NetworkingNexus.net

Malicious “RedAlert – Rocket Alerts” Application Targets Israeli Phone Calls, SMS, and User Information

On October 13, 2023, Cloudflare’s Cloudforce One Threat Operations Team became aware of a website hosting a Google Android Application (APK) impersonating the legitimate RedAlert - Rocket Alerts application (https://play.google.com/store/apps/details?id=com.red.alert&hl=en&pli=1). More than 5,000 rockets have been launched into Israel since the attacks from Hamas began on October 7th 2023. RedAlert - Rocket Alerts developed by Elad Nava allows individuals to receive timely and precise alerts about incoming airstrikes. Many people living in Israel rely on these alerts to seek safety - a service which has become increasingly important given the newest escalations in the region.

Applications alerting of incoming airstrikes have become targets as only days ago, Pro-Palestinian hacktivist group AnonGhost exploited a vulnerability in another application, “Red Alert: Israel” by Kobi Snir. (https://cybernews.com/cyber-war/israel-redalert-breached-anonghost-hamas/) Their exploit allowed them to intercept requests, expose servers and APIs, and send fake alerts to some app users, including a message that a “nuclear bomb is coming”. AnonGhost also claimed they attacked other rocket alert applications, including RedAlert by Elad Nava. As of October 11, 2023, the RedAlert app was reportedly functioning normally.

In the last two days, a new malicious website (hxxps://redalerts[.]me) has Continue reading

Everyone Is Chasing What Nvidia Already Has

Transitions in the datacenter take time.

It took Unix servers a decade, from 1985 through 1995, to supplant proprietary minicomputers and a lot of mainframe capacity that would have otherwise been bought. …

The post Everyone Is Chasing What Nvidia Already Has first appeared on The Next Platform.

Everyone Is Chasing What Nvidia Already Has was written by Timothy Prickett Morgan at The Next Platform.

Heavy Networking 705: Evolving From Python To Platforms For Network Automation (Sponsored)

Today on Heavy Networking we talk about how to get from a handful of Python scripts to a network automation platform that enables a self-service environment and incorporates the checks and governance required to make sure the automation doesn't blow up the network. Our sponsor today is Itential. Itential offers just such a network automation platform. We talk about how Itential makes it happen, including simple and more complex examples.

Heavy Networking 705: Evolving From Python To Platforms For Network Automation (Sponsored)

The post Heavy Networking 705: Evolving From Python To Platforms For Network Automation (Sponsored) appeared first on Packet Pushers.

Hedge 198: Nephio with Wim Henderickx

Automation is a bit of theme recently on the Hedge. In this episode we’re joined by Wim Henderickx to talk about the Linux Foundation Nephio project, which adapts Kubernetes management into a cloud native network management platform. This new take on managing networks is definitely discovering.

download

Are Smaller, High-volume Outages Dominating Downtime?

The most prevalent outage type in the first half of 2023 is one so contained in its impact that it might not always register on official service status pages, making its diagnosis more difficult.

Cilium CNCF Graduation Could Mean Better Observability, Security with eBPF

eBPF (extended Berkeley packet filter) is a powerful technology that operates directly within the Linux kernel, offering robust hooks for extending runtime observability, security, and networking capabilities across various deployment environments. While eBPF has gained widespread adoption, organizations are encouraged to leverage tools and layers built on eBPF to effectively harness its functionality. For instance, Gartner advises that most enterprises lack the expertise to directly utilize Cilium offers additional capabilities with eBPF to help secure the network connectivity between runtimes deployed on Docker and Kubernetes, as well as other environments, including bare metal and virtual machines. Isovalent, which created Cilium and donated it to the CNCF, and the contributors are also, in parallel, developing Cilium capabilities to offer network observability and network security functionality through Cilium sub-projects consisting of Hubble and Tetragon, respectively. This graduation certifies that Cilium — created by

Downloading web resources

Last time I went to the dentist, they offered to use a fancy scanner to better be able to show me my teeth.

