Cybercriminal business model vulnerable to intervention

Cybercrime may be booming but its business model is vulnerable on many fronts, according to a new report."We've been observing that they've been acting like a business for a while," said Shogo Cottrell, security strategist at Hewlett Packard Enterprise, which produced the report.The profit motivation accounts for more than three-quarters of all data breaches and has been rising in recent years, according to this year's Verizon data breach report.But cybercrime also shares many of the vulnerabilities that traditional businesses do, said Cottrell.MORE ON CSO: How to spot a phishing email For example, a criminal group's reputation is even more important in the underground economy than brand reputation in the legitimate world.To read this article in full or to leave a comment, please click here

Cybercriminal business model vulnerable to intervention

Cybercrime may be booming but its business model is vulnerable on many fronts, according to a new report."We've been observing that they've been acting like a business for a while," said Shogo Cottrell, security strategist at Hewlett Packard Enterprise, which produced the report.The profit motivation accounts for more than three-quarters of all data breaches and has been rising in recent years, according to this year's Verizon data breach report.But cybercrime also shares many of the vulnerabilities that traditional businesses do, said Cottrell.MORE ON CSO: How to spot a phishing email For example, a criminal group's reputation is even more important in the underground economy than brand reputation in the legitimate world.To read this article in full or to leave a comment, please click here

9 business-worthy Chrome for Work devices

Chrome for Work devicesChromebooks have been around for a while, but they haven't received nearly as much business press as hybrid devices like the Surface Pro 4 or iPad Pro. But while they may be flying under the radar, Google has an entire lineup of Chrome-based devices aimed at business users. While these devices might not get as much enterprise-worthy buzz, they are well-equipped for both casual and power users alike. They run the gamut in terms of design and configuration, which means there is likely an option for you -- whether you want a desktop, tablet or notebook experience. Here are nine Chrome for Work devices you've probably never heard of aimed at the enterprise.Acer ChromebaseThe Acer Chromebase will remind you of those all-in-ones that were slated to be the future of the desktop just a few years ago. It features a 21.5-inch touchscreen display, 4 GB of memory, a 16GB hard drive and an NVIDIA Tegra K1 processor. The all-in-one display features two USB 2.0 and 1 USB 3.0 ports, a built in HD webcam and microphone, a microSD memory card slot, two speakers and, of course, the Google Chrome Operating system. Continue reading

How 5 IT leaders beat their toughest technical challenges

People who lead large IT organizations don’t have much time to deal with the nitty-gritty technical details of how their systems run. Their priorities are to provide strategic technology leadership, set policies and manage the overall operation. CIOs and other IT leaders also have to work with executives in other departments to make sure IT is providing the services the business needs. But there are times when a technical problem crops up that requires the boss’s attention, and on those occasions finding the right solution can seem like an overwhelming challenge.To get a sense of the type of technical issues CIOs have to deal with, we asked five IT leaders to recall vexing problems they were able to solve without resorting to complicated, high-cost rollouts.To read this article in full or to leave a comment, please click here

The Sleepy User Agent

From time to time a customer writes in and asks about certain requests that have been blocked by the CloudFlare WAF. Recently, a customer couldn’t understand why it appeared that some simple GET requests for their homepage were listed as blocked in WAF analytics.

A sample request looked liked this:

GET / HTTP/1.1
Host: www.example.com
Connection: keep-alive
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (compatible; MSIE 11.0; Windows NT 6.1; Win64; x64; Trident/5.0)'+(select*from(select(sleep(20)))a)+' 
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8,fr;q=0.6

As I said, a simple request for the homepage of the web site, which at first glance doesn’t look suspicious at all. Unless your take a look at the User-Agent header (its value is the string that identifies the browser being used):

Mozilla/5.0 (compatible; MSIE 11.0; Windows NT 6.1; Win64; x64; Trident/5.0)'+(select*from(select(sleep(20)))a)+

The start looks reasonable (it’s apparently Microsoft Internet Explorer 11) but the agent strings ends with '+(select*from(select(sleep(20)))a)+. The attacker is attempting a SQL injection inside the User-Agent value.

It’s common to see SQL injection in URIs and form parameters, but here the attacker has hidden the SQL query select * from (select(sleep(20))) inside the User-Agent Continue reading

Label Switched Multicast – Q&A

This post is the last one I’m planning in this series on Label Switched Multicast (LSM). The questions & answers below are meant to expand on topics from the previous posts or address topics that weren’t mentioned in the previous posts at all.

