It was only a matter of time. While multifactor authentication (MFA) makes logging into systems safer, it doesn’t make it “safe.” As well-known hacker KnownBe4, showed in 2018 it’s easy to Proofpoint has found transparent reverse proxy. Typically transparent reverse proxies, such as the open source man-in-the-middle (MitM) attacks to steal credentials and session cookies.
Why go to this trouble? Because, as an MFA company 78% of users now use MFA, compared to just 28% in 2017. That’s good news, but it’s also given cybercrooks the incentive they needed to target MFA.
A Range of Kits
To make it easy for wannabe hackers. Proofpoint found today’s phishing kits range from “simple open-source kits with human-readable code and no-frills functionality Continue reading
The Let’s Encrypt certificate authority, but it has also turned its hand to fixing memory problems. It sponsors, via Google, so Rust in Linux in no small part to fix its built-in C memory problems. And, it also has a whole department, Rustls, a safer memory-safe code.
Memory-safe programs are written in languages that avoid the usual use after free problems. C, C++, and Assembly, for all their speed, make it all too easy to make these kinds of mistakes. Languages such as Rust, Go, and C#, however, Continue reading
Whenever you run into a network problem, the wise network admin or sysadmin always remembers “It’s always Black Hat USA 2021 security conference Ami Luttwak and head of research simple loophole that allowed them to intercept dynamic DNS (DDNS) traffic going through managed DNS providers like Amazon and Google.
And, yes, that includes the DDNS you’re using on your cloud. And, if you think that’s bad, just wait until you see just how trivial this attack is.
Our intrepid researchers found that “simply registering certain ‘special’ domains, specifically the name of the name server itself, has unexpected consequences on all other customers using the name server.
Well, wasn’t that fun? On June 8, 2021, many internet users went to their usual sites such as Amazon, Reddit, CNN, or the New York Times and found nothing but an “Error 503 service unavailable” and an ominous “connection failure” note. So, what happened? The Commercial Internet Exchange (CIX) other features became important. In particular, everyone started demanding faster performance and lower latency.
The solution? CDNs. These companies, which besides Fastly include market-leader Cloudflare, all use the same basic techniques to speed up the net. They take the data from popular sites and place it in distributed caches in points of presence (PoP) close to consumers.
If that sounds familiar to you even if you’re a cloud native developer and not a network administrator there’s a good reason. CDNs were one of the first business models Continue reading
We all agree that open source development methods help create better code. The Cathedral and the Bazaar,” which explained how the methodology of openness worked in Fetchmail project. But, that’s a general rule. Open source can still be abused by unscrupulous developers. So, why don’t we make sure when a programmer attempts to merge code into a program that they’re really who they say they are, by using two-factor authentication (2FA) or a digital signature? Good question.
You might not think this is a real problem. Alas, it is. For example, in 2019 CursedGrabber malware was successfully Linux Foundation’s 2020 FOSS Contributor Survey, when developers were asked if the open source projects Continue reading
The surprise announcement that Jeff Bezos will leave later this year and hand over the reins to AWS leader Andy Jassy marks a remarkable rise for Jassy. He began as a marketing manager in 1997 and started AWS in 2003.
Open Policy Agent (OPA, pronounced “oh-pa”) for cloud native environments was created, and policy enforcement in code became much more practical. Now, its developers, under their company, new three-tier product offering for Styra Declarative Authorization Service (DAS).
Before diving into DAS, though, let’s make sure we’re all on the same page with OPA and policies in general.
OPA is an open source, general-purpose policy engine that unifies policy enforcement across the stack. You write these policies in its high-level declarative language Datalog query language. With Rego, you can specify policy as code and create simple APIs to offload policy decision-making from your software. You can then use OPA to enforce policies in microservices, Kubernetes, CI/CD pipelines, API gateways, and more.
And, what’s a policy engine you ask?
A big reason why we all use clouds these days is to save money from running our own server rooms and data centers. But, if you don't use clouds correctly, you can still lose money. Here's how to avoid those costly mistakes.
If you buy what the telcos are telling you, 5G will bring you gigabit per second speeds and sub-10-millisecond latency. It's a pity that you really won't see anything like that in the real world. Here's the real 5G story.
