0

Shining a Spotlight on SD-WAN Interoperability

This hot WAN technology holds great promise, but isn't without its issues.

0

IT Vendor Risk Management: Improving but Still Inadequate

One of the fundamental best practices of cyber supply chain security is IT vendor risk management.  When organizations purchase and deploy application software, routers, servers, and storage devices, they are in essence placing their trust in the IT vendors that develop and sell these products. Unfortunately, this trust can be misplaced.  Some IT vendors (especially startups) focus on feature/functionality rather than security when they develop products resulting in buggy vulnerable products.  In other cases, hardware vendors unknowingly build systems using malicious components sourced through their own supply chain.  IT products are also often purchased through global networks of third-party distributors that have ample opportunity to turn innocent IT products into malicious confederates for cybercrime.To read this article in full or to leave a comment, please click here

0

Heat map to show where burning need is for cybersecurity pros

The National Institute of Standards and Technology (NIST) is funding creation of a heat map visualization tool that will show where cybersecurity jobs are open across the country. The first rendition should be out late next year.The project, funded through NIST’s National Initiative for Cybersecurity Education (NICE), will provide data to help employers, job seekers, policy makers and others sync up. NETWORK JOBS ARE HOT: Salaries expected to rise in 2016Some 230,000 cybersecurity jobs are open across the U.S., according to the Department of Commerce, and the number of openings has roughly doubled over the past 4 or 5 years.To read this article in full or to leave a comment, please click here

0

UPDATED: Geek-themed Meme of the Week Archive

They are inescapable on the Internet. Most are awful. A few are not, so we have started publishing a selection of memes that amuse me. One every week. Here’s the archive.Pool Wi-FiImage by ImgurTo read this article in full or to leave a comment, please click here

0

Living in a virtualized world …

Gamers are used to living in a virtualized world. Battling imaginary villains and taking castle towers. However, this is not the only virtualized world that exists today. Our computer addicted world is going virtualized in virtual machines. Like with any...

0

New ransomware program Chimera threatens to leak user files

Ransomware creators have taken their extortion one step further: in addition to encrypting people's private files and asking for money before releasing a key, they now threaten to publish those files on the Internet if they're not paid.This worrying development has recently been observed in a new ransomware program dubbed Chimera that was documented by the Anti-Botnet Advisory Centre, a service of the German Association of the Internet Industry.The attackers behind this new threat target mainly businesses by sending rogue emails to specific employees that masquerade as job applications or business offers. The emails contain a link to a malicious file hosted on Dropbox.To read this article in full or to leave a comment, please click here

0

Overture & Partners Deliver VNF-based Carrier Ethernet

Masergy is already using this multi-vendor VNF system for Carrier Ethernet.

0

Cyber liability from perspective of board members and execs

Companies are increasingly reliant on digital spaces and the continuing stream of high-profile data breaches means cybersecurity topics – often in the form of cyber liability questions – are now a part of board and senior management discussions instead of only being discussed at the IT level. Security, following “ethical issues,” is the second-leading risk to a company’s brand.Although getting hacked has a huge impact on the bottom line, NYSE Governance Services and Vercode found that “the extent of the brand damage caused by breaches is often linked to boards’ level of preparedness. It is therefore a board’s fiduciary duty to ask the right questions to ensure due care has been followed.”To read this article in full or to leave a comment, please click here

0

Journey to Become SDN Warrior!

We have just released the Journey to become SDN Warrior v1! Designed with end in mind. Based on today's SDN and NFV real use cases. Clear milestone in every learning step. Transforming Network Engineers' skill while still maintain relevancy with the networking industry that is transforming as well. First Dojo to open in Dubai early 2016. Join us https://www.facebook.com/groups/sdnwarriors/

0

The Future Of Networking Is Watson

Forget SDN. IBM's cognitive system demonstrates the power of artificial intelligence, which will run our networks and transform IT management.

0

8 Open Networking Terms To Know

Open networking is all the rage, but it covers a lot of ground. Get familiar with some of the basic terminology so you're not left in the dark.

