or Chromebook from another similarly-equipped machine. As of today it's also possible to drive a machine from iOS, as Google has been kind enough to release an app for the iPhone or …
Simon Sharwood, 13 Jan 2015

Instagram's HTTPS cert expires, millions of crap photographers panic

Instagram's SSL certificate has expired, showing the urine-filled-swimming-goggles-vision site's supposed commitment to security seems to have been a bit of a filter-job. Instagram first rolled out HTTPS in 2014 when a vulnerablity was reported by InfoSec specialist Mazin Ahmed. Ahmed used Wireshark to captured unencrypted data …
smokestack

Everything I see is Windows 10, says Microsoft's SatNad

Satya Nadella has been hitting the road to undo the damage to perceptions of Microsoft's mobile strategy caused last week by, um… Satya Nadella. When the Great Communicator "clarified" Microsoft's plans last week, he was so effective that many reporters and analysts assumed Microsoft was giving up on its own mobile platforms, …
Andrew Orlowski, 15 Jul 2015
Yahoo Lockport Data Center Servers

Give in to data centre automation and change your life

As an IT professional, unless you’ve been living under a rock you are probably familiar with automation, even if only in passing. Automation process has been in use in the business world for many years, but somewhat paradoxically IT is usually the least automated department in any organisation. Whole data centre automation and …
Aaron Milne, 24 Feb 2015
Instasheep

Thwarted dev sets Instasheep to graze on Facebook accounts

London developer Stevie Graham has built an Instagram stealer dubbed Instasheep that can hijack accounts over public networks. Graham (@stevegraham) published Instasheep - a play on the 2010 Facebook stealer Firesheep - after claiming Facebook refused to pay a bug bounty for his reported flaws affecting the Instagram iOS app. …
Darren Pauli, 30 Jul 2014
Bret Hartman, VP and CTO, Cisco

Everything is insecure and will be forever says Cisco CTO

While in Melbourne enduring the antipodean version of Cisco Live!, The Register's networking desk met veep and CTO Bret Hartman. Here's what he told us about network security, a field he feels is basically doomed. Forever. The Register: The last twelve months tells us we have insecure devices connected through gateways, sending …

Google brazenly strokes its mobile cloud tools just before Amazon shindig

Google has released two mobile development tools to coax app writers into storing data in the ad giant's cloud services. The unveiling comes a day before the kickoff of cloud-rival Amazon's AWS:Reinvent, a love-in held in Las Vegas. Google's utilities give developers two ways to tie applications into cloud storage and compute …
Jack Clark, 11 Nov 2013
Miss Piggy

THREE MILLION Moonpig accounts exposed by flaw

Custom mugs and tat outfit Moonpig has a signficant flaw that exposes personal records and partial credit card details for some three million customers, almost 18 months after it was reported. The failure, discovered and privately reported by developer Paul Price, meant every account and the names, birth dates, and email and …
Darren Pauli, 06 Jan 2015
Bitdefender security image

Flaws found in Bitdefender enterprise endpoint manager

Holes have been reported in Bitdefender's Gravity end-point protection platform that allow hackers to target corporate infrastructure. Researcher Stefan Viehbock of SEC Consult Vulnerability Lab said the flaw affecting the latest version provided an entry point for attackers to move laterally through the network. "Attackers are …
Darren Pauli, 17 Jul 2014
Azure logo

Got to get something started with Azure VMs? Microsoft's Planky shows you the way

Promo Steve Plank, or "Planky" as even his mother allegedly calls him, is the Windows Azure evangelist for Microsoft UK and on 23 April he is taking to the interwebs to conduct his evangelizing online. Join Planky in a one-hour webcast starting at 9:30 BST and let him guide you through the step-by-step process for spinning up Windows …
David Gordon, 15 Apr 2014
US_Iowa_firing

Storage firms drop 'A bombs' on the backup biz

The backup battleship product news blitz continues with broadsides from Actifio, Arcserve, Asigra and Avere, all involving the cloud. How the hell does anybody keep up with this barrage of backup news? Actifio Actifio is a file copy reduction startup which has been getting involved in disaster recovery. The technology involves …
Chris Mellor, 11 Feb 2015
bug on keyboard

Cisco slurps security scanner

Cisco has continued the expansion of its security portfolio with the acquisition of malware analysis outfit ThreatGRID. The acquisition target was founded in 2012, one of the then-burgeoning number of companies that pushed malware analysis, threat intelligence, and security analytics into the cloud (supplemented by an on-premise …

XenServer takes half a step forward, none towards hybrid cloud

Citrix has released XenServer 6.5 and, as foreshadowed with the July 2014 preview named “Creedence”, has focussed on its own application delivery strengths and the needs of cloud operators rather than the wider enterprise computing market. Citrix isn't spinning it that way: it reckons the new 64-bit kernel, addition of Intel's …
Simon Sharwood, 14 Jan 2015
Clouds in blue sky