Currently, we have over 26-billion IoT devices running in our workplaces, offices and homes. If you're looking for an IoT security scorecard, it looks something like this:
Security Threats: 26,000,000,000, IoT Secure Devices: 0.
Currently, we have over 26-billion IoT devices running in our workplaces, offices and homes. If you're looking for an IoT security scorecard, it looks something like this:
Security Threats: 26,000,000,000, IoT Secure Devices: 0.
To manage moving all your server applications to the cloud in containers, you’ll need to do some container orchestration, that's where Kubernetes comes in.
My very first technology article, back in 1987, was about MS-DOS 3.30. Almost 30 years later, I’m still writing, but the last bit of MS-DOS, cmd.exe — the command prompt — is on its way out the door.
It’s quite possible that you have been using Microsoft Windows for years — decades, even — without realizing that there’s a direct line to Microsoft’s earliest operating system or that an MS-DOS underpinning has carried over from one Windows version to another — less extensive with every revision, but still there nonetheless. Now we’re about to say goodbye to all of that.
Interestingly, though, there was not always an MS-DOS from Microsoft, and it wasn’t even dubbed that at birth. The history is worth reviewing now that the end is nigh.To read this article in full or to leave a comment, please click here
My very first technology article, back in 1987, was about MS-DOS 3.30. Almost 30 years later, I’m still writing, but the last bit of MS-DOS, cmd.exe — the command prompt — is on its way out the door.
It’s quite possible that you have been using Microsoft Windows for years — decades, even — without realizing that there’s a direct line to Microsoft’s earliest operating system or that an MS-DOS underpinning has carried over from one Windows version to another — less extensive with every revision, but still there nonetheless. Now we’re about to say goodbye to all of that.
Interestingly, though, there was not always an MS-DOS from Microsoft, and it wasn’t even dubbed that at birth. The history is worth reviewing now that the end is nigh.To read this article in full or to leave a comment, please click here
Name a tech company, any tech company, and they're investing in containers. Google, of course. IBM, yes. Microsoft, check. But, just because containers are extremely popular, doesn't mean virtual machines are out of date. They're not.
Containers
Containers vs. virtual machines: How to tell which is the right choice for your enterprise
Do you need a container-specific Linux distribution?
Container wars: Interesting times ahead for Docker and its competitors
The beginner's guide to Docker
Yes, containers can enable your company to pack a lot more applications into a single physical server than a virtual machine (VM) can. Container technologies, such as Docker, beat VMs at this part of the cloud or data-center game.To read this article in full or to leave a comment, please click here
Once upon a time, there was nothing but native, or bare metal, hypervisors (a.k.a. virtual machine managers). In the 1980s, I cut my teeth on IBM System/370 mainframes running VM/CMS, but bare metal's history goes all the way back to the 1960s. With bare metal hypervisors, the hypervisor runs directly on the hardware. There is no intervening operating system.To read this article in full or to leave a comment, please click here(Insider Story)
I get it. I really do. Containers let data-center and cloud administrators put two to three times more server instances on a given server than they can with virtual machines. That means fewer servers, which means less power usage, which equals -- Ka-ching! -- less spending on your IT budget. What's not to like?MORE ON NETWORK WORLD: 12 Free Cloud Storage options
Well, ahem, you see there's this little, tiny problem. It’s unclear just how secure containers are, and there is certainly not much agreement on how to secure them or who will take that on.To read this article in full or to leave a comment, please click here
You've always been able to run containers on a variety of operating systems: Zones on Solaris; Jails on BSD; Docker on Linux and now Windows Server; OpenVZ on Linux, and so on. As Docker in particular and containers in general explode in popularity, operating system companies are taking a different tack. They're now arguing that to make the most of containers you need a skinny operating system to go with them.To read this article in full or to leave a comment, please click here
Name a tech company, any tech company, and they're investing in containers. Google, of course. IBM, yes. Microsoft, check. But, just because containers are extremely popular, doesn't mean virtual machines are out of date. They're not.Yes, containers can enable your company to pack a lot more applications into a single physical server than a virtual machine (VM) can. Container technologies, such as Docker, beat VMs at this part of the cloud or data-center game.To read this article in full or to leave a comment, please click here