A Turkish hacker is giving out prizes for DDoS attacks

A hacker in Turkey has been trying to encourage distributed denial-of-attacks by making it into a game, featuring points and prizes for attempting to shut down political websites. The DDoS platform, translated as Surface Defense in English, has been prompting other hackers in Turkey to sign up and score points, according to security firm Forcepoint which uncovered it. Users that participate will be given a tool known as Balyoz, the Turkish word for Sledgehammer, that can be used to launch DDoS attacks against a select number of websites. For every ten minutes they attack a website, the users will be awarded a point, which can then be used to obtain rewards. These prizes include a more powerful DDoS attacking tool, access to bots designed to generate revenue from click fraud,  and a prank program that can infect a computer and scare the victim with sounds and images.To read this article in full or to leave a comment, please click here

Scoring the DNS Root Server System, Pt2 – A Sixth Star?

In November I wrote about some simple tests that I had undertaken on the DNS Root nameservers. The tests looked at the way the various servers responded when they presented a UDP DNS response that was larger than 1,280 octets. I awarded each of the name servers up to five stars depending on how that managed to serve such large responses in IPv4 and IPv6. I'd like to return to this topic by looking at one further aspect of DNS server behaviour, namely the way in which servers handle large UDP responses over IPv6.

Configuring the Future for FPGAs in Genomics

With the announcement of FPGA instances hitting the Amazon cloud and similar such news expected from FPGA experts Microsoft via Azure, among others, the lens was centered back on reconfigurable hardware and the path ahead. This has certainly been a year-plus of refocusing for the two main makers of such hardware, Altera and Xilinx, with the former being acquired by Intel and the latter picking up a range of new users, including AWS.

In addition to exploring what having a high-end Xilinx FPGA available in the cloud means for adoption, we talked to a couple of companies that have carved

Configuring the Future for FPGAs in Genomics was written by Nicole Hemsoth at The Next Platform.

Qualcomm’s new chip may be too late as ARM server market fades

After more than half a decade in the making, ARM server chips should have struck gold by now, but they haven't. ARM servers were projected to be approaching a double-digit server market share, but they still are virtually non-existent.Keeping market realities in mind, Qualcomm earlier this year said it would take a wait-and-watch approach before making a splash with its ARM server chips. While ARM servers adoption has been poor, Qualcomm decided to go ahead and launch the chips.In the making for two years, Qualcomm's Centriq 2400 server chips have 48 cores and are now being sent as samples to companies. Volume shipments of the chips will start in the second half next year.To read this article in full or to leave a comment, please click here

Orin’s flawed argument on IP address privacy

In the PlayPen cases, judges have ruled that if you use the Tor network, then you don't have a reasonable expectation of privacy. It's a silly demonstration of how the law is out of sync with reality, since the entire point of using Tor is privacy.

Law prof Orin Kerr has a post discussing it. His conclusion is correct, that when the FBI exploits 0day and runs malware on your computer, then it's a search under the Fourth Amendment, requiring a warrant upon probable cause.

However, his reasoning is partly flawed. The title of his piece, "Remotely accessing an IP address inside a target computer is a search", is factually wrong. The IP address in question is not inside a target computer. This may be meaningful.


First, let's discuss how the judge reasons that there's no expectation of privacy with Tor. This is a straightforward application if the Third Party Doctrine, that as soon as you give something to a third party, your privacy rights are lost. Since you give your IP address to Tor, you lose privacy rights over it. You don't have a reasonable expectation of privacy: yes, you have an expectation of privacy, Continue reading

Get all the Docker talks from Tech Field Day 12

Tech Field DayAs 2016 comes to a close, we are excited to have participated in a few of the Tech Field Day and inaugural Cloud Field Day events to share the Docker technology with the IT leaders and evangelists that Stephen Foskett and Tom Hollingsworth have cultivated into this fantastic group.  The final event was Tech Field Day 12 hosting in Silicon Valley.

In case you missed the live stream, check out videos of the sessions here.

Session 1: Introduction to Docker and Docker Datacenter

Session 2: Securing the Software Supply Chain with Docker

Session 3: Docker for Windows Server and Windows Containers

Session 4: Docker for AWS and Azure

Session 5: Docker Networking Fabric

These are great overviews of the Docker technology applied to enterprise app pipelines, operations, and  diverse operating systems and cloud environments. And most importantly, this was a great opportunity to meet some new people and get them excited about what we are excited about.

 

Visit the Tech Field Day site to watch more videos from previous events, read articles written by delegates or view the conversation online.

New #Docker videos from #TFD12 @TechFieldDay w/ @SFoskett @GestaltIT Continue reading

Democrats unveil bill to probe Russia’s role in alleged election hacks

U.S. lawmakers are pushing for a government probe into whether Russia may have interfered with the presidential election by hacking high-profile political targets.  On Wednesday, two Democratic representatives unveiled legislation that proposes to form a 12-member bipartisan commission to investigate the electronic means Russia may have used to influence the U.S. election."Regardless of whether you voted for Donald Trump, Hillary Clinton, or anyone else, Russia’s attacks on our election are an attempt to degrade our democracy," said Representative Elijah Cummings of Maryland, one of the sponsors of the bill.To read this article in full or to leave a comment, please click here

