Archive

Category Archives for "Networking"

A free decryption tool is now available for all Bart ransomware versions

Users who have had their files encrypted by any version of the Bart ransomware program are in luck: Antivirus vendor Bitdefender has just released a free decryption tool.The Bart ransomware appeared back in June and stood out because it locked victims' files inside ZIP archives encrypted with AES (Advanced Encryption Standard). Unlike other ransomware programs that used RSA public-key cryptography and relied on a command-and-control server to generate key pairs, Bart was able to encrypt files even in the absence of an internet connection.To read this article in full or to leave a comment, please click here

Research: The Security Impact of HTTPS Interception

The use of TLS interception by outbound proxy servers is causing serious problems in updating the TLS standard to Version 1.3.

At the same time, middlebox and antivirus products increasingly intercept (i.e., terminate and re-initiate) HTTPS connections in an attempt to detect and block malicious content that uses the protocol to avoid inspection . Previous work has found that some specific HTTPS interception products dramatically reduce connection security ; however, the broader security impact of such interception remains unclear. In this paper, we conduct the first comprehensive study of HTTPS interception in the wild, quantifying both its prevalence in traffic to major services and its effects on real-world security.

This is the same problem that middleboxes cause anywhere on the Internet – Firewalls, NAT gateways, Inspection, QOS, DPI. Because these complex devices are rarely updated and hard to maintain, they create failures in new protocols. IPv6 rollout has been slowed by difficult upgrades. The same problem is happening with TLS. Its undesirable to fall back to insecure TLS standards that “work” but are insecure.

The EtherealMind View

The business need for proxy servers or protocol interception is for a small range of activities

  1. Scan Internet content for malware Continue reading

Privacy rollback can cause headaches for corporate security pros

Corporate security pros can add a new task to their busy days: handling panicky employees worried about privacy who are using the onion router (Tor) browser as a way to protect their online activity.That practice translates into additional security alerts that require time-consuming manual sorting to determine whether the persons behind Tor sessions are friend or foe, says George Gerchow, vice president of security and compliance at Sumo Logic.Ever since congressional action started a few weeks ago to roll back privacy regulations governing ISPs, Gerchow says has seen a dramatic increase in the use of Tor for accessing his company’s services, meaning security analysts have to check out whether the encrypted, anonymized traffic coming through Tor is from a legitimate user.To read this article in full or to leave a comment, please click here

Privacy rollback can cause headaches for corporate security pros

Corporate security pros can add a new task to their busy days: handling panicky employees worried about privacy who are using the onion router (Tor) browser as a way to protect their online activity.That practice translates into additional security alerts that require time-consuming manual sorting to determine whether the persons behind Tor sessions are friend or foe, says George Gerchow, vice president of security and compliance at Sumo Logic.Ever since congressional action started a few weeks ago to roll back privacy regulations governing ISPs, Gerchow says has seen a dramatic increase in the use of Tor for accessing his company’s services, meaning security analysts have to check out whether the encrypted, anonymized traffic coming through Tor is from a legitimate user.To read this article in full or to leave a comment, please click here

IDG Contributor Network: DigitalOcean moves into partners’ turf with monitoring

I’m a fan of DigitalOcean. In a space (public cloud infrastructure) dominated by far bigger and deeper-pocket vendors such as Amazon, Microsoft and Google, this plucky vendor has grown rapidly, continued to delight its customers, and retained a very focused view on what it is and, more important, what it isn’t.While other platforms grow increasingly complex as they try to be all things to all people, DigitalOcean focuses 100 percent on being a developer-friendly cloud platform. It’s offerings are known for their simplicity and ease of consumption.But that simplicity creates something of a difficulty—most every platform, even those focused on the small end of town, eventually needs to move up the food chain. As it does so, its customers start to demand more functionality. In delivering what these customers want, the platform invariably gets more complex, and what was once simple and elegant becomes big and unwieldy. While not a criticism per se, anyone who has taken a long look at (for example) Amazon Web Services’ list of available compute instance types will know what I mean.To read this article in full or to leave a comment, please click here

Worth Reading: Botnets in the Cloud

The arms race between data security professionals and cybercriminals continues at a rapid pace. More than ever, attackers exploit compute resources for malicious purposes by deploying malware, known as “bots”, in virtual machines running in the cloud. Even a conservative estimate reveals that, at least, 1 in every 10,000 machines are part of some known Botnet. —Azure Blog

The post Worth Reading: Botnets in the Cloud appeared first on 'net work.

Kaspersky Lab reveals ‘direct link’ between banking heist hackers and North Korea

Kaspersky Lab found a “direct link” between the Lazarus group banking heist hackers and North Korea.While Lazarus is a notorious cyber-espionage and sabotage group, a subgroup of Lazarus, called Bluenoroff by Kaspersky researchers, focuses only on financial attacks with the goal of “invisible theft without leaving a trace.”The group has four main types of targets: financial institutions, casinos, companies involved in the development of financial trade software and crypto-currency businesses.To read this article in full or to leave a comment, please click here

Kaspersky Lab reveals ‘direct link’ between banking heist hackers and North Korea

Kaspersky Lab found a “direct link” between the Lazarus group banking heist hackers and North Korea.While Lazarus is a notorious cyber-espionage and sabotage group, a subgroup of Lazarus, called Bluenoroff by Kaspersky researchers, focuses only on financial attacks with the goal of “invisible theft without leaving a trace.”The group has four main types of targets: financial institutions, casinos, companies involved in the development of financial trade software and crypto-currency businesses.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Knowing when a trusted insider becomes a threat

