Articles about Servers

Jailed hacker 'Guccifer' claims Hillary server gave him spillery

Romanian hacker Marcel Lehel Lazar – aka “Guccifer” – has had a chat to Fox News from a Virginia jail to claim he waltzed through an e-mail server run for Hillary Clinton. He's told Fox his breach of Clinton aide Sidney Blumenthal's AOL account gave him enough information to identify the Clinton server, which he then scanned …
Facepalming statue

Juniper patches OpenSSH's 'roaming' bug in Junos OS

The next vendor to kill off the OpenSSH roaming bug announced in January is Juniper Networks. The bug's best bit, as we noted at the time, was that the roaming feature had been added as an experiment back in 2010 (in version 5.4), and was undocumented. The idea of roaming is to maintain an OpenSSH session if there was a …

Jaku botnet runs targeted attack behind sandstorm of routine malfeasance

Security researchers have spotted an on-going global botnet campaign seemingly linked to North Korea. The Jaku botnet has an unusual split personality. On the surface it’s spreading en masse through pirated software (warez) or poisoned BitTorrent trackers to notch up around 17,000 victims at any one time. However, a six month …
John Leyden, 05 May 2016
EMC Cork's DSSD D5 unit

VxRackery dominates EMC World day 2

EMC World's second day saw hyper-converged rackery put front and centre, with a stronger DSSD offering, Neutrino* nodes coming to the VxRack 1000 as well as a DSSD variant, and a hybrid cloud VXrack offering. We'll check out the Neutrino rack stuff first. The VCE VxRack 1000 is a hyper-converged, servers+storage+networking+ …
Chris Mellor, 05 May 2016

US telly stations fling malware-tipped web ads at unsuspecting surfers

A rogue advertiser abused the Taggify self-serve ad platform to inject malware-installing code into browsers visiting the websites of two US TV stations. It was a textbook malvertising attack: to infect victims' PCs, the dodgy ads used the Angler Exploit Kit, which is a grab bag of code that exploits weaknesses in Adobe Flash …
John Leyden, 04 May 2016
US Dollars by https://www.flickr.com/photos/pictures-of-money/  https://creativecommons.org/licenses/by/2.0/ Attribution 2.0 Generic (CC BY 2.0)

Uncle Lenovo turns up to the startup party with a $500m punch bowl

IT old-timer Lenovo Group will inject half a billion dollars into the tech startup scene, it claimed today. The Lenovo Capital and Incubator Group (LCIG) unveiled in Beijing will plough cash into fledgling companies developing cloud computing, big data, artificial intelligence and robotics. The PC maker’s venture cap division …
Katyanna Quach, 04 May 2016

Server-jacking exploits for ImageMagick are so trivial, you'll scream

Code dive Samples of booby-trapped image files that exploit ImageMagick to compromise servers and other computers are well and truly out in the open now. On Tuesday, it emerged that ImageMagick – a popular software tool used by countless websites to process selfies and other submitted photos – has a bunch of critical security bugs. …
Chris Williams, 04 May 2016

Dell CTO for Enterprise legs it to pastures new

Dell's CTO for Enterprise, Paul Perez, has left the company. Perez joined Dell from Cisco in March last year, and hasn't lasted long. With Dell buying EMC and the Dell EMC part of Dell Technologies handling the enterprise business, and having lots of its own EMC CTO firepower, perhaps there was an excess of CTOs and someone …
Chris Mellor, 04 May 2016

Microsoft sets Feb 2017 date to kill last SHA-1 zombies

Microsoft has posted the next step in its deprecation of SHA-1 certificates, but they'll survive for nearly another year. Back in November, Redmond was mulling joining Firefox in a death-to-SHA-1 party during 2016, but its latest missive sets a February 2017 sunset. At that date, Microsoft's Edge Team writes, both Edge and …

Extreme photo-bombing: Bad ImageMagick bug puts countless websites at risk of hijacking

