0

Are you overlooking tokenization as a data security measure?

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  As a security technology that obfuscates clear text data, tokenization is the red-headed stepchild compared to encryption. That's changing, however, as tokenization has a key role in enabling mobile payment systems such as Apple Pay, Samsung Pay and Android Pay. If you use any of these smartphone-based payment applications, tokenization is already at work for you.Unless you're in the payments industry, you might not even know what tokenization is, or how it can protect sensitive data. Yes, there are uses for the technology beyond securing payment data. I'll talk use cases in a minute, but first let me explain what tokenization is.To read this article in full or to leave a comment, please click here

0

Large scale BGP hijack out of India

BGP hijacks happen every day, some of them affect more networks than others and every now and then there’s a major incident that affects thousands of networks. Our monitoring systems keep an eye out for our users and if you would like to have a general idea of what’s going on in the world of BGP incidents, keep an eye on BGPstream.com. Earlier today we detected one of those major incidents that affected thousands of networks.

Starting at 05:52 UTC, AS9498 (BHARTI Airtel Ltd.) started to claim ownership for thousands of prefixes by originating them in BGP. This affected prefixes for over two thousand unique organizations (Autonomous systems).

Our systems detected origin AS changes (hijacks) for 16,123 prefixes. The scope and impact was different per prefix but to give you an idea, about 7,600 of these announcements were seen by five or more of our peers (unique peers ASns) and 6,000 of these were seen by more than 10 of our peers.

One of the reasons this was so widespread is because large networks such as AS174 (Cogent Communications) and AS52320 (GlobeNet Cabos Submarinos VZLA) accepted and propagated these prefixes to their peers and customers.

The BGPplay visualization Continue reading

0

Android security update focuses on media files

In light of Android's mediaserver issues, Google’s latest Android security update focused on flaws related to the operating system's treatment of media files. Android’s current flaws are similar to problems that cropped up with Windows more than a decade ago.Google addressed seven vulnerabilities as part of this month’s Android security update, released this week. Of the critical vulnerabilities, one was in the libutils component (CVE-2015-6609) near where Stagefright flaws were found over the summer, and the other was in the Android mediaserver component (CVE-2015-6609). They were rated as critical, as they could allow remote code execution when handling malformed media files.To read this article in full or to leave a comment, please click here

0

Cox to pay $595,000 for Lizard Squad data breach

Cox Communications has agreed to pay US$595,000 and submit to seven years of computer security compliance monitoring by the Federal Communications Commission to settle an investigation into whether the cable TV and Internet operator failed to safeguard the personal information of its customers.The investigation relates to a hack of Cox in 2014 by "EvilJordie," a member of the "Lizard Squad" hacker collective, and is the FCC's first privacy and data security enforcement action against a cable operator.The FCC's investigation found that by posing as a Cox IT staffer, the hacker convinced a Cox customer service representative and contractor to enter their account IDs and passwords into a fake website, the FCC said Thursday.To read this article in full or to leave a comment, please click here

0

EU tells US it must make next move on new Safe Harbor deal

The European Union put the onus firmly on the U.S. to make the next move in negotiating a replacement for the now-defunct Safe Harbor Agreement on privacy protection for transatlantic personal data transfers. "We need a new transatlantic framework for data transfers," said Vĕra Jourová, the European Commissioner for Justice and Consumers, emphasizing the urgency of the situation. However, she said at a news conference in Brussels on Friday, "It is now for the U.S. to come back with their answers." EU law requires that companies guarantee the same privacy protection for the personal information of EU citizens that they hold, wherever in the world they process it.To read this article in full or to leave a comment, please click here

0

Show 262 – Future of Networking – Dave Ward

The Future of Network with David Ward, CTO at Cisco and long time open source advocate and raconteur, many decades of corporate life talks about how he sees the future of networking.

The post Show 262 – Future of Networking – Dave Ward appeared first on Packet Pushers.

0

Video: Control Plane Protocols in OpenFlow-Based Networks

One of the typical questions I get in my SDN workshops is “how do you run control-plane protocols like LACP or OSPF in OpenFlow networks?”.

I wrote a blog post describing the process two years ago and we discussed the details of this challenge in the OpenFlow Deep Dive webinar. That part of the webinar is now public: you’ll find the OpenFlow Use Cases: Control-Plane Protocols video on the ipSpace.net Free Content web site.

0

Alcatel Lucent Certification (NRS I)

Hi all,   There have been a few discussions and blog posts on here on the subject of certs from the different vendors.   If you

0

ESXi FREE Web Client Interface

A good tutorial on what is ESXi Web Client Interface is, how to install and maintain it by http://www.vladan.fr/

0

Software-Defined Network Management: What We Need

Does software-defined networking need software-defined network management?

