Monthly Archives: mei 2014

Providing IT Security Services Not for Faint of Heart

30 mei 2014

IT security is one of those opportunities that can cut both ways for an IT service provider. On one hand, demand is high for IT security services and there is much money to be made, but cleaning up after a client that has been compromised can be a costly endeavor that saps those profits. A new report from Check Point Software. shows what the IT security channel is up against. A Check Point security research team analyzed a year of event data from more than 10,000 organizations to identify the critical malware and information security trends in 2013. Not only are more organizations infected by botnets and malware than ever, the sophistication of those attacks has increased considerably. In fact, the only way providers of IT security services can hope to respond to those levels of attacks is to invest more in security intelligence and automated remediation tools to create a closed-loop framework for managing IT security. The report shows that providing IT security services in this day and age is not for the faint of heart. Here’s why.

Bron: Linux and Unix Nieuws Lees het complete artikel hier:

Cyber crims smash through Windows into the great beyond

29 mei 2014

Linux and AIX Bare-Metal Recovery Webinar

Windows has been a beleaguered piece of software over the years. That is because malicious hackers, like everyone else, want to walk the simplest path to the greatest glory.

Microsoft’s operating system has been the most popular one for the past 20 years, so it has attracted the most malware. One IT professional told The Register he thought 100 per cent of working malware was aimed at Windows.

He was, of course, being a tad disingenuous. Now that all and sundry are heralding the post-PC era, it is becoming apparent that malicious software authors have turned their attention to other operating systems.

“The time when Windows was the only platform associated with malware is long gone,” says Marta Janus, security researcher at Kaspersky Lab.

“Nowadays, cyber criminals target every system that is potentially exploitable and attack any that may result in a profit.”

Rotten Apples

Looking solely at desktops, Windows is undoubtedly still massively popular among digital criminals. The most sophisticated malware types seen to date, from Stuxnet to Flame, were Windows based.

But a host of examples hint that both data-stealing malware and financial Trojans have started showing a fondness for Apple Macs. Although it is supposed to be more secure than Windows PCs, Mac OS X has been hit by some significant outbreaks recently.

The Flashback Trojan infected at least 650,000 Macs back in 2012, exploiting a Java security vulnerability that Apple patched six weeks after the Windows code fix was released.

It was a pernicious data stealer that sought to nab passwords for email, Skype and other accounts. It also proved that epic botnets could be created on the Mac OS X platform.

A wide range of malware used for espionage is Mac compatible too. In February, Kaspersky Lab researchers uncovered “one of the

Bron: The Register Lees het complete artikel hier:

BYOD Programs Hampered by Inadequate Security Policies

28 mei 2014

The Webroot survey revealed more than twice as many workers report using personal devices than those using devices issued by their employers.

Many employees participating in bring-your-own-device (BYOD) programs do not take adequate steps to protect company information, a weakness that could result in critical security breakdowns, according to a survey from threat detection specialist Webroot.

Based on data collected by Harris Interactive, the report surveyed more than 2,000 working professionals in the United States, concluding that while 62 percent of employees would be receptive to security software on personal devices, these requirements would need to be communicated clearly by their employer.

The number of employee-owned smartphones and tablets used in the enterprise will exceed 1 billion by 2018, as the growing trend of BYOD redefines business connectivity, according to a November report from analytics firm Juniper Research.

The Webroot report revealed 60 percent of those using a mobile device for business have either no security or just the default features set on the phone. However, 73 percent of those surveyed said they agree that employees should have some influence on software or security installed on personal devices used for work.

Employers being able to access employees’ personal data emerged as the top worry, with a majority describing themselves as either extremely concerned or very concerned about it.

In addition, more than twice as many workers report using personal devices than those using devices issued by their employers, indicating a potential IT security gap.

