Facebook goes down and Twitter lights up

Social network crashes during lunch break; users turn to Twitter to vent

Facebook crashed for at least 10 minutes today and then struggled to fully come back online.

When users tried to open or refresh their Facebook pages a little after 12:30 p.m. ET today, they were greeted not with their news feed but with a largely blank screen that simply said, "Sorry, something went wrong. We're working on it and we'll get it fixed as soon as we can."

The site began to come back online around 12:50 p.m., though some users reported still having trouble loading the site until about 1 p.m.
MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers

Facebook did not return a request for information on what caused the problem.

The web site Downrightnow.com reported that Facebook, the world's largest social network, with 1.49 billion monthly active users, was likely suffering a service disruption.

Frustrated users quickly turned to Twitter to complain about the crash, during what would be lunch break time on the East Coast.

At least Little Caesars was quick to take advantage of the situation, tweeting, "With #facebookdown, make sure to KEEP CALM & STAY CHEESY and then step out and grab a $5 HOT-AND-READY LUNCH COMBO. ;-)"

And others just took the opportunity to have fun with it.

"Is everybody ok? Did something happen? Are the zombies attacking? I'm scared!!! #facebookdown," tweeted @MootePoints.

And UK Banter tweeted, "How am I meant to judge the people I went to school with now? #FacebookDown."

Best Microsoft MCP Certification, Microsoft MCSE Training at certkingdom.com

The six pillars of Next Generation Endpoint Protection

Taken together, these core functions can detect the most advanced attack methods at every stage of their lifecycle

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach

Advancements in attack evasion techniques are making new threats extremely difficult to detect. The recent Duqu 2.0 malware, which was used to hack the Iranian nuclear pact discussions, Kaspersky Lab, and an ICS/SCADA hardware vendor, is a prime example. To keep up, a new security model that uses a different approach to the traditional “evidence of compromise” process is needed.

This Next Generation Endpoint Protection (NGEPP) model needs to address six core pillars that, when taken together, can detect the most advanced attack methods at every stage of their lifecycle:

* Prevention. NGEPP must leverage proven techniques to stop known threats in-the-wild. A layer of preemptive protection can block existing threats before they can execute on endpoints. Instead of relying only on one vendor’s intelligence, it’s now possible to collectively tap more than 40 reputation services via cloud services to proactively block threats. This approach also uses a lightweight method to index files for passive scanning or selective scanning, instead of performing resource-intensive system scans.

* Dynamic Exploit Detection. Using exploits to take advantage of code level vulnerabilities is a sophisticated technique used by attackers to breach systems and execute malware. Drive-by downloads are a common threat vector for carrying out exploit attacks. NGEPP should provide anti-exploit capabilities to protect against both application and memory-based attacks. This should be achieved by detecting the actual techniques used by exploit attacks -- for example: heap spraying, stack pivots, ROP attacks and memory permission modifications -- not by using methods that are dependent on static measures, like shellcode scanning. This approach is much more reliable, since the exploitation techniques themselves are not as easy to change or modify as the shellcode, encoder, dropper and payload components used in malware.

* Dynamic Malware Detection. Detecting and blocking zero-day and targeted attacks is a core NGEPP requirement. This involves real-time monitoring and analysis of application and process behavior based on low-level instrumentation of OS activities and operations, including memory, disk, registry, network and more. Since many attacks hook into system processes and benign applications to mask their activity, the ability to inspect execution and assemble its true execution context is key. To protect against a variety of attacks and scenarios this detection capability is most effective when performed on the device. For example, even if an endpoint is offline, it can be protected against USB stick attacks.

While many vendors now offer endpoint visibility, which is a leap forward, it cannot detect zero day attacks which do not exhibit any static indicators of compromise. Dynamic behavioral analysis that does not rely on prior knowledge of a specific indicator to detect an attack, is required when dealing with true zero threats.

* Mitigation. Detecting threats is necessary, but insufficient. The ability to perform mitigation must be an integral part of NGEPP. Mitigation options should be policy-based and flexible enough to cover a wide range of use cases, such as quarantining a file, killing a specific process, disconnecting the infected machine from the network, or even completely shutting it down. In addition, mitigation should be automated and timely. Quick mitigation during inception stages of the malware lifecycle will minimize damage and speed remediation.

* Remediation. During execution malware often creates, modifies, or deletes system file and registry settings and changes configuration settings. These changes, or remnants that are left behind, can cause system malfunction or instability. NGEPP must be able to restore an endpoint to its pre-malware, trusted state, while logging what changed and what was successfully remediated.

* Forensics. Since no security technology will ever be 100% effective, the ability to provide real-time endpoint forensics and visibility is a must for NGEPP. Clear and timely visibility into malicious activity that has taken place on endpoints across an organization is essential to quickly assess the scope of an attack and take appropriate responses. This requires a clear, real time audit trail of what happened on an endpoint during an attack and the ability to search for indicators of compromise across all endpoints.

To completely replace the protection capabilities of existing legacy, static-based endpoint protection technologies, NGEEP needs to be able to stand on its own to secure endpoints against both legacy and advanced threats throughout various stages of the malware lifecycle. The six pillars described above provide the 360 degrees of protection required for the Cloud generation, where the endpoint has become the new security perimeter.

Best Microsoft 70-640 Exam Trainnig, Microsoft 70-642 Training at certkingdom.com

Millennials will move, take less money for IT jobs

A new survey suggests millennials seeking IT jobs are willing to accept less money and relocate in exchange for positions they're passionate about, but they also aren't afraid to quickly move on if they are dissatisfied with current employers.

Millennials who want to work in IT say they would consider accepting less money and relocating if they find jobs they are passionate about, according to a new Progressive Insurance survey of 1,000 U.S. millennials interested in IT positions. The report, conducted by Wakefield Research, found that 30 percent of the millennial respondents are "very likely," and 51 percent are "somewhat likely," to accept smaller salaries in exchange for work they feel strongly about.

"It's clear from the survey that millennials in IT are more interested in a job that allows them the flexibility to be creative and experimental rather than one that simply offers good compensation," says Lynley Williams, recruiting director at Progressive Insurance.

More than half (58 percent) of the respondents said they would rather have jobs with more flexible arrangements, such as the option to work remotely, than higher pay. Many of the respondents are also willing to relocate for a new position; 26 percent said they would move as far as 25 miles away for a new job, 20 percent would move 26 to 99 miles, 18 percent would move 100 to 499 miles, and 19 percent would move more than 500 miles away. However, 18 percent of millennials said they are not willing to move for a job.

For some respondents, interest in the IT field comes from a lack of growth opportunities at their current companies. The survey found that 42 percent "agreed somewhat" and 29 percent "agreed strongly" that the prospects of growth at their employers were not up to par. Williams says this dissatisfaction should be a warning sign to hiring managers. "The most important finding for IT executives who are doing the hiring is that this generation is not afraid to move on from their current job if they aren't happy," she says. "They know they have options."
Generation Y strikes fast and furiously

When millennials are ready to find new jobs, they'll do so quickly and actively, according to the report. Nearly half (47 percent) check job boards five or more times a week, and 41 percent would consider applying for another position after only two to six months at a new job. The most popular places to look for jobs include online job boards and company websites (54 percent), online IT or coding communities (53 percent), personal connections (50 percent) and social media (46 percent), such as LinkedIn. Millennials also aren't doing all of the work themselves; 52 percent say they receive five or more messages from recruiters each week.

In terms of the specific IT jobs in demand, respondents were most attracted to large, regulated industries, such as finance and banking (61 percent), healthcare (47 percent) and insurance (42 percent).

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com