Cryptocurrency miners exploit Docker flaw

According to Imperva research, a container flaw reported last month (CVE-2019-5736) in Docker's remote API has already been taken advantage of by hundreds of attackers.Imperva claims that they were able to locate 3,822 Docker hosts with the remote API (port 2735) publicly exposed. Of these, approximately 400 were accessible, and most of these were running a cryptocurrency miner for a lesser-known form of cryptocurrency called Monero. [ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ] Monero (ticker symbol XMR) is an open-source cryptocurrency that was created in April 2014. It focuses on fungibility (individual units are essentially interchangeable), privacy, and decentralization. It also takes advantage of an obfuscated public ledger. That means anyone can broadcast or send transactions, but outside observers cannot tell the source, amount, or destination of the funds.To read this article in full, please click here

Last Month in Internet Intelligence: February 2019

This post is presented in conjunction with The Internet Society.

February was a surprisingly quiet month for major Internet disruptions. In contrast to previous months, we observed few full outages or multi-day disruptions in the Oracle Internet Intelligence Map during the month. As always, there were a number of brief and unattributed disruptions observed over the course of the month, but the issues highlighted below were related to fiber cuts (and repairs) and likely problems with satellite connectivity. And while not yet a visible disruption, reportssurfaced in February that Russian authorities and major Internet providers are planning to disconnect the country from the global Internet as part of a planned experiment.

Fiber

Kicking off the month, Burkina Faso experienced brief partial disruptions to its Internet connectivity on February 1 & 2, as shown in the Country Statistics graphs below. The disruptions are also evident in the Traffic Shifts graphs below for AS25543 (Onatel), which is the country’s National Office of Telecommunications, holding a monopoly on fixed-line telecommunications there. Facebook posts from Onatel (February 12) indicated that road work between the towns of Sabou and Boromo had resulted in a fiber cut, and subsequent posts made Continue reading

Meet the VMware Service-defined Firewall: A new approach to firewalling

VMware has had front row seats to the digital transformation that has touched virtually every organization. We’ve been there (and helped drive!) the journey from monolithic applications hosted on a single server, to distributed apps running in VMs, to further decentralization in the form of cloud-native apps composed of microservices. Now, we’re watching the proliferation of public clouds, the up and coming space of serverless and the adoption of functions as a service as ways to build and deploy applications faster than ever.

 

It’s this vantage point that also gives us clear line of sight to one of the biggest cyber security challenges that modern enterprises face: as their applications become more distributed, an organization’s attack surface significantly increases. Despite all of the advancements and innovation in the way applications are built, we have not seen the same rate of progress with respect to the way applications are secured. Adopting a zero-trust network security model in an enterprise environment remains incredibly hard to achieve. How do you know what security policies to create? How do you enforce those policies consistently across on-premises physical and virtual environments, let alone the public cloud? How do you enforce them across different Continue reading

Automating Brownfield Device Configuration (Part 2)

A month ago Josef Fuchs described the process he uses to merge existing Cisco IOS device configuration with configuration snippets generated by his network automation solution.

In the second part of his article he dived deep into implementation details, described Ansible playbook and Jinja2 templates he’s using, how he optimized the solution with a custom Jinja2 filter, and the caveats he encountered.

Juniper grabs Mist for wireless AI, cloud service delivery technology

Juniper has entered into an agreement to buy advanced wireless-gear-maker Mist Systems for $405 million. For Juniper the Mist buy could be significant as it currently depends on agreements with partners such as Aerohive and Aruba to deliver wireless, according to Gartner.  Mist, too, is a partner of and recently announced joint product development with VMware that integrates Mist WLAN technology and VMware’s VeloCloud-based NSX SD-WAN. More about 802.11ax (Wi-Fi 6) Why 802.11ax is the next big thing in wireless FAQ: 802.11ax Wi-Fi Wi-Fi 6 (802.11ax) is coming to a router near you Wi-Fi 6 with OFDMA opens a world of new wireless possibilities 802.11ax preview: Access points and routers that support Wi-Fi 6 are on tap “Wireless was a hole that Juniper needed to plug to fill out its enterprise story,” said Ritesh Patel, wireless LAN analyst at Dell’Oro. “It also needs strong wireless technology  in order to effectively compete against other enterprise networking players such as Cisco, HP/Aruba, Extreme and other players such as Fortinet.”To read this article in full, please click here

Tech Bytes: Leveraging Packets And Flows For NetOps And SecOps With VIAVI Solutions (Sponsored)

Find out how packet capture and flow data can serve both the network and security teams to solve performance problems and investigate security events in this sponsored Tech Bytes conversation with VIAVI Solutions. Our guest is Charles Thompson, Sr. Director, Product Management at VIAVI.

The post Tech Bytes: Leveraging Packets And Flows For NetOps And SecOps With VIAVI Solutions (Sponsored) appeared first on Packet Pushers.

Network Break 224: Beware TLS Alternatives; Volta Networks And Veriflow Launch New Products

Today's Network Break examines a ETS, a proposed alternative to TLS 1.3 that enables decryption, looks at ICAAN's call for DNSSEC everywhere, discusses new products from startups Volta Networks and Veriflow, and much more tech news.

The post Network Break 224: Beware TLS Alternatives; Volta Networks And Veriflow Launch New Products appeared first on Packet Pushers.

Is it Balance, or Workism?

While we tend to focus on work/life balance, perhaps the better question is: how effective are we at using the time we use for work? From a recent study (which you may have already seen):

  • Workers average just 2 hours and 48 minutes of productive device time a day
  • 21% of working hours are spent on entertainment, news, and social media
  • 28% of workers start their day before 8:30 AM (and 5% start before 7 AM)
  • 40% of people use their computers after 10 PM
  • 26% of work is done outside of normal working hours
  • Workers average at least 1 hour of work outside of working hours on 89 days/year (and on ~50% of all weekend days)
  • We check email and IM, on average, every 6 minutes

This is odd—we are starting work earlier, finishing later, and working over weekends, but we still only “work” less than three hours a day.

The first question must be: is this right? How are they measuring productive versus unproductive device time? What is “work time,” really? I know I don’t keep any sort of recognizable “office hours,’ so it seems like it would be hard to measure how much time I spend Continue reading

How is software developed at Amazon?

 

How is software developed at Amazon? Get a couple of prime pizzas delivered and watch this excellent interview with Ken Exner, GM of AWS Developer Tools. It's notable Ken is from the tools group, because progress in an industry is almost always made possible by the development of better tools.

The key themes from the talk: decomposition, automation, and organize around the customer.

The key idea:

Scaling is by mitosis. Teams split apart into smaller teams that completely own a service. EC2 started as one two pizza team. 

This quote nicely embodies all three of the themes and is the key reason AWS keeps on winning the public cloud. Bottom up, Amazon adaptively grows their entire organization in response to customer inputs. 

And here's a short gloss of the talk...

1 1,252 1,253 1,254 1,255 1,256 3,797