Iraqi hacker took credit for hijacking subdomain and defacing Trump site

A hacker, purportedly from Iraq, defaced a site previously used by President Donald Trump for campaign fundraising. The “hack” occurred Sunday on the server, secure2.donaldjtrump.com. It was short-lived.A screenshot of the defacement was posted on the subreddit Hacking. The page displayed an anonymous man in a fedora above the message: Hacked By Pro_Mast3r ~Attacker GovNothing Is ImpossiblePeace From Iraq g33xter Ars Technica reported the server was “behind Cloudflare’s content management and security platform, and does not appear to be directly linked from the Trump Pence campaign's home page. But it does appear to be an actual Trump campaign server.”To read this article in full or to leave a comment, please click here

Scaling @ HelloFresh: API Gateway

HelloFresh keeps growing every single day: our product is always improving, new ideas are popping up from everywhere, our supply chain is being completely automated. All of this is simply amazing us, but of course this constant growth brings many technical challenges.

Today I’d like to take you on a small journey that we went through to accomplish a big migration in our infrastructure that would allow us to move forward in a faster, more dynamic, and more secure way.

The Challenge

We’ve recently built an API Gateway, and now we had the complex challenge of moving our main (monolithic) API behind it — ideally without downtime. This would enable us to create more microservices and easily hook them into our infrastructure without much effort.

The Architecture

Worth Reading: Mud Slinging

Network Engineers are redefining themselves, always learning, always trying to improve themselves and marketing still puts out things like this in 2017. Sales and marketing definitely need to up their game. As my CEO said the other day: “Business is not between companies, it’s between people”. This is exactly what it’s about. If you burn my confidence by putting up stupid stuff on social media, it will affect your sales. Endorse your product on its own merits. Don’t talk down other vendors. This only makes YOU look bad. —Lost in Transit

The post Worth Reading: Mud Slinging appeared first on 'net work.

Apple, Microsoft and Amazon offer fairer deal on cloud storage

Apple, Microsoft and Amazon have agreed to give cloud storage subscribers fairer contracts after intervention by the U.K.'s Competition and Markets Authority.Such cloud storage services are typically used to store photos, videos, music or digital copies of important documents.If the services shut down or vary their capacity or prices without notice, customers can lose their data, or be held hostage.The CMA asked the storage service providers to give adequate notice before closing, suspending or changing services, and to allow customers to cancel their contracts and receive a pro-rata refund if they didn't accept service changes.The regulator last year obtained similar undertakings from Google, Dropbox and five other cloud storage providers.To read this article in full or to leave a comment, please click here

Free Webinar – DMZ Anywhere.Let’s talk about DMZ security design options

This is a free webinar but requires registration and seats are limited thus please register immediately. Webinar on Tuesday, February 28, 2017 7:00 PM – 8:30 PM AST. REGISTER Agenda Introduction to Security Zones What’s DMZ? Why do we need DMZ? Physical vs Logical Network Segmentation Emerging Technologies (Virtualization, Micro Segmentation) Benefits of DMZ Anywhere […]

The post Free Webinar – DMZ Anywhere.Let’s talk about DMZ security design options appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Python – Kirk Byers Course Week 3 Part 3

This post will describe the exercises and solutions for week three of Kirk Byers Python for Network Engineers.

The last exercise of the week is to create an IP address checker that checks the validity of an IP address. Here are the instructions:

IV. Create a script that checks the validity of an IP address.  The IP address should be supplied on the command line.
    A. Check that the IP address contains 4 octets.
    B. The first octet must be between 1 - 223.
    C. The first octet cannot be 127.
    D. The IP address cannot be in the 169.254.X.X address space.
    E. The last three octets must range between 0 - 255.

    For output, print the IP and whether it is valid or not.

The IP address will be supplied through the command line. Like we’ve done before we are going to check the number of arguments supplied and exit the script if the number of arguments is not two. We need to import sys so that we can use sys.argv.

import sys

if len(sys.argv) != 2:
	sys.exit("Usage: ./ip_checker.py <IP-ADDRESS>")

We’ll store the IP address as input as dotted decimal into the Continue reading

Hackers behind bank attack campaign use Russian as decoy

The hackers behind a sophisticated attack campaign that has recently targeted financial organizations around the world have intentionally inserted Russian words and commands into their malware in an attempt to throw investigators off.Researchers from cybersecurity firm BAE Systems have recently obtained and analyzed additional malware samples related to an attack campaign that has targeted 104 organizations -- most of them banks -- from 31 different countries.They found multiple commands and strings in the malware that appear to have been translated into Russian using online tools, the results making little sense to a native Russian speaker.To read this article in full or to leave a comment, please click here

Hackers behind bank attack campaign use Russian as decoy

The hackers behind a sophisticated attack campaign that has recently targeted financial organizations around the world have intentionally inserted Russian words and commands into their malware in an attempt to throw investigators off.Researchers from cybersecurity firm BAE Systems have recently obtained and analyzed additional malware samples related to an attack campaign that has targeted 104 organizations -- most of them banks -- from 31 different countries.They found multiple commands and strings in the malware that appear to have been translated into Russian using online tools, the results making little sense to a native Russian speaker.To read this article in full or to leave a comment, please click here