Most organizations are pretty good at vetting job applicants up front. They interview candidates, contact references, and in many cases conduct at least rudimentary background checks to bring out any issues of concern before making a hiring decision.Government security agencies go several steps further; just ask anyone who's filled out an SF-86 and then waited while investigators delved into youthful indiscretions, overseas trips and contacts with foreigners.But it's also true that most government and private-sector organizations operate on the principle of "Once you're in, you're in." Few of them have anything remotely resembling a continuous monitoring program for current managers and staff, let alone for contractors and vendors. And yet virtually every day brings fresh news of a data breach, intellectual property theft, or other adverse event either instigated or abetted by a supposedly trusted insider.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Knowing when a trusted insider becomes a threat

Most organizations are pretty good at vetting job applicants up front. They interview candidates, contact references, and in many cases conduct at least rudimentary background checks to bring out any issues of concern before making a hiring decision.Government security agencies go several steps further; just ask anyone who's filled out an SF-86 and then waited while investigators delved into youthful indiscretions, overseas trips and contacts with foreigners.But it's also true that most government and private-sector organizations operate on the principle of "Once you're in, you're in." Few of them have anything remotely resembling a continuous monitoring program for current managers and staff, let alone for contractors and vendors. And yet virtually every day brings fresh news of a data breach, intellectual property theft, or other adverse event either instigated or abetted by a supposedly trusted insider.To read this article in full or to leave a comment, please click here

DigitalOcean adds free monitoring to its cloud virtual machines

DigitalOcean’s cloud platform became more useful to developers running production applications on Tuesday with the addition of monitoring capabilities for its virtual machines.Customers will be able to set alerts on the performance of their VMs, so that they’re notified via email or Slack when certain conditions are met. For example, users could set an alert to trigger if a machine is using more than 85 percent of its CPU capacity for five minutes.In addition, the monitoring service will let developers view logs of the performance of their VMs over time. The capabilities aren’t as advanced as some third-party offerings, but DigitalOcean is offering them to customers free of charge.To read this article in full or to leave a comment, please click here

Why enterprises are upgrading to Windows 10 faster than expected

In 2015, Gartner predicted that 50 percent of enterprises would start their Windows 10 deployments by January 2017. A Spiceworks survey of IT pros agreed: 40 of respondents said they would start migrating to Windows 10 by the middle of 2016, and 73 percent said their organizations would roll out Windows 10 by July 2017. A follow-up survey found that prediction was fairly accurate: 38 percent of organizations had already adopted Windows 10 by July 2016, most of them larger businesses.And in October 2016, CCS Insight’s decision maker survey showed “strong anticipated adoption of Windows 10 this year and beyond,” vice president for enterprise research Nick McQuire tells CIO. Forty-seven percent of organizations surveyed planned to upgrade to Windows 10 by the end of 2017, with 86 percent saying they’d migrate within three to four years. He estimates there are already some 24 million Windows 10 enterprise machines in production.To read this article in full or to leave a comment, please click here

Deadline 3 May: Recognize an outstanding technologist

Do you know someone who has made an outstanding contribution to the development of the Internet?

We are pleased to announce that candidate nominations for the 2017 Jonathan B. Postel Service Award are open.

This annual award is presented to an individual or organization that has made outstanding contributions in service to data communications and places particular emphasis on those who have supported and enabled others. 

Nominations are encouraged for individuals or teams of individuals from across the data communications industry around the world who are dedicated to the efforts of advancing the Internet for the benefit of everybody.

Ms. Carly Morris

Meleap delivers augmented reality to the iPhone before Apple

Today, augmented reality (AR) could be translated to mean “prototype.” Waiting for improved software and lighter, lower-cost and faster headsets, developers build prototype applications. One example is Japanese company Meleap, which used used clever engineering to deliver light, fast and low-cost AR today—on an iPhone no less.Hado, an active game that was demonstrated at Virtual Reality Silicon Valley Expo, solves a lot of AR problems still on the horizon. Designed for a class of applications using tried and true technologies, meleap’s engineering is simple—beautifully simple.To read this article in full or to leave a comment, please click here

MicroSegmentation of Applications using Application Rule Manager

Micro-Segmentation provides a way to build a zero-trust network – where all networks, perimeters and application are inherently untrusted.” – declared Forrester Consulting in 2015 with their white paper Leveraging Micro-Segmentation to build zero-trust model.  The last mile in creating a truly zero-trust network implies not trusting each application and also tiers within an application (Figure 1). To complete the last mile, network, security and risk professionals are increasingly looking for tools to understand application communication patterns and providing access controls to them. With version 6.3.0, NSX has unveiled 2 new tools, namely, Application Rule Manager (ARM) and Endpoint Monitoring (EM), to help professionals understand application patterns.

ZTwithMSEGFigure 1: Zero-Trust Model using NSX

From Theory to Practice

Micro-Segmenting each application requires understanding of application communication patterns. Users should allow the flows required by the application. To accomplish zero-trust, users should be closing all unwanted flows & ports. Figure 2., is a sample practical firewall policy model to achieve that.  In this model, ARM/EM provides application patterns and a one-click conversion of those patterns into distributed firewall rules to achieve inter/intra application rules.

FirewallPolicyModelFigure 2: Firewall Policy Model

Generating Distributed Firewall Rules Rapidly

Any application in the datacenter can be Continue reading

Amazon Unveils Deep Discounts On Select Unlocked Phones, Tues and Wed Only – Deal Alert

If you're in the market for an unlocked phone, you'll save serious cash by buying one of these on Amazon, but the special event runs April 4 and 5 (Tuesday and Wednesday) only. These phones will work on any carrier. Browse the full list of unlocked phone deals on this special Amazon page, active April 4-5 only. To read this article in full or to leave a comment, please click here

1 1,774 1,775 1,776 1,777 1,778 3,343