TLS 1.3 gets early adoption boost through CloudFlare

Website security and performance vendor CloudFlare has made the newest version of the TLS secure communications protocol available to all of its customers.The TLS (Transport Layer Security) 1.3 specification is yet to be finalized by the Internet Engineering Task Force (IETF), the body that develops internet standards. However, the protocol is already supported in beta versions of Google Chrome and Mozilla Firefox, and it's being hailed as an important step forward in securing internet communications.TLS 1.3 removes some cryptographic algorithms present in TLS 1.2 that are known to be vulnerable. This makes it easier for server administrators to deploy secure-by-default HTTPS configurations. HTTPS (HTTP Secure) is a mix between HTTP and TLS.To read this article in full or to leave a comment, please click here

TLS 1.3 gets early adoption boost through CloudFlare

Website security and performance vendor CloudFlare has made the newest version of the TLS secure communications protocol available to all of its customers.The TLS (Transport Layer Security) 1.3 specification is yet to be finalized by the Internet Engineering Task Force (IETF), the body that develops internet standards. However, the protocol is already supported in beta versions of Google Chrome and Mozilla Firefox, and it's being hailed as an important step forward in securing internet communications.TLS 1.3 removes some cryptographic algorithms present in TLS 1.2 that are known to be vulnerable. This makes it easier for server administrators to deploy secure-by-default HTTPS configurations. HTTPS (HTTP Secure) is a mix between HTTP and TLS.To read this article in full or to leave a comment, please click here

Stanford researchers invent tech workaround to net neutrality fights

Engineers at Stanford University have invented a new technology that would give broadband customers more control over their pipes and, they say, possibly put an end to a stale net neutrality debate in the U.S.The new technology, called Network Cookies, would allow broadband customers to decide which parts of their network traffic get priority delivery and which parts are less time sensitive. A broadband customer could then decide video from Netflix should get preferential treatment over email messages, for example.The technology could put an end to the current net neutrality debate focused on whether broadband providers are allowed to prioritize some network traffic and block or degrade other traffic, said the researchers, Professors Nick McKeown and Sachin Katti and electrical engineering grad student Yiannis Yiakoumis.To read this article in full or to leave a comment, please click here

Stanford researchers invent tech workaround to net neutrality fights

Engineers at Stanford University have invented a new technology that would give broadband customers more control over their pipes and, they say, possibly put an end to a stale net neutrality debate in the U.S.The new technology, called Network Cookies, would allow broadband customers to decide which parts of their network traffic get priority delivery and which parts are less time sensitive. A broadband customer could then decide video from Netflix should get preferential treatment over email messages, for example.The technology could put an end to the current net neutrality debate focused on whether broadband providers are allowed to prioritize some network traffic and block or degrade other traffic, said the researchers, Professors Nick McKeown and Sachin Katti and electrical engineering grad student Yiannis Yiakoumis.To read this article in full or to leave a comment, please click here

What to expect from Google’s big Oct. 4 hardware event

Get ready for a Google hardware-palooza.The company is set to not only unveil a pair of smartphones during its just-announced Oct. 4 event in San Francisco, but we also may also see some other gear that will surely make it onto the holiday wish list of anyone that’s a fan of Google services.The story behind the story: Late Monday, the company sent out a press invite and a playful tweet that takes you to a not-so-subtle teaser site. It’s clearly a phone and the URL of madeby.google.com tells us that instead of this being just another Nexus partnership, Google is more fully in control of its latest smartphones. To read this article in full or to leave a comment, please click here

SanDisk reveals world’s first 1TB SD card

SanDisk today showcased its upcoming 1TB SDXC card prototype at a European trade show for photo and video professionals."There is no definitive timing for availability as of now," a company spokesperson said in an email to Computerworld. "Western Digital plans to monitor industry trends and demands, and introduce the card in retail accordingly. Price would depend on market conditions at the time it’s released." Amazon SanDisk's current 512GB SD card retails for $345.77 on Amazon.com.To read this article in full or to leave a comment, please click here

Cisco CEO: Spin-in technologies aren’t dead at Cisco

The spin-in culture that developed some major innovations and once shaped a ton of advanced technologies at Cisco isn’t dead but it sure is unrecognizable.That’s because the notions of innovation and developing new ways of bringing cutting-edge technology to the networking arena at least from Cisco has changed.+More on Network World: Cisco unearths its inner startup culture via companywide innovation contest; Cisco names winners of Innovate Everywhere Challenge+ To read this article in full or to leave a comment, please click here

