0

Big Data for Social Engineering

First, it integrates with corporate directories such as Active Directory and social media sites like LinkedIn to map the connections between employees, as well as important outside contacts. Bell calls this the “real org chart.” Hackers can use such information to choose people they ought to impersonate while trying to scam employees. From there, AVA users can craft custom phishing campaigns, both in email and Twitter, to see how employees respond. via wired

This is a white hat tool, of course, a form of social engineering penetration testing. Two points of interest, though.

First, you can be pretty certain hackers are already using this sort of tool today to find the right person to contact, how to contact them, and to discover the things they know people will respond to. The rule of thumb you should keep in mind is — at least 80% of the time, hackers are already using the tools researchers come up with to do penetration testing. Remember all those fake people inhabiting the world of twitter, facebok, and the like? Some of them might not be just another click farm — some of them might be clickbait for hackers to find out who you Continue reading

0

HL: Optimal Routing Design

Perfect start to get into network design, covers all the foundation topics and general principles. Amazon Review of Optimal Routing Design

The post HL: Optimal Routing Design appeared first on 'net work.

0

Vulnerability in enterprise-managed iOS devices puts business data at risk

A vulnerability in the iOS sandbox for third party applications, like those installed by companies on their employees' devices, can expose sensitive configuration settings and credentials. The flaw was discovered by researchers from mobile security firm Appthority and impacts apps deployed on iOS devices through mobile device management (MDM) or enterprise mobility management (EEM) products. These products allow administrators to automatically push applications, configuration settings and data access rules to enterprise mobile devices. Before a new iOS device is brought inside the network of a company that uses a mobile management system, an MDM account is created for it and a client application is installed. The MDM client is used to install corporate apps and to enforce access policies for corporate data and email.To read this article in full or to leave a comment, please click here

0

Intel’s five (not very) big announcements from IDF this week

If you’ve paid any attention to Intel’s developer event in San Francisco this week, you’ve probably gathered already that there’s almost no chip news at the show. Intel has moved up the food chain, so to speak, and is showing developers what they can build with its technologies rather than focusing on new components.It makes sense, since with PCs on the wane Intel needs developers to get creative with its products. It can no longer flash a faster Core i7 chip and expect them to go do something interesting with it, because PCs nowadays just aren’t that interesting. Instead, it needs to show them what else they can do with its latest chips.+ ALSO FROM THE SHOW: IDF 2015's coolest demos | Intel’s big plan to seed the private cloud market +To read this article in full or to leave a comment, please click here

0

Metaswitch Calico Grows Up a Little

Project Calico comes out of beta.

0

IDF 2015’s coolest demos

The best of Intel Developer Forum 2015Image by Mark HachmanEach year, Intel holds its Developer Forum to lead the PC industry into the direction Intel wants it to go: powerful new PCs, connected devices, touchscreens, and the like. Well, a bunch of stale PowerPoint foils won’t do the job. So Intel and its partners seed IDF with some amazing, awe-inspiring demos, all in a bid to get the developer community behind this year’s technological focus. What sort of demos, you ask? We have some of the best in the following pages. To read this article in full or to leave a comment, please click here

0

Review: 4 powerline kits step in when Wi-Fi fails

Are there places in your home or office where your Wi-Fi signal doesn't reach? You're not alone. Because of Wi-Fi's limited range -- and old-school building construction techniques like thick plaster, brick or masonry walls -- even the best Wi-Fi networks have dead zones. If you have that problem, you have several options.You can start drilling holes in your walls so you can run network cabling. You can try a Wi-Fi range extender (which might help, depending on the strength of your Wi-Fi and the efficiency of the extender). Or you can use a powerline kit, which routes data over your electric cables by piggybacking the data on top of the electrical current's 60-hertz wave and then extracting the data at the other end.To read this article in full or to leave a comment, please click here

0

Walled Gardens and Other Overlay Networks

Russ White wonders if the resurgence of Walled Gardens on the Internet is bad or a good thing. The long-term rise of Facebook, WeChat, Snapchat and other applications seems to be a sustaining trend. Overlay Network Previous walled gardens like AOL and CompuServe have been composting for many years. Their unique value was that they […]

The post Walled Gardens and Other Overlay Networks appeared first on EtherealMind.

0

5 Real Ways To Approach Security Automation

We've all heard about the benefits of automating system configurations to avoid human error, but introducing it to your infrastructure may be easier said than done. Here are five real-world ways to get started.

0

How Did You Learn So Much About Networking?

One of my readers sent me a heartfelt email that teleported me 35 years down the memory lane. He wrote:

I only recently stumbled upon your blog and, well, it hurt. It's incredible the amount of topics you are able to talk about extensively and how you can dissect and find interesting stuff in even the most basic concepts.