A wildly popular software tool used by websites to process people's photos can be exploited to execute malicious code on servers and leak server-side files. Security bugs in the software are apparently being exploited in the wild right now to compromise at-risk systems. Patches to address the vulnerabilities are available in …
Chris Williams, 03 May 2016
Tesla Model S sports sedan

Student cluster warriors build out 'roomy sedan' clusters

HPC Blog Four teams in the ASC16 Asian Student Cluster Competition decided to stake out the middle ground in the competition with clusters that aren't too small and aren't too big. Is their "just right" approach going to get them into the winners' circle at ASC16? Let's meet the teams and see what they're packing... Dalian University …

MongoDB on breaches: Software is secure, but some users are idiots

You shouldn't expect to see any end to data breaches caused by misconfigured instances of MongoDB soon, the company's strategy veep has told The Register. MongoDB is a fairly popular document store in the database world, used by eBay, Foursquare, and The New York Times. It's open source, available under the GNU APL v3.0 …

Miniature car maker drops massive malware

Popular die cast car manufacturer Maisto has been slinging the deadly Angler exploit kit which in turn installs the Cryptxxx ransomware on victim machines. The site appears to have been compromised through an outdated Joomla content management system in what is likely the pseudo-darkleech campaign reported by Sucuri. …
Team Register, 03 May 2016

Michigan electricity utility downed by ransomware attack

A water and electricity authority in the US State of Michigan has needed a week to recover from a ransomware attack that fortunately only hit its enterprise systems. Lansing's BWL – Board of Water & Light – first noticed the successful phishing attack on its corporate systems on April 25, and has had to keep systems including …
Casio calculator

AWS outgrows its own resource numbering scheme

Amazon Web Services has extended its resource numbering scheme, after last year warning that without a new scheme it would “start to run low on IDs for certain EC2 and EBS resources within a year or so.” Every AWS resource gets a unique identifier. For most of the service's history those were eight characters in length. But …
Simon Sharwood, 02 May 2016
Fitbit Aria scale

It's 2016 and now your internet-connected bathroom scales can be hacked

Owners of Fitbit's Aria internet-connected smart scales are being advised to install a firmware patch following the discovery of critical security flaws. Tavis Ormandy of Google's Project Zero was credited with finding the vulnerabilities in the Wi-Fi cyber-scales. While Fitbit isn't providing specific details on the nature of …
Shaun Nichols, 29 Apr 2016
Job cuts jpeg

Avnet checks legacy data kit sales stats, panics

Enterprise tech distie Avnet Technology Solutions is back in cost cutting mode amid fears that flakey demand for “legacy” tech will continue. The firm reported an 8.3 per cent decline in sales of $2.13bn for Q3 of fiscal ’16 ended 2 April, this was down 6.9 per cent in constant currency. The top line was at the “low-end of …
Paul Kunert, 29 Apr 2016
Geometric_Objects

No objections to object stores: Everyone's going smaller and faster

A couple of weeks ago I published an article about high performance object storage. Reactions have been quite diverse. Some think that object stores can only be huge and slow and then others who think quite the opposite. In fact, they can also be fast and small. In the last year I’ve had a lot of interesting conversations with …
Internet anonymity

US govt quietly tweaks rules to let cops, Feds hack computers anywhere, anytime

On Thursday, the US Supreme Court approved a change to Rule 41 of the Federal Rules of Criminal Procedure. It sounds innocuous, but the effects will be felt around the world. Under today's rules, US cops and FBI agents need to know where a computer is before they can get a warrant to directly hack the machine – because they …
Iain Thomson, 29 Apr 2016
microsoft_clippy_648

There's more to life than Windows

When you run a corporate IT infrastructure, the chances are you run Active Directory underpinning a predominantly Windows-based array of servers, desktops and laptops. And that's fine: it probably serves 90 per cent of the kit you have and is a secure, easy-to-use way of authenticating user logins. But it's very unusual to …
Dave Cartwright, 28 Apr 2016

