The Russian censorship agency Roskomnadzor has ordered 10 VPN service providers to link their servers in Russia to its network in order to stop users from reaching banned sites.If they fail to comply, their services will be blocked, according to a machine translation of the order.RELATED: Best VPN routers for small business
The 10 VPN providers are ExpressVPN, HideMyAss!, Hola VPN, IPVanish, Kaspersky Secure Connection NordVPN, OpenVPN, VPN Unlimited and VyprVPN.To read this article in full, please click here
Cisco has dropped 17 Security advisories describing 19 vulnerabilities in the software that runs most of its routers and switches, IOS and IOS/XE.The company also announced that two previously issued patches for its RV320 and RV325 Dual Gigabit WAN VPN Routers were “incomplete” and would need to be redone and reissued.[ Also see What to consider when deploying a next generation firewall. | Get regularly scheduled insights by signing up for Network World newsletters. ]
Cisco rates both those router vulnerabilities as “High” and describes the problems like this: To read this article in full, please click here
Cisco this week stepped deeper into the venture capital world by announcing Decibel, an early-stage investment firm that will focus on bringing enterprise-oriented startups to market.Veteran VC groundbreaker and former general partner at New Enterprise Associates Jon Sakoda will lead Decibel. Sakoda had been with NEA since 2006 and focused on startup investments in software and Internet companies. [ Now see 7 free network tools you must have. ]
Of Decibel Sakoda said: “We want to invest in companies that are helping our customers use innovation as a weapon in the game to transform their respective industries.”To read this article in full, please click here
One way to bolster your understanding of Wi-Fi security is to do some hacking yourself. That doesn’t mean you should infiltrate a company’s network or snoop on a neighbor’s setup. Rather, ethical hacking and legitimate Wi-Fi penetration testing – done in cooperation with the network owner – can help you learn more about the strengths and limitations of wireless security. Understanding potential Wi-Fi vulnerabilities can help you to better protect the networks you manage and ensure safer connections when you access other wireless networks.Start with a Wi-Fi stumbler
General purpose Wi-Fi stumblers are the simplest and most innocent tools to add to your pen testing kit. Though typically passive tools, they serve an important purpose. They allow you to see what access points (AP) are nearby and their details, such as the signal level, security/encryption type, and media access control (MAC) address. It’s a tool even a hacker would utilize to find the next victim.To read this article in full, please click here
As IIoT grows in prominence, so too does its status as a target for malicious hackers – particularly given its increased impact on the physical world; the latest and potentially most dangerous is called Triton.Triton first reared its ugly head near the end of 2017, according to security company Fireeye. It targets an industrial safety system made by Schneider Electric that monitors and secures valves, turbines and the like and shuts them down if it determines they are about to fail and cause explosions or other consequences that could damage the facility or cause harm to people. (It’s named Triton because it targets the widely used Schneider Electric Triconex industrial safety system.)To read this article in full, please click here(Insider Story)
Cisco this week advised customers using its 7800 and 8800 series IP phones they should patch a variety of high-priority vulnerabilities that could lead to denial of service and other security problems.The company issued five security advisories, four for the 8800 and one for both the 8800 and 7800 series of IP phones. The 8800 is a high-end business desktop device that features high-definition video and mobile device integration. The 7800 is more of a general business IP phone.
Learn about 5g networks:
How enterprises can prep for 5G networks
5G vs 4G: How speed, latency and apps support differ
Private 5G networks are coming
5G and 6G wireless have security issues
How millimeter-wave wireless could help support 5G and IoT
The security advisories include:To read this article in full, please click here
Modern public-key encryption is currently good enough to meet enterprise requirements, according to experts. Most cyberattacks target different parts of the security stack these days – unwary users in particular. Yet this stalwart building block of present-day computing is about to be eroded by the advent of quantum computing within the next decade, according to experts.“About 99% of online encryption is vulnerable to quantum computers,” said Mark Jackson, scientific lead for Cambridge Quantum Computing, at the Inside Quantum Technology conference in Boston on Wednesday.[ Now read: What is quantum computing (and why enterprises should care) ]
Quantum computers – those that use the principles of quantum entanglement and superposition to represent information, instead of electrical bits – are capable of performing certain types of calculation orders of magnitude more quickly than classical, electronic computers. They’re more or less fringe technology in 2019, but their development has accelerated in recent years, and experts at the IQT conference say that a spike in deployment could occur as soon as 2024.To read this article in full, please click here
It has been just 10 months since Tom Gillis became VMware's senior vice president and general manager of its networking and security business, and in that time he has overseen some major changes in the company’s core products.Most recent is a milestone release of the company’s NSX-T Data Center software, making it VMware’s primary networking platform for organizations looking to support multivendor cloud-native applications, bare-metal workloads as well as the growing hybrid and multi-cloud worlds.To read this article in full, please click here
Many companies today have a hybrid approach to their networking and IT infrastructure. Some elements remain in an on-premise data center, while other portions have gone to the cloud and even to multi-cloud. As a result, the network perimeter is permeable and elastic. This complicates access requirements at a time when it’s more important than ever to enable accessibility while preventing unauthorized access to applications and data.To reduce risk, some organizations are applying a zero-trust strategy of “verification before trust” by incorporating stronger, stateful user and device authentication; granular access control; and enhanced segmentation no matter where the applications and resources reside.To read this article in full, please click here
VMware has taken the wraps off a firewall it says protects enterprise applications and data inside data centers or clouds.Unlike perimeter firewalls that filter traffic from an unlimited number of unknown hosts, VMware says its new Service-defined Firewall gains deep visibility into the hosts and services that generate network traffic by tapping into into its NSX network management software, vSphere hypervisors and AppDefense threat-detection system.To read this article in full, please click here
Ethernet networking technology is flawed, say some engineers. The problem is it doesn’t have any inherent security built in to it. Ethernet also hard to manage because it's centralized. It’s out-of-date, and it needs revamping, researchers say.One attempt to address the issue is the Marconi protocol, which is a strategy to shift network and packet management over to a smart contract, decentralized chain-based system. Smart contracts are trackable, verifiable transactions. They’re performed through encrypted blockchains and are self-enforcing.To read this article in full, please click here
Cisco has bundled 25 security advisories that describe 26 vulnerabilities in Cisco NX-OS switch and Firepower FXOS firewall software.While the 26 alerts describe vulnerabilities that have a Security Impact Rating of “High,” most –23 – affect Cisco NX-OS software, and the remaining three involve both software packages.[ Also see What to consider when deploying a next generation firewall. | Get regularly scheduled insights by signing up for Network World newsletters. ]
The vulnerabilities span a number of problems that would let an attacker gain unauthorized access, gain elevated privileges, execute arbitrary commands, escape the restricted shell, bypass the system image verification checks or cause denial of service (DoS) conditions, Cisco said.To read this article in full, please click here
The ongoing battle between the U.S. and Huawei could soon go to court as Huawei reportedly prepares to sue the U.S. government. Plus, 2019 will see ride sharing companies going public… but which will be first? And as a decade-old malware resurfaces in enterprise networks, a report questions if the world is ready for the next large-scale ransomware attack.