Big Switch pitches third fabric iteration in six months

Big Switch Networks is sticking to its start-up sprint, announcing the third iteration of its virtual networking environment since it initial release in July 2014. The challenge for the company will one day be the same as it is for every once-was-a-startup company: it's far easier to build the momentum that grabs the market …
The Register breaking news

Google App Engine update eases cloudy mobile app development

Google has updated its platform-as-a-service to ease mobile app development in the cloud. The "Cloud Endpoints" feature was pushed out in its preview form by Google on Thursday, along with support for the Java 7 runtime on its App Engine platform-as-a-service. "Cloud Endpoints gets rid of all the plumbing code associated with …
Jack Clark, 22 Feb 2013
Amazon founder and CEO Jeff Bezos

THE GERMANS ARE CLOUDING: New AWS cloud region spotted

Amazon looks set to open a data center in Germany, allowing European developers to access Bezos & Co's rentable computer tech with lower latencies. Evidence first gathered by a manager at a Berlin-based startup and subsequently verified by El Reg indicates that Amazon's next cloud computing data center may be in Frankfurt, …
Jack Clark, 07 Jul 2014

SPLITTERS! Symantec cleft in twain

The reports have been confirmed: Symantec CEO Michael Brown will split the unwieldy business into separate security and information management concerns, thus undoing the 2004 Veritas acquisition. Brown has moved quickly after his confirmation in the role to lift the cleaver. The San Andreas-style fault running through the heart …
Chris Mellor, 10 Oct 2014
Excel on Android

Microsoft promises open plan mobile Office. Who sits by the Windows?

Microsoft has revealed more information on its plans for Office on mobile devices: iOS, Android and Windows phones and tablets. Microsoft Office is going cross-platform “rather aggressively”, says Technical Product Manager Kaberi Chowdhury. Office for Android tablets is currently in preview and set to be released in early 2015 …
Tim Anderson, 24 Dec 2014

Do you use Hola VPN? You could be part of a DDoS, content theft – or worse

Embattled "free" VPN provider Hola is facing criticism over its practice of turning its users into exit nodes in a paid-for anonymisation service which can easily be used for nefarious activities. Hola's software is also claimed to include "unpatchable" vulnerabilities allowing takeover of user machines. As the Register reported …

Iranian CLEAVER hacks through airport security, Cisco boxen

An alleged Iranian hacking group whose existence is denied by the state is turning up the heat on its two-year global campaign to pop critical infrastructure systems, Cylance researchers say. The group was tied to Iran by the local infrastructure it was alleged to use in the attacks and appeared to have formed as a response to …
Darren Pauli, 03 Dec 2014

Why hackers won't be able to hijack your next flight - the facts

Defcon 22 Two seasoned pilots, one of whom is a published hacking expert, have been puncturing some of the myths about aircraft hacking at Defcon 22. Dr. Phil Polstra, professor of digital forensics at Bloomberg University (and a qualified commercial pilot and flight instructor) and "Captain Polly," professor of aviation at the University …
Iain Thomson, 10 Aug 2014
Broadcom Tomahawk chip

Broadcom looks to 25/50/100 G to drive new chip

Broadcom is lining up its next assault on the cloud-scale Ethernet market, announcing the next iteration of its high-performance switch silicon due to appear in products in 2015. Now sampling with customers, the StrataXGS Tomahawk has a couple of different aims in mind: delivering very high performance and high density switching …
Phoenix

Druva Phoenix is heading ROBO-wards via the public cloud

Comment It's not the end after all. End-point backup 'n' sharing biz Druva believes it can extend its end-point expertise to remote offices. Its business is end-point backup and file-sharing, protecting data on business users' laptops, tablets, desktops and smart-phones with the InSync software product designed to minimise resource use …
Chris Mellor, 11 May 2015
named data networking

DEATH TO TCP/IP cry Cisco, Intel, US gov and boffins galore

The US National Science Foundation, Cisco, Verisign, Panasonic and boffins from around the world have thrown their weight behind a new “Named Data Networking Consortium” that aims to develop “a practically deployable set of protocols replacing TCP/IP that increases network trustworthiness and security, addresses the growing …
Simon Sharwood, 05 Sep 2014

Aaah-CHOOO! Brit boffins say WiFi can 'sneeze' malware

While the "head cold" metaphor is a bit laboured, the issue is genuine: a group of researchers from the University of Liverpool have found that WiFi access points are highly efficient at passing around virus infections. Likening the spread of computer viruses over WiFi as akin to the spread of human viruses in the air, the …
yellow measuring tape - black writing