Unisys releases its ClearPath MCP OS for VMs or x86

Unisys has announced that its ClearPath MCP “operating environment” can now be run without having to also buy Unisys hardware. The company also plans to do the same for its OS 2200 product. ClearPath MCP is the heir to the mainframe hardware and operating systems Unisys inherited from Burroughs. The OS had run on x86 for years …
Simon Sharwood, 28 Apr 2016
Xen project logo

Xen hypervisor to gain non-disruptive patching in June

The Xen Project will bring non-disruptive patching to its hypervisor, version 4.7 of which is set to debut onJune 3rd, 2016. That date may wobble a little, because the feature freeze scheduled for April 1st was put back a week in order to let contributors sort themselves out over Easter. But it's known that a sub-project …
Simon Sharwood, 28 Apr 2016
IBM_FlashSystem_900

IBM bungs deduplication in FlashSystem arrays

IBM launched three new all-flash array products, including an all-flash DS8888 monolithic array. It says the three products each have a minimum latency of 250 microseconds, and use IBM's proprietary format flash drives, called MicroLatency modules. Big Blue says the MicroLatency technology transfers data within the flash …
Chris Mellor, 28 Apr 2016
Windows Server

'Feature-complete' Windows Server 2016 preview 5 lands

Microsoft has delivered another preview of Windows Server 2016 and says this effort is “feature-complete”, meaning this is still not final code but there won't be any new surprises the final version of the software. Technical Preview 5, available here, adds the option to install in Nano mode. That's Microsoft's slimmed down, …
Simon Sharwood, 28 Apr 2016
Daisywheel with Courier font

ASUS router vulns patched

Unauthenticated users can rip unsalted passwords from Asus routers. Critically the pwning of the high-end consumer routers requires users to enable anonymous access to FTP servers. Users can thanks to insecure default configuration access all sensitive parts of the system without the possibility of restrictions being …
Team Register, 28 Apr 2016
Facepalm by https://www.flickr.com/photos/the-magic-tuba-pixie/ cc 2.0 attribution generic https://creativecommons.org/licenses/by/2.0/

Oz gummint seeks public input on 'site block' guidelines

The Australian government has decided it could do with some public input regarding the use of a controversial site-blocking law. No, it's not the “block the pirates” law that came into force last year. Rather, it's Section 313 of the Telecommunications Act, a provision that received little attention until the Australian …
Monster virtual machine

Is VMware the power it once was?

Sysadmin Blog It is commonly held that if an article asks a question in the title or lede, you can safely answer no and avoid reading the body of the article itself. While not always true, the aphorism is accurate enough to be considered reliable. With that in mind, I have been asking myself, "is VMware the focal point of power in IT that …
Trevor Pott, 27 Apr 2016

Why has Microsoft stopped being beastly to Google?

Analysis "You can't deprive a gangster of his gun" – Noel Coward Microsoft CEO Satya Nadella sees things differently from his predecessor Steve Ballmer. And one of the first thing Nadella saw differently is Microsoft’s relationship to Google. On assuming the hot seat, he couldn’t understand why Microsoft was obviously at war with …
Andrew Orlowski, 27 Apr 2016

Google can't hold back this malware running riot in its Play store

Security researchers have discovered a strain of Android malware that keeps finding its way onto Google Play – despite the store supposedly being scrubbed clean of infiltrated apps. The software nasty – Android.Spy.277.origin – is hidden in more than 100 applications on Google Play. Sketchy programs harboring the malware …
John Leyden, 26 Apr 2016
Virtual machine servers. Pic: Bob Mical

Good enough IT really is good enough. You don't need new hardware

Sysadmin blog Enterprises are slow to adopt new IT. Or is it small businesses that are slow to adopt new IT? Wait, the mid-market is traditionally underserved and overly reliant on appliances so clearly they have to be the laggards! All of this is true, and none of this is true. It just depends on your point of view. Adoption of new IT …
Trevor Pott, 26 Apr 2016
A view from Babbage's eye-mounted Picam