According to Imperva research, a container flaw reported last month (CVE-2019-5736) in Docker's remote API has already been taken advantage of by hundreds of attackers.Imperva claims that they were able to locate 3,822 Docker hosts with the remote API (port 2735) publicly exposed. Of these, approximately 400 were accessible, and most of these were running a cryptocurrency miner for a lesser-known form of cryptocurrency called Monero. [ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ]
Monero (ticker symbol XMR) is an open-source cryptocurrency that was created in April 2014. It focuses on fungibility (individual units are essentially interchangeable), privacy, and decentralization. It also takes advantage of an obfuscated public ledger. That means anyone can broadcast or send transactions, but outside observers cannot tell the source, amount, or destination of the funds.To read this article in full, please click here
Cisco is warning organizations with remote users that have deployed a particular Cisco wireless firewall, VPN and router to patch a critical vulnerability in each that could let attackers break into the network.The vulnerability, which has an impact rating of 9.8 out of 10 on the Common Vulnerability Scoring System lets a potential attacker send malicious HTTP requests to a targeted device. A successful exploit could let the attacker execute arbitrary code on the underlying operating system of the affected device as a high-privilege user, Cisco stated.
More about edge networking
How edge networking and IoT will reshape data centers
Edge computing best practices
How edge computing can help secure the IoT
The vulnerability is in the web-based management interface of three products: Cisco’s RV110W Wireless-N VPN Firewall, RV130W Wireless-N Multifunction VPN Router and RV215W Wireless-N VPN Router. All three products are positioned as remote-access communications and security devices.To read this article in full, please click here
With many IT projects, security is often an afterthought, but that approach puts the business at significant risk. The rise of IoT adds orders of magnitude more devices to a network, which creates many more entry points for threat actors to breach. A bigger problem is that many IoT devices are easier to hack than traditional IT devices, making them the endpoint of choice for the bad guys.IoT is widely deployed in a few industries, but it is in the early innings still for most businesses. For those just starting out, IT and security leaders should be laying out their security plans for their implementations now. However, the landscape of security is wide and confusing so how to secure an IoT deployment may not be obvious. Below are three things you must consider when creating an IoT security plan.To read this article in full, please click here
With many IT projects, security is often an afterthought, but that approach puts the business at significant risk. The rise of IoT adds orders of magnitude more devices to a network, which creates many more entry points for threat actors to breach. A bigger problem is that many IoT devices are easier to hack than traditional IT devices, making them the endpoint of choice for the bad guys.IoT is widely deployed in a few industries, but it is in the early innings still for most businesses. For those just starting out, IT and security leaders should be laying out their security plans for their implementations now. However, the landscape of security is wide and confusing so how to secure an IoT deployment may not be obvious. Below are three things you must consider when creating an IoT security plan.To read this article in full, please click here
There's a new Linux security tool you should be aware of — Cmd (pronounced "see em dee") dramatically modifies the kind of control that can be exercised over Linux users. It reaches way beyond the traditional configuration of user privileges and takes an active role in monitoring and controlling the commands that users are able to run on Linux systems.Provided by a company of the same name, Cmd focuses on cloud usage. Given the increasing number of applications being migrated into cloud environments that rely on Linux, gaps in the available tools make it difficult to adequately enforce required security. However, Cmd can also be used to manage and protect on-premises systems.To read this article in full, please click here
There's a new Linux security tool you should be aware of — Cmd (pronounced "see em dee") dramatically modifies the kind of control that can be exercised over Linux users. It reaches way beyond the traditional configuration of user privileges and takes an active role in monitoring and controlling the commands that users are able to run on Linux systems.Provided by a company of the same name, Cmd focuses on cloud usage. Given the increasing number of applications being migrated into cloud environments that rely on Linux, gaps in the available tools make it difficult to adequately enforce required security. However, Cmd can also be used to manage and protect on-premises systems.To read this article in full, please click here