BrandPost: Increasing Agility with a Modern Storage Network

The combination of heated competition and high customer expectations is feeding the demand for greater operational agility in every organization. Employees must have the ability to transform massive amounts of data into actionable insight while delivering the superior service customers demand. That calls for a more responsive, reliable IT infrastructure—but organizations also need to minimize delays, costs, and downtime while they make that infrastructure more agile.Although IT teams are under pressure to respond promptly and cost-effectively to changes in both the market and the IT environment, it's impossible to predict new demands from the lines of business, new competitive threats, or how much bandwidth to allocate for applications that don't yet exist. All you really know is that you must prepare your infrastructure for any possibility.To read this article in full or to leave a comment, please click here

Using DCNM to Automate Cisco FabricPath Operations

In my final post on Cisco’s Data Center Network Manager (DCNM), I’m taking a look at the deployment capabilities and templating features which allow configuration to be deployed automatically to multiple devices. In its simplest case, this might be used to set a new local username / password on all devices in the fabric, but in theory it can be used for much more.

DCNM

DCNM Scripting

Let’s get one thing straight right out of the gate: this ain’t no Jinja2 templating system. While DCNM’s templates support the use of variables and some basic loop and conditional structures, the syntax is fairly limited and the only real-time interaction with the device during the execution of the template amounts to a variable containing the output of the last command issued. There are also very few system variables provided to tell you what’s going on. For example I couldn’t find a variable containing the name of the current device; I had to issue a hostname command and evaluate the response in order to confirm which device I was connecting to. That said, with a little creativity and a lot of patience, it’s possible to develop scripts which do useful things to the fabric.

Continue reading

IDG Contributor Network: People Power brings bots and A.I. to home security systems

Ever since smart thermostat maker Nest burst onto the scene with its unique combination of beautiful design and A.I.-powered automation, there has been increasing attention about how A.I. can be applied to the so-called smart home. The fact that Google acquired Nest and then, by all accounts, proceeded to screw up the opportunity that Nest created, doesn't in any way lessen the importance and opportunity that smart homes creates. So it was interesting to hear of another play, this time a combined software and hardware one.To read this article in full or to leave a comment, please click here

12 steps to small business security

Swimming upstream?Image by ThinkstockIf you’re a small to midsized business and you wing it when it comes to network management and security then it’s not a question of if you will have a disaster, it’s merely a question of when. Why? Because malware, accidents and disasters are all waiting in the wings to pop out and make your life hell and cost you lots of money. Now I won’t lie to you, getting insulated from the bad stuff isn’t cheap, but if you think security and reliability is expensive, try fixing a disaster. Here are 12 steps that will, in the long run, make your business safer. Think you’ve got this covered? How many have you got in place?To read this article in full or to leave a comment, please click here

12 steps to small business security

Swimming upstream?Image by ThinkstockIf you’re a small to midsized business and you wing it when it comes to network management and security then it’s not a question of if you will have a disaster, it’s merely a question of when. Why? Because malware, accidents and disasters are all waiting in the wings to pop out and make your life hell and cost you lots of money. Now I won’t lie to you, getting insulated from the bad stuff isn’t cheap, but if you think security and reliability is expensive, try fixing a disaster. Here are 12 steps that will, in the long run, make your business safer. Think you’ve got this covered? How many have you got in place?To read this article in full or to leave a comment, please click here

IDG Contributor Network: Stretchable screens will follow upcoming flexible ones

The smartphone in its current guise has been around for 10 years, and in that time it hasn’t changed form-factor much—a somewhat boring rectangular slab of plastic. Big deal.Ten years, however, are eons in tech life. Therefore one could ask just why haven’t smartphones morphed their shape in this decade of otherwise spectacular technological advancement? Have we really reached the pinnacle of communications tool design? More likely, a technical limitation.Samsung, though, is reportedly aiming to launch flexible devices soon, according to the Korea Herald. One of them is a “bendable Virtual Reality device with a flexible OLED display that can be bent to cover a user’s eyes completely,” for example, it says.To read this article in full or to leave a comment, please click here

New products of the week 2.20.17

New products of the weekImage by RiverbedOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Ambra for DevelopersImage by ambraTo read this article in full or to leave a comment, please click here

New products of the week 2.20.17

New products of the weekImage by RiverbedOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Ambra for DevelopersImage by ambraTo read this article in full or to leave a comment, please click here

Microsoft eyes Indian startups for cloud services

Microsoft is targeting Indian startups with its cloud services, and has signed up more than 2,000 such customers in the country in the last 12 months, the company’s CEO Satya Nadella said Monday at an event for startups in Bangalore.A large opportunity ahead for the company is the large number of developers who are building their services around a biometric database, consisting of fingerprints and iris scans, which the country has created of over 1 billion of its people.Under a new program for the digital exchange of information, called India Stack, the government is offering the biometric system, called Aadhaar, as an authentication mechanism for a variety of services offered by the private sector.To read this article in full or to leave a comment, please click here

Q&A: Migrating to Modern Data Center Infrastructure

One of my readers sent me a list of questions after watching some of my videos, starting with a generic one:

While working self within large corporations for a long time, I am asking myself how it will be possible to move from messy infrastructure we grew over the years to a modern architecture.

Usually by building a parallel infrastructure and eventually retiring the old one, otherwise you’ll end up with layers of kludges. Obviously, the old infrastructure will lurk around for years (I know people who use this approach and currently run three generations of infrastructure).

Read more ...
1 2,287 2,288 2,289 2,290 2,291 3,835