0

Sprint owner confirms job cuts will be ‘in the thousands’

Sprint Chairman and SoftBank CEO Masayoshi Son told reporters in Tokyo early Wednesday that job cuts at Sprint will be "in the thousands" as part of a restructuring plan.His comments came as SoftBank, which owns more than 70% of Sprint, reported its quarterly earnings."Sprint is now in the position to increase the pace of user acquisition while cutting costs," Son said, according to Bloomberg and other news sources. "We will also cut staff. The cuts will be in the thousands."Son's comments are not out of line with things Sprint CEO Marcelo Claure has been telling Sprint workers for months.To read this article in full or to leave a comment, please click here

0

How Verizon analyzes security-breach data with R

Analyzing 200,000 records may not seem like a big task. But when those records are security incidents with potentially hundreds of attributes each -- types of bad actors, assets affected, category of organization and more -- it starts getting a little complex for a spreadsheet. So Verizon's annual security report, which was initially done in Excel, is now generated "soup to nuts" in R.In fact, the Verizon Data Breach Report is somewhat of "a love letter to R," Bob Rudis, managing principal and senior data scientist at Verizon Enterprise Solutions, told the EARL (Effective Applications of the R Language) Boston conference earlier today.To read this article in full or to leave a comment, please click here

0

There’s a Problem with IPv6 Multihoming

In an amazing turn of events, at least one IETF working group recognized we have serious problems with IPv6 multihoming. According to the email Fred Baker sent to a number of relevant IETF working groups:

PI multihoming demonstrably works, but PA multihoming when the upstreams implement BCP 38 filtering requires the deployment of some form of egress routing - source/destination routing in which the traffic using a stated PA source prefix and directed to a remote destination is routed to the provider that allocated the prefix. The IETF currently has no such recommendation, or consensus that it should have.

Here are a few really old blog posts just in case you don’t know what I’m talking about (and make sure you read the comments as well):

Read more ...

0

phpipam on Synology

I have received some requests for running phpipam on synology, I personally don’t use it, but if you do you will find this useful.

Apparently the problem is in missing GMP php extension, you can find it here, along with instructions:

http://forum.synology.com/enu/viewtopic.php?f=34&t=101226&p=401309#p401309

 

thanks to Ferdinand for providing extension.

br

0

CCDE – Firewall And IPS Design Considerations

Introduction

This post will discuss different design options for deploying firewalls and Intrusion Prevention Systems (IPS) and how firewalls can be used in the data center.

Firewall Designs

Firewalls have traditionally been used to protect inside resources from being accessed from the outside. The firewall is then deployed at the edge of the network. The security zones are then referred to as “outside” and “inside” or “untrusted” and “trusted”.

Anything coming from the outside is by default blocked unless the connection initiated from the inside. Anything from the inside going out is allowed by default. The default behavior can of course be modified with access-lists.

It is also common to use a Demilitarized Zone (DMZ) when publishing external services such as e-mail, web and DNS. The goal of the DMZ is to separate the servers hosting these external services from the inside LAN to lower the risk of having a breach on the inside. From the outside only the ports that the service is using will be allowed in to the DMZ such as port 80, 443, 53 and so on. From the DMZ only a very limited set of traffic will be allowed Continue reading

0

IETF Yokohama Days 4 & 5

Posted on Packet Pushers here. This is my last post in the series; next week, back to regular blogging.

The post IETF Yokohama Days 4 & 5 appeared first on 'net work.

0

IETF Yokohama: Days 4 & 5

Funny enough, much of the food you will find in Yokohama is Chinese, rather than Japanese — another odd fact you probably didn’t need to know. I’m going to cover day 4 and 5 here, as I’m leaving tomorrow morning to head back to the “real world.” Wednesday is a “slow day” in terms of […]

The post IETF Yokohama: Days 4 & 5 appeared first on Packet Pushers.

0

Risky Business #388 — Cyber shrinkery, IoT shenanigans and guest Troy Hunt

This week's feature interview is with Troy Hunt of HaveIBeenPwned.com. And he's noticing something pretty weird. It's common for people to deface websites for bragging rights, and yeah, it's not new that data dumps are the new bragging fodder. But it seems like these days attackers are seeing Troy's site as the definitive place to get cred. Now they'll steal a bunch of data and Troy is their first stop.

Life is strange on the internets. That's this week's feature interview.

read more

0

Apple wages battle to keep App Store malware-free

Apple is facing growing challenges keeping suspicious mobile applications out of its App Store marketplace.Over the last two months, researchers have found thousands of apps that could have potentially stolen data from iOS devices.While the apps were not stealing data, security experts said it would have been trivial for attackers to configure them to do so. Apple has removed some of affected apps since it was alerted by security companies. But the problems threaten to taint the App Store's years-long reputation as being high quality and malware free. Apple officials didn't have an immediate comment.To read this article in full or to leave a comment, please click here