Best practices for incident response in the age of cloud

Best practices for incident response in the age of cloud

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.Most CISOs receive a rude awakening when they encounter their first major security issue in the cloud. If they identify a critical vulnerability that requires a patch, they may not have the authorization to tweak the cloud provider's pre-packaged stack. And if the customer does not own the network, there may not be a way to access details that are critical to investigating an incident.In order to avoid a major security issue in the cloud, CISO’s must  have an incident response plan.  Here is how to build one:To read this article in full or to leave a comment, please click here

Apple quashes 3 zero-days with emergency Mac update

Apple yesterday issued an emergency security update for the Mac, patching the same trio of vulnerabilities the company fixed last week on the iPhone. According to one of the groups that first revealed the flaws, the vulnerabilities could have been "weaponized" for use against OS X, the Mac's operating system. The out-of-band update was aimed at OS X El Capitan (aka 10.11) and Yosemite (10.10), the 2015 and 2014 editions, respectively. Older versions, including 2014's OS X Mavericks, went unpatched: Apple is nearing the release of its annual Mac operating system upgrade and thus the end of support for the edition of three years ago. Like the urgent update Apple released last week for the iPhone -- iOS 9.3.5 -- the Mac patches quash three bugs, two in the operating system's kernel and the third in the Safari browser.To read this article in full or to leave a comment, please click here

Apple quashes 3 zero-days with emergency Mac update

Apple yesterday issued an emergency security update for the Mac, patching the same trio of vulnerabilities the company fixed last week on the iPhone. According to one of the groups that first revealed the flaws, the vulnerabilities could have been "weaponized" for use against OS X, the Mac's operating system. The out-of-band update was aimed at OS X El Capitan (aka 10.11) and Yosemite (10.10), the 2015 and 2014 editions, respectively. Older versions, including 2014's OS X Mavericks, went unpatched: Apple is nearing the release of its annual Mac operating system upgrade and thus the end of support for the edition of three years ago. Like the urgent update Apple released last week for the iPhone -- iOS 9.3.5 -- the Mac patches quash three bugs, two in the operating system's kernel and the third in the Safari browser.To read this article in full or to leave a comment, please click here

U.S. cloud vendors adjust to Snowden effect, Privacy Shield

When whistleblower Edward Snowden shocked the world in 2013 by revealing that the NSA was allegedly siphoning data from U.S. internet companies, pundits proclaimed that winter was coming for American cloud vendors in Europe. Evidence now suggests those fears may have been overblown.IDC said this month that U.S. cloud vendors have increased their combined cloud infrastructure revenue two-and-a-half-times in Western Europe, topping $2 billion since the Snowden Effect was supposed to freeze the market. Amazon Web Services (AWS), Microsoft, Alphabet’s Google and IBM increased their market share by a third in the region, hitting 40 percent in 2015.To read this article in full or to leave a comment, please click here

Peanuts with a purpose: Sen.se unveils new smart sensors at IFA

Expecting people to figure out what its Cookie multipurpose smart sensors could be used for didn't work out so well for Sen.se. It's trying a different approach with its new Peanut sensors: application-specific packaging that sells the purpose, not the product.The first Peanut, launched Thursday, is a thermometer presented as a way to get alerts if a child's room gets too cold or a refrigerator too hot.Future Peanuts, all in the same 7.5-gram, 45 x 25 x 5 millimeter case, will contain different sensors and be packaged as an alarm clock/sleep monitor (SleepPeanut), a medication reminder (MedPeanut), or a remote control (PeanutButton). Sen.se plans to release a new reason to connect things to the internet every six weeks.To read this article in full or to leave a comment, please click here

Best Deals of the Week, August 29 – September 2 – Deal Alert

Best Deals of the Week, August 29 - September 2 - Deal AlertCheck out this roundup of the best deals on gadgets, gear and other cool stuff we have found this week, the week of August 29th. All items are highly rated, and dramatically discounted!43% off NETGEAR AC750 WiFi Range ExtenderIf you're struggling with wifi dead zones, boost the range of your existing WiFi and create a stronger signal in hard-to-reach areas with a wifi extender, like this one from Netgear. The AC750's design is compact and discrete. Plug it into a wall outlet and it delivers AC dual band WiFi up to 750 Mbps from your existing wifi network. 2.4Ghz and 5Ghz both supported. This model averages 4 out of 5 stars from nearly 12,000 people on Amazon (read reviews) and its typical list price of $69.98 has been reduced a generous 43% to just $39.99. To read this article in full or to leave a comment, please click here

