IDG Contributor Network: Barracuda protects industrial IoT with network-based firewall

Many industrial IoT systems have open doors that create unintended vulnerabilities. What information could be exposed by open communications protocols? How do hackers identify vulnerable systems? What security resources are available? How do IoT firewalls protect against such threats?TCP Port 502 vulnerabilities Many industrial systems use TCP Port 502, which allows two hosts to establish a connection and exchange streams of data. TCP guarantees delivery of data and that packets will be delivered on port 502 in the same order in which they were sent. This creates the risk of remote attackers to install arbitrary firmware updates via a MODBUS 125 function code to TCP port 502. Scans from services such as Shodan identify systems that have an open TCP port 502 that could be vulnerable.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Migrating to the cloud: You want me to lift and shift what?

I recently participated in a webinar, and one of the questions I was asked made me think about a great first topic for this blog: What are the key drivers to keep an application and “lift and shift”?If you’re in a company that has a plan to move to the cloud, you’ve probably been asked what it is going to take to move an existing application to the cloud. In one of my previous roles, our CIO gave us the mandate that we were going to move everything out of one of our expensive data centers to the cloud within two years, so I saw a lot of “lift and shift” requests. But not a single one of those requests resulted in a lift and shift.Let’s review the benefits of running in the cloud and then see if we can characterize the types of applications that will run well in the cloud.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Migrating to the cloud: You want me to lift and shift what?

I recently participated in a webinar, and one of the questions I was asked made me think about a great first topic for this blog: What are the key drivers to keep an application and “lift and shift”?If you’re in a company that has a plan to move to the cloud, you’ve probably been asked what it is going to take to move an existing application to the cloud. In one of my previous roles, our CIO gave us the mandate that we were going to move everything out of one of our expensive data centers to the cloud within two years, so I saw a lot of “lift and shift” requests. But not a single one of those requests resulted in a lift and shift.Let’s review the benefits of running in the cloud and then see if we can characterize the types of applications that will run well in the cloud.To read this article in full or to leave a comment, please click here

Micron’s SolidScale system pushes SSDs out to shared storage

SSDs operate the fastest when inside a computer. Micron's new SolidScale storage system uproots SSDs from servers and pushes them into discrete boxes while reducing latency.SolidScale is a top-of-the-rack storage system that will house many SSDs. It will connect to servers, memory, and other computing resources in a data center via gigabit ethernet, and will use the emerging NVMeoF (NVMe over Fabric) 1.0 protocol for data transfers.The new storage system is faster than regular storage arrays, Micron claimed. SolidScale can deliver data more than two times faster than a standard all-flash array.SolidScale is a step in decoupling SSDs from servers and putting them into shared storage in data centers. It also provides a power-efficient way of packing fast storage into tight spaces.To read this article in full or to leave a comment, please click here

Micron’s SolidScale system pushes SSDs out to shared storage

SSDs operate the fastest when inside a computer. Micron's new SolidScale storage system uproots SSDs from servers and pushes them into discrete boxes while reducing latency.SolidScale is a top-of-the-rack storage system that will house many SSDs. It will connect to servers, memory, and other computing resources in a data center via gigabit ethernet, and will use the emerging NVMeoF (NVMe over Fabric) 1.0 protocol for data transfers.The new storage system is faster than regular storage arrays, Micron claimed. SolidScale can deliver data more than two times faster than a standard all-flash array.SolidScale is a step in decoupling SSDs from servers and putting them into shared storage in data centers. It also provides a power-efficient way of packing fast storage into tight spaces.To read this article in full or to leave a comment, please click here

Automated mitigation on endpoint devices and networks can be tricky

Many companies have automated systems in place for preventing, detecting, and investigating security incidents, but automating the incident response and mitigation process for networks and endpoint devices has been a tougher nut to crack.That includes actions such as automatically re-imaging endpoint devices, isolating devices from corporate networks, or shutting down particular network processes in order to quickly and efficiently respond to attacks."I think there's a lot of potential," said Joseph Blankenship, analyst at Forrester Research. "We're definitely in a period of discovery, though, and that has to take place before we're going to see widespread, mainstream adoption."To read this article in full or to leave a comment, please click here

