NonPetya: no evidence it was a “smokescreen”

Many well-regarded experts claim that the not-Petya ransomware wasn't "ransomware" at all, but a "wiper" whose goal was to destroy files, without any intent at letting victims recover their files. I want to point out that there is no real evidence of this.


Certainly, things look suspicious. For one thing, it certainly targeted the Ukraine. For another thing, it made several mistakes that prevent them from ever decrypting drives. Their email account was shutdown, and it corrupts the boot sector.

But these things aren't evidence, they are problems. They are things needing explanation, not things that support our preferred conspiracy theory.

The simplest, Occam's Razor explanation explanation is that they were simple mistakes. Such mistakes are common among ransomware. We think of virus writers as professional software developers who thoroughly test their code. Decades of evidence show the opposite, that such software is of poor quality with shockingly bad bugs.

It's true that effectively, nPetya is a wiper. Matthieu Suiche‏ does a great job describing one flaw that prevents it working. @hasherezade does a great job explaining another flaw.  But best explanation isn't that this is intentional. Even if these bugs didn't exist, it'd still be a wiper if the Continue reading

Worth Reading: Characterizing IPv6 load balancing

Routers that perform load balancing choose among multiple next-hop routers when forwarding packets. In Figure 1, router R1 chooses among R2 and R3. In general, the next-hop is chosen by computing a hash over a subset of fields in each packet’s IP header. Hashing different subsets of IP header fields allow control of a trade-off between the granularity of load balancing and impact on traffic. Below we describe common load balancing configurations, how well they can load balance traffic, and their possible impact on traffic. —APNIC

The post Worth Reading: Characterizing IPv6 load balancing appeared first on rule 11 reader.

Worth Reading: DevOps is not a security panacea

Many development teams view security as an impediment to agility and innovation, but efforts over the past few years have tried to integrate security controls and testing directly into DevOps workflows without sacrificing development speed and deployment flexibility.Known as DevSecOps, this marriage between security and agile development aims to implement core security tasks like event monitoring, patch management, privilege control and vulnerability assessment directly into DevOps processes. This includes dynamic and static vulnerability testing at all levels of the development cycle, so that major flaws can be discovered early on, before the code makes it into production. —The New Stack

The post Worth Reading: DevOps is not a security panacea appeared first on rule 11 reader.

Interoperability is the key to IoT success

This week at the Cisco Live conference in Las Vegas, Cisco made a couple of big IoT platform announcements. The networking giant showed off upgrades to its Cisco Jasper platform with Jasper Control Center 7.0, and it introduced Cisco Kinetic (and discussed a partnership with IBM).+ Also on Network World: Cisco upgrades one IoT platform and announces another + The new IoT platforms seem great, but do they really address the elephant in the IoT room: interoperability? As far as I can tell, the Cisco platforms offer improved ways to manage IoT devices in a wide variety of use cases. But they don’t deal with what many observers call the biggest challenge facing the Internet of Things. As Altimeter puts it, “IoT requires standards to enable horizontal platforms that are communicable, operable, and programmable across devices, regardless of make, model, manufacturer, or industry.”To read this article in full or to leave a comment, please click here

Not enough fiber to grow the internet for 5G, says consultant

Treatment will be brought to the patients and patient data will be centralized, “turning hospitals into data centers,” a telco equipment maker says in a recent report.Ericsson, in its 2017 Mobility report (PDF), published this month, says patient treatment will, in the future, no longer be performed in hospitals located far from patients’ homes, but performed remotely through new 5G wireless radio.+ Also on Network World: Reliability, not principally speed, will drive 5G + Wearables will be among the tools used for keeping an eye on folks’ health and dishing out medication. Diagnosis will be accomplished through online consultations, and robots will remotely execute surgeries at nearby healthcare clinics rather than far-off hospitals.To read this article in full or to leave a comment, please click here

Another Cyber-attack : Petya Cyberattack after Wannacry Shutdowns Europe

Another Cyber-attack shocked Europe as many of the Firms like Airport industries, Banks, Government departments effected by this Petya Cyberattack. It was said that it is the beginning of the attacks and will have many more attacks in near future. Cyber security is one of the most demanding feature now a days who can save you from these cyber attacks.

Fig 1.1- Petya Cyberattack After Wannacry


Experts says, Petya Ransomware attack is just a test and will come up with more worse in the future. So you need to take care about the attacks by applying best security features like Cisco OpenDNS as a first line of security of the big and the other enterprise networks.

Many of the vendors come up with their inputs on the cyberattack where most of the industries across Ukraine, Russia and some part of Europe effected. Most of the firms from Danish and Spanish are effected as well. It may grow towards the Asia and the American region but still no footprints of these attacks.

It is said that ( the effected industries review)- The virus is believed to be ransomware - a piece of malicious software that shuts down a computer system and Continue reading

Control Plane for our L3VPN based virtual network

In the last two blogs, I have gone through the process of developing a L3VPN base virtual network. One thing that we ignored is the amount of configuration that we need to change to add or remove nodes or provision new edge routers. While, some of these steps are part of the infrastructure provisioning, like … Continue reading Control Plane for our L3VPN based virtual network

Why EVPN on Cumulus Linux makes our CTO yell “Booyah!”

I started coveting IP encapsulated network virtualization back in 2005 when I was working to build a huge IP fabric. However, we needed to have layer 2 (L2) adjacencies to some servers for classic DSR load balancing. The ideal solution was to have something that looked like a bridge as far as the load balancers and servers were concerned, yet would tunnel unmodified L2 frames through the IP fabric. Alas, we were way ahead of our time.

Thank the IT gods that things have changed quite a bit in the last 12 years. Today, we as an IT community have VXLAN, which is embodied in most modern networking silicon and (a bit more importantly) realized as part of the Linux networking model so that it’s really straightforward to deploy and scale. IT geeks have a bunch of ways to build L2 domains that are extended across IP fabrics using VXLAN. There are dedicated SDN controllers, such as Contrail, Nuage, Midonet and VMware NSX; there are orchestration-hosted controllers in OpenStack Neutron and Docker Swarm; and there are simple tools like the lightweight network virtualization that we built at Cumulus Networks.

This all leads me to EVPN. We recently made EVPN available Continue reading

1 2,013 2,014 2,015 2,016 2,017 3,855