Who can say no to that? I already for fun got a 3D scan of my brain, so why not teeth too?

I requested the data, and got a link to a web UI. Unfortunately it was just a user friendly 3D viewer, without any download button.

Here’s how I extracted the 3D data:

Open Chrome developer console, e.g. by pressing Ctrl-Shift-C (I hate it that Chrome hijacked this. Every single day I press Ctrl-Shift-C to copy, and it throws up this thing)
Close the stupid “what’s new” spam, that nobody in the history of ever has wanted to see.
Go to the ‘Network’ tab.
Reload the page.
Right click on any item in the list, and choose “Save all as HAR with content”. No, I don’t know why I can’t just save that one resource.

A HAR file is a JSON file archive, essentially.

$ jq '.log | keys' foo.har
[
  "creator",
  "entries",
  "pages",
  "version"
]
$ jq '.log | .entries[0].request | keys' foo.har
[
  "bodySize",
  "cookies",
  "headers",
  "headersSize",
   Continue reading

Nvidia Picks Up The Pace For Datacenter Roadmaps

Heaven forbid that we take a few days of downtime. When we were not looking – and forcing ourselves to not look at any IT news because we have other things going on – that is the moment when Nvidia decides to put out a financial presentation that embeds a new product roadmap within it. …

The post Nvidia Picks Up The Pace For Datacenter Roadmaps first appeared on The Next Platform.

Nvidia Picks Up The Pace For Datacenter Roadmaps was written by Timothy Prickett Morgan at The Next Platform.

Using command options and arguments to get just the right output on Linux

This post covers some well-known Linux commands that, when used with particular options and arguments, can save you some time or ensure that what you are doing is what you intended. The first “trick” involves how you exit vi or vim and the difference that can make.Using :x instead of :wq when saving files with vi or vim The vi and vim editors are the most commonly used text editors on Linux systems. When you exit either with :x instead of the more common :wq, the file will only be saved if you have just made changes to it. This can be helpful if you want to ensure that the file’s timestamp reflects its most recent changes. Just keep in mind that, if you make a change to a file and then undo those changes – like deleting a word or a line and then replacing it with the same content, this will still be seen as a change and vi or vim will save the file, updating the timestamp whether you use :x or :wq.To read this article in full, please click here

Using command options and arguments to get just the right output on Linux

Arista switches target ultra-low latency networking demands

Arista Networks has unveiled a portfolio of 25G Ethernet switches aimed at supporting data center, financial, industrial control applications that demand high-performance and extremely low latency.The new 7130 25G Series boxes are a significant power and features upgrade over the vendor’s current 7130 10G Ethernet line of devices and promise to reduce link latency 2.5-fold for data transmission by reducing queuing, serialization delays and eliminating the need for latency-inducing Forward Error Correction (FEC) typically required by 25G Ethernet, according to the vendor. In addition the new switches eliminate the need for multiple cables and switches to set up and support the current level of low-latency networks, according to Martin Hull, vice president of Cloud Titans and Platform Product Management with Arista Networks in a blog about the new switches.To read this article in full, please click here

Guest Post: Moving Secrets Where They Belong

by Simen A.W. Olsen

Pulumi recently shipped Pulumi ESC, which adds the “Environment” tab to Pulumi Cloud. For us at Bjerk, this means we can move secrets into a secrets manager like Google Secrets Manager. Let me show you how we did it!

We are already rotating secrets with our own CLI tool, which works fine, meaning we are getting notifications in our Slack channel—which everyone tends to ignore until something real breaks. If you are curious how we are handling it today, we are using our own NPM package that throws an exception if a secret has expired. To ensure everything works smoothly, we utilize a GitHub Actions workflow that is scheduled to run daily for drift checking.

The secrets are shared between stacks using StackReferences, which has served us well.

Improving security

One issue with our current setup is that we publicly store encrypted secrets in our repository. Previously, we’ve thought of using Google Secrets Manager with the GetSecret function. That comes with its own territory, such as permissions to the secret and managing those permissions—not to mention that we already use multiple secret managers/vaults.

