Hacker allegedly stole logins from a US election agency

A Russian-speaking hacker has been found selling stolen login credentials for a U.S. agency that tests and certifies voting equipment, according to a security firm.The hacker was attempting to sell more than 100 allegedly compromised login credentials belonging to the U.S. Election Assistance Commission (EAC), the security firm Record Future said in a Thursday blog post. The company said it discovered online chatter about the breach on Dec. 1.Some of these credentials included the highest administrative privileges. With such access, an intruder could steal sensitive information from the commission, which the hacker claimed to have done, Recorded Future said.To read this article in full or to leave a comment, please click here

DNS and BIND demonstration using the Cloonix network emulator

The Domain Name System (DNS) is a fundamental Internet technology. Network emulators like Cloonix offer a way for researchers and students to experiment with the DNS protocol and with the various open-source implementations of DNS, such as BIND.

In this post, I will install Cloonix from the Github source code repository. I will run the Cloonix DNS demo script to create a simple DNS scenario and then run some experiments with DNS. Along the way, I will demonstrate some of the new Cloonix version 33 features.

Cloonix version 33

In this demonstration, I am using Cloonix version 33. I last used Cloonix when it was at version 29 and version 33 offers some significant changes and improvements. Compared to version 29, the major changes in version 33 are:

  • The Cloonix source code is now hosted on Github
  • The cloonix-ctrl commands have been renamed to cloonix-cli
  • The Cloonix lan object is now much simpler
  • Cloonix adds a simple GUI called cloonix_zor for managing Cloonix servers that have been started
  • The nat object replaces the cloonix slirp LAN
  • New demo scripts have been added. One of which, the DNS demo script, we will use in this demonstration

Using Cloonix version 33

If Continue reading

Introduction to StackStorm

Earlier I wrote about some fundamental principles that I believe apply to any form of automation, whether it’s network automation, or even building a virtual factory. One of the most important concepts in mature automation is autonomy; that is, a system that is more or less self-sufficent. Instead of relying on human beings for input, always try to provide that input with yet another automated piece of the system. There are several benefits to this approach:

Introduction to StackStorm

Earlier I wrote about some fundamental principles that I believe apply to any form of automation, whether it’s network automation, or even building a virtual factory.

One of the most important concepts in mature automation is autonomy; that is, a system that is more or less self-sufficent. Instead of relying on human beings for input, always try to provide that input with yet another automated piece of the system. There are several benefits to this approach:

  • Humans Make Mistakes - This is also a benefit of automation in general, but autonomy also means mistakes are lessened on the input as well as the output of an automation component.
  • Humans Are Slow - we have lives outside of work, and it’s important to be able to have a system that reacts quickly, instead of waiting for us to get to work. We need a system that is “programmed” by us, and is able to do work on our behalf.
  • Signal To Noise - Sometimes humans just don’t need to be involved. We’ve all been there - an inbox full of noisy alerts that don’t really mean much. Instead, configure specific triggers that act on your behalf when certain conditions are Continue reading

The Linux Migration: Initial Progress Report

About 4 years ago, I discussed some changes in the Apple ecosystem that might lead me to move away from OS X. To be honest, I’ve made only token efforts since that time to actually migrate away, even though the forces that I described in that post are still in full effect. In fact, some might say that the “iOS-ification” of OS X (now rebranded as “macOS”) is even stronger now. As a result, I’ve stepped up my work on a Linux migration, and I’m happy to report that I’ve made some progress.

Here’s a quick update on where things stand so far.

Linux Distribution

I’ve looked at a fair number of Linux distributions. I tried Elementary OS, which some have raved about but which I found too simplistic. I also went back and looked again at Ubuntu derivatives like Linux Mint. Given that Ubuntu is itself derived from Debian, I also took a look at Debian “Jessie”. Finally, I tested Fedora 25. For a number of reasons—which I’ll describe in more detail in a moment—I’ve settled on Ubuntu 16.04.

So, why Ubuntu 16.04 “Xenial Xerus”? Keep in mind that the reasons I list below are my Continue reading

Introduction to StackStorm

Earlier I wrote about some fundamental principles that I believe apply to any form of automation, whether it’s network automation, or even building a virtual factory.

