30 Percent of New Server Equipment Goes to Cloud Infrastructure

Thirty percent of all new servers, storage arrays, and Ethernet switches are now used for providing cloud infrastructure. According to a report at the Register, a study by IT analysts at IDC says $16.5 billion was spent on the public cloud alone in 2014.

IDC's study documents what you probably already guessed: Total cloud spending is way up for 2014. Expenditures for cloud infrastructure grew by 18.7% over last year. The report estimates the top vendors of cloud hardware, with HP leading the list ($3.7 billion in revenue) followed by Dell ($2.7 billion). Despite their lead, HP and Dell have seen a drop in market share, with contenders such as Cisco and EMC growing at a much faster rate.

Firefox 38 Launches with Controversial DRM Feature

The Mozilla Foundation has launched the latest version of the Firefox web browser with controversial support for DRM-protected video in the default configuration. The new feature, which currently affects the Windows edition, allows the user to play HTML5 video that uses Adobe CDM for digital rights management. This change will allow Firefox to support Netflix and other online video rental services that require DRM technology.

Bowing to pressure within the FOSS community, Mozilla is also releasing a version of Firefox 38 that does not include CDM support.

More Bad News for WordPress

The Register reports that a researcher for the security firm Sucuri has uncovered a cross-site scripting (XSS) attack that targets WordPress websites. The news comes on the heels of recent announcements regarding security issues for WordPress and other CMS systems. The attack targets the WordPress Twenty Fifteen theme (which is part of the default configuration), as well as the Jetpack plugin.

According to the report, the attack modifies the example.html file that comes with the Genericons package. Because the cross-site scripting occurs with the example file present on the client system, the entire attack takes place on the client – without leaving a footprint in the network history.

Users are advised to remove the Genericons package/example.html file or update to version 4.2.2, which should fix this vulnerability.