0

Sony BMG Rootkit Scandal: 10 Years Later

Ben Edelman/Wikipedia A warning pops up on computer screen about Sony BMG rootkit on music CD Hackers really have had their way with Sony over the past year, taking down its Playstation Network last Christmas Day and creating an international incident by exposing confidential data from Sony Pictures Entertainment in response to The Interview comedy about a planned assassination on North Korea’s leader. Some say all this is karmic payback for what’s become known as a seminal moment in malware history: Sony BMG sneaking rootkits into music CDs 10 years ago in the name of digital rights management.To read this article in full or to leave a comment, please click here

0

A short history of Sony hacks

Target on its backThe giant Japanese electronics company dazzled us with its Walkman and Discman in the late 70s/early 80s, as well as with its TVs, cameras and game consoles over the years. But things took a bad turn in 2005…(SEE ALSO: Sony BMG Rootkit Scandal: 10 Years Later)To read this article in full or to leave a comment, please click here

0

Walmart exec predicts holiday shopping season ‘anarchy’ due to chip credit cards

Just what we don’t need…‘anarchy’ during the holiday shopping season. But a top payment executive at Walmart claimed that is what could happen due to the timing of forcing merchants to have chip-an-pin credit card payment terminals.U.S. banks replaced hundreds of millions of credit and debit cards that rely on magnetic strips, which store data, with new cards that contain a small gold EMV microchip; the new cards are hyped as being much more secure, even though the cards have been hacked through man-in-the-middle attacks. French scientists also discovered how criminals altered stolen credit cards that were supposed to be protected by a security chip and a PIN code the crooks didn’t know.To read this article in full or to leave a comment, please click here

0

Brocade DemoFriday Q&A + Video: Liberate Your Applications with Services Director

Read the full Q&A from Brocade's DemoFriday and watch a demonstration on how to make your application development more efficient with the Services Director.

0

Brocade Featured White Paper: Network Packet Brokers for Next-Gen Networks

A new class of network packet brokers is emerging to meet the demands of software-centric architectures and expanded feature sets.

0

US copyright law exemption allows good-faith car, medical device hacking

The U.S. Copyright Office has given security researchers reason to hope that they'll be able to search for flaws in car systems and medical devices without the threat of legal action.On Tuesday, the Librarian of Congress, who makes final rulings on exemptions to copyright rules, granted several exceptions to Section 1201 of the Digital Millennium Copyright Act (DMCA), which prohibits the circumvention of the technological methods that are used to protect copyright works. The U.S. Copyright Office is a department of the Library of Congress.The exemptions allow for "good-faith security research" to be performed on computer programs that run on lawfully acquired cars, tractors and other motorized land vehicles; medical devices designed to be implanted in patients and their accompanying personal monitoring systems and other devices that are designed to be used by consumers, including voting machines.To read this article in full or to leave a comment, please click here

0

US says it’s ok to hack cars and medical devices (sometimes)

The U.S. Copyright Office has given security researchers reason to hope that they'll be able to search for flaws in car systems and medical devices without the threat of legal action. On Tuesday, the Librarian of Congress, who makes final rulings on exemptions to copyright rules, granted several exceptions to Section 1201 of the Digital Millennium Copyright Act (DMCA), which prohibits the circumvention of the technological methods that are used to protect copyright works. The U.S. Copyright Office is a department of the Library of Congress. The exemptions allow for "good-faith security research" to be performed on computer programs that run on lawfully acquired cars, tractors and other motorized land vehicles; medical devices designed to be implanted in patients and their accompanying personal monitoring systems and other devices that are designed to be used by consumers, including voting machines.To read this article in full or to leave a comment, please click here

0

Featured Interview: Glenn Seiler Speaks to Open Standards & Pitfalls of Open NFV Solutions

Wind River Glenn Seiler defines "open" & gives his two cents on open NFV for TEMs.

0

First look: Microsoft Azure Active Directory Domain Services puts it all in the cloud

On Oct. 14, Microsoft announced the preview release of Azure Active Directory Domain Services or, as I like to call it, a domain in a cloud.Next up, you will need to either create a new virtual network or select an existing virtual network. This network has to be in the U.S. or Asia Azure regions. (These are the only geographic locales that the preview supports; of course, this feature will likely be available globally when the code comes out of the preview phase).To read this article in full or to leave a comment, please click here(Insider Story)

0

6 tips for your security awareness training

Keep a sharp eye out forImage by ThinkstockSecurity experts remind us that awareness is an ongoing effort. Here are some best practices for keeping your organization educated and aware year-round.Get the C-Suite involvedImage by ThinkstockTo read this article in full or to leave a comment, please click here

0

Split between EU privacy watchdogs on Safe Harbor worries business lobby

German data protection authorities' decision to break ranks with their counterparts in other European Union countries and block alternatives to Safe Harbor has business lobbyists worried.The striking down of the Safe Harbor data sharing agreement by the European Union's highest court on Oct. 6 left a legal vacuum that European Commission officials immediately sought to fill with a reminder of the legal alternatives available and promises of coordinated action by national privacy regulators, who responded with their own reassurances on Oct. 16.To read this article in full or to leave a comment, please click here

0

InteliSecure building a high-end security-services boutique

Data-loss-prevention provider InteliSecure is taking in new money, new employees and an entire U.K. security company in an effort to establish itself as a high-end security boutique.The company has raised $22 million in equity financing and a $6 million debt financing in order to buy Pentura – a U.K. managed security service provider – as well as expand its operations globally and hire additional hard-to-find security personnel. CEO Rob Eggebrecht Its premiere service, protecting data by identifying the most critical assets, configuring the infrastructure to enforce security policies and managing it, is highly customized, says CEO Rob Eggebrecht.To read this article in full or to leave a comment, please click here

0

CISA legislation would lift liability for businesses sharing cyber threat information

A bill that encourages businesses to share threat intelligence with each other and the government is closer to becoming a law than it has been for years now that it offers businesses near immunity from liability if the data they share is stolen and causes harm, but such sharing is still fraught with problems. Nathan Taylor The proposed Cybersecurity Information Sharing Act (CISA) proposal doesn’t force anyone to participate in sharing, but it creates incentives for businesses to do so willingly, says Nathan Taylor, a partner in the law firm Morrison & Foerster, who is following the bill as it wends its way through Congress.To read this article in full or to leave a comment, please click here

0

IT Security Horror Stories

In honor of Halloween and Cybersecurity Awareness Month, these tales from the IT crypt are sure to haunt your nightmares.

0

Examining 5 Presidential candidates’ support from tech company employees

Money talksImage by WikimediaIn a review of the Presidential candidates’ latest campaign finance reports, which list employee donations by company, we found seven tech companies that were common across most of the five candidates examined. Here’s a look at how much employees have contributed since the campaigns of Bernie Sanders, Donald Trump, Hillary Clinton, Carly Fiorina and Ben Carson began.To read this article in full or to leave a comment, please click here

0

Techies back Democrats in Presidential race

It will be many months before presidential candidates face their respective conventions, but for the time being the Democrats are winning the wallets of technology workers. Finance reform bars corporations from directly funding campaigns, but that doesn’t stop individuals from backing candidates of their choice. And according to Network World’s analysis of candidates’ most recent filings to the Federal Elections Commission, those technology workers donated far more to Democratic presidential candidates than did their Republican counterparts since the inception of each candidate’s campaign. The two frontrunning Democrats outpaced the three Republicans examined: $393,444 to $36,588. Network World reviewed the campaign finance reports of the two candidates from each party who are currently leading the polls and also included former HP chief Carly Fiorina.To read this article in full or to leave a comment, please click here

0

Survey: Vendor NETCONF and REST API Support

Time for another fill-in-the-blanks survey: how many vendors support NETCONF and/or REST API in their data center switches, routers, firewalls and load balancers?

Please help me complete the tables by writing a comment – and do keep in mind that it only counts if it’s documented in a public configuration guide on vendor’s web site.

Also, I’m not aware of any vendor using standard NETMOD YANG models. If someone does, please let me know.

Read more ...

0

A Few Easy Steps: Cisco IOS, Setup for Automation

In this session of A Few Easy Steps, we will be doing the initial setup for automation on a Cisco IOS Device. In General this will work on any Cisco IOS Device.  Session Prerequisites: You have a Cisco Console Cable You have a serial port You have a Terminal Program that you can access your …

0

Network Simulation – Cisco VIRL Increases Node Count

Great news everyone. Some of you might have seen that I created a petition to increase the node limit in VIRL. I know there have been discussions within Cisco about the node limit and surely our petition wasn’t the single thing that convinced the VIRL team but I know that they have seen it and I’m proud that we were able to make a difference!

On November 1st the node limit will be increased to 20 nodes for free! That’s right, you get 5 extra nodes for free. There will also be a license upgrade available that gets you to 30 nodes. I’m not sure of the pricing yet for the 30 node limit so I will get back when I get more information on that.

When the community comes together, great things happen! This post on Cisco VIRL will get updated as I get more information. Cisco VIRL will be a much more useful tool now to simulate the CCIE lab and large customer topologies. I tip my hat to the Cisco VIRL team for listening to the community.

The post Network Simulation – Cisco VIRL Increases Node Count appeared first on Daniels Networking Blog.

0

Oracle Undercuts Amazon & Puts Security in a Chip

Larry Ellison & Co. are serious about IaaS