DHS should have a cybersecurity unit, says panel chairman

WASHINGTON -- The chairman of the U.S. House Committee on Homeland Security said Wednesday his top priority in 2017 will be to push for creation of a cybersecurity agency within the Department of Homeland Security. “DHS needs focus and resources, and they are doing a decent job, but could be doing a lot better with the help of Congress,” said U.S. Rep. Michael McCaul (R-Texas) in comments to reporters at the National Press Club. “It’s not a Republican or Democratic issue.” Ed Schipul U.S. Rep. Michael McCaul (R-Texas)To read this article in full or to leave a comment, please click here

DHS should have a cybersecurity unit, says panel chairman

WASHINGTON -- The chairman of the U.S. House Committee on Homeland Security said Wednesday his top priority in 2017 will be to push for creation of a cybersecurity agency within the Department of Homeland Security. “DHS needs focus and resources, and they are doing a decent job, but could be doing a lot better with the help of Congress,” said U.S. Rep. Michael McCaul (R-Texas) in comments to reporters at the National Press Club. “It’s not a Republican or Democratic issue.” Ed Schipul U.S. Rep. Michael McCaul (R-Texas)To read this article in full or to leave a comment, please click here

Here’s what you look like when you’re trying VR

Virtual reality at CESImage by Alexandra Wimley/BU News ServiceVirtual reality was all over CES, providing attendees with a glimpse into the computer animated future. But while show-goers were deep in their virtual worlds, photographers Ann Singer and Alexandra Wimley of BU News Service were outside looking on. Here's what they captured. Here, David Nevas, of Lawrenceville, New Jersey, tries out the Icaros virtual reality flying device at CES on Jan. 6, 2017.To read this article in full or to leave a comment, please click here

New MacBook Pros stop Apple’s skid in worldwide PC shipments

Apple's new MacBook Pros have put the brakes on a free-fall of Mac shipments globally, though they haven't provided the significant boost the company was looking for.The company's Mac shipments totaled 5.3 million units during the fourth quarter of 2016, a decline of just 0.9 percent compared to the same quarter in 2015.That compares favorably to overall Mac shipments in 2016, which totaled 18.4 million units, a decline of 9.8 percent compared to 2015, according to IDC. Apple launched the new MacBook Pros in late October, and it was considered a significant upgrade. Had the new MacBook Pros shipped for all three months, the quarterly growth may have jumped up to flat or positive territory.To read this article in full or to leave a comment, please click here

BrandPost: What Is Continuous Delivery?

Originally posted on the Puppet blog, and republished here with Puppet's permission.What is continuous delivery? How is it different from continuous deployment? How does it relate to DevOps? We get these questions a lot, we even created a handbook for continuous delivery.To read this article in full or to leave a comment, please click here

Worth Reading: The state of DNS security

Did you know that 89% of top-level domains are now signed with DNSSEC? Or that over 88% of .GOV domains and over 50% of .CZ domains are signed? Were you aware that over 103,000 domains use DANE and DNSSEC to provide a higher level of security for email? Or that 80% of clients request DNSSEC signature records in DNS queries? All these facts and much more are available in our new State of DNSSEC Deployment 2016 report. —The Internet Society

The post Worth Reading: The state of DNS security appeared first on 'net work.

Orhan Ergun 2017 CCDE Training Agenda

CCDE Training Agenda of 2017 If you have any question or comment please don’t hesitate to ask in the comment box below. 2016 & 2017 CCDE TRAINING AGENDA Bootcamp Type                                                   […]

The post Orhan Ergun 2017 CCDE Training Agenda appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

DevOps Success Requires Equal Parts Dev & Ops

‘Found a nasty bug in my (Cisco) ASA this morning’

The above headline on a post to Reddit piqued my interest this afternoon because it was in that site’s section devoted to system administration and those people know a bug when they encounter one.The Redditor elaborates: “I found a bug in my ASA today. Eth 0/2 was totally unusable and seemed ‘blocked.’ These Cisco bugs are really getting out of hand. I'm just glad I didn't open this port up to the web.”Scare quotes around blocked? Gratuitous mention of the web. I smelled a ruse before even opening the first of three pictures.No. 1, labeled “checking layer 1:”To read this article in full or to leave a comment, please click here

‘Found a nasty bug in my (Cisco) ASA this morning’

The above headline on a post to Reddit piqued my interest this afternoon because it was in that site’s section devoted to system administration and those people know a bug when they encounter one.The Redditor elaborates: “I found a bug in my ASA today. Eth 0/2 was totally unusable and seemed ‘blocked.’ These Cisco bugs are really getting out of hand. I'm just glad I didn't open this port up to the web.”Scare quotes around blocked? Gratuitous mention of the web. I smelled a ruse before even opening the first of three pictures.No. 1, labeled “checking layer 1:”To read this article in full or to leave a comment, please click here

‘Found a nasty bug in my (Cisco) ASA this morning’

The above headline on a post to Reddit piqued my interest this afternoon because it was in that site’s section devoted to system administration and those people know a bug when they encounter one.The Redditor elaborates: “I found a bug in my ASA today. Eth 0/2 was totally unusable and seemed ‘blocked.’ These Cisco bugs are really getting out of hand. I'm just glad I didn't open this port up to the web.”Scare quotes around blocked? Gratuitous mention of the web. I smelled a ruse before even opening the first of three pictures.No. 1, labeled “checking layer 1:”To read this article in full or to leave a comment, please click here

‘Found a nasty bug in my (Cisco) ASA this morning’

The above headline on a post to Reddit piqued my interest this afternoon because it was in that site’s section devoted to system administration and those people know a bug when they encounter one.The Redditor elaborates: “I found a bug in my ASA today. Eth 0/2 was totally unusable and seemed ‘blocked.’ These Cisco bugs are really getting out of hand. I'm just glad I didn't open this port up to the web.”Scare quotes around blocked? Gratuitous mention of the web. I smelled a ruse before even opening the first of three pictures.No. 1, labeled “checking layer 1:”To read this article in full or to leave a comment, please click here

IDG Contributor Network: What does the future hold for the IT services industry?