“Companies gain a lot in terms of increased productivity and lower expenses by allowing their employees to use personal devices to access corporate data, but it can create a real challenge for the IT department to secure devices they do not control,” Mike Malloy, executive vice president of products and strategy at Webroot, said in a statement. “We believe a good mobile security

Bron: Linux and Unix Nieuws Lees het complete artikel hier:

VARs Make a Big Play for Telecom

27 mei 2014

Value-Added Resellers see telecom services as a competitive play and a way to differentiate their brands, according to a new study by CompTIA and Channel Partners. These are key reasons they are expanding or planning to expand their partnerships with telecom agents. The main reasons for expansion are to add a line of business and to win new business. Cloud computing, new routes to market, increasing customer leverage and the adoption of managed services are also driving the convergence between traditional IT and telecom. VARs or, increasingly, MSPs often sell the telecom services through agents or become an agent themselves. However, IT VARs are also seeking partnerships with carriers, cable companies and traditional IT distributors. Yet IT channel companies face roadblocks, including insufficient staffing, lack of telecom-specific tech skills and a lack of sales experience. This has forced channel players to look at where they fit into the market and who they want to partner or compete with, said CompTIA. Channel Insider examines key highlights of the survey.

Bron: Linux and Unix Nieuws Lees het complete artikel hier:

Cisco Bolsters Security Portfolio

26 mei 2014

At Cisco Live, company executives unveil enhanced AMP offerings, new firewalls and the acquisition of ThreatGrid.

Amid Cisco Systems’ talk about collaboration and cloud computing, security emerged as a key subject at during the Cisco Live 2014 event this week.

The networking company at the show unveiled a range of new and enhanced security offerings—including enhancements to its Advanced Malware Protection (AMP) products—and announced it is buying malware analysis vendor ThreatGrid, the third security acquisition Cisco has made this year.

As Cisco continues its efforts to become an enterprise IT solutions provider, security will play a key role, according to CEO John Chambers. In an interview with Bloomberg, Chambers said that the network can provide security that no other part of the IT infrastructure can. That will only help Cisco in its security ambitions.

“We are moving to become the number-one security company, because the only way you can defend [the enterprise IT environment] is from the cloud to the data center, the wide-area network to the edge to any device,” the CEO said, noting the company’s recent security acquisitions. “We are moving rapidly to all areas of security, not with individual pieces but an architecture that brings them together.”

A cornerstone to Cisco’s security efforts was the $2.7 billion acquisition last year of cyber-security vendor SourceFire. The upcoming purchase of ThreatGrid will bolster the AMP product portfolio, which Cisco inherited from SourceFire, and add to a security business that continues to grow. During a conference call with analysts and journalists May 14 to talk about quarterly financial numbers, Chambers said that in the first three months of 2013, security revenue for Cisco increased 10 percent from the same period last year, and orders jumped 20 percent.

The AMP technology is a key part of Cisco’s security strategy, the foundation for what executives

Bron: Linux and Unix Nieuws Lees het complete artikel hier:

Programmeur heeft meeste kans op ICT-baan

24 mei 2014

In de ict zijn de kansen goed voor programmeurs. Dat stelt UWV in een recent overzicht van kansrijke beroepen. Het UWV heeft een lijst opgesteld van beroepen met een krappe arbeidsmarkt. Die is samengesteld naar aanleiding van vacatures van begin 2014. Uit de analyse blijkt dat met name in specifieke technische functies momenteel weinig aanbod is van personeel. Ook bepaalde financieel specialisten en ict’ers zijn volgens de uitkeringsinstantie moeilijk te vinden.

Binnen de sectoren ict, overheid en de financiële sector wordt vooral gezocht naar developers/programmeurs voor onder andere Java, .Net en scripttalen, technical specialists, testers, webdevelopers, digital media specialists en accountmanagers op hbo-niveau. Op wetenschappelijk niveau is er vooral vraag naar developers/programmeurs, business analist (onder andere datawarehouse), project managers en securityspecialisten.

Het overzicht is tot stand gekomen op basis van beschikbaar cijfermateriaal over vacatures en werkzoekenden. Het gaat om een analyse van openbare, vaak sectorale rapporten en beschikbare prognoses van het Researchcentrum voor Onderwijs en Arbeidsmarkt (ROA).