'Droid Gmail on Exchange

Google's Gmail client for Android now supports Microsoft Exchange. Google says an update that will roll out over the next few days will "support users using dual delivery mail flow or calendars with Microsoft Exchange. Sysadmins can likely look forward to a BYOD barrage as Android users start to aim their devices at Exchange …
Simon Sharwood, 26 Apr 2016
Garden_gate

Time to quadruple our cloud gateway capacity, CTERA etc etc

CTERA has upped the capacity of its storage appliance fourfold, stripped off the hardware to provide a bare-bones virtual edition, and re-engineered its central software to be more cloud-centric. CTERA launched its cloud storage gateway and NAS (network attached server) product in 2009, with the cloud part being back-end …
Chris Mellor, 25 Apr 2016
Cinders

NexentaEdge gets persistent for Docker containers

Nexenta has upgraded its NexentaEdge scale out block and object store to add persistent storage to Docker containers, and support native block device services, so hyper-converged OpenStack Nova nodes can run directly on a NexentaEdge cluster. NexentaEdge includes additional performance optimisations for all-flash and hybrid …
Chris Mellor, 25 Apr 2016
Newspapers

Blade server beats racks

Huawei's FusionServer E9000 blade server has set three SPEC world records. The SPEC CPU2006 tests measured the performance of the 2-socket E9000 based on Intel's Xeon E5-2600 v4 CPUwith up to 22 cores, and 20 per cent more performance than the preceding E5-2600 v3. The scores were 74, 1790, and 1120 in the SPECint_base2006, …
Chris Mellor, 25 Apr 2016
Lightning

Flexi-Plexistor's software-defined memory roadmap

Comment Startup Plexistor's SDM software is said to run any application at near-memory speed by using caching and tiering. It has a file system that covers DRAM, NVDIMM-N (byte-addressable flash DIMMs fully mapped to memory space and accessed at cache-line granularity), NVDIMM-F (block-addressable flash DIMM on memory bus), forthcoming …
Chris Mellor, 25 Apr 2016
K2

Dell looking at higher debt mountain to buy EMC

Dell is facing its EMC acquisition debt mountain growing yet higher because the Wall St bond market will need higher interest payments to fund the deal. That could highlight product overlap costs to ex-money man David Goulden who will run the new Enterprise Systems Group, covering its servers, storage, networking, converged …
Chris Mellor, 22 Apr 2016

Carders cash out hundreds of millions before USA adopts EMV

A hacker group has stolen some 10 million credit cards, putting itself in a position to score US$400 million (£279 million, A$516 million) by infecting 2000 payment terminals with the Trinity point of sales malware. Security firm FireEye and subsidiaries iSIGHT Partners and Mandiant examined the "Fin6" group last year after it …
Darren Pauli, 22 Apr 2016
St Petersburg Russia

SpyEye duo behind bank-account-emptying malware banged up

A two-man team responsible for spreading the SpyEye malware that caused more than a billion dollars in financial hardship is now starting extended sentences in American prisons. The malware's author – Aleksandr Panin, 27, of Tver, Russia – was sent down for nine years and six months by United States District Court Judge Amy …
Iain Thomson, 21 Apr 2016

Come get your free Opera VPN (and bring along something to read)

Opera has built a free virtual private network (VPN) service into the latest version of its browser for Windows and OS X. The other other other browser will allow users running the most recent developer build to knock their connections through the SurfEasy VPN free of charge. The VPN option can be enabled under the Privacy and …
Shaun Nichols, 21 Apr 2016

Dutch PGP-encrypted comms network ‘abused by crooks’ is busted

Dutch firm Ennetcom has pulled its systems offline following a bust by police and accusations that its encryption technology was being abused as a communications network by drug dealers. Police have seized servers in the Netherlands, and Canada is dismantling what local reports describe as a PGP-based comms network. The …
John Leyden, 21 Apr 2016