Make sure your storage can grow with your business

The average SME has a modest infrastructure which has grown organically: a file server of some sort, probably an email server, then a handful of application servers hosting things like finance systems or the database back-ends to business applications. In most cases server A is pushing the limits of its storage capacity while …
Dave Cartwright, 16 Jul 2015
Rosetta Flash diagram

Weaponised Flash flaw can pinch just about anything from anywhere

Get cracking with the latest Flash upgrade, because the vulnerability it patches is a peach, allowing a cross-site request forgery (CSRF) attack for stealing user credentials. According to the Switzerland-based Google engineer that turned up the vulnerability, Michele Spagnuolo, sites that are/were vulnerable to the attack …
Kaspersky Lab logo

Kaspersky's Security for Virtualization pushed to XenServer and HyperV

Kaspersky is extending its Security for Virtualuzation Light Agent security tool to the Citrix XenServer and Microsoft HyperV platforms. The company said that the Light Agent tool will launch on April 22 with XenServer and HyperV support as well as new options for VMware's vSphere hypervisor. The company will continue to …
Shaun Nichols, 15 Apr 2014
ANU student with quantum comms apparatus

'Software amplifier' boosts quantum signals

Even in quantum communications, adjusting the parameters of Shannon's Theorem can help improve reach and range. A group of Australian National University (ANU) researchers has found a way to extend the reach of quantum communications by improving the signal-to-noise ratio of quantum systems. Their work, published in Nature …

Trustwave gobbles up Application Security, gorges itself on tech

Data security biz Trustwave has acquired fellow data security provider Application Security, a startup that specialises in automated database security scanning technologies. Financial terms of the deal, announced on Monday, were undisclosed. Privately-held Application Security develops security software for relational databases …
John Leyden, 12 Nov 2013

Bogus Firefox add-on FORCES WITLESS USERS to join vuln-hunting party

Cybercrooks have brewed up a botnet that uses a bogus Firefox add-on to scan the web for hackable websites. The so-called Advanced Power botnet runs SQL injection attacks on websites visited from infected machines. The malware, disguised as a legitimate add-on for Mozilla Firefox, found its way onto 12,500 systems, reports …
John Leyden, 17 Dec 2013
The Register breaking news

Rotten hackers feast on mouldy Java flaws

Most enterprise networks are riddled with vulnerable Java installations, according to a new study whose release coincides with the discovery of another 0-day Java flaw. Less than one per cent of organisations are running the latest version of Java, according to a study by security software firm Bit9. The most frequently …
John Leyden, 22 Jul 2013
bug on keyboard

Infosec bods try Big Data in search for better anti-virus mousetrap

Infosec house Panda Security is looking to Big Data and application monitoring as a means to achieve better malware detection. The launch of Panda Advanced Protection Service (PAPS) is a response to the widely known shortcomings of signature-based anti-virus detection as well as a means for Panda to sell extra services. The …
John Leyden, 20 Jun 2014
balaclava_thief_burglar

Cisco: Hey, IT depts. You're all malware hosts

Everybody – at least every multinational that Cisco checked out for its 2014 Annual Security Report – is hosting malware of some kind, and there aren't enough security professionals to go around. Along with its Managed Threat Defense service launched this week, Cisco also launched the latest publication (here with registration) …
Dell Boomi Atom logo

The real reason why Dell wants to go private: To fondle big Boomis

Dell has added an API management tool to its Boomi platform, which connects up clouds and in-house applications. The new component - which monitors and controls software interfaces used to hook together various services within an enterprise - is included in an upgrade that also adds new integration and process management …
Jack Clark, 07 May 2013
Sony Ericsson C702

Tinfoil hats proven useless by eleven-year mobe radiation study

A long-term longitudinal study in the UK has concluded that mobile phones are safe, with the publication of a report finding “no evidence of biological or adverse health effects” from using mobiles. The second MTHR (Mobile Telecommunications and Health Report) study is a follow-up to a prior report published in 2007. The report …

They've taken my storage hostage ... now what?

Sysadmin blog There's an encrypting ransomware Trojan making the rounds called Cryptolocker. I will save the details on my battle with this beastie for later*, but suffice it to say that if this encrypts your stuff you are done. There is no getting your data back unless you have backups or pay the ransom. Let's set aside the ultra-well …
Trevor Pott, 24 Oct 2013
management strategy2

As Azzurri closes in on CEO successor, sales director splits

South coast integrator Azzurri Communications is going to be a sales director and board member lighter after Craig Wellman handed in his notice to split by the early summer. The business, which last month pushed out the first in a series of cloudy services, is still on the hunt for a CEO to replace outgoing chief Vim Vithaldas …
Paul Kunert, 07 Apr 2014