0

ProtonMail recovers from DDoS punch after being extorted

The last few days have not been easy for ProtonMail, the Geneva-based encrypted email service that launched last year. Earlier this week, the service was extorted by one group of attackers, then taken offline in a large distributed denial-of-service (DDoS) attack by a second group that it suspects may be state sponsored. ProtonMail offers a full, end-to-end encrypted email service. It raised more than US$500,000 last year after a blockbuster crowdfunding campaign that sought just $100,000.  Now, it bills itself as the largest secure email provider, with more than 500,000 users. Creating an account is free, although ProtonMail plans to eventually introduce a paid-for service with additional features.To read this article in full or to leave a comment, please click here

0

How a mobile app company found the XcodeGhost in the machine

Nick Arnott couldn't figure out recently why Apple kept rejecting an update to a mobile app his company developed.It turned out the problem was a ghost in the machine.His company, Possible Mobile, is well versed in the App Store submission rules and has built apps for JetBlue, Better Homes & Gardens and the Major League Soccer.The rejection came after it was discovered in mid-September that thousands of apps in the App Store had been built with a counterfeit version of an Apple development tool, Xcode.The fake version, dubbed XcodeGhost and probably developed in China, had been downloaded by many developers from third-party sources, apparently because getting the 4GB code from Apple took too long.To read this article in full or to leave a comment, please click here

0

Arista Networks Sees No Letup in Cloud Capex

A $1B run rate is in sight as Arista prepares for a healthy Q4 from cloud customers.

0

007 Tips for keeping your business as secure as MI6

As James Bond has shown, even a sophisticated MI6 operative with a nearly limitless budget and an array of hi-tech gadgets has to take into account existing security measures when formulating a plan to infiltrate a building or system. And while online criminal organizations don’t have Bond’s resources, they are sophisticated and well funded, which means you have to continually up your efforts to reduce the threat surface of your business.As you begin planning for 2016, here are 007 tips for bringing your business closer to an MI6 level of security, without a nation-state budget:1. Auto expiring credentials for new recruits: While we hope your corporate hiring process isn’t as intense as that of a secret agent, at the end of the day not everyone who signs up ends up making the final cut. To minimize your risk of rogue access, implement a policy that requires system admins to always create expiring credentials for new hires. It’s best practice to implement this for any temporary hires, but if your company offers an employment grace period, consider applying the expiration for the end of that time period, just in case. It’s always easier to re-implement than revoke once things Continue reading

0

Worth Reading: Alphabet and Anti-trust

What we have learned in the last two months is that Google is much more worried than it says about the risks it faces from a variety of real structural changes it may have to make in its core business overseas in the months and years ahead — where the vast majority of Google’s users are, and from where over 50% of its revenues come. Google apparently foresees a coming brand winter of antitrust/privacy structural enforcement actions hanging over Google around the world. via somewhat reasonable

The post Worth Reading: Alphabet and Anti-trust appeared first on 'net work.

0

Five things you should know about unlicensed LTE

1. It's the spectrum that's unlicensed, not the LTE.The acronyms are flying: LTE-U, LAA, MuLTEfire. They're all forms of LTE tweaked to send signals over unlicensed frequencies, which are open to Wi-Fi, Bluetooth, and any other technology that plays fair. Carriers could use it as soon as 2016 to add frequencies without spending billions to license them. At first, unlicensed LTE will only be used to supplement a carrier's own bands to make downloads faster. Later, it might send traffic both directions and even be used by enterprises that have no licensed spectrum.To read this article in full or to leave a comment, please click here

0

Five things you should know about unlicensed LTE

Here are five things you should know about unlicensed LTE, the concept of sending 4G cell traffic over channels also used by Wi-Fi and other networks.1. It's the spectrum that's unlicensed, not the LTE.The acronyms are flying: LTE-U, LAA, MuLTEfire. They're all forms of LTE tweaked to send signals over unlicensed frequencies, which are open to Wi-Fi, Bluetooth, and any other technology that plays fair. Carriers could use it as soon as 2016 to add frequencies without spending billions to license them. At first, unlicensed LTE will only be used to supplement a carrier's own bands to make downloads faster. Later, it might send traffic both directions and even be used by enterprises that have no licensed spectrum.To read this article in full or to leave a comment, please click here

0

14 strange but true tech facts you (probably) don’t know

Hardly trivialImage by Mahender G/FlickrAs computers grow ever more powerful, we humans have to figure out where we still remain superior. Here's one suggestion: although the Internet is full of endless reams of data, it takes a human mind to suss through it all and determine what qualifies as interesting to other humans. Thus, we at ITworld present you with the following anecdotes about technology and the Internet, guaranteed to have been selected by the human hand and eye to pique your interest. Hopefully robots won't take this job for another few years.To read this article in full or to leave a comment, please click here

0

Featured Sonus White Paper: Use SDN to Turn Cloud Exchange Network into a Network-as-a-Service

Learn how providers can use SDN to turn WANs into revenue-generating Network-as-a-Service.

0

Highlight: The Pie Problem

The post Highlight: The Pie Problem appeared first on 'net work.