Automated mitigation on endpoint devices and networks can be tricky

Many companies have automated systems in place for preventing, detecting, and investigating security incidents, but automating the incident response and mitigation process for networks and endpoint devices has been a tougher nut to crack.That includes actions such as automatically re-imaging endpoint devices, isolating devices from corporate networks, or shutting down particular network processes in order to quickly and efficiently respond to attacks."I think there's a lot of potential," said Joseph Blankenship, analyst at Forrester Research. "We're definitely in a period of discovery, though, and that has to take place before we're going to see widespread, mainstream adoption."To read this article in full or to leave a comment, please click here

How to protect yourself in an age of insecurity

At a time where state actors have working exploits that target smart TVs and undisclosed zero-day exploits of fully patched PC and smartphone platforms, there is no question that practicing safe computing is more important than ever. While there is no silver bullet for you to protect yourself against constantly evolving security threats, there are some steps you can take to reduce your likelihood of being a victim in this age of insecurity.Good online habits For all the sophistication of modern exploits, the traditional warning about how files haring is a hotbed for malware is as valid today as ever. It is a good practice not to download and run software from untrusted online sources or via peer-to-peer networks. Hackers have been known to take legitimate software and infect it with malware before distributing it to the unsuspecting. Some even take the extra step of removing copy protection on licensed software to sweeten the bait.To read this article in full or to leave a comment, please click here(Insider Story)

How to protect yourself in an age of insecurity

At a time where state actors have working exploits that target smart TVs and undisclosed zero-day exploits of fully patched PC and smartphone platforms, there is no question that practicing safe computing is more important than ever. While there is no silver bullet for you to protect yourself against constantly evolving security threats, there are some steps you can take to reduce your likelihood of being a victim in this age of insecurity.To read this article in full or to leave a comment, please click here(Insider Story)

Social media breaks more common among teens than you might think

I did wonder whether my youngest teenage son would return from a recent week-long service trip on which electronic devices were banned quivering from some sort of social media withdrawal, but he survived just fine and the salmon in Washington State thank him for his efforts.Despite what you might see all around you, teens taking either voluntary or involuntary hiatuses from social media apparently isn't entirely unusual: A new survey of nearly 800 Americans between the ages of 13 and 17 found that 58% of them reported taking significant breaks from the likes of Snapchat and Instagram.What's more, 65% of those teens claimed to have done so voluntarily, according to the Associated Press-NORC Center for Public Affairs Research survey. Also, one in five teens who haven't taken a break say they would like to do so.To read this article in full or to leave a comment, please click here

How to protect your data when using public Wi-Fi

Many people are not aware of this, but Wi-Fi hotspots at Starbucks, Barnes & Noble or your local hotel that offers it as a complimentary service are not safe for confidential browsing, performing financial transactions or for viewing your emails.Public Wi-Fi does not offer encryption for individuals using the same password and hotspot. Also, your signals are broadcast across the immediate area. It is easy for someone else within your vicinity to eavesdrop on your communication. An unskilled hacker can intercept your signal using a phony hotspot or a tampering software that can be found on a search engine.+ Also on Network World: 4 lesser-known Wi-Fi security threats and how to defend against them + The first task of a hacker is to get on the same network as the potential victim, then they can carry out that task with a public Wi-Fi network because they have the password. It does not matter if a network password is given out by the cashier or printed in your hotel room's welcome packet, once public, your security is compromised.To read this article in full or to leave a comment, please click here

How to protect your data when using public Wi-Fi

Many people are not aware of this, but Wi-Fi hotspots at Starbucks, Barnes & Noble or your local hotel that offers it as a complimentary service are not safe for confidential browsing, performing financial transactions or for viewing your emails.Public Wi-Fi does not offer encryption for individuals using the same password and hotspot. Also, your signals are broadcast across the immediate area. It is easy for someone else within your vicinity to eavesdrop on your communication. An unskilled hacker can intercept your signal using a phony hotspot or a tampering software that can be found on a search engine.+ Also on Network World: 4 lesser-known Wi-Fi security threats and how to defend against them + The first task of a hacker is to get on the same network as the potential victim, then they can carry out that task with a public Wi-Fi network because they have the password. It does not matter if a network password is given out by the cashier or printed in your hotel room's welcome packet, once public, your security is compromised.To read this article in full or to leave a comment, please click here

How eero mesh WiFi routers connect to the cloud

This is a guest post by Gabe Kassel, Product Manager for Embedded Software at eero.

