0

ISP groups appeal net neutrality court defeat

Trade groups representing many U.S. ISPs have filed an appeal challenging a court ruling that upheld the Federal Communications Commission's net neutrality rules.Trade groups CTIA, USTelecom, the National Cable & Telecommunications Association, and the American Cable Association on Friday asked the U.S. Court of Appeals for the District of Columbia Circuit to rehear their challenge of the net neutrality rules after a three-judge panel upheld the rules in June. The challenge isn't to the FCC's rules prohibiting broadband providers from selectively blocking or slowing web traffic, but to the agency's reclassification of broadband as a regulated, common-carrier service, the NCTA wrote in a blog post.To read this article in full or to leave a comment, please click here

0

Windows 10 upgrade: Don’t use Express settings if you value your privacy

When you’re setting up a new or existing PC with Windows 10, Microsoft will offer to install the operating system with "Express settings."Although Windows 10 Express settings will get you up and running quickly, that convenience comes at a cost: By skipping over custom settings, you’re agreeing to all kinds of data collection and behavior tracking, much of which didn’t apply in earlier versions of Windows.INSIDER Review: Enterprise guide to Windows 10 Here’s our advice: Instead of blindly enabling Express settings in Windows 10, take some time to understand what you’re agreeing to. Click the Customize settings link (in tiny text at the bottom of the setup screen), and disable the options you don't want.To read this article in full or to leave a comment, please click here

0

Service Discovery and Load balancing Internals in Docker 1.12

Docker 1.12 release has revamped its support for Service Discovery and Load balancing. Prior to 1.12 release, support for Service discovery and Load balancing was pretty primitive in Docker. In this blog, I have covered the internals of Service Discovery and Load balancing in Docker release 1.12. I will cover DNS based load balancing, VIP … Continue reading Service Discovery and Load balancing Internals in Docker 1.12 →

0

New Android Trojan SpyNote leaks on underground forums

A new and potent Android Trojan has been leaked on several underground forums, making it available for free to less resourceful cybercriminals who are now likely to use it in attacks.The Trojan app is called SpyNote and allows hackers to steal users' messages and contacts, listen in on their calls, record audio using the device's built-in microphone, control the device camera, make rogue calls and more.According to researchers from Palo Alto Networks, SpyNote does not require root access to a device, but does prompt users for a long list of permissions on installation. The Trojan can also update itself and install other rogue applications on the device.To read this article in full or to leave a comment, please click here

0

New Android Trojan SpyNote leaks on underground forums

A new and potent Android Trojan has been leaked on several underground forums, making it available for free to less resourceful cybercriminals who are now likely to use it in attacks.The Trojan app is called SpyNote and allows hackers to steal users' messages and contacts, listen in on their calls, record audio using the device's built-in microphone, control the device camera, make rogue calls and more.According to researchers from Palo Alto Networks, SpyNote does not require root access to a device, but does prompt users for a long list of permissions on installation. The Trojan can also update itself and install other rogue applications on the device.To read this article in full or to leave a comment, please click here

0

Network Monitoring: What To Watch

0

Worth Reading: Sniffing and censoring in real life

Airtel is sniffing and intercepting ALL unencrypted traffic going upstream from CloudFlare’s India data centres, irrespective of what ISP the user is on. This potentially affects everyone in India accessing ANY of the 2 million+ sites on CloudFlare. —Medium

The post Worth Reading: Sniffing and censoring in real life appeared first on 'net work.

0

Cloudy with a Chance of CapEx and OpEx

Hyperconvergence can have a huge impact on the delivery of cloud infrastructure.