May I humble ask how on earth can you know all of the things you know, with such attention to detail? Have you been gifted with an excellent memory, magical diet, or is it just magic?

Short answer: hard work and compound interest.

Read more ...

0

Show 251 – Arista Networks CloudVision – Sponsored

Arista CloudVision is a turnkey approach to workload orchestration and workflow automation. Building on Arista’s success in building programmable and open software for the cloud with Arista EOS, CloudVision extends the EOS architecture to a network-wide perspective.

The post Show 251 – Arista Networks CloudVision – Sponsored appeared first on Packet Pushers.

0

Risky Business #379 — Ashley Madison dump, Troy Hunt and The Grugq

In this week's podcast we check in with Troy Hunt from HaveIBeenPwned.com. Troy has done the responsible thing in adding the Ashley Madison dataset to his service -- you can only search for email addresses in the dump after you've verified that you control them. We'll talk to him about why he did that.

read more

0

SDN Market Size Projections Exceed GDP of Ecuador

Gartner recently issued its latest “Networking Hype Cycle,” which “tracks and analyzes the 35 most important networking

0

ARM Counters Intel With an IoT Party of Its Own

ARM wants to lend a hand to IoT.

0

IDG Contributor Network: Why every business needs a WISP

If you don't have a written information security program (WISP) in place for your business, then you could be risking data theft, legal action, and punitive fines. The law in many states now dictates that you must take steps to safeguard personal information. They vary in strictness, but there are nearly 50 different regulations you need to cater for if you're doing business across the United States.You can't afford to bury your head in the sand and assume it will never happen to you. Research from the Identity Theft Resource Center (PDF) shows an alarming rise in incidences of personal data theft every year since they started recording. They report 783 breaches last year, compared to just 157 in 2005.To read this article in full or to leave a comment, please click here

0

8 new threat intelligence products to make you bulletproof

Threat intelligence + big data = real securityImage by ThinkstockThreat Intelligence and the use of data to flag critical security indicators were popular topics in Las Vegas at the Black Hat conference in early in August –and for good reason. As enterprises struggle to understand their network vulnerabilities, they have to consider the many layers of defense needed to secure their most valuable data. Security teams are inundated with threat data and overburdened by the need to allot countless man-hours to the task of weeding out the noise from the real threats.To read this article in full or to leave a comment, please click here

0

How the tech industry is greening its data centers

Data centers don't just suck down energy. They guzzle it. According to the National Resources Defense Council, data centers are one of the largest and fastest growing consumers of electricity in the United States. In 2013, U.S. data centers used 91 billion kilowatt-hours of energy, enough to power New York City households twice. The NRDC expects that demand to grow to 140 billion kilowatt-hours by 2020.While companies like Amazon have been a target of campaigns from nonprofits like Green America, the NRDC says that larger server farms operated by well-known Internet companies are paragons of ultra-efficiency.To read this article in full or to leave a comment, please click here

0

Microsoft issues out-of-band patch for critical Internet Explorer flaw

Wikimedia A dangerous flaw in Internet Explorer has prompted Microsoft to issue a patch outside its regularly scheduled monthly security updates in order to head off a known exploit of the vulnerability.The company has issued a security bulletin that describes how users who are lured to specially crafted webpages could have attackers take over control of their computers with the same rights as the user who logged into the machine.To read this article in full or to leave a comment, please click here

0

Introducing a Powerful Way to Purge Cache on CloudFlare: Purge by Cache-Tag

Today CloudFlare is introducing a new way to purge the cache using Cache-Tags. Cache-Tags are assigned to cached content via a Cache-Tag response header, and are stored as metadata with cached objects so that global purges take only seconds, targeting a granular, finite set of cached objects.

For example, an e-commerce website can use Cache-Tags to purge all of their catalog images at once, without affecting any of their other assets. A blog can use Cache-Tags to update their JavaScript files in cache, without forcing a cache miss on their CSS. A business can use Cache-Tags to purge cache of all four hundred pages of their blog without purging any of the pages from their core platform.

The CloudFlare Cache

With 42 data centers around the world, web pages served directly from CloudFlare’s cache are guaranteed to be just a few hops away from any visitor, anywhere. With a little bit of fine tuning, many websites succeed in delivering most of their content from cache, saving a majority of bandwidth on their origin servers. One website even managed to reduce their AWS bill by 96% when they started caching assets behind CloudFlare.

CloudFlare’s cache is powerful, but when a Continue reading

0

From Windows to Linux

I recently moved from Windows to Linux on my personal laptop and thought I might share my experience. This isn’t directly network related, but hopefully of interest to some portion of the large and diverse PP audience, especially considering recent events in the Microsoft realm. Ignoring that, using Linux ‘at home’ is a great way to learn about […]

The post From Windows to Linux appeared first on Packet Pushers.