Relying on a single wireless router to provide internet in every room of the home is like expecting a single light bulb to illuminate the entire house. It’s physics - WiFi radio waves don’t travel through walls or objects easily. The eero Home WiFi System is a new take on home connectivity, bucking the trend of one high-powered device in the center of the home. Instead, eero uses multiple access points that talk to each other via our proprietary mesh technology -- TrueMesh -- to spread coverage and a high throughput connection throughout a home.

eero’s hardware - its distributed access point system - solves the problem of spreading a consistent, stable WiFi signal in a home. But hardware is only part of the puzzle. On the backend of eero’s technology, we face different challenges: how do we build a highly available, high performance infrastructure that’s able to communicate with each eero device? We’ve discussed parts of our architecture previously, but we haven’t yet explored into how we use Cloudflare to eliminate one “single-point-of-failure” in our architecture.

How eeros interact with the cloud

eero Continue reading

Xen hypervisor faces third highly critical VM escape bug in 10 months

The Xen Project has fixed three vulnerabilities in its widely used hypervisor that could allow operating systems running inside virtual machines to access the memory of the host systems, breaking the critical security layer among them.Two of the patched vulnerabilities can only be exploited under certain conditions, which limits their use in potential attacks, but one is a highly reliable flaw that poses a serious threat to multitenant data centers where the customers' virtualized servers share the same underlying hardware.The flaws don't yet have CVE tracking numbers, but are covered in three Xen security advisories called XSA-213, XSA-214 and XSA-215.To read this article in full or to leave a comment, please click here

Xen hypervisor faces third highly critical VM escape bug in 10 months

The Xen Project has fixed three vulnerabilities in its widely used hypervisor that could allow operating systems running inside virtual machines to access the memory of the host systems, breaking the critical security layer among them.Two of the patched vulnerabilities can only be exploited under certain conditions, which limits their use in potential attacks, but one is a highly reliable flaw that poses a serious threat to multitenant data centers where the customers' virtualized servers share the same underlying hardware.The flaws don't yet have CVE tracking numbers, but are covered in three Xen security advisories called XSA-213, XSA-214 and XSA-215.To read this article in full or to leave a comment, please click here

Xen hypervisor faces third highly critical VM escape bug in 10 months

The Xen Project has fixed three vulnerabilities in its widely used hypervisor that could allow operating systems running inside virtual machines to access the memory of the host systems, breaking the critical security layer among them.Two of the patched vulnerabilities can only be exploited under certain conditions, which limits their use in potential attacks, but one is a highly reliable flaw that poses a serious threat to multitenant data centers where the customers' virtualized servers share the same underlying hardware.The flaws don't yet have CVE tracking numbers, but are covered in three Xen security advisories called XSA-213, XSA-214 and XSA-215.To read this article in full or to leave a comment, please click here

Books that I like

How Does Internet Work - We know what is networking

I was planning for some time now to make a list of books I read recently, here’s the list It should be something like a book reading suggestion list in order to maybe help you pick the right materials in your networking technology learning journey. On the top are the books I used most while studying for my certs but also some of them are the books that I usually carry with me on my Kindle or PDF wherever I go. It is always a good idea to have those books on you so you can have a look at

Books that I like

Join Us at World Press Freedom Day This Week!

A free and independent press, including online, is a pillar of vibrant societies. Yet, its future is in jeopardy. 
 
Press freedom is declining across the world, as surveillance of journalists and violations of the confidentiality of sources become more common. Reporters are often victims of government orders to shut down media websites or blogs in the name of national security or public order.

Nicolas Seidler

Review: Two higher-end peripherals for your notebook lifestyle

The world of smartphones and tablets hasn’t yet completely taken over the world just yet – there are lots of people who still use an old-fashioned notebook (gosh, can’t believe I’m using the term ‘old-fashioned’ and ‘notebook’ in the same sentence) for their work, whether at home, in the office or traveling.But there are still limitations to these devices when it comes to audio and video – especially if you’re looking for some higher-end quality, as well as some portability. I recently tested two such devices – the new Logitech BRIO 4K webcam and the Jabra Speak 710 Bluetooth speaker. Don’t be scared by the higher price tags compared with other webcams and speaker systems – the higher-end quality and style make up for the extra price tag.To read this article in full or to leave a comment, please click here

1 2,094 2,095 2,096 2,097 2,098 3,840