5 signs we’re finally getting our act together on security

The high-water line in information security gets higher each year. Just as we think we’ve finally figured out how to defend against attacks, then attackers come up with something new and we are right back to trying to figure out what to do next.For example, ransomware has surged in the last year. Although that kind of malware has been around for years, the current model of encrypting user files to hold data hostage came about just recently. Infections quadrupled in 2016, with the FBI estimating an average of 4,000 attacks a day. A recent IBM survey of 600 business leaders in the United States found that one in two had experienced a ransomware attack in the workplace, and that companies paid the ransom 70 percent of the time. As a result, criminals are on track to make nearly $1 billion this year from ransomware, IBM X-Force said.To read this article in full or to leave a comment, please click here

5 signs we’re finally getting our act together on security

The high-water line in information security gets higher each year. Just as we think we’ve finally figured out how to defend against attacks, then attackers come up with something new and we are right back to trying to figure out what to do next.For example, ransomware has surged in the last year. Although that kind of malware has been around for years, the current model of encrypting user files to hold data hostage came about just recently. Infections quadrupled in 2016, with the FBI estimating an average of 4,000 attacks a day. A recent IBM survey of 600 business leaders in the United States found that one in two had experienced a ransomware attack in the workplace, and that companies paid the ransom 70 percent of the time. As a result, criminals are on track to make nearly $1 billion this year from ransomware, IBM X-Force said.To read this article in full or to leave a comment, please click here

Apple’s 10 biggest wins, fails, and WTF moments of 2016

Apple has been doomed for decades, if the steady stream of headlines about the company, its stock price, and its product lineup are to be believed. If The Macalope has taught us anything, it's that the Apple deathwatch business is a brisk (and bizarre) one. The truth is much more complex. But by any measure, 2016 was a particularly tough year for Apple.The company endured a bitter legal fight with the FBI, saw its first revenue decline in more than a decade, and faced backlash over hardware tweaks in its upgraded flagship products: the iPhone 7’s lack of a 3.5mm audio jack and the overhauled MacBook Pro’s less-than-pro specs for a decidedly pro price.To read this article in full or to leave a comment, please click here

What to do if your data is taken hostage

Getting duped online by a cybercriminal is infuriating. You let your guard down for a minute and the thieves find their way in to your machine.And then the “fun” begins if ransomware is involved. Hopefully you have your data backed up, but if not now starts the dance with those who have ultimately taken you hostage. Ransomware is obviously analogous to kidnapping, and dealing with the perpetrators can feel much like negotiating with a jumper standing on the edge of high-rise roof.Look no further for help than the Institute for Critical Infrastructure Technology report that in part describes how to deal with criminals when they are holding your data hostage. The report talks of what to do once a breach has been found.To read this article in full or to leave a comment, please click here

What to do if your data is taken hostage

Getting duped online by a cybercriminal is infuriating. You let your guard down for a minute and the thieves find their way in to your machine.And then the “fun” begins if ransomware is involved. Hopefully you have your data backed up, but if not now starts the dance with those who have ultimately taken you hostage. Ransomware is obviously analogous to kidnapping, and dealing with the perpetrators can feel much like negotiating with a jumper standing on the edge of high-rise roof.Look no further for help than the Institute for Critical Infrastructure Technology report that in part describes how to deal with criminals when they are holding your data hostage. The report talks of what to do once a breach has been found.To read this article in full or to leave a comment, please click here

Source-Specific Multicast Configuration

How Does Internet Work - We know what is networking

In SSM, Source-Specific Multicast, things are done differently from standard multicast forwarding. SSM is specifying a group of hosts that are receiving same multicast stream using group IP address and additionally using stream unicast source IP. In this article it is shown how to configure Source Specific Multicast on Cisco and Juniper equipment. In standard multicast, forwarding is done using group IP address which is an IP from multicast dedicated range 224.0.0.0/4 (224.0.0.0 – 239.255.255.255) or FF00::/8 in IPv6. Each multicast group IP address is a single address which specifies all hosts receiving a specific stream, streamed towards that group

Source-Specific Multicast Configuration

OpenBSD on the Sixth Generation Intel NUC

Sixth Generation Intel NUC

I recently decided it would be fun to upgrade the hardware on my main OpenBSD machine at home (because, you know, geek). These Intel NUC machines are pretty interesting. They are pretty powerful, support a decent amount of RAM, certain models support internal storage, and they are very low power and low noise. Perfect for a machine that is a shell/email/development box.

IoT saves lives but infosec wants to change that

The cybersecurity industry mocks/criticizes IoT. That's because they are evil and wrong. IoT saves lives. This was demonstrated a couple weeks ago when a terrorist attempted to drive a truck through a Christmas market in German. The truck has an Internet-connected braking system. When it detected the collision, it deployed the brakes, bringing the truck to a stop. Injuries and deaths were a 10th of the similar Nice truck attack earlier in the year.

