Remember this scene from the movie Shrek? The big ogre was explaining to Donkey that ogres are very complicated, and like onions, they have layers. Donkey, of course, didn’t like the analogy because not everyone likes onions and would have preferred cake as everyone likes cake, but he did seem to understand that ogres did indeed have layers after it was explained to him. Orges and onions have layers, but what else does? Or at least should? Security for SD-WANs — but that may not seem obvious to everyone.Also read: The case for securing the SD-WAN | Sign up: Get the latest tech news sent directly to your in-box
This week SD-WAN provider, Aryaka, which is now neck and neck with VeloCloud/VMware in market share, according to IHS Markit, announced Passport, a multi-layered security platform and ecosystem that provides best-of-breed security at every level of a software-defined WAN (SD-WAN).To read this article in full, please click here
Intel just can’t catch a break these days. Researchers at Ohio State University have found a way to use the Spectre design flaw to break into the SGX secure environment of an Intel CPU to steal information.SGX stands for Software Guard eXtensions. It was first introduced in 2014 and is a mechanism that allows applications to put a ring around sections of memory that blocks other programs, the operating system, or even a hypervisor from accessing it.To read this article in full, please click here
As we have seen, the Internet of Things will disrupt and change every industry and how actors within it do business. Along with new paradigms in services and products that one can offer due to the proliferation of IoT, come business risks as well as heightened security concerns – both physical and cyber. In our prior column, we spoke about this topic in the context of the Smart Electric Grid. Today we’re taking a look at how IoT is disrupting the health care market and how we can take steps to secure it.To read this article in full, please click here
As phishing attacks evolve, hackers are using customization and targeted scams to ensnare users. Asaf Cidon, vice president, email security services at Barracuda, talks with host Steve Ragan about the ever-changing cat-and-mouse game of phishing.
A flaw in the implementation of the UDP protocol for Memcached servers can allow anyone to launch a massive Distributed Denial of Service (DDoS) attack with little effort.The problem was first discovered by security researchers at content delivery network (CDN) specialist Cloudflare. Since then, CDN specialist Akamai and security provider Arbor Networks have also published their findings.Also read: Getting the most out of your next-generation firewall
Memcached is a Web-based massive memory cache for database-drive sites, such as websites, that caches the most frequently retrieved data and keeps it in memory rather than getting it from the hard disk over and over again. It is a combination of open-source software and standard server hardware that consists of memory, memory, and more memory.To read this article in full, please click here
With the General Data Protection Regulation (GDPR) deadline fast approaching, host Steve Ragan explores the implications of noncompliance for companies -- and possible penalties -- with Greg Reber, founder/CEO of AsTech Consulting.
Performance is critical when evaluating data center intrusion-prevention systems (DCIPS), which face significantly higher traffic volumes than traditional IPSes.A typical IPS is deployed at the corporate network perimeter to protect end-user activity, while a DCIPS sits inline, inside the data center perimeter, to protect data-center servers and the applications that run on them. That requires a DCIPS to keep pace with traffic from potentially hundreds of thousands of users who are accessing large applications in a server farm, says NSS Labs, which recently tested five DCIPS products in the areas of security, performance and total cost of ownership.To read this article in full, please click here
As pretty much everyone knows, the Internet of Things (IoT) hype has been going strong for a few years now. I’ve done my part, no doubt, covering the technology extensively for the past 9 months. As vendors and users all scramble to cash in, it often seems like nothing can stop the rise IoT.Maybe not, but there have been rumblings of a backlash to the rise of IoT for several years. Consumer and experts worry that the IoT may not easily fulfill its heavily hyped promise, or that it will turn out to be more cumbersome than anticipated, allow serious security issues, and compromise our privacy.To read this article in full, please click here
Robert Gibbons, CTO at Datta, joins host Steve Ragan to talk about why companies pay out ransoms, the role of incident response plans and continuity strategies, and how companies weigh the risks.
Nathan Freitas, who heads The Guardian Project, talks with host Steve Ragan and senior writer J.M. Porup about the group's easy-to-use secure apps, open-source software libraries, and customized mobile devices being used around the world.
