Cisco: IOS security update includes denial of service and code execution warnings

Cisco is warning IOS and IOS EXE users of five security vulnerabilities it rates as “High” that could lead to denial of service attacks or allow an invader to execute arbitrary code on an particular system.The warnings – which include Cisco’s DHCP client, L2TP, Zero Touch Provisioning, HTTP server and Web user interface -- are part of what Cisco says are a twice-yearly bundle of IOS security advisories it issues to keep those users up-to-date on current IOS security issues.To read this article in full or to leave a comment, please click here

Google cites progress in Android security, but patching issues linger

The chances of you encountering malware on your Android phone is incredibly small, according to Google.By the end of last year, less than 0.71 percent of Android devices had installed a "potentially harmful application," such as spyware, a Trojan, or other malicious software.That figure was even lower, at 0.05 percent, for Android phones that downloaded apps exclusively from the Google Play store.The internet giant revealed the figures in a new report detailing its efforts to making the Android OS secure. Thanks to better app review systems, the company is detecting and cracking down on more malware.To read this article in full or to leave a comment, please click here

Google cites progress in Android security, but patching issues linger

The chances of you encountering malware on your Android phone is incredibly small, according to Google.By the end of last year, less than 0.71 percent of Android devices had installed a "potentially harmful application," such as spyware, a Trojan, or other malicious software.That figure was even lower, at 0.05 percent, for Android phones that downloaded apps exclusively from the Google Play store.The internet giant revealed the figures in a new report detailing its efforts to making the Android OS secure. Thanks to better app review systems, the company is detecting and cracking down on more malware.To read this article in full or to leave a comment, please click here

New opportunities for augmented reality

Augmented reality, virtual reality and mixed reality are three realities that exist on the reality-virtuality continuum—and they are probably the three terms you have heard again and again.  However, there is a fourth reality you probably haven’t heard of—diminished reality.Diminished reality can be thought of as the opposite of augmented reality. Augmented reality (AR) enhances our reality by overlaying digital elements like 3D models on the physical world.  Contrary to that, diminished reality (DR) diminishes parts of the physical world. It removes unwanted objects in our view.To read this article in full or to leave a comment, please click here

Know your encryption workarounds: a paper

As The 21st Century Encryption Wars continue with no end in sight, security experts Bruce Schneier and Orin Kerr have collaborated on a paper that seeks to establish a common understanding of one aspect of the clash: encryption workarounds.  The authors consciously avoid policy recommendations, but rather hope to better the understanding of those who will do so in our political and law enforcement arenas.From the paper’s abstract: The widespread use of encryption has triggered a new step in many criminal investigations: the encryption workaround. We define an encryption workaround as any lawful government effort to reveal an unencrypted version of a target's data that has been concealed by encryption. This essay provides an overview of encryption workarounds. It begins with a taxonomy of the different ways investigators might try to bypass encryption schemes. We classify six kinds of workarounds: find the key, guess the key, compel the key, exploit a flaw in the encryption software, access plaintext while the device is in use, and locate another plaintext copy. For each approach, we consider the practical, technological, and legal hurdles raised by its use.To read this article in full or to leave a comment, please click here

Know your encryption workarounds: a paper

As The 21st Century Encryption Wars continue with no end in sight, security experts Bruce Schneier and Orin Kerr have collaborated on a paper that seeks to establish a common understanding of one aspect of the clash: encryption workarounds.  The authors consciously avoid policy recommendations, but rather hope to better the understanding of those who will do so in our political and law enforcement arenas.From the paper’s abstract: The widespread use of encryption has triggered a new step in many criminal investigations: the encryption workaround. We define an encryption workaround as any lawful government effort to reveal an unencrypted version of a target's data that has been concealed by encryption. This essay provides an overview of encryption workarounds. It begins with a taxonomy of the different ways investigators might try to bypass encryption schemes. We classify six kinds of workarounds: find the key, guess the key, compel the key, exploit a flaw in the encryption software, access plaintext while the device is in use, and locate another plaintext copy. For each approach, we consider the practical, technological, and legal hurdles raised by its use.To read this article in full or to leave a comment, please click here

Is MPLS mandatory for Traffic Engineering?

