F5 BIG-IP Plugin with Firefox 52 workaround

It’s not news anymore that Mozilla is stopping support for NPAPI (Netscape Plugin API). With the release of Firefox 52 version, I believe that only Flash plugin is enabled by default.

I’ll skip the discussion about NPAPI plugins and Mozilla’s decision to stop the support, however the reality is that for me it has a strong impact in certain areas. One of this areas is the F5 BIG-IP, specifically the APM and possibility to launch Application (like RDP) from the Webtop interface.

I’m relying heavily on a F5 BIG-IP VE machine to connect to my home lab when I’m remote. The Webtop functionality gives me the possibility to use only a Browser to connect to my applications at home, keeping me away from any F5 client installation on the machine that I use. Usually this machine is my MacBook or PC, and the F5 client installation should not be a big thing, however I like the clientless option.

The F5 Webtop functionality is possible due to a NPAPI plugin called “F5 Network Host Plugin” which usually installs in the browser when you access the F5 APM. So yes, you still need to install something, but this browser plugin is Continue reading

Big Switch: Big Opportunities and an Awesome Team

Some HTTPS inspection tools might weaken security

Companies that use security products to inspect HTTPS traffic might inadvertently make their users' encrypted connections less secure and expose them to man-in-the-middle attacks, the U.S. Computer Emergency Readiness Team warns.US-CERT, a division of the Department of Homeland Security, published an advisory after a recent survey showed that HTTPS inspection products don't mirror the security attributes of the original connections between clients and servers.HTTPS inspection checks the encrypted traffic coming from an HTTPS site to make sure it doesn't contain threats or malware. It's performed by intercepting a client's connection to an HTTPS server, establishing the connection on the client's behalf and then re-encrypting the traffic sent to the client with a different, locally generated certificate. Products that do this essentially act as man-in-the-middle proxies.To read this article in full or to leave a comment, please click here

Some HTTPS inspection tools might weaken security

Companies that use security products to inspect HTTPS traffic might inadvertently make their users' encrypted connections less secure and expose them to man-in-the-middle attacks, the U.S. Computer Emergency Readiness Team warns.US-CERT, a division of the Department of Homeland Security, published an advisory after a recent survey showed that HTTPS inspection products don't mirror the security attributes of the original connections between clients and servers.HTTPS inspection checks the encrypted traffic coming from an HTTPS site to make sure it doesn't contain threats or malware. It's performed by intercepting a client's connection to an HTTPS server, establishing the connection on the client's behalf and then re-encrypting the traffic sent to the client with a different, locally generated certificate. Products that do this essentially act as man-in-the-middle proxies.To read this article in full or to leave a comment, please click here

Worth Reading: Building better ransomware

This is kind of a funny post for me to write, since it ransomwareinvolves speculating about a very destructive type of software — and possibly offering some (very impractical) suggestions on how it might be improved in the future. It goes without saying that there are some real downsides to this kind of speculation. Nonetheless, I’m going ahead on the theory that it’s usually better to talk and think about the bad things that might happen to you — before you meet them on the street and they steal your lunch money. —Cryptography Engineering

The post Worth Reading: Building better ransomware appeared first on 'net work.

Show 331: Wireless Networking & Where It’s Going

Todays Weekly Show takes to the ether to explore the evolving world of wireless. Our guests are Rowell Dionicio and François Vergès and we discuss 802.11ac, MIMO, IoT & more. The post Show 331: Wireless Networking & Where It’s Going appeared first on Packet Pushers.

Cisco’s Trollope Says Company’s IoT Business Is On Fire

Cisco Jasper’s enterprise customers have nearly tripled in a year.

Interoute Chooses Rancher for Container Management

Interoute customers can now run containers in Interoute's Virtual Data Center.

A cybersecurity risk assessment is a critical part of M&A due diligence  

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  As of mid-February, the plan for Verizon Communications to acquire a majority of Yahoo’s web assets is still on, despite the announcement of Yahoo having suffered two massive breaches of customer data in 2013 and 2014. The sale price, however, has been discounted by $350 million, and Verizon and Altaba Inc. have agreed to share any ongoing legal responsibilities related to the breaches. Altaba is the entity that will own the portion of Yahoo that Verizon is not acquiring.To read this article in full or to leave a comment, please click here

A cybersecurity risk assessment is a critical part of M&A due diligence  

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  As of mid-February, the plan for Verizon Communications to acquire a majority of Yahoo’s web assets is still on, despite the announcement of Yahoo having suffered two massive breaches of customer data in 2013 and 2014. The sale price, however, has been discounted by $350 million, and Verizon and Altaba Inc. have agreed to share any ongoing legal responsibilities related to the breaches. Altaba is the entity that will own the portion of Yahoo that Verizon is not acquiring.To read this article in full or to leave a comment, please click here

Orange Business Services Taps Riverbed for SD-WAN

Riverbed created a separate business unit for service providers.