Microsoft bug bounty program adds .NET Core and ASP.NET Core

Microsoft has expanded its bug bounty programs to cover the open-source .NET Core and ASP.NET Core application development platforms.The .NET Core and ASP.NET Core technologies are used to create server applications that can run on Windows, Linux, and Mac. The ability to write code once and have it run on multiple platforms have made these technologies popular with enterprise software developers.Microsoft will pay monetary rewards between US$500 and $15,000 for critical vulnerabilities in the RTM (release to manufacturing), Beta, or RC (release candidate) releases of these platforms.Flaws in Microsoft's cross-platform Kestrel web server are also covered by the new bug bounty program, as well as vulnerabilities in the default ASP.NET Core templates provided with the ASP.NET Web Tools Extension for Visual Studio 2015 or later.To read this article in full or to leave a comment, please click here

Multi-site with Cross-VC NSX: Consistent Security and Micro-segmentation Across Sites

Several posts have been written prior on multi-site with Cross-VC NSX describing the fundamentals, use cases, deployment models, and flexibility Cross-VC NSX provides. In this post, we focus on the security benefits of a multi-site Cross-VC NSX solution.

Prior Cross-VC NSX Blogs:
Cross-VC NSX: Multi-site Deployments with Ease and Flexibility
NSX-V: Multi-site Options and Cross-VC NSX Design Guide
Enhanced Disaster Recovery with Cross-VC NSX and SRM
Cross-VC NSX for Multi-site Solutions

So, why multi-site with Cross-VC NSX? The following five reasons should be enough for you to seriously consider Cross-VC NSX as a solution for your multi-site needs:

1.) Centralized Management
Centralized management of security policies across multiple vCenter domains/sites. You have one central location to configure security policies and only write the security policy once, which is then applied across all vCenter domains/sites.

Figure 1 Central Management of Security Policies Across Sites from Primary NSX Manager

2.) Consistent Security Across vCenter Domains/Sites
Consistent security policies across vCenter domains/sites provided automatically by Cross-VC NSX enables enhanced workload mobility. Security policies are configured on the primary NSX Manager and automatically synced to the secondary NSX Managers providing for uniform security across all sites.

Figure 2 Consistent Security Across Sites Continue reading

Packet Blast: Top Tech Blogs, Sept. 2

Using BGP in Leaf-and-Spine Fabrics

In the Leaf-and-Spine Fabric Designs webinar series we started with the simplest possible design: non-redundant server connectivity with bridging within a ToR switch and routing across the fabric.

After I explained the basics (including routing protocol selection, route summarization, link aggregation and addressing guidelines), Dinesh Dutt described how network architects use BGP when building leaf-and-spine fabrics.

HPE said to plan sale of its software unit

Hewlett Packard Enterprise is said to be looking to sell its software division, which would include the business from its disastrous acquisition of Autonomy in 2011, according to news reports.The enterprise IT company that emerged from the breakup of Hewlett-Packard has been restructuring its operations recently, including a US$8.5 billion deal announced in May to spin off and merge its enterprise services business with CSC. A sale of the software business would leave the company focused largely on servers, networking, storage, business critical systems and technology services.To read this article in full or to leave a comment, please click here

A Rogue Effort Brings SDDC to the Lowly Branch Office

Technology isn't the hard part, though.

Thoma Bravo Might Buy HPE Software Assets for $7.5B

It's unclear exactly which assets are on the block.