All the trucks shipped by Scania in the last five years have had mobile phone connectivity to the Internet. Scania pulls back telemetry from trucks, for the purposes of improving drivers, but also to help improve the computerized features of the trucks. They put everything under the microscope, such as how to improve air conditioning to make the trucks more environmentally friendly.

Among their features is the "Autonomous Emergency Braking" system. This is the system that saved lives in Germany.

You can read up on these features on their website, or in their annual report [*].


My point is this: the cybersecurity industry is a bunch of police-state fetishists that want to stop innovation, to solve the "security" problem first before allowing innovation Continue reading

30% off Logitech Wireless Keyboard with Touchpad for Internet-Connected TVs – Deal Alert

Logitech's K400 Wireless Keyboard for internet-enabled TVs is designed to be compact, comfortable, quiet, and easy to use from the comfort of your couch. It features a familiar key layout and a large 3.5-inch touchpad. A 33-foot range makes for a trouble free connection even in large rooms, and its battery is strong, lasting up to a year and a half without needing a charge, even with 2 hours of typing per day. The keyboard averages 4.5 out of 5 stars on Amazon from over 1,700 customers (read reviews). It's regular list price of $39.99 has been reduced by 30% to just $27.99. See the discounted K400 wireless keyboard now on Amazon.To read this article in full or to leave a comment, please click here

Critical flaw in PHPMailer library puts millions of websites at risk

A critical remote code execution vulnerability in PHPMailer, one of the most widely used PHP email sending libraries, could put millions of websites at risk of hacking.The flaw was found by a security researcher named Dawid Golunski and an initial fix was included in PHPMailer 5.2.18, which was released Saturday. However, it turns out that the patch was incomplete and can be bypassed.To read this article in full or to leave a comment, please click here

Critical flaw in PHPMailer library puts millions of websites at risk

A critical remote code execution vulnerability in PHPMailer, one of the most widely used PHP email sending libraries, could put millions of websites at risk of hacking.The flaw was found by a security researcher named Dawid Golunski and an initial fix was included in PHPMailer 5.2.18, which was released Saturday. However, it turns out that the patch was incomplete and can be bypassed.To read this article in full or to leave a comment, please click here

Using Guzzle and PHPUnit for REST API Testing

Using Guzzle and PHPUnit for REST API Testing

Using Guzzle and PHPUnit for REST API Testing

APIs are increasingly becoming the backbone of the modern internet - whether you're ordering food from an app on your phone or browsing a blog using a modern JavaScript framework, chances are those requests are flowing through an API. Given the need for APIs to evolve through refactoring and extension, having great automated tests allows you to develop fast without needing to slow down to run manual tests to work out what’s broken. Additionally, by having tests in place you’re able to firmly identify the requirements that your API should meet, your API tests effectively form a tangible and executable specification. API Testing offers an end-to-end mechanism of testing the behaviour of your API which has advantages in both reliability and also development productivity.

In this post I'll be demonstrating how you can test RESTful APIs in an automated fashion using PHP, by building a testing framework through creative use of two packages - Guzzle and PHPUnit. The resulting tests will be something you can run outside of your API as part of your deployment or CI (Continuous Integration) process.

Guzzle acts as a powerful HTTP client which we can use to simulate HTTP Requests against our API. Though PHPUnit Continue reading

Voice Gateway and Voice VRF – Caveats

Many networks leverage what is known as a VRF. These are used for traffic isolation and create separate routing instances within a router. It is important that vrf awareness is confirmed for any service (DHCP, Voice GW, etc) being locally provided for a given point in the network. One use case for such a configuration might be for voice isolation with or without MPLS. In the case that a router is providing voice gateway functionality (i.e. FXO/FXS to VOIP), the voice functions must understand the VRF construct in order to properly fulfill the role.

TL;DR–This configuration sometimes does not behave as expected and, in my experience, may require a reboot after following the documented procedure.

The configuration for VRF-Aware H.323 and SIP for Voice Gateways can be found at the URL below.

http://www.cisco.com/c/en/us/td/docs/ios/12_4t/12_4t15/stork.html

Notice that it makes reference to the fact that the services need to be restarted–

To configure a voice VRF, you must shut down voice services on the gateway, assign a previously defined VPN VRF to the VoIP SPI, and then restart voice services.

As one researches this particular configuration, the concept of voice “multi-vrf” will likely come up. Based on my Continue reading

25% off Samsung SmartThings Hub For Smart Homes – Deal Alert

Designed to be the heart of your smart home, the Samsung SmartThings Hub connects wirelessly to hundreds of compatible smart devices, so you can monitor, manage, and secure your home from anywhere. Simply pair other Samsung SmartThings devices with the Hub and enjoy full control and customization of all your devices via the free Samsung SmartThings app, or even with your voice via Amazon's Alexa service. The hub currently lists for $100, but Amazon has it for 25% off, so you can grab it for just $75. Check it out on Amazon.To read this article in full or to leave a comment, please click here