Judging by all the media attention that The Internet of Things (or IoT) gets these days, you would think that the world was firmly in the grip of a physical and digital transformation. The truth, though, is that we all are still in the early days of the IoT.The analyst firm Gartner, for example, puts the number of Internet connected “things” at just 8.4 billion in 2017 – counting both consumer and business applications. That’s a big number, yes, but much smaller number than the “50 billion devices” or “hundreds of billions of devices” figures that get bandied about in the press.To read this article in full, please click here(Insider Story)
Judging by all the media attention that The Internet of Things (or IoT) gets these days, you would think that the world was firmly in the grip of a physical and digital transformation. The truth, though, is that we all are still in the early days of the IoT.The analyst firm Gartner, for example, puts the number of Internet connected “things” at just 8.4 billion in 2017 – counting both consumer and business applications. That’s a big number, yes, but much smaller number than the “50 billion devices” or “hundreds of billions of devices” figures that get bandied about in the press.To read this article in full, please click here(Insider Story)
Judging by all the media attention that The Internet of Things (or IoT) gets these days, you would think that the world was firmly in the grip of a physical and digital transformation. The truth, though, is that we all are still in the early days of the IoT.The analyst firm Gartner, for example, puts the number of Internet connected “things” at just 8.4 billion in 2017 – counting both consumer and business applications. That’s a big number, yes, but much smaller number than the “50 billion devices” or “hundreds of billions of devices” figures that get bandied about in the press.To read this article in full, please click here(Insider Story)
It was inevitable. Once Google published its findings for the Meltdown and Spectre vulnerabilities in CPUs, the bad guys used that as a roadmap to create their malware. And so far, researchers have found more than 130 malware samples designed to exploit Spectre and Meltdown.If there is any good news, it’s that the majority of the samples appear to be in the testing phase, according to antivirus testing firm AV-TEST, or are based on proof-of-concept software created by security researchers. Still, the number is rising fast.To read this article in full, please click here
What is it about the Spectre and Meltdown attacks that scared everyone so much? Host Steve Ragan and J.M. Porup talk through the impact of these hardware flaws.
Comeback kid AMD announced on its quarterly earnings call that it intends to have a silicon fix for the variant 2 of the Spectre exploit, the only one of the Meltdown and Spectre exploits it’s vulnerable to, by 2019 with its new Zen 2 core.The company also said it will ramp up GPU card production to meet the insane demand these days thanks to cryptominers, although it said the biggest challenge will be to find enough memory to make the cards.Also read: Meltdown and Spectre: How much are ARM and AMD exposed?
It's hard to believe that in 2018 we are seeing such shortages in computing hardware, but there you have it.To read this article in full, please click here
NordVPN promises a private and fast path through the public internet, with no logs and unmetered access for 6 simultaneous devices. They are currently running a promotion, but you'll have to use this link to find it. Its typical price has been discounted to $99 for 3 years of service. That's a good deal at just $2.75 per month. See the $2.75/month NordVPN holiday deal here.
To read this article in full, please click here
If portions of enterprise data-center networks have no need to communicate directly with the internet, then why do we configure routers so every system on the network winds up with internet access by default?Part of the reason is that many enterprises use an internet perimeter firewall performing port address translation (PAT) with a default policy that allows access the internet, a solution that leaves open a possible path by which attackers can breach security.+Also on Network World: IPv6 deployment guide; What is edge computing and how it’s changing the network?+To read this article in full, please click here(Insider Story)
If portions of enterprise data-center networks have no need to communicate directly with the internet, then why do we configure routers so every system on the network winds up with internet access by default?Part of the reason is that many enterprises use an internet perimeter firewall performing port address translation (PAT) with a default policy that allows access the internet, a solution that leaves open a possible path by which attackers can breach security.+Also on Network World: IPv6 deployment guide; What is edge computing and how it’s changing the network?+To read this article in full, please click here(Insider Story)
You’ve probably already heard about the latest Internet of Things (IoT) security fiasco — coverage has gone far beyond the tech press into the mainstream TV news. In case you haven’t been paying attention, though, here’s the elevator pitch version:Fitness network Strava publishes a global heatmap of where users are running and working out using its services, and folks just figured out that the map includes information that could reveal the locations of military forces working out in sensitive and sometimes secret locations. One expert worried that “tracking the timing of movements on bases could provide valuable information on patrol routes or where specific personnel are deployed.”To read this article in full, please click here