Democrats unveil bill to probe Russia’s role in alleged election hacks

U.S. lawmakers are pushing for a government probe into whether Russia may have interfered with the presidential election by hacking high-profile political targets.   On Wednesday, two Democratic representatives unveiled legislation that proposes to form a 12-member bipartisan commission to investigate the electronic means Russia may have used to influence the U.S. election. "Regardless of whether you voted for Donald Trump, Hillary Clinton, or anyone else, Russia’s attacks on our election are an attempt to degrade our democracy," said Representative Elijah Cummings of Maryland, one of the sponsors of the bill.To read this article in full or to leave a comment, please click here

Worth Reading: Marai Strikes Again

More than 900,000 customers of German ISP Deutsche Telekom (DT) were knocked offline this week after their Internet routers got infected by a new variant of a computer worm known as Mirai. The malware wriggled inside the routers via a newly discovered vulnerability in a feature that allows ISPs to remotely upgrade the firmware on the devices. But the new Mirai malware turns that feature off once it infests a device, complicating DT’s cleanup and restoration efforts. —Krebs on Security

LinkedInTwitterGoogle+Facebook

The post Worth Reading: Marai Strikes Again appeared first on 'net work.

Еxtension of iptables Rules on oVirt 4.0 Hosts

In one of my last articles I described the example of installing HP System Management Tools to the physical server HP ProLiant DL360 G5 with CentOS Linux 7.2. After a while, the same exact server was used as a virtualization host and the oVirt Hosted Engine components were deployed on it. The host was put into maintenance mode recently, all packages were upgraded from the online repository, including the HP tool pack installed on it.

After the installation, I decided to check the workability of the upgraded tools. I also tried to open the web page of HP System Management homepage, but I didn’t succeed, because the host was simply blocking TCP port 2381.

Firewalld service was stopped on the host and the iptables was loaded with a set of rules, which was typical for oVirt. Moreover, the rules on all oVirt hosts, which I was deploying with the oVirt Engine web console, were the same.

In order to edit the rules, which are shared and centralized to all hosts from the oVirt Engine, we need to use the engine-config tool within the Engine server.

The engine-config tool has a large set of keys, which set the oVirt infrastructure Continue reading

Cisco whacks its Secure Access Control System

Cisco this week this week announced the death of its Secure Access Control System – a package customers use to manage access to network resources. Cisco said the last day customers can order the system is August 30, 2017. For customers with active and paid service and support contracts, support will be available under the terms and conditions of customers' service contract the company said. The last date that Cisco Engineering will release any final software maintenance releases or bug fixes is Aug. 30, 2018. After this date, Cisco Engineering will no longer develop, repair, maintain, or test the product software, the company said.To read this article in full or to leave a comment, please click here

Cisco whacks its Secure Access Control System

Cisco this week this week announced the death of its Secure Access Control System – a package customers use to manage access to network resources. Cisco said the last day customers can order the system is August 30, 2017. For customers with active and paid service and support contracts, support will be available under the terms and conditions of customers' service contract the company said. The last date that Cisco Engineering will release any final software maintenance releases or bug fixes is Aug. 30, 2018. After this date, Cisco Engineering will no longer develop, repair, maintain, or test the product software, the company said.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Serverless: The next step in cloud computing’s evolution

From conferences around the world, to colleagues, customers and partners, I’m seeing firsthand that the industry is abuzz over serverless computing.Expectations are high and steadily growing for how this new architecture can revolutionize the way organizations approach development and innovation.Defining serverless First, know that “serverless” itself is a bit of a misnomer. There are servers involved behind the scenes, of course, but as you’ll see, they’re abstracted in such a way that developers are free from having to address operational concerns and instead focus on the creativity of writing code.One way to think about the concepts supporting a serverless architecture is to look at them as a set of three layers that sit atop your existing compute, network and storage resources: fabric, framework and functions.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Which IoT applications work best with fog computing?

Sometimes you really are on your own. And calling for directions isn’t feasible.It’s the same with many IoT systems. Centrally processing large volumes of sensor data slows decision making and increases bandwidth demand. Many decisions are better made close to the source.Which decisions should be made close to the network edge and which centrally? Where are the trade-offs? Which applications are best suited for local decision making? Three fog computing experts share some insights.To read this article in full or to leave a comment, please click here

EPIC takes aim at IoT toys Cayla and i-Que that spy on kids, files complaint with FTC

The Electronic Privacy Information Center (EPIC) is calling upon the Federal Trade Commission (FTC) to take action against “toys that spy” and violate federal privacy law. In particular, EPIC has issues with My Friend Cayla dolls and i-Que Robots which “subject young children to ongoing surveillance.”EPIC – along with Campaign for Commercial Free Childhood, the Center for Digital Democracy, and the Consumers Union – are working “to ban these toys from the marketplace.”To read this article in full or to leave a comment, please click here

EPIC takes aim at IoT toys Cayla and i-Que that spy on kids, files complaint with FTC

The Electronic Privacy Information Center (EPIC) is calling upon the Federal Trade Commission (FTC) to take action against “toys that spy” and violate federal privacy law. In particular, EPIC has issues with My Friend Cayla dolls and i-Que Robots which “subject young children to ongoing surveillance.”EPIC – along with Campaign for Commercial Free Childhood, the Center for Digital Democracy, and the Consumers Union – are working “to ban these toys from the marketplace.”To read this article in full or to leave a comment, please click here

1 2,417 2,418 2,419 2,420 2,421 3,787