Archive

Category Archives for "Networking"

Hacking group that hit South Korea may be at it again with new target

A hacking group that crippled South Korean banks, government websites and news agencies in early 2013 may be active again, Palo Alto Networks said Wednesday.The firewall maker said it found strong similarities between malware used in a recent attack in Europe and that used in the South Korean attacks, referred to as Dark Seoul and Operation Troy.The organization in Europe that was attacked was likely a victim of spear-phishing, where an email with a malware attachment or a harmful link is sent to hand-picked employees.The malware had been wrapped into legitimate video player software that was hosted by an industrial control systems company, wrote Bryan Lee and Josh Grunzweig of Palo Alto in a blog post. The code appears to be the same as the malware used in the Dark Seoul attacks although without the destructive component that wipes hard drives.To read this article in full or to leave a comment, please click here

Damballa finds tools related to the malware that hit Sony

Security company Damaballa said it has found two utilities that are closely related to capabilities seen in the destructive malware that hit Sony Pictures Entertainment last year. The utilities were discovered as Damballa was investigating a new version of the "Destover" malware, which rendered thousands of computers unusable at Sony after attackers stole gigabytes of sensitive company information. One key question in the Sony breach is how the attackers were able to evade security systems. What Damaballa found are two utilities that help mask new files introduced to a system.  "Both utilities would be used during an attack to evade detection while moving laterally through a network to broaden the attack surface," wrote senior threat researchers Willis McDonald and Loucif Kharouni, in a blog post on Wednesday.To read this article in full or to leave a comment, please click here

CCIE Data Center v2.0 Blueprint Announced

Cisco has just announced CCIE Data Center Written and Lab Exam Content Updates.Important dates for the changes are:

  • Last day to test for the v1.0 written – July 22, 2016
  • First day to test for the v2.0 written – July 25, 2016
  • Last day to test for the v1.0 lab – July 22, 2016
  • First day to test for the v2.0 lab – July 25, 2016

Key hardware changes in the v2.0 blueprint are:

  • APIC Cluster
  • Nexus 9300
  • Nexus 7000 w/ F3 Module
  • Nexus 5600
  • Nexus 2300 Fabric Extender
  • UCS 4300 M-Series Servers

Key technical topic changes in the v2.0 blueprint are:

  • VXLAN
  • EVPN
  • LISP
  • Policy Driven Fabric (ACI)

More details to come!

Network virtualization visibility demo

New OVS instrumentation features aimed at real-time monitoring of virtual networks, Open vSwitch 2015 Fall Conference, included a demonstration of real-time visibility into the logical network overlays created by network virtualization, virtual switches, and the leaf and spine underlay carrying the tunneled traffic between hosts.

The diagram above shows the demonstration testbed. It consists of a leaf and spine network connecting two hosts, each of which is running a pair of Docker containers connected to Open vSwitch (OVS). The vSwitches are controlled by Open Virtual Network (OVN), which has been configured to create two logical switches, the first connecting the left most containers on each host and the second connecting the right most containers. The testbed is described in more detail in Open Virtual Network (OVN) and is built from free components and can easily be replicated.


The dashboard in the video illustrates the end to end visibility that is possible by combining standard sFlow instrumentation in the physical switches with sFlow instrumentation in Open vSwitch and Host sFlow agents on the servers.

The diagram on the left of the dashboard shows a logical map of the elements in the testbed. The top panel shows the two logical switches Continue reading

IDG Contributor Network: This company’s name isn’t a joke: Secret Double Octopus goes beyond encryption

The process of naming a startup is fraught with peril - founders need to find a name which is catchy, ideally short, and one for which the URL is still available. Seemingly throwing most of the rules (at least about brevity or sense) out the window, Secret Double Octopus, a new company just emerging from stealth, has at least ensured one thing - no one will forget its name.Beyond quirky names, however, this company is doing something interesting. Yet another cybersecurity company that originated in Israel, Secret Double Octopus (we'll call it SDO to avoid the risks of overuse injury from repeatedly typing the name) is all about securing networking traffic and authentication beyond the traditional approaches of PKI, SSL and VPN. SDO aims to help secure data in transit, whether it's between sites, between a website and the cloud, or within mobile or IoT use cases. SDO's approach employs secret sharing, thereby eliminating the need for cryptographic keys.To read this article in full or to leave a comment, please click here

CCIE DC v2 Silently Announced!

So as with most things, a student just pointed out to me that the CCIE DC v2 has silently been pushed out into the Cisco Learning portal! See here:

http://www.cisco.com/web/learning/certifications/expert/ccie_dc/index.html

There is a PDF in there now showing the differential changes in the v1 and v2 blueprints:

http://www.cisco.com/web/learning/certifications/shared/docs/ccie-datacenter-comparison.pdf

Lab Structure

Well here is the rundown folks:

  1. 1 hour diagnostic section added
    1. Tests diagnostics around network issues, and the analyzing of the network without access to actual devices
    2. Independent tickets garnered from multiple sources (diagrams, emails, logs, etc…)
    3. Multiple Choice, Drag-n-drop, point-and-click item types (similar to the written examination)
  2. Troubleshoot and Configuration will be the remaining 7 hours

You have to pass both of these sections individually (achieve the minimum), and as well have a combined score above the combined minimum for both modules.