Now, with Pulumi ESC, it’s time to pick this Continue reading

Internet-Wide Zero-Day Bug Fuels Largest-Ever DDoS Event

Ongoing Rapid Reset DDoS flood attacks exposed organizations need to patch CVE-2023-44487 immediately to head off crippling outages and business disruption.

BrandPost: Five reasons to adopt a single-vendor SASE approach

By: Gabriel Gomane, Senior Product Marketing Manager at HPE Aruba NetworkingAs organizations are moving to a cloud-centric architecture, where most applications reside in the cloud and the demand for hybrid work environment increases, security must evolve in parallel: Legacy VPNs have often provided poor user experience. Additionally, usage of VPNs without granular controls could over-extend network privilege, granting users more access to resources than necessary, increasing security risks. Traditional network architectures routed application traffic to the data center for security inspection, which is no longer practical, and impacted application performance since most applications now reside in the cloud. With data increasingly hosted in SaaS applications, organizations need to take extra steps to protect their data. Sensitive data can indeed be stored in both sanctioned and unsanctioned cloud applications (or shadow IT), and may travel over unsecured links, leading to potential risk of data loss. Employees are vulnerable to web-based threats such as phishing attacks and ransomware when browsing the internet or simply accessing emails. The explosion of IoT devices in the recent years have significantly increased the attack surface. However, IoT devices are often built on a simple design and lack sophisticated security mechanisms. Finally, organizations must comply with Continue reading

Kubernetes Unpacked 037: Improving The Developer Experience With Continuous Deployment (Sponsored)

In this sponsored episode of the Kubernetes Unpacked podcast, Kristina and Michael are joined by Adam Frank, SVP of Product and Marketing at Armory, to discuss the role of continuous deployment in the software development lifecycle. They highlight the challenges organizations face in implementing effective continuous integration and continuous deployment (CI/CD) processes and the importance of prioritizing the developer experience.

Kubernetes Unpacked 037: Improving The Developer Experience With Continuous Deployment (Sponsored)

The post Kubernetes Unpacked 037: Improving The Developer Experience With Continuous Deployment (Sponsored) appeared first on Packet Pushers.

At Zoomtopia, Small Businesses Share Transformation Stories

A recent panel discussion at Zoomtopia 2023 highlighted the transformative role of communication and collaboration platforms.

How Prisma saved 98% on distribution costs with Cloudflare R2

The following is a guest post written by Pierre-Antoine Mills, Miguel Fernández, and Petra Donka of Prisma. Prisma provides a server-side library that helps developers read and write data to the database in an intuitive, efficient and safe way.

Prisma’s mission is to redefine how developers build data-driven applications. At its core, Prisma provides an open-source, next-generation TypeScript Object-Relational Mapping (ORM) library that unlocks a new level of developer experience thanks to its intuitive data model, migrations, type-safety, and auto-completion.

Prisma ORM has experienced remarkable growth, engaging a vibrant community of developers. And while it was a great problem to have, this growth was causing an explosion in our AWS infrastructure costs. After investigating a wide range of alternatives, we went with Cloudflare’s R2 storage — and as a result are thrilled that our engine distribution costs have decreased by 98%, while delivering top-notch performance.

It was a natural fit: Prisma is already a proud technology partner of Cloudflare’s, offering deep database integration with Cloudflare Workers. And Cloudflare products provide much of the underlying infrastructure for Prisma Accelerate and Prisma Pulse, empowering user-focused product development. In this post, we’ll dig into how we decided to extend our ongoing Continue reading

BGP Labs: TCP-AO Protection of BGP Sessions

A few days after I published the EBGP session protection lab, Jeroen van Bemmel submitted a pull request that added TCP-AO support to netlab. Now that the release 1.6.3 is out, I could use it to build the Protect BGP Sessions with TCP Authentication Option (TCP-AO) lab exercise.