It would probably be an understatement to say the IT services industry is spooked by the recent financial results reported by major IT services providers. Both the top and the bottom lines have been under pressure. The medium-term future, and even the shorter term, have become unpredictable. Results are inconsistent, and companies have softened their guidance on future growth rates.At the same time, tech spend around the world is increasing. At the NASSCOM Product Conclave in Bangalore a couple of months ago, I was struck by the buoyancy of the start-up market. India alone is home to more than 5,000 start-ups, and this number is slated to more than double by 2020. There is no doubt the tech love affair will continue to heat up as new innovations continue to spring from both unlikely garages and sophisticated computer labs alike.To read this article in full or to leave a comment, please click here

IDG Contributor Network: What does the future hold for the IT services industry?

It would probably be an understatement to say the IT services industry is spooked by the recent financial results reported by major IT services providers. Both the top and the bottom lines have been under pressure. The medium-term future, and even the shorter term, have become unpredictable. Results are inconsistent, and companies have softened their guidance on future growth rates.At the same time, tech spend around the world is increasing. At the NASSCOM Product Conclave in Bangalore a couple of months ago, I was struck by the buoyancy of the start-up market. India alone is home to more than 5,000 start-ups, and this number is slated to more than double by 2020. There is no doubt the tech love affair will continue to heat up as new innovations continue to spring from both unlikely garages and sophisticated computer labs alike.To read this article in full or to leave a comment, please click here

Cloud-Storage Startup Panzura Raises $32M

Like Nasuni and Ctera, the startup is rethinking storage for the hybrid cloud.

BGP Flowspec Indirection

While Flowspec has been around for a while (RFC5575 was published in 1999), deployment across AS boundaries has been somewhat slow. The primary concerns in deploying flowspec are the ability to shoot oneself in the foot, particularly as poening Flowspec to customers can also open an entirely new, and not well understood, attack surface, and the simple cost of filtering packets. In theory, ASICs can filter packets based on a variety of parameters cheaply. Theory doesn’t always easily translate to practice, however.

Regardless, recent work in Flowspec is quite interesting; particularly the ability to redirect flows, rather than simply filtering them. Of course, the original RFCs did allow for the redirection of flows into a VRF on the local router, but this leaves a good bit to be desired. To make such a system work, you must actually have a VRF into which to redirect traffic; for one-off situations, such as directing attack traffic to a honey pot, building the VRF and populating it can be more work than capturing the traffic is worth. A newer draft, draft-ietf-idr-flowspec-path-redirect, aims to resolve this.

Before getting to the draft specifics, however, it is useful to review the basic concept of Continue reading

ETSI Delves Into Making Data More Relevant & Valuable

The group will act as a clearinghouse for data that is relevant to the Internet of Things.

Professionally designed ransomware Spora might be the next big thing

Security researchers have found a new ransomware program dubbed Spora that can perform strong offline file encryption and brings several innovations to the ransom payment model.The malware has targeted Russian-speaking users so far, but its authors have also created an English version of their decryption portal, suggesting they will likely expand their attacks to other countries soon.Spora stands out because it can encrypt files without having to contact a command-and-control (CnC) server and does so in a way still allows for every victim to have a unique decryption key.Traditional ransomware programs generate an AES (Advanced Encryption Standard) key for every encrypted file and then encrypts these keys with an RSA public key generated by a CnC server.To read this article in full or to leave a comment, please click here

Professionally designed ransomware Spora might be the next big thing

Security researchers have found a new ransomware program dubbed Spora that can perform strong offline file encryption and brings several innovations to the ransom payment model.The malware has targeted Russian-speaking users so far, but its authors have also created an English version of their decryption portal, suggesting they will likely expand their attacks to other countries soon.Spora stands out because it can encrypt files without having to contact a command-and-control (CnC) server and does so in a way still allows for every victim to have a unique decryption key.Traditional ransomware programs generate an AES (Advanced Encryption Standard) key for every encrypted file and then encrypts these keys with an RSA public key generated by a CnC server.To read this article in full or to leave a comment, please click here

Your Windows 10 PC may soon lock itself when you walk away

Windows 10 Insider previews are sometimes just full of surprises. An unmentioned feature in Build 15002 was recently uncovered by Windows Central that appears to be a complementary feature to Windows Hello, the biometric login system that automatically unlocks your PC when you sit in front of it.Dubbed Dynamic Lock, this newly discovered feature is designed to automatically lock down your computer when Windows detects that you’re away. It’s not clear if the feature is working yet and Microsoft has yet to discuss it publicly. For that reason it’s unknown what Dynamic Lock actually does. Though Windows Central says Microsoft’s internal name for the feature is “Windows Goodbye,” which indeed suggests a close relationship with Windows Hello.To read this article in full or to leave a comment, please click here