Cisco CEO: Spin-in technologies aren’t dead at Cisco

The spin-in culture that developed some major innovations and once shaped a ton of advanced technologies at Cisco isn’t dead but it sure is unrecognizable.That’s because the notions of innovation and developing new ways of bringing cutting-edge technology to the networking arena at least from Cisco has changed.+More on Network World: Cisco unearths its inner startup culture via companywide innovation contest; Cisco names winners of Innovate Everywhere Challenge+ To read this article in full or to leave a comment, please click here

Data hoarding site represents the dark side of data breach monitoring

A site that's been warning the public about data breaches might actually be doing more harm than good.Enter LeakedSource, a giant repository online that can potentially make hacking easier. Your email address and the associated Internet accounts -- including the passwords -- is probably in it.In fact, the giant repository is made up of stolen databases taken from LinkedIn, Myspace, Dropbox, and thousands of other sites. It bills itself as a data breach monitoring site and for months now, it's been collecting details on hacks, both old and new, and alerting the media about them.To read this article in full or to leave a comment, please click here

Data hoarding site represents the dark side of data breach monitoring

A site that's been warning the public about data breaches might actually be doing more harm than good.Enter LeakedSource, a giant repository online that can potentially make hacking easier. Your email address and the associated Internet accounts -- including the passwords -- is probably in it.In fact, the giant repository is made up of stolen databases taken from LinkedIn, Myspace, Dropbox, and thousands of other sites. It bills itself as a data breach monitoring site and for months now, it's been collecting details on hacks, both old and new, and alerting the media about them.To read this article in full or to leave a comment, please click here

Versa-led Alliance Promotes White Box SD-WAN Hardware

White-box vendors Advantech, Silicom, and Lanner Electronics are part of the group.

IDG Contributor Network: Zuznow (who?) offers a Siri-like tool for developers

Zuznow is a little-known vendor that offers a mobile development platform. Essentially Zuznow is focused on enabling businesses, even those businesses without technical development resource on staff, to create mobile applications. It’s a busy space, and it's getting busier—large vendors (Salesforce, BMC), smaller vendors (Caspio, Mendix) and standalone mobile application development platforms (Xamarin) are all trying to solve this problem.+ Also on Network World: Will companies trust their communications to AI chatbots? + Zuznow wants to steal a march on the opposition with the introduction of its intelligent voice assistant. The tool can be thought of as a plug-and-play Siri. Indeed Zuznow has even called the offering Susie, as an homage of Apple’s Siri voice assistant. Zuznow promises that it is delivering the world's first intelligent assistant plugin that brings voice-control and chatbots to any enterprise mobile app within hours. To read this article in full or to leave a comment, please click here

BackConnect’s Suspicious BGP Hijacks

Earlier this month, security blogger Brian Krebs broke a story about an Israeli DDoS-for-hire service, vDOS, which had been hacked, revealing “tens of thousands of paying customers and their (DDoS) targets.”  Afterwards, Krebs noticed that vDOS itself was also a victim of a recent BGP hijack from a company called BackConnect, which claims to be the “world’s first and leading open source based DDoS and network security provider.”

BrandPost: Driven to Connect

Businesses large and small are under the gun to satisfy network access for varied constituencies: not only centralized and remote workers, but outsiders ranging from consumers to partners. Typically, that means supporting multiple access technologies such as a secure virtual private network (VPN) and any number of Wi-Fi guest access devices.Businesses typically have spent years trying to catch up with the access needs of their workers. Larger firms may use a variety of networking technologies from high-performing carrier-based Multiprotocol Label Switching (MPLS) virtual private networks (VPNs), campus or metro Ethernet local area networks (LANs), and public internet VPNs. Smaller organizations are more likely inclined to the public internet options.To read this article in full or to leave a comment, please click here

Multi-site with Cross-VC NSX and Palo Alto Networks Security

In a prior post, Multi-site with Cross-VC NSX: Consistent Security and Micro-segmentation Across Sites, we discussed how Cross-VC NSX provides micro-segmentation and consistent security across multiple sites. We looked at five reasons to seriously consider Cross-VC NSX for a multi-site solution in terms of security alone: centralized management, consistent security across vCenter domains/sites, security policies follow the workload(s), ease of security automation across vCenter domains/sites, and enhanced disaster recovery use case. In this post, we’ll discuss how advanced third party security services can also be leveraged in a Cross-VC NSX environment. 

