Security researchers tied the malware to a Russian group responsible for hacking incidents during the 2016 U.S. presidential campaign.
Many companies are looking at ways to accelerate their SDN adoption so they don’t risk falling behind.
We often treat security as an absolute, “that which must be done, and done perfectly, or is of no value at all.” It’s time to take this myth head on, and think about how we should really think about security.
The company’s cloud-based SD-WAN platform upgraded its security offering by adding a threat hunting system that eliminates enterprises’ need to deploy data collection infrastructure and analyze raw data.
Even enterprises not in a multi-cloud environment must begin making their security decisions with it in mind. If they don’t, they risk some of their decisions quickly becoming obsolete.
Microsoft and Google security researchers disclosed the new bugs, which affect Intel, AMD, and ARM processors.
In this interview with Lavelle Networks CEO Shyamal Kumar he shares his views on SD-WAN and how Lavelle has incorporated some of the principles of B4 to create a pure networking software solution.
SafeKeeper: protecting web passwords using trusted execution environments Krawiecka et al., WWW’18
(If you don’t have ACM Digital Library access, the paper can be accessed either by following the link above directly from The Morning Paper blog site, or from the WWW 2018 proceedings page).
Today’s paper is all about password management for password protected web sites / applications. Even if we assume that passwords are salted and hashed in accordance with best practice (NIST’s June 2017 digital identity guidelines now mandate the use of keyed one-way functions such as CMAC), an adversary that can obtain a copy of the back-end database containing the per-user salts and the hash values can still mount brute force guessing attacks against individual passwords.
SafeKeeper goes a lot further in its protection of passwords. What really stands out is the threat model. SafeKeeper keeps end user passwords safe even when we assume that an adversary has unrestricted access to the password database. Not only that, the adversary is able to modify the content sent to the user from the web site (including active content such as client-side scripts). And not only that! The adversary is also able to read all Continue reading
In this eBrief from SDxCentral, we compare the pros and cons of using a managed SD-WAN service vs. the DIY model. In addition, we talk to one enterprise about its SD-WAN experience.
What: Attend a half-day lecture and lab designed to get you started with Micro-segmentation and Multi-Site Cloud Networking (Disaster Recovery).
Why: Not only will you get a business and technical overview of NSX Data Center, you’ll also receive hands-on experience with the products. We’ll make sure you leave knowing how NSX can help secure and extend your network across multiple sites, and into the cloud.
The platform relies on Canonical's Ubuntu Core OS and Snaps application packaging system.
In this episode Russ White talks about how security absolutism is actually detrimental to securing important data and systems, and how shifting our view of security to a balance of tradeoffs would be a much better approach.
The post Short Take – Security As A Tradeoff appeared first on Network Collective.
Gee Rittenhouse says security needs to be simpler. The complexity that today's security professionals deal with is overwhelming.
The RIPE 76 meeting is happening this week in Marseille, France, held at the fantastic location of the Palais du Pharo overlooking Marseille’s Old Port. And it’s also another record attendance with over 850 people registered.
The first couple of days have primarily been devoted to plenary sessions, and there’s been a big focus on routing security. Erik Bais (A2B Internet) kicked off the discussion with a presentation on ‘Why are we still seeing DDoS traffic?‘, which highlighted that DDoS attacks are still originating from the same networks. Looking at the list of the worst offenders, there’s even one amongst the regular RIPE attendees, and he called for networks to clean up their acts. This was also a good opportunity to highlight the MANRS initiative, which of course includes measures to mitigate amplification attacks, and encourages networks to make good routing practices the norm.
Alexander Azimov (Qrator Labs) reinforced this message by outlining the current problems with BGP, including the ongoing route leaks and hijacks affecting the Internet. There are currently only moral obligations to not use other providers’ address space or to support anti-spoofing policies, yet major providers (including Tier 1 providers) continue to both originate Continue reading
Verizon’s annual data breach report found web applications had the most breaches in 2017.
I love working as a Chief Security Officer because every day centers around building something that makes people safer. Back in 2002, as I considered leaving my role as a cybercrime federal prosecutor to work in tech on e-commerce trust and safety, a mentor told me, “You have two rewarding but very different paths: you can prosecute one bad actor at a time, or you can try to build solutions that take away many bad actors' ability to do harm at all.” And while each is rewarding in its own way, my best days are those where I get to see harm prevented—at Internet scale.
In 2016, while traveling the United States to conduct hearings on the condition of Internet security as a member of President Obama's cyber commission, my co-commissioners noticed I had fallen into a pattern of asking the same question of every panelist: “Who is responsible for building a safer online environment where small businesses can set up shop without fear?” We heard many answers that all led to the same “not a through street” conclusion: Most law enforcement agencies extend their jurisdiction online, but there are no digital equivalents to the Department of Continue reading
A new U.S. cybersecurity strategy calls on government agencies to work more closely with private sector companies to reduce risks.
It's no secret that Cloudflare has been a big proponent of TLS 1.3, the newest edition of the TLS protocol that improves both speed and security, since we have made it available to our customers starting in 2016. However, for the longest time TLS 1.3 has been a work-in-progress which meant that the feature was disabled by default in our customers’ dashboards, at least until all the kinks in the protocol could be resolved.
With the specification finally nearing its official publication, and after several years of work (as well as 28 draft versions), we are happy to announce that the TLS 1.3 feature on Cloudflare is out of beta and will be enabled by default for all new zones.
For our Free and Pro customers not much changes, they already had TLS 1.3 enabled by default from the start. We have also decided to disable the 0-RTT feature by default for these plans (it was previously enabled by default as well), due to its inherent security properties. It will still be possible to explicitly enable it from the dashboard or the API (more on 0-RTT soon-ish in another blog post).
Our Business and Continue reading
One report found that 25 percent of organizations currently have illicit cryptomining activity in their cloud environments.