Bron: Computable Lees het complete artikel hier:

Reg man picks out tastiest tidbits from heaping mounds of storage announcements

19 mei 2014

2013 Cyber Risk Report

Suppliers are furiously ladling out news like demented cafeteria workers attempting to feed the multitudes, so we thought we’d slice off a few of the tastier morsels and present them to you on a sideplate – all the better to prevent any storage indigestion.

  • A3CUBE introduces RONNIEE 2S, a Network Interface Card that can transmit four PCIe signals at 20Gb/s on standard Active Optical Cables (AOCs) which means, according to A3CUBE CTO Emilio Billi, “Historically, high speed data transfer over cable had too many physical limitations. With RONNIEE 2S, you can extend the real time connectivity between computation and I/O using only native PCIe protocol over standard optical cables.” More performance and more PCIe “fabric” nodes in other words.
  • CA tells us about CA arcserve Unified Data Protection (UDP) which it says “is a transformative enhancement to the CA arcserve data protection software portfolio and a uniquely compelling alternative to the cost and complexity of deploying multiple point solutions.”

    Top marks to its marketeers but what the heck does it mean? It’s an arcserve update that:

    • protects virtual and physical servers, includes image and file-based backup, tape support, replication, and high availability
    • Has workflow-based protection plans that let users “dial in” the right level of protection within minutes
    • Five product versions for different protection levels
    • Pricing on a per-terabyte or per-socket basis for physical and virtual systems
    • Supports Windows, Linux and UNIX
  • CTERA has added multi-folder and multi-project capability to its enterprise file sync ’n share product, enabling users to sync with any number of folders. CTERA claims users of most competing products will not be able to do this.
  • Druva has upgraded its inSync endpoint data protection and governance platform, enabling organisations to identify endpoint content and custodians across all corporate and employee-owned devices, capture and place legal holds on relevant

    Bron: The Register Lees het complete artikel hier:

Vak informatica moet op de schop

17 mei 2014

Het vak informatica voor de bovenbouw van havo- en vwo moet worden aangepast. Dat adviseert het nationaal expertisecentrum leerplanontwikkeling SLO in een onderzoeksrapport. Er moet een nieuw examenprogramma komen dat beter aansluit op vervolgopleidingen en leraren moeten bijgeschoold worden. Dat is een aantal van de adviezen die SLO schrijft in een adviesrapport dat is opgesteld in opdracht van het Ministerie van Onderwijs, Cultuur en Wetenschap (OCW).

In het adviesrapport ‘Informatica in de bovenbouw havo/vwo: naar een aantrekkelijk en actueel onderwijs in informatica’, stelt SLO dat het nieuwe examenprogramma aantrekkelijk moet zijn voor leerlingen van alle profielen. Voor jongens én voor meisjes.

Ook zou het nieuwe examenprogramma verschil moeten maken tussen havo en vwo. SLO suggereert daarom een examenprogramma te maken met basisstof die alle leerlingen moeten beheersen en een aantal eindtermen waaruit leerlingen een keuze kunnen maken.

Volgens SLO is Intensieve bijscholing van leraren noodzakelijk voor een kwalitatief goede uitvoering van het examenprogramma. Het waarschuwde al in 2007 voor vergrijzing van docenten. De bijscholing zou plaats kunnen vinden in regionale netwerken, waarin hbo, wo en bedrijfsleven een rol hebben, bijvoorbeeld via de regionale vaksteunpunten.


Een ander advies is om het vak informatica ook in de toekomst met een schoolexamen af te sluiten, juist om de differentiatie in het programma mogelijk te maken. Een centraal examen voor informatica is niet aan de orde.

Het ministerie van OCW heeft naar aanleiding van het rapport SLO gevraagd een vernieuwingscommissie in te stellen. Deze wordt nog voor de zomervakantie ingesteld. De samenstelling van de commissie en de planning van de werkzaamheden van de commissie moeten nog vastgesteld worden.


