0

China ‘must stop’ cyberespionage, warns US National Security Advisor Rice

China's government must halt economic espionage in cyberspace, U.S. National Security Advisor Susan Rice warned on Monday, days before Chinese President Xi Jinping is due in Washington, D.C., on an official visit.The issue has become a major thorn in the side of U.S.-China relations in the last year, especially in the wake of the breach of personal information of tens of millions of U.S. government workers at the Office of Personnel Management. The U.S. hasn't publicly accused China of that hack but has done so privately. China denies any involvement."This isn’t a mild irritation," Rice said in a speech at George Washington University. "It’s an economic and national security concern to the United States. It puts enormous strain on our bilateral relationship and it is a critical factor in determining the future trajectory of U.S.-China ties."To read this article in full or to leave a comment, please click here

0

How to respond to a Chinese hacker attack

In this segment of The Irari Report’s discussion about Chinese cyber-espionage, Ira Winkler and Araceli Treu Gomes interview Lt. Col. Bill Hagestad, author of Chinese Cyber Crime, about how companies should respond if they believe they are being hacked by China.

0

NEC Shares Invaluable Experience from Over 250 Successful SDN Deployments

NEC Director of Business Development Don Clark shares the latest SDN deployment lessons and guidelines in a special SDxCentral webinar based on the SDxCentral SDN Controller Report.

0

Cyber insurance rejects claim after BitPay lost $1.8 million in phishing attack

If you bought cyber insurance so you’d be covered if you were hacked, and then had $1.8 million stolen after being hacked, wouldn’t you expect your insurance claim to be paid? If so, then think again as the claim can be denied due to the wording of the risk insurance contract.BitPay, a Bitcoin payment processor, had purchased cyber insurance from Massachusetts Bay Insurance Company (MBIC), but BitPay was in for a rude awakening.In December 2014, an unknown hacker pulled off a social engineering attack; he spearphished BitPay’s Chief Financial Officer, managed to capture corporate credentials, then used the hacked email account to spoof emails to the CEO; the hacker tricked BitPay into making three separate transfer transactions over two days to the tune of 5,000 bitcoins, which were valued at $1,850,000. Well at least the company had cyber insurance, right? No; the insurance company denied the claim due to the wording in the contract; BitPay then sued the insurance company.To read this article in full or to leave a comment, please click here

0

Featured Video: Orchestrating FortiGate Security with Cisco ACI Integration

Fortinet-Cisco ACI integration uses SDN to reduce costs and improve service delivery in the cloud and in multitenant data centers.

0

Out with the old: Make removing old technology part of your culture

Friday afternoon, late, and the new system is finally up. Users are logged in, getting their work done, and you’ve just received an email from the CTO (your boss’ boss’ boss’ boss, probably), saying what a good job the team did in getting things up and running so quickly. For once, in fact, the system went in perfectly. There was no close to team breakups over which technology or vendor to use; there were very few unexpected items that crept into the budget, the delays were minimal, and you even learned a couple of new skills to top it all off.

Wonderful, right? The perfect unicorn project.

But before you break open that bottle of bubbly (or whatever cold beverage is your choice), or maybe pop up a bowl of popcorn and sit down to a long deserved break binge watching the shows you missed pulling this thing together, you need to ask one more question:

Did you strip and sand first? Or did you just paint right on top?

Or don’t you remember the time you tried to paint that old trailer that had been sitting in your back yard for ages? Sure, it was covered in rust, dirt, Continue reading

0

Worth Reading: A map of the Internet in the US

The complexity and enormous costs of installing new long-haul fiber-optic infrastructure has led to a significant amount of infrastructure sharing in previously installed conduits. In this paper, we study the characteristics and implications of infrastructure sharing by analyzing the long-haul fiber-optic network in the US. via university of wisconsin

The post Worth Reading: A map of the Internet in the US appeared first on 'net work.

0

Malware implants on Cisco routers revealed to be more widespread

Attackers have installed malicious firmware on nearly 200 Cisco routers used by businesses from over 30 countries, according to Internet scans performed by cybercrime fighters at the Shadowserver Foundation. Last Tuesday, FireEye subsidiary Mandiant warned about new attacks that replace the firmware on integrated services routers from Cisco Systems. The rogue firmware provides attackers with persistent backdoor access and the ability to install custom malware modules. At the time Mandiant said that it had found 14 routers infected with the backdoor, dubbed SYNful Knock, in four countries: Mexico, Ukraine, India and the Philippines. The affected models were Cisco 1841, 2811 and 3825, which are no longer being sold by the networking vendor.To read this article in full or to leave a comment, please click here

0

iOS 9 breaks VPNs and prevents server access for many

Apple's iOS 9 has several features meant to increase its strong enterprise-grade security. But it also breaks a key security method: VPN connections to some corporate servers. As a result, users won't be able to access some servers over some VPN connections -- but they'll be able to access other servers with no problem. The bug appeared in iOS 9's beta. It was not fixed in the final version of iOS 9, and it is not fixed in the current beta of iOS 9.1.[ InfoWorld's Mobile Security Deep Dive. Download it today in your choice of PDF or ePub editions! | Keep up on key mobile developments and insights with the Mobile Tech Report newsletter. ] Here's what Cisco has reported about the bug:To read this article in full or to leave a comment, please click here

0

Sign up for the Rule 11 Reader

The post Sign up for the Rule 11 Reader appeared first on 'net work.