0

Telco central offices could be in for open source makeover

A first-of-its-kind gathering dedicated to re-inventing telco central offices as open source-infused data centers will take place on Friday at Google's Sunnyvale Tech Campus. CORD The CORD Summit, hosted by the Open Networking Lab (On.Lab) and The Linux Foundation, promotes the use of technologies such as Network Functions Virtualization (NFV), software-defined networking (SDN) and the cloud "to bring datacenter economics and cloud agility to service providers' Central Office." CORD is kind of an acronym for Central Office Re-architected as a Datacenter, and is designed to benefit enterprise, residential and wireless networks. A mini version of this event was held in March as part of the broader Open Networking Summit.To read this article in full or to leave a comment, please click here

0

Telco central offices could be in for open source makeover

A first-of-its-kind gathering dedicated to re-inventing telco central offices as open source-infused data centers will take place on Friday at Google's Sunnyvale Tech Campus. CORD The CORD Summit, hosted by the Open Networking Lab (On.Lab) and The Linux Foundation, promotes the use of technologies such as Network Functions Virtualization (NFV), software-defined networking (SDN) and the cloud "to bring datacenter economics and cloud agility to service providers' Central Office." CORD is kind of an acronym for Central Office Re-architected as a Datacenter, and is designed to benefit enterprise, residential and wireless networks. A mini version of this event was held in March as part of the broader Open Networking Summit.To read this article in full or to leave a comment, please click here

0

Telco central offices could be in for open source makeover

A first-of-its-kind gathering dedicated to re-inventing telco central offices as open source-infused data centers will take place on Friday at Google's Sunnyvale Tech Campus. CORD The CORD Summit, hosted by the Open Networking Lab (On.Lab) and The Linux Foundation, promotes the use of technologies such as Network Functions Virtualization (NFV), software-defined networking (SDN) and the cloud "to bring datacenter economics and cloud agility to service providers' Central Office." CORD is kind of an acronym for Central Office Re-architected as a Datacenter, and is designed to benefit enterprise, residential and wireless networks. A mini version of this event was held in March as part of the broader Open Networking Summit.To read this article in full or to leave a comment, please click here

0

Inside Dyn Research: North Korea

Last week I published a blog that discussed the role Dyn has played in major international news stories. This week I’ve decided to pull back the curtain a bit and give you an in-depth look into how something like this goes down.

This past month you may have read in publications like Vice, NBC or Bloomberg about a Facebook clone operating out of North Korea. You may have also noticed that it was our research team that first discovered this. Finally, you probably asked: how did they see this and why does Dyn care about Kim Jong-un and social networks?

I can answer the latter question first. At Dyn we are passionate about the performance of the internet. We believe the internet is a tool with unlimited potential. What is fascinating though is that it is a flawed tool. The internet by its very nature is volatile. There are outages and threats happening every day. It is up to the companies who want to use this tool to understand this volatility and prepare for it. At Dyn we believe with the right Internet Performance Management strategy you can own the Internet.

But to do that you must know the issues. Continue reading

0

Onyx: A Star Trek-like communication badge solution in search of a problem

Fans of Star Trek know that its communicator device was iconic. Whether it was Captain Kirk on the original series asking Scotty for a beam-up (he never actually did say, “Beam me up, Scotty”), or Captain Picard tapping on his Starfleet insignia badge asking for a status report from Engineering, this was the way that instant voice communication would work in “the future.”Many devices seen on these shows have evolved into real-life products. While the communicator that Kirk used evolved into the flip-phone (which then evolved into the smartphone), the badge that Picard wore hasn’t hit the mainstream. Over the years I’ve seen a few products attempt to recreate this device (one company had success deploying a badge-like system via Wi-Fi, geared towards hospital doctors and nurses), but there hasn’t been a popular badge-like device.To read this article in full or to leave a comment, please click here

0

IDG Contributor Network: Service providers see opportunity in enterprise WLANs

Somewhere there’s an alternate universe where service providers are so effective that they dominate the enterprise communications market.In that world: What cannot be delivered remotely over fiber, wires or wireless—a pervasive, shared communications grid—is installed on site and managed remotely by service provider engineers. Small businesses and large enterprises requiring wired or wireless communications look to these large service providers because they deliver all required services at the lowest cost, with high reliability and national reach. At the end of the month, a single bill covers all services consumed.+ Also on Network World: IoT-dedicated networks beginning to rollout +To read this article in full or to leave a comment, please click here

0

IDG Contributor Network: Attack attribution does little to improve enterprise security