Is MPLS mandatory for Traffic Engineering? What is Traffic Engineering in the first place  ? Wikipedia defines traffic engineering as below. ” Internet traffic engineering is defined as that aspect of Internet network engineering dealing with the issue of performance evaluation and performance optimization of operational IP networks.” So we are managing the performance with […]

The post Is MPLS mandatory for Traffic Engineering? appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

5 tips to ace your next tech interview

You may feel confident going into an interview armed with your technical background and education but when it comes to tech jobs -- especially positions for engineers, developers and coders -- technical knowledge won’t be enough to get you through the interview process.To read this article in full or to leave a comment, please click here(Insider Story)

Meet the winners of the Holberton School and Docker hackathon

The last weekend in February, Holberton School and Docker held a joint Docker Hackathon where current students spent 24 hours making cool Docker hacks. Students were joined by Docker mentors who helped them along the way in addition to serving as judges for the final products. 

Here are some highlights from the hackathon.

Third place goes to… Julien, a personal assistant built with Docker and Alexa by Bobby and Larry

In their own words:

After discussing a few ideas, we settled on the idea of doing a Docker/Alexa integration that would abstract away repetitive command line interactions, allowing the user/developer to check the state of her Docker containers, and easily deploy them to production, only using voice commands. Hands free, we would prompt Alexa to interact with our Docker images and containers in various ways (ex1: “spin up image file x on server y”, “list all running containers on server z”, “deploy image a from server x to server y”) and Alexa would do it.

The main technical hurdle of the project was securely communicating between Alexa and our VMs running. To do this we used  the Java JSch library. This class gave us the ability to programmatically shell into Continue reading

Hackers threaten to wipe millions of Apple devices, demand ransom

A group of hackers is threatening to wipe data from millions of Apple devices in two weeks if the company doesn’t pay them US$150,000. The group, which calls itself Turkish Crime Family, claims to have login credentials for more than 627 million icloud.com, me.com and mac.com email addresses. These are email domains that Apple has allowed for users creating iCloud accounts over the years. Even though the Turkish Crime Family hasn't been in the media spotlight before, its members claim that they've been involved in selling stolen online databases in private circles for the past few years. The group said via email that it has had a database of about 519 million iCloud credentials for some time, but did not attempt to sell it until now. The interest for such accounts on the black market has been low due to security measures Apple has put in place in recent years, it said.To read this article in full or to leave a comment, please click here

Hackers threaten to wipe millions of Apple devices, demand ransom

A group of hackers is threatening to wipe data from millions of Apple devices in two weeks if the company doesn’t pay them US$150,000. The group, which calls itself Turkish Crime Family, claims to have login credentials for more than 627 million icloud.com, me.com and mac.com email addresses. These are email domains that Apple has allowed for users creating iCloud accounts over the years. Even though the Turkish Crime Family hasn't been in the media spotlight before, its members claim that they've been involved in selling stolen online databases in private circles for the past few years. The group said via email that it has had a database of about 519 million iCloud credentials for some time, but did not attempt to sell it until now. The interest for such accounts on the black market has been low due to security measures Apple has put in place in recent years, it said.To read this article in full or to leave a comment, please click here

Cisco closes AppDynamics deal, increases software weight

Cisco today closed its approximately $3.7 billion deal for application analytics specialist AppDynamics giving the networking giant a nice revenue stream and bolstering its software strategy.The nine-year-old company – which Cisco bought Jan. 24, days before it was to go IPO -- and its almost 1,250 employees become part of Cisco as the 17th acquisition since Chuck Robbins took the CEO reins in 2015.+More on Cisco software from Network World: Has Cisco broken out of the network hardware box?+To read this article in full or to leave a comment, please click here

Cisco closes AppDynamics deal, increases software weight

Cisco today closed its approximately $3.7 billion deal for application analytics specialist AppDynamics giving the networking giant a nice revenue stream and bolstering its software strategy.The nine-year-old company – which Cisco bought Jan. 24, days before it was to go IPO -- and its almost 1,250 employees become part of Cisco as the 17th acquisition since Chuck Robbins took the CEO reins in 2015.+More on Cisco software from Network World: Has Cisco broken out of the network hardware box?+To read this article in full or to leave a comment, please click here

Cisco closes AppDynamics deal, increases software weight

Cisco today closed its approximately $3.7 billion deal for application analytics specialist AppDynamics giving the networking giant a nice revenue stream and bolstering its software strategy.The nine-year-old company – which Cisco bought Jan. 24, days before it was to go IPO -- and its almost 1,250 employees become part of Cisco as the 17th acquisition since Chuck Robbins took the CEO reins in 2015.+More on Cisco software from Network World: Has Cisco broken out of the network hardware box?+To read this article in full or to leave a comment, please click here

1 2,158 2,159 2,160 2,161 2,162 3,793