String of fileless malware attacks possibly tied to single hacker group

Several attacks observed over the past few months that rely heavily on PowerShell, open-source tools, and fileless malware techniques might be the work of a single group of hackers.An investigation started by security researchers from Morphisec into a recent email phishing attack against high-profile enterprises pointed to a group that uses techniques documented by several security companies in seemingly unconnected reports over the past two months."During the course of the investigation, we uncovered a sophisticated fileless attack framework that appears to be connected to various recent, much-discussed attack campaigns," Michael Gorelik, Morphisec's vice president of research and development, said in a blog post. "Based on our findings, a single group of threat actors is responsible for many of the most sophisticated attacks on financial institutions, government organizations, and enterprises over the past few months."To read this article in full or to leave a comment, please click here

String of fileless malware attacks possibly tied to single hacker group

Several attacks observed over the past few months that rely heavily on PowerShell, open-source tools, and fileless malware techniques might be the work of a single group of hackers.An investigation started by security researchers from Morphisec into a recent email phishing attack against high-profile enterprises pointed to a group that uses techniques documented by several security companies in seemingly unconnected reports over the past two months."During the course of the investigation, we uncovered a sophisticated fileless attack framework that appears to be connected to various recent, much-discussed attack campaigns," Michael Gorelik, Morphisec's vice president of research and development, said in a blog post. "Based on our findings, a single group of threat actors is responsible for many of the most sophisticated attacks on financial institutions, government organizations, and enterprises over the past few months."To read this article in full or to leave a comment, please click here

Nokia Reorganizes Its Group Leadership Team; Samih Elhage Steps Down

These changes come as the company is faced with slowing demand for 4G services.

Dutch researchers pull almost 43Gbit per second over a ray of light

An experiment by scholars at the Eindhoven University of Technology in the Netherlands has demonstrated a wireless network based on infrared rays that can move data at speeds of 42.8Gbps.The system, which is the work of new Ph.D recipient Joanne Oh, uses light “antennas,” which don’t have any moving parts, translating signals from a fiber-optic cable into infrared light and beaming them to receivers in the same room, which can be tracked by their return signals – when a user’s device moves out of one beam’s area of function, another light antenna can take over.+ALSO ON NETWORK WORLD: Cisco security advisory dump finds 20 warnings, 2 critical + Raspberry Pi roundup: Pi Day, Remembrances of Pis Past, competitor corner, STEM and SKULLSTo read this article in full or to leave a comment, please click here

Dutch researchers pull almost 43Gbit per second over a ray of light

An experiment by scholars at the Eindhoven University of Technology in the Netherlands has demonstrated a wireless network based on infrared rays that can move data at speeds of 42.8Gbps.The system, which is the work of new Ph.D recipient Joanne Oh, uses light “antennas,” which don’t have any moving parts, translating signals from a fiber-optic cable into infrared light and beaming them to receivers in the same room, which can be tracked by their return signals – when a user’s device moves out of one beam’s area of function, another light antenna can take over.+ALSO ON NETWORK WORLD: Cisco security advisory dump finds 20 warnings, 2 critical + Raspberry Pi roundup: Pi Day, Remembrances of Pis Past, competitor corner, STEM and SKULLSTo read this article in full or to leave a comment, please click here

Rough Guide to IETF 98 — In The Loop: IETF Heads to Chicago

SDxCentral Weekly News Roundup — March 17, 2017

CHT Global launches SD-WAN; Ixia releases a new RAN test product.

Raptor

The post Raptor appeared first on 'net work.

Why great chief data officers are hard to find

Chief data officers (CDOs) are among the most highly sought-after executives among corporations for whom data analytics has become a cornerstone of digital strategies. But the rush to promote data-crunching experts to the CDO role has created a new challenge: Finding a leader who can use data to help drive a business transformation.Companies eager to establish data analytics have promoted managers to the CDO role based on their technical wizardry rather than their leadership capabilities, says Joshua Clarke, partner for executive recruiter Heidrick & Struggles, who highlighted the problem in "Choosing the right chief data officer," a new report detailing the rapid evolution of the CDO role.To read this article in full or to leave a comment, please click here