0

New products of the week 09.21.2015

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Live Segments Key features: improves the process for both segmenting large promotional email lists and implementing behavioral data to create personalized communications, while automating the labor intensive processes around segmentation, data analysis and product recommendations. More info.To read this article in full or to leave a comment, please click here

0

New products of the week 09.21.2015

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Live Segments Key features: improves the process for both segmenting large promotional email lists and implementing behavioral data to create personalized communications, while automating the labor intensive processes around segmentation, data analysis and product recommendations. More info.To read this article in full or to leave a comment, please click here

0

The Hyperconverged Reality of Tomorrow

For a while now we’ve been hearing a lot of buzz about hyperconverged systems and we’ve been following it closely. We think what’s missing from these conversations is how critical the network is to the sustained success of these systems.

In our quest to build a simply better network, our key focus is on how to truly hyperconverge the network. And we do it by combining the latest in Ethernet switching with optical multiplexing to create a high performance, resilient, low latency and scalable data center network fabric. Unlike traditional leaf/spine approaches, Plexxi Switches are deployed as a single tier, eliminating cost and complexity while vastly reducing operational overhead so the enterprise can build true fabric agility to support the dynamic workload needs of hyperconverged nodes.

At VMWorld, Mat Matthews pointed out in his 5 Key Takeaways blog that hyperconverged solution providers are zoning in on the simplification of the consumption process around infrastructure. The silos are gone. Providers are recognizing that customers want to get new workloads up and running quickly without having to deal with getting storage, compute and networking to work together.

This is good news all around. We are seeing the realization that the network has Continue reading

0

Indian draft rules on encryption could compromise privacy, security

India's government is trying to ensure that its law enforcement agencies have easy access to encrypted information, but it could be compromising security and privacy in the process. A draft policy on encryption issued by the Indian government aims to keep a check on the use of the technology by specifying the algorithms and the length of the encryption keys used by different categories of people. Consumers will also be required to store the plain texts of encrypted information for 90 days from the date of a transaction and provide the text to agencies when required under the laws of the country.To read this article in full or to leave a comment, please click here

0

What’s Ahead For WiFi: 6 Key Challenges

As the 802.11 WiFi standard marks its 25th anniversary, enterprise WLAN managers face some potential issues with the rise of IoT, feature complexity, and spectrum uncertainty.

0

Response: SDN is eating vendors’ lunch

Another week, another story from the SDN land, this time The Register reporting on AT&T plans. Even though there are almost no details in the story, the headline boasts that “SDN is eating vendors’ lunch”, prompting SDN hopefuls on LinkedIn groups to claim that “the promise of SDN is fast coming to fruition.”

Not so fast.

Read more ...

0

Apple brings down malware-infected apps from store

Apple has brought down a large number of apps from its store after it was found that around 40 iOS apps had been infected by a modified version of the company's software for developers.Christine Monaghan, an Apple spokeswoman, told news outlets that the company removed apps from the App Store that it knows have been created with the counterfeit software, to protect its customers.Palo Alto Networks reported last week that a new malware, called XcodeGhost, modified the Xcode integrated development environment for building apps for the Mac, iPhone and iPad.To read this article in full or to leave a comment, please click here

0

DHS CISO: Revoke security clearance of feds who keep falling for phishing scams

Numerous federal agencies rely on legacy systems that have security bolted on as an afterthought instead of security “being deeply embedded” in the systems. It is unsurprising that such older hardware, software and operating systems are vulnerable to intrusions. But sometimes security problems have more to do with human vulnerabilities – stupid PEBKAC and ID10T errors committed by the person behind the keyboard – than legacy systems. If the same people who handle sensitive government information also keep falling for phishing scams, should they have their security clearance revoked? Indeed they should, according to DHS chief security officer Paul Beckman.To read this article in full or to leave a comment, please click here

0

Merchant Processes and CID/CVV2

I recently received a letter from the company that monitors my home alarm. It basically stated that to avoid a $3US surcharge that I must opt out of receiving bill in the mail (which is fine) and that I must set up automatic transactions.  I also found this form attached.

This is not the first time that I have seen a payment option that includes a requirement for the CVV2  or CID value from my credit card. However with a little knowledge of PCI, I have to ask myself the following question, “What exactly are they going to do with this information?” According to PCI-DSS, this information must not be stored (even in an encrypted format) after authorization.

• PCI DSS Data Storage Do’s and Don’ts

That raises the following questions for the merchant requiring this information–

1. Is this truly only for the first transaction authorization and the physical form will be securely destroyed?
2. In this particular case, this is for a monthly transaction. So their relationship with their provider is such that CID/CVV is optional (and not used) for secondary transactions?
3. Or is this information being stored, electronically or physically, allowing for the possibility of later transactions?

In this Continue reading

0

How to map OpenFlow switch TCP ports in Mininet SDN simulations

When testing SDN functions in the Mininet network emulator and viewing captured OpenFlow messages in a packet analyzer such as Wireshark, it is difficult to identify which SDN switch is the source or destination of each captured message.

The only reliable way to identify which SDN switch sent or received an OpenFlow message is to look at the source or destination TCP port of the OpenFlow packets. This is because most OpenFlow messages exchanged between switches and the controller do not contain any other information that helps identify the sending or receiving switch. Neither Mininet nor the Open vSwitch database provides information that might be used to identify the TCP ports used by each switches to communicate with the OpenFlow controller in the network.

This post describes a procedure to map which TCP ports are used on each switch to communicate with the SDN controller in the Mininet network simulation. This procedure will enable researchers or students to study the interactions between SDN controller and switches in a more detailed and accurate way.

Summary of procedure

To map which TCP ports are used on each switch to communicate with the SDN controller in the Mininet network simulation, execute the steps Continue reading