Informatica is sinds de invoering van de Tweede Fase (1998) een keuzevak in de bovenbouw van havo en vwo. Sinds 2007 is

Bron: Computable Lees het complete artikel hier:

Retailer Group Sets Aside Rivalries to Share Cyber-Attack Information

16 mei 2014

Commercial retailers create the Retail Cyber Intelligence Sharing Center (R-CISC), to facilitate the sharing of information on attacks and help the industry defend itself.

Nine well-known retailers and the Retail Industry Leaders Association (RILA) announced on May 14 the formation of a sharing and analysis center aimed at disseminating information about cyber-threats targeting the retail sector.

The Retail Cyber Intelligence Sharing Center, or R-CISC, will act as a collection and dissemination point for information about cyber-threats and support its own information sharing and analysis center, or ISAC. Nine major retailer brands—American Eagle Outfitters, Gap, J. C. Penney, Lowe’s Companies, Nike, Safeway, Target, VF Corp. and Walgreen—have pledged support for the organization.

“The retail industry is already going to great lengths to minimize risk and stay ahead of cyber-criminals,” Ken Athanasiou, global information security director for American Eagle Outfitters, said in a statement accompanying the announcement. “The reality is cyber-criminals work non-stop and are becoming increasingly sophisticated in their methods of attack and by sharing information and leading practices and working together, the industry will be better positioned to combat these criminals.”

The industry has come together to form the information sharing group in the wake of the attacks on some of the largest retailers last year. In December, online thieves infiltrated the point-of-sale network of retail giant Target and stole information on more than 40 million credit- and debit-card accounts, as well as an additional 70 million records containing personal information about customers. Yet, Target was not alone. Luxury retail chain Neiman Marcus, craft store chain Michaels and other retailers were also discovered to be the victims of similar attacks.

Sharing information among competitors is neither an easy, nor natural task, James Mobley, president and CEO of risk consulting firm Neohapsis, said in a statement sent to eWEEK. Rivals are generally fearful that any information

Bron: Linux and Unix Nieuws Lees het complete artikel hier:

Overland Storage, ‘miracle’ flirty virty Sphere 3D jump in bed

16 mei 2014

2013 Cyber Risk Report

Perennial loss-making Overland Storage will merge with Canadian company Sphere 3D.

The combined companies will take the name of Sphere 3D, whose Glassware software apparently does the seemingly impossible: “Enable mobile device users the full functionality of any software program or application on any device, anywhere.”

Overland Storage was a tape vendor that evolved into disk arrays and then scale-out NAS boxes. Its continuing failure to turn acquisitions and products into profit has been catalogued over many, many quarters. It has avoided Nasdaq ejections by the skin of its teeth, and share splits.

It bought recovering-from-near-death tape storage and data protection biz Tandberg in November, which was seen as a logical effort to gain critical mass for manufacturing and infrastructure efficiencies; the acquisition was driven by a common investor in both companies, Cyrus Capital.

Before that, in September, Overland president and CEO Eric Kelly became chairman of Sphere 3D. At the time the two organisations claimed they had developed the first integrated solution that delivers the full functionality of hardware, operating systems, and applications via the cloud to any device.”

In short, Overland wanted stuff to pump through its channel, and Sphere 3D needs a distribution deal.

Let’s briefly look at Overland’s latest financial figures [PDF], and then move on to the Sphere 3D deal.

Overland’s third quarter

Revenues in the third fiscal 2014 quarter, ended March 31, were increased by Tandberg sales, and totalled $20.2m, a 74 per cent hike on the year-ago Q3 and near doubling of the second 2014 quarter’s $10.6m.

Despite the revenue boost, it lost $6.6m, compared to a $5.4m loss in the same quarter a year ago, and negative $4.3m in the previous quarter; so the losses deepened annually and sequentially.

Kelly said

Bron: The Register Lees het complete artikel hier: