RSA Conference 2020 Expands Education Programs
RSA Conference, the world’s leading information security conferences and expositions, today...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Perimeter 81 Vows to Win SASE Space Race
“We believe there is a space race right now for SASE,” CEO Amit Bareket said. “Perimeter 81...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Let’s Encrypt: an automated certificate authority to encrypt the entire web
Let’s encrypt: an automated certificate authority to encrypt the entire web, Aas et al., CCS’19
This paper tells the story of Let’s Encrypt, from it’s early beginnings in 2012/13 all the way to becoming the world’s largest HTTPS Certificate Authority (CA) today – accounting for more currently valid certificates than all other browser-trusted CAs combined. Beyond the functionality that Let’s Encrypt provides, the story stands out to me for two key ingredients. Firstly, whereas normally we trade-off between security and ease-of-use, Let’s Encrypt made the web more secure through ease-of-use. Secondly, Let’s Encrypt managed to find a sustainable funding model for a combination of an open source project and free online service, as compared to the more normal pattern which sadly seems to involve running a small number of beneficent maintainers into the ground.
Since it’s launch in December 2015, Let’s Encrypt has steadily grown to become the largest CA in the Web PKI by certificates issued and the fourth largest known CA by Firefox Beta TLS full handshakes. As of January 21, 2019, the CA had issued a total of 538M certificates for 223M unique FQDNs… Let’s Encrypt has been responsible for significant growth in HTTPS deployment.
Network Field Day #NFD22
NSX: Networking and Security
Join us for #NFD22. The agenda is locked down and our in-house VMware experts are ready to go! They will be sharing their NSX know-how on the following:
- Full-Stack Kubernetes Networking Services
- Seamlessly automate micro-segmentation at scale with NSX Intelligence
- Load balancing and Web Application Firewalling across any private or public cloud with NSX Advanced Load Balancer
Here is a snapshot of the agenda and demo times:
The post Network Field Day #NFD22 appeared first on Network Virtualization.
Istio Security Bug Found, Quickly Squashed
The bug was in its authentication policy and allowed an attacker unauthorized access to information...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Fortinet, Amdocs Team Up to Woo SD-WAN Providers
The firewall and SD-WAN vendor claims by adding support for Amdoc's orchestration layer, it can...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Daily Roundup: Coronavirus Hits MWC
MWC Barcelona hit by Coronavirus cancellations; Netskope scored $340M and got SASE; and Snowflake...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Watching you watch: the tracking system of over-the-top TV streaming devices
Watching you watch: the tracking ecosystem of over-the-top TV streaming devices, Moghaddam et al., CCS’19
The results from this paper are all too predictable: channels on Over-The-Top (OTT) streaming devices are insecure and riddled with privacy leaks. The authors quantify the scale of the problem, and note that users have even less viable defence mechanisms than they do on web and mobile platforms. When you watch TV, the TV is watching you.
In this paper, we examine the advertising and tracking ecosystems of Over-The-Top ("OTT") streaming devices, which deliver Internet-based video content to traditional TVs/display devices. OTT devices refer to a family of services and devices that either directly connect to a TV (e.g., streaming sticks and boxes) or enable functionality within a TV (e.g. smart TVs) to facilitate the delivery of Internet-based video content.
The study focuses on Roku and Amazon Fire TV, which together account for between 59% and 65% of the global market. The top 1000 channels from each service are analysed using a custom-built crawling engine, and traffic is intercepted where possible using mitmproxy.
How they did it
For each service, a list of the top 1000 channels was compiled, as Continue reading
Money Moves: January 2020
Arista networks buys Big Switch; VMware acquires AIOps vendor Nyansa to bolster SD-WAN; plus the...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Netskope CEO: Don’t Fall for SASE Washing
The security company scored a new $340 million investment, which puts Netskope at a $3 billion...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Headcount: Firings, Hirings, and Retirings — January 2020, Pt. 2
McAfee hires new CEO, mulls sale or IPO; VMware ‘rebalances’ jobs following 12-month buying...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Related Stories
Weekly Wrap: NSA Ranks Cloud Security Risks
SDxCentral Weekly Wrap for Feb. 7, 2020: Supply chain security flaws are expected to increase;...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Fortinet Caps Big Q4 With Equinix SD-WAN Deal, Small Hardware
Fortinet celebrated a strong fourth quarter by announcing a partnership with colocation provider...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Huawei Cops to Video Surveillance Chip Backdoor
The vulnerability allows an attacker to activate the affected device's Telnet service over an open...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Vodafone CEO: Huawei RAN Quota Will Slow 5G Plans
Nick Reed said a delay of up to five years could result if it has to replace Huawei equipment that...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Cisco Patches Zero-Day Vulnerabilities in Millions of Devices
If exploited, the bugs would allow an attacker to eavesdrop on voice and video calls and steal...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Daily Roundup: Cisco Juices 400GbE Network
Telia Carrier taps a Cisco network first; Intel ditches Nervana for Habana; and IBM CTO predicts...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Accenture Separates Security Leaders From Laggards
Only 17% of companies are effectively stopping cyberattacks and fixing breaches fast enough to...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
New ESG Study on Hybrid Cloud Adoption and Security
What Does the ESG Study Entail?
The Enterprise Strategy Group (ESG) study is based on primary research and aims to effectively derive IT insights in the areas of hybrid cloud, data center as a service, and data center security.
ESG conducted a research survey of 200 IT decision-makers directly knowledgeable about their organizations’ cloud priorities and perceptions. They analyzed the results and have compiled key results in this paper.
You can use the findings provided in this paper to understand the latest trends and challenges in cloud adoption and inform your own hybrid/multi-cloud projects and data center security strategy.
What Areas of Research Are Covered in This Paper?
Through the IT-targeted survey, the ESG analysts look into the prevalence of hybrid applications and related challenges. The survey also seeks to determine the market demand for Data Center-as-a-Service (DCaaS) now and over the next 3 years. In addition, the paper investigates how important E-W security is considered and contrasts it with the current actual levels of East-West (E-W) security policy enforcement, discussing the potential reasons behind the gap.
Here is a sample chart showing respondents’ opinions on E-W security on a 5-point Likert scale.