If you’re not familiar with LSM yet then this Q&A likely won’t make much sense to you and I recommend you go back and read through the previous posts.

Please post a comment if one of the answers isn’t clear or you have additional questions!

How can the mapping between a (*,G) or (S,G) and a Multicast Distribution Tree be found?

If you have a (*,G) or an (S,G), the following commands will show you which MDT is being used through the MPLS core. I find the easiest place in the network to check the mapping between a (*,G) or (S,G) and an MDT is on the Ingress PE. Two tables hold the mapping:

1 – the MFIB:

PE1#show ip mfib vrf BLUE 239.3.3.3
[...]
VRF BLUE
 (*,239.3.3.3) Flags: C
   SW Forwarding: 0/0/0/0, Other: 0/0/0
   Tunnel0 Flags: A
   Lspvif0, LSM/2 Flags: F NS
     Pkts:  Continue reading

IDG Contributor Network: Kinvey mobilizes SAP apps

Kinvey has long been a mover and shaker in the Mobile Backend as a Service (MBaaS) world. That somewhat obscure acronym actually stands for something pretty important—the enabling of mobile applications. As the world increasingly demands data and applications to be accessible anywhere and anytime, mobile applications become even more important. But if you're an enterprise CIO or IT leader with a bunch of conflicting priorities, the last thing you want to do is wrangle the infrastructure and foundational aspects of building mobile apps. This is where Kinvey comes in.To read this article in full or to leave a comment, please click here

BGP: The Application Networking Dream

There was an interesting article last week from Fastly talking about using BGP to scale their network. This was but the latest in a long line of discussions around using BGP as a transport protocol between areas of the data center, even down to the Top-of-Rack (ToR) switch level. LinkedIn made a huge splash with it a few months ago with their Project Altair solution. Now it seems company after company is racing to implement BGP as the solution to their transport woes. And all because developers have finally pulled their heads out of the sand.

BGP Under Every Rock And Tree

BGP is a very scalable protocol. It’s used the world over to exchange routes and keep the Internet running smoothly. But it has other power as well. It can be extended to operate in other ways beyond the original specification. Unlike rigid protocols like RIP or OSPF, BGP was designed in part to be extended and expanded as needs changes. IS-IS is a very similar protocol in that respect. It can be upgraded and adjusted to work with both old and new systems at the same time. Both can be extended without the need to change protocol versions Continue reading

Microsoft and SAP deepen partnership with Azure and Office integrations

SAP and Microsoft have expanded an existing partnership to offer new products to users of the Azure and Office 365 cloud services, focused on better integrating the two companies' offerings. Azure customers will be able to use SAP HANA in Microsoft's public cloud, expanding the reach of that popular relational database service. SAP is also integrating its services including Fieldglass, Concur and SuccessFactors with Microsoft Office 365, so users can get the benefits of Microsoft's communications, collaboration, calendar and document editing tools.This all fits into Microsoft's ongoing strategy of partnering broadly with a variety of companies, including those that compete against it in some businesses. Teaming up with SAP can make Azure and Office 365 more appealing to companies that are already tied into SAP's ecosystem, and drive adoption of each company's products.To read this article in full or to leave a comment, please click here

How the IoT keeps Ben & Jerry’s ice cream safe

If a dropped ice cream cone is one of the saddest images in the world, then the loss of tens of thousands of dollars of ice cream—especially Ben & Jerry’s ice cream—is a tragedy. It’s also a huge financial hit, and one that Udder Ventures experienced when a new walk-in freezer malfunctioned at its Ben & Jerry’s Scoop Shop in the Haight-Asbury section of San Francisco. The equipment wasn’t installed perfectly—it wasn’t localized for temperature variances in San Francisco properly, said John Slater, Udder Ventures’ chief euphoria officer (the managing member of the company). So, it kept tripping the system, and when the system tripped, the freezer shut off—and the ice cream melted.To read this article in full or to leave a comment, please click here

9 Startups That Will Change The Way You Think About Cloud

Firefox’s market share is bigger than that of all Microsoft’s browsers combined

Firefox now has more desktop users than both Microsoft's web browsers combined -- but it's a rivalry that is increasingly irrelevant as Google Chrome has almost twice the share of Firefox and Microsoft together.The latest figures from Statcounter show that Microsoft Edge and Internet Explorer combined had a 15.5 percent share of worldwide desktop browser usage in April, a decline from 15.8 percent in March.The effect of Microsoft's new Edge browser is, it seems, marginal, with Windows 10 users apparently preferring other browsers.The boost to Microsoft's overall browser share that it might have expected from the launch of the Windows 10 with Edge hasn't happened yet, Statcounter said.To read this article in full or to leave a comment, please click here