49% off Streamlight Rugged Long Lasting Battery Powered Lantern – Deal Alert

The Siege lantern from Streamlight is sturdy, rugged and well-built. It's rated 5 out of 5 stars from over 1,400 people on Amazon (read reviews) and its typical list price of $62.42 has been reduced 49% to just $31.99. The Siege Lantern distributes light 360-degrees. It features four C4 power LEDs for extreme brightness, and one red C4 power LED to preserve night vision. There are five output modes, and a battery level indicator built into the on/off button. Its ergonomic handle makes it easy to carry, while allowing it to hook on any edge or bar. With the outer lantern globe in place, the light is water-resistent and will float. Remove the outer globe, and the lantern's body's ready to hang upside down by the D-ring for large area lighting needs. Low white light mode provides extended run time of 295 hours. Battery replacement is a breeze with the center-post orienting the battery cover correctly every time. See the highly rated and discounted Streamlight Siege lantern now on Amazon.To read this article in full or to leave a comment, please click here

Raspberry Pi roundup: Now with additional cucumbers!

The goal of technology is to make the world a better place. Sometimes, you can do that by making a gigantic breakthrough that solves a big problem in one fell swoop or opens major new horizons to the whole of humanity.Much more often, however, you can solve a much smaller problem right at home. That’s what Makoto Koite, a cucumber farmer in Japan, did when he used Google’s open-source AI software TensorFlow, an Arduino, and a Raspberry Pi to automatically sort his produce by size and shape.+ALSO ON NETWORK WORLD: Big data salaries set to rise in 2017 + Why these victims decided not to pay the ransomTo read this article in full or to leave a comment, please click here

No let-up in devastating decline of Microsoft’s browsers

Microsoft's browsers continued to hemorrhage users last month, with no sign that the bleeding will stop.According to Internet analytics vendor Net Applications, the combined user share of Internet Explorer and Edge fell 2.2 percentage points in August, ending the month at 32.5%. It was the fourth month in the last six where IE + Edge lost more than 2 points, and the second-largest decline in the 11-year history of Computerworld's recording of Net Applications' data.The brutal erosion of Microsoft's browser share has been unprecedented, rivaled only by the plunge of Netscape Navigator, which Internet Explorer dethroned in the second half of the 1990s. In the past six months, IE has lost more than 12 percentage points of user share; since the first of the year, IE has shed 16 points.To read this article in full or to leave a comment, please click here

Worth Reading: Biometrics are less secure than passwords

Many technology pundits talk about biometrics as the ultimate authentication solution — the technology that will make the ‘imperfect’ password obsolete. Despite the hype, most companies are approaching with caution. In fact, CEB found that there are varied degrees of biometrics adoption globally, as around 20 percent of firms have actually deployed the technology. A big reason for low adoption could be that they are less secure. And while many are touting the security of biometrics, there are four issues to consider when evaluating the technology. —betanews

The post Worth Reading: Biometrics are less secure than passwords appeared first on 'net work.

Smartphone growth remains flat, with iPhones down 12% this year

Growth in smartphones will only reach 1.6% for all of 2016, mainly because of sales declines in developed markets like the U.S., Japan and Western Europe, IDC predicted Thursday.The analyst firm also said that iPhone shipments for the entire year will decline by 12% globally compared to 2015, while Windows Phone shipments will decline by 75%. Sales of Android smartphones produced by a number of manufacturers will increase by 6.7%, and grab 85% of the global market for all of 2016.The iPhone decline was partly attributed to Apple customers waiting to purchase the next-generation iPhone, IDC said. That phone, probably in a couple of sizes, is widely expected to be announced along with an upgraded Apple Watch at an event next Wednesday.To read this article in full or to leave a comment, please click here

Apple’s Cook calls European tax ruling ‘total political crap’

The European Commission's decision to force Apple to pay Ireland billions of dollars in back taxes is "total political crap" and a reflection of anti-U.S. sentiment, company CEO Tim Cook told the Irish Independent in an interview published Thursday."No one did anything wrong here," Cook said. "Ireland is being picked on, and this is unacceptable."The EC ruled on Tuesday that Ireland gave Apple illegal tax benefits by not collecting €13 billion (US$14.5 billion) in taxes owed to it over a 10-year period. It was the culmination of a two-year investigation into the company's tax affairs that found Apple's effective tax rate on profit reported in Ireland was just €500 per million euros in profit, falling to €50 per million in 2014.To read this article in full or to leave a comment, please click here