Embattled 123-reg flings six months' free hosting at angry customers

Customers still unable to access their websites following a mega cock-up at hosting site 123-reg over the weekend have been offered six months' free VPS and backup recovery services as a sweetener. The biz 'fessed up to customers this week that a script containing a catastrophic error which was run on Saturday (16 April) took …
Kat Hall, 21 Apr 2016
Stock market image via Shutterstock

The suits in finance are cutting down on tech spend – Computacenter

Some financial services institutions are taking a break from spending cash on tech, London-based supplier giant Computacenter said today as it reported a Q1 trading update. The services-based reseller revealed a four per cent year-on-year dip in UK turnover to £348.6m for the three months ended 31 March. Product sales dropped …
Paul Kunert, 21 Apr 2016
3d_XPOint_structure

Storage with the speed of memory? XPoint, XPoint, that's our plan

Analysis Since the virtual dawn of computing, storage – where data puts its feet up when it's at home – has been massively slower than memory, where data puts on its trainers and goes for a quick run. That massive access speed gap has been getting narrower and narrower with each storage technology advance: paper tape, magnetic tape, …
Chris Mellor, 21 Apr 2016
monty_python_french_knights_648

Red Hat bets on RHEL to sell its OpenStack elastic enterprise

Cloud killing on-premises kit for enterprise IT providers? Yes if you’re IBM, no if your name’s Red Hat. At least, according to Red Hat. Wall Street’s money men are shocked – shocked, I tell you – to discover Amazon with AWS is now number two on a list of enterprises’ mega-critical IT suppliers. IBM? Not so much. A firm with …
Gavin Clarke, 20 Apr 2016

123-reg still hasn't restored customers' websites after mass deletion VPS snafu

Angry customers of hosting biz 123-reg, who have been left without websites after a major cockup by the firm over the weekend, are continuing to report problems. Problems emerged on Monday, after the company confessed to virtual private server customers it ran a script containing an catastrophic error at 7am on Saturday as …
Kat Hall, 20 Apr 2016
Man with head in the cloud

All that is white and fluffy isn't always cloud: Hybrid infrastructure

The hybrid infrastructure. People have been banging on about them for a few years now – not least the vendors who want to sell you kit that will let you spread your infrastructure between on-premises, private data centres and the cloud. Now that much of hype about the cloud has started to die down (that doesn't mean it's gone …
Dave Cartwright, 20 Apr 2016
Man writing a letter

Snafu! BT funnels all customers' sent email into one poor sod's inbox

The UK's biggest broadband provider BT redirected its customers' outgoing emails to a single account for three hours on Tuesday. The telco said the flooded inbox was an internal account it uses for test purposes and not a random unlucky subscriber. While BT did not provide details on the reason for the disruption, it appears …
Shaun Nichols, 19 Apr 2016

Mesosphere flings Data Center OS code at open sourcers to fill in gaps

Software upstart Mesosphere has open-sourced its commercial Datacenter Operating System – DC/OS – with the backing of 60 big names in tech. Mesosphere says it is throwing open the doors on its code to “put its power in as many people’s hands as possible.” DC/OS has been deployed on massive scale at Apple, Airbnb, Yelp, Netflix …
Gavin Clarke, 19 Apr 2016

Catastrophic 123-reg VPS cockup deletes Ross County FC website

Ross County Football Club's website was among those deleted amid a web-hosting company 123-reg's mega cock-up. Virtual servers vanished for a large number of customers after the hosting firm ran a script containing a catastrophic error at 7am on Saturday 16 April as part of its clean-up process on the 123-reg VPS platform. “ …
Kat Hall, 19 Apr 2016
Monty Python sketch: Nobody expects the Spanish Inquisition

All-Python malware nasty bites Windows victims in Poland

Malware authors have put together a strain of malicious code written entirely in Python, in what may turn out to be an experiment in creating a new type of cross-platform nasty. PWOBot is written entirely in Python, and compiled via PyInstaller to generate a Microsoft Windows executable. The malware has already infected a …
John Leyden, 19 Apr 2016