Lab Topics and Hardware

They have changed quite a bit in regards to topics, though they haven’t removed very much from the existing lab exam. A lot of what I put in parenthesis below is me, making an educated guess as to what they mean by those line items. With an already pretty full 8-hour exam, cramming some, or even all Continue reading

The US government wants in on the public cloud, but needs more transparency

The U.S. federal government is trying to move more into the cloud, but service providers' lack of transparency is harming adoption, according to Arlette Hart, the FBI's chief information security officer. "There's a big piece of cloud that's the 'trust me' model of cloud computing," she said during an on-stage interview at the Structure conference in San Francisco Wednesday. That's a tough sell for organizations like the federal government that have to worry about protecting important data. While Hart said that the federal government wants to get at the "enormous value" in public cloud infrastructure, its interest in moving to public cloud infrastructure is also tied to a need for greater security. To read this article in full or to leave a comment, please click here

U.S. may be financing encryption apps to stay ahead of terrorists

The U.S. government's financial support for the development of smartphone encryption apps doesn't surprise security experts.U.S. intelligence agencies are probably involved in funding commercial encryption apps through the government's Open Technology Fund to stay on top of terrorists and organized criminals that use encryption to cloak their communications, several security experts said Wednesday.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers "It would not surprise me if federal agencies were funding encryption apps because it is possibly the only option available to monitor terrorism and organized crime," said Darren Hayes, assistant professor and director of cybersecurity at Pace University. "ISIS members have been actively pushing potential recruits to move to encrypted communications."To read this article in full or to leave a comment, please click here

FTC loses: Judge dismisses FTC data security case against LabMD

Cancer-screening laboratory LabMD won its case against the FTC. LabMD was accused of two data breaches, one in 2012 and one in 2008, when a company spreadsheet that contained sensitive personal information of 9,000 consumers was found on a peer-to-peer network. Seven years of litigation later, FTC Chief Administrative Law Judge Chappell’s issued an initial ruling (pdf) dismissing the FTC’s complaint against LabMD since the FTC had failed to prove that LabMD’s “alleged failure to employ ‘reasonable and appropriate’ data security ‘caused, or is likely to cause, substantial injury to consumers’.”To read this article in full or to leave a comment, please click here

Google-owned VirusTotal starts analyzing Mac malware in a sandbox

VirusTotal, the most widely used online file-scanning service, is now executing suspicious Mac apps submitted by users inside a sandbox to generate information that could improve the analysis and detection of Mac malware.This comes at a time when, according to security vendors, the number of potentially unwanted Mac OS X applications, especially adware programs, is at an all time high.VirusTotal, a Google-owned service, allows users to upload suspicious files and scan them with 54 different antivirus products. However, its scan results are not perfect and should not be taken as guarantees that files are safe.To read this article in full or to leave a comment, please click here

Supersonic passenger jet service by 2023?

There could be supersonic private passenger flights buy 2023 if Airbus and Aerion have their way.The two companies this week expanded their existing partnership and detailed the results of their research – the AS2, a 170-ft. long needle-shaped, three-engine jet capable of hitting speeds over 1,200MPH – about Mach 1.5. The idea is to test fly the jet by 2021 -- which can handle about 12 passengers -- and have it in service by 2023. Airbus/Aerion AS2To read this article in full or to leave a comment, please click here

The Next Horizon for Cloud Networking & Security

VMware NSX has been around for more than two years now, and in that time software-defined networking and network virtualization have become VMware Networking Expert Guido Appenzellerinextricably integrated into modern data center architecture. It seems like an inconceivable amount of progress has been made. But the reality is that we’re only at the beginning of this journey.

The transformation of networking from a hardware industry into a software industry is having a profound impact on services, security, and IT organizations around the world, according to VMware’s Chief Technology Strategy Officer for Networking, Guido Appenzeller.

“I’ve never seen growth like what we’ve found with NSX,” he says. “Networking is going through a huge transition.” Continue reading

Arista steps outside the data center with Cloud Connect solution

The rise of virtualization has had a profound impact on the technology industry. In the networking industry, perhaps no vendor has ridden the wave of cloud more than Arista Networks. The company was founded a little over a decade ago, and today it is a publicly traded company with a market capitalization of over $4.6 billion. However, almost all of Arista's revenues today come from selling products inside the data center. The company was one of the most aggressive vendors in pushing the concept of a spine/leaf architecture as a replacement for a traditional multi-tier network. This week, Arista announced its first solution that is outside the data center. The Arista Cloud Connect solution connects public and private cloud data centers. Moving into the data center interconnect market is a logical extension for Arista and highlights just how far merchant silicon has come over the past decade.To read this article in full or to leave a comment, please click here

How to use SANless clusters to protect SQL in the cloud

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

While cloud computing has proven to be beneficial for many organizations, IT departments have been slow to trust the cloud for business-critical Microsoft SQL Server workloads. One of their primary concerns is the availability of their SQL Server, because traditional shared-storage, high-availability clustering configurations are not practical or affordable in the cloud.

Amazon Web Services and Microsoft Azure both offer service level agreements that guarantee 99.95% uptime (fewer than 4.38 hours of downtime per year) of IaaS servers. Both SLAs require deployment in two or more AWS Availability Zones or Azure Fault Domains respectively. Availability Zones and Fault Domains enable the ability to run instances in locations that are physically independent of each other with separate compute, network, storage or power source for full redundancy. AWS has two or three Availability Zones per region, and Azure offers up to 3 Fault Domains per “Availability Set.”

To read this article in full or to leave a comment, please click here

Adobe patches flaws in ColdFusion, LiveCycle Data Services and Premiere Clip

Adobe has released security updates for its ColdFusion application server, LiveCycle Data Services framework and Premiere Clip iOS app. The company published hotfixes for ColdFusion versions 11 and 10, namely ColdFusion 11 Update 7 and ColdFusion 10 Update 18. Both updates address two input validation issues that could be exploited to execute cross-site scripting (XSS) attacks. In addition, the hotfixes include an updated version of BlazeDS, a Java messaging protocol for rich Internet applications, that resolves an important server-side request- forgery vulnerability.To read this article in full or to leave a comment, please click here

1 2,921 2,922 2,923 2,924 2,925 3,488