After every major data breach, the security community engages in a game of whodunit and attempts to figure out what entity or nation state carried out the attack. The North Koreans were behind the Sony breach, while China carried out the attack on the Office of Personnel Management (OPM). Meanwhile, hackers linked to the Iranian government hacked a small dam in New York as well as the networks of AT&T, Bank of America and the New York Stock Exchange, among other major U.S. businesses. And now Russia is being singled out for supporting hackers who infiltrated the Democratic National Committee’s computers and disclosed sensitive files and emails.To read this article in full or to leave a comment, please click here

0

IDG Contributor Network: Attack attribution does little to improve enterprise security

After every major data breach, the security community engages in a game of whodunit and attempts to figure out what entity or nation state carried out the attack. The North Koreans were behind the Sony breach, while China carried out the attack on the Office of Personnel Management (OPM). Meanwhile, hackers linked to the Iranian government hacked a small dam in New York as well as the networks of AT&T, Bank of America and the New York Stock Exchange, among other major U.S. businesses. And now Russia is being singled out for supporting hackers who infiltrated the Democratic National Committee’s computers and disclosed sensitive files and emails.To read this article in full or to leave a comment, please click here

0

IDG Contributor Network: Fixing the perception that enterprise IT is irrelevant

Continuing perception of IT being slow to innovate is reflected in a new report from consultancy Accenture. IT is no longer the body sought out by executives to perform business transformations, research has found. And IT doesn’t have the skills to adapt successfully to an as-a-service environment either.As-a-service is a term for cloud, software, tech services and so on that is delivered on-demand over the internet.+ Also on Network World: The IT skills gap is a reality, but doesn’t have to be +To read this article in full or to leave a comment, please click here

0

There are mobile and IoT companion documents for the CIS (Top 20) Critical Security Controls

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  Most people who have anything to do with cybersecurity are familiar with the Center for Internet Security (CIS) Critical Security Controls, also commonly known as the SANS Top 20, or more simply the Controls. This list consists of a recommended set of actions for cyber defense that provide specific and actionable ways to stop today's most pervasive and dangerous attacks.Implementing the Controls is no guarantee an organization will have a bullet-proof defensive posture, but it significantly reduces both the risk that a breach will happen and the impact to the organization if such an event were to occur. What's more, theControls constitute a minimum level of security that any organization that collects or maintains personal or sensitive information should meet.To read this article in full or to leave a comment, please click here

0

There are mobile and IoT companion documents for the CIS (Top 20) Critical Security Controls

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  Most people who have anything to do with cybersecurity are familiar with the Center for Internet Security (CIS) Critical Security Controls, also commonly known as the SANS Top 20, or more simply the Controls. This list consists of a recommended set of actions for cyber defense that provide specific and actionable ways to stop today's most pervasive and dangerous attacks.Implementing the Controls is no guarantee an organization will have a bullet-proof defensive posture, but it significantly reduces both the risk that a breach will happen and the impact to the organization if such an event were to occur. What's more, theControls constitute a minimum level of security that any organization that collects or maintains personal or sensitive information should meet.To read this article in full or to leave a comment, please click here

0

Micro-segmentation with Service Insertion – NSX Securing “Anywhere” Part IV

Welcome to part 4 in the Micro-Segmentation Defined– NSX Securing “Anywhere”  blog series. Today we will cover the role of NSX as a foundational security platform through NSX Micro-segmentation with Service Insertion. Previous topics covered in this series includes

• Part I –    Micro-segmentation Defined
• Part II –  Securing Physical environments
• Part III –Operationalizing Micro-segmentation

This blog covers the following topics:

1. Defining Service Insertion
2. The Role of Service Insertion in Micro-segmentation
3. Network and Guest Introspection
4. NSX Service Insertion

Defining Service Insertion

In modern datacenters, network and compute services either have been or are being decoupled from the physical appliances on which they have traditionally run. In the past, a datacenter service required traffic to be steered through a series of such appliances in order to be serviced appropriately, through services such as firewalls, intrusion detection and prevention, and load balancing services. As infrastructure services transition from physical appliances to software functions, it becomes possible to deploy these services with greater granularity by inserting them into a specific forwarding path. Combining multiple functions in this manner is generally referred to as a service chain or service graph.

Figure 1: Two distinct service chains utilizing different functions

Once infrastructure Continue reading