Prior Cross-VC NSX Blogs:
Multi-site with Cross-VC NSX: Consistent Security and Micro-segmentation Across Sites
Cross-VC NSX: Multi-site Deployments with Ease and Flexibility
NSX-V: Multi-site Options and Cross-VC NSX Design Guide
Enhanced Disaster Recovery with Cross-VC NSX and SRM
Cross-VC NSX for Multi-site Solutions

NSX provides a solid platform for security in general: inherent isolation via logical networks, micro-segmentation via distributed firewall, edge firewall capabilities, third party guest introspection services, third party network introspection services, and a robust security policy orchestration and automation framework.

With Cross-VC NSX, micro-segmentation and consistent security policies for workloads expands beyond a single vCenter boundary. Typically, customers who have multiple sites also have multiple vCenters – at least one vCenter Continue reading

IDG Contributor Network: Mobile IoT provider applies military techniques to improve IoT resiliency

The military knows how to operate in chaotic situations.Where should resources be deployed? How should isolated platoons be managed? How should field units and central command coordinate activities when communication lines are broken? How can communications be secured? How can systems be made more resilient?  Many military techniques can be adpated to enhance IoT resiliency.Lessons from the Art of War Military communications or “comms" are activities, equipment and tactics the military uses on the battlefield. They include measurement systems, cryptography and robust communication channels. Military doctrine combines centralized intent with decentralized execution. Four key design principles are applied:To read this article in full or to leave a comment, please click here

SIEM Market Dynamics in Play

When I started focusing on the security market 14 years ago, the SIEM market was burgeoning market populated by vendors such as CA, e-Security, Intellitactics, and NetForensics. In the intervening timeframe, the SIEM market has grown, thrived, and changed every few years.  SIEM started as a central repository for event correlation for perimeter security devices.  It then morphed into a reporting engine for governance and compliance.  In a subsequent phase, SIEM became more of a query and log management tools for security analysts. Fast forward to 2016 and SIEM has taken on a much bigger scope – an enterprise software platform that anchors security operations centers (SOCs).  In this role, SIEM platforms can also include:To read this article in full or to leave a comment, please click here

SIEM market dynamics in play

When I started focusing on the security market 14 years ago, the security information and event management (SIEM) market was a burgeoning market populated by vendors such as CA, e-Security, Intellitactics and NetForensics. In the intervening timeframe, the SIEM market has grown, thrived and changed every few years. SIEM started as a central repository for event correlation for perimeter security devices. It then morphed into a reporting engine for governance and compliance. In a subsequent phase, SIEM became more of a query and log management tool for security analysts. Fast forward to 2016, and SIEM has taken on a much bigger scope—an enterprise software platform that anchors security operations centers (SOCs). In this role, SIEM platforms can also include:To read this article in full or to leave a comment, please click here

Worth Reading: Long secret Stingray manuals detail phone spying

Harris Corp’s Stingray surveillance device has been one of the most closely guarded secrets in law enforcement for more than 15 years. The company and its police clients across the United States have fought to keep information about the mobile phone-monitoring boxes from the public against which they are used. The Intercept has obtained several Harris instruction manuals spanning roughly 200 pages and meticulously detailing how to create a cellular surveillance dragnet. —The Intercept

The post Worth Reading: Long secret Stingray manuals detail phone spying appeared first on 'net work.

Researchers demonstrate remote attack against Tesla Model S

Tesla Motors is considered one of the most cybersecurity-conscious car manufacturers in the world -- among other things, it has a bug bounty program. But that doesn't mean the software in its cars is free of security flaws.Researchers from Chinese technology company Tencent found a series of vulnerabilities that, when combined, allowed them to remotely take over a Tesla Model S car and control its sunroof, central display, door locks and even the breaking system. The attack allowed the researchers to access the car’s controller area network (CAN) bus, which lets the vehicle’s specialized computers communicate with each other."As far as we know, this is the first case of remote attack which compromises CAN Bus to achieve remote controls on Tesla cars," the researchers from Tencent's Keen Security Lab said in a blog post Monday. "We have verified the attack vector on multiple varieties of Tesla Model S. It is reasonable to assume that other Tesla models are affected."To read this article in full or to leave a comment, please click here