US says proposed Chinese regulations could fragment the Internet

The U.S. has warned of fragmentation of the Internet if China goes ahead with proposed rules that would require compulsory registration of Internet domain names in China through government-licensed providers.The regulations for the administration of Internet domain names would also forbid the registration of websites containing any one of nine categories of broadly and vaguely defined prohibited content, and create a blacklist of ‘forbidden characters’ in the registration of domain names, “adding an extra layer of control to China’s Great Firewall,” two top U.S. officials in charge of Internet policy and administration, wrote in a statement Monday. To read this article in full or to leave a comment, please click here

US says proposed Chinese regulations could fragment the Internet

The U.S. has warned of fragmentation of the Internet if China goes ahead with proposed rules that would require compulsory registration of Internet domain names in China through government-licensed providers.The regulations for the administration of Internet domain names would also forbid the registration of websites containing any one of nine categories of broadly and vaguely defined prohibited content, and create a blacklist of ‘forbidden characters’ in the registration of domain names, “adding an extra layer of control to China’s Great Firewall,” two top U.S. officials in charge of Internet policy and administration, wrote in a statement Monday. To read this article in full or to leave a comment, please click here

House lawmakers work to replace the hated H-1B lottery

Two U.S. House lawmakers are involved in a bipartisan effort to change how H-1B visas are allocated, moving away from a random lottery and using salary offers instead.The legislation by Reps. Darrell Issa (R-Calif.) and Zoe Lofgren (D-Calif.) has not yet been introduced. It's uncertain whether it will be put forward anytime soon or whether this effort to reach a bipartisan agreement will stick. While staffers have met to discuss the bill, and Issa has indicated support for a joint effort, it has little chance unless Issa is firmly behind it.+ RELATED: With H-1B visa, diversity doesn’t apply +To read this article in full or to leave a comment, please click here

Apple patches 67 bugs in OS El Capitan, refreshes Safari and iTunes

Apple yesterday updated OS X El Capitan to version 10.11.5, patching nearly 70 vulnerabilities as it began to wind down changes prior to the next iteration launching later this year.OS X 10.11.5 offered few non-security bug fixes and no new features; in other words, it was a typical late-life refresh of an edition.Apple on Monday also patched the older OS X Mavericks (from 2013) and OS X Yosemite (2014), and issued updates to both iTunes and the firm's Safari browser.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords Of the 67 security flaws fixed in El Capitan, a dozen also applied to Mavericks and 14 to Yosemite, according to Chris Goettl, director of product management at Salt Lake City-based LANDESK, which makes systems and asset management software.To read this article in full or to leave a comment, please click here

Apple patches 67 bugs in OS El Capitan, refreshes Safari and iTunes

Apple yesterday updated OS X El Capitan to version 10.11.5, patching nearly 70 vulnerabilities as it began to wind down changes prior to the next iteration launching later this year.OS X 10.11.5 offered few non-security bug fixes and no new features; in other words, it was a typical late-life refresh of an edition.Apple on Monday also patched the older OS X Mavericks (from 2013) and OS X Yosemite (2014), and issued updates to both iTunes and the firm's Safari browser.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords Of the 67 security flaws fixed in El Capitan, a dozen also applied to Mavericks and 14 to Yosemite, according to Chris Goettl, director of product management at Salt Lake City-based LANDESK, which makes systems and asset management software.To read this article in full or to leave a comment, please click here

Enterprises Bullish On 100 GbE, Cloud, And SDN

RadiUID: Palo Alto User-ID and RADIUS

The Palo Alto User-ID feature is awesome as long as you can feed it IP-to-User mappings. PAN provides agents to do this which work in many environments, but not usually without Active Directory. I wrote RadiUID to perform this function is situations where all you have is RADIUS. Approx Reading Time: 5-15 Minutes You see, […]

The post RadiUID: Palo Alto User-ID and RADIUS appeared first on Packet Pushers.

RadiUID: Palo Alto User-ID and RADIUS

The Palo Alto User-ID feature is awesome as long as you can feed it IP-to-User mappings. PAN provides agents to do this which work in many environments, but not usually without Active Directory. I wrote RadiUID to perform this function in situations where all you have is RADIUS. Approx Reading Time: 5-15 Minutes You see, […]

The post RadiUID: Palo Alto User-ID and RADIUS appeared first on Packet Pushers.