One of the most important concepts in mature automation is autonomy; that is, a system that is more or less self-sufficent. Instead of relying on human beings for input, always try to provide that input with yet another automated piece of the system. There are several benefits to this approach:

  • Humans Make Mistakes - This is also a benefit of automation in general, but autonomy also means mistakes are lessened on the input as well as the output of an automation component.
  • Humans Are Slow - we have lives outside of work, and it’s important to be able to have a system that reacts quickly, instead of waiting for us to get to work. We need a system that is “programmed” by us, and is able to do work on our behalf.
  • Signal To Noise - Sometimes humans just don’t need to be involved. We’ve all been there - an inbox full of noisy alerts that don’t really mean much. Instead, configure specific triggers that act on your behalf when certain conditions are Continue reading

10 hot Cascading Style Sheet Libraries (Collection 1)

CSS3Image by Mark Gibbs / NikotafAlong with HTML5 and JavaScript, Cascading Style Sheets (particularly version 3) have evolved into a cornerstone of modern Web content design. CSS is used to not only set the visual style of a Web page and its contents, it also allows for sophisticated control of user interaction and animation, printing, and device detection. In this roundup, I’m highlighting some of the most powerful and novel pure CSS libraries (pure, as in they work their magic without the aid of JavaScript or anything else). If you have a favorite CSS3 library, pure or not, you think I should include in the next collection, let me know.To read this article in full or to leave a comment, please click here

New OS X Tools for Photographers

If you’re into photography you’ll probably have tried all sorts of software tools in the quest for the perfect image. Over the years my favorite apps for managing, tweaking, and massaging images have been Adobe Lightroom and, when I want very specific results, Adobe Photoshop. The problem that I have had with Photoshop, in common with many other people, is that getting really good at correcting problems takes a lot of time and experience; Photoshop is not only complex but its features are so remarkably broad that photo editing becomes death by choices.Recently I’ve come across some software titles for OS X (macOS … whatever) that makes much of the power of Photoshop available in what you might consider pre-packaged forms for very reasonable prices. And, as we will see, some of the apps also operate as Photoshop plug-ins making serious photo editing easier.  To read this article in full or to leave a comment, please click here

Leaving it to the Last Second

Thanks to the moon, the earth's rate of rotation is slowing down. To compensate, we periodically adjust Universal Coordinated Time. On Saturday 31st December 2016, the last minute of 2016 will be extended to be 61 seconds long, creating the the timestamp 24:59:60. Previous leap seconds have not gone completely smoothly, and there is no particular reason to think that much will have changed for this leap second.

Non-malware attacks are on the rise

Security pros need to pay attention to malicious activities that don’t rely on actual malware to succeed, according to a study by Carbon Black.Attacks that exploited applications and processes legitimately running on systems – non-malware incidents – have risen from representing about 3% of all attacks in January to about 13% in November, the company’s “Non-malware attacks and ransomware take center stage in 2016” report says.“Non-malware attacks are at the highest levels we have seen and should be a major focus for security defenders during the coming year,” it says.The research included data from more than 1,000 Carbon Black customers that represent 2.5 million-plus endpoints. For measuring the non-malware attacks, the authors considered the malicious use of PowerShell and Windows Management Instrumentation were considered.To read this article in full or to leave a comment, please click here

Non-malware attacks are on the rise

Security pros need to pay attention to malicious activities that don’t rely on actual malware to succeed, according to a study by Carbon Black.Attacks that exploited applications and processes legitimately running on systems – non-malware incidents – have risen from representing about 3% of all attacks in January to about 13% in November, the company’s “Non-malware attacks and ransomware take center stage in 2016” report says.“Non-malware attacks are at the highest levels we have seen and should be a major focus for security defenders during the coming year,” it says.The research included data from more than 1,000 Carbon Black customers that represent 2.5 million-plus endpoints. For measuring the non-malware attacks, the authors considered the malicious use of PowerShell and Windows Management Instrumentation were considered.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Five ways cybersecurity is nothing like the way Hollywood portrays it

According to pop culture’s portrayal of cybersecurity, the industry is hot property. Hacks and breaches not only dominate the real-world media, but they can be seen everywhere in TV and movies today.Granted, there have been some early examples of security issues playing a role in pop culture plot lines, such as the 1980s cult-classic Tron. But in recent years, Hollywood seems to have really picked up the mantle when it comes to cybersecurity. If the bright lights of TV and movies are to be believed, hackers are simultaneously the coolest and scariest people on the planet.Let’s take a look at five of the most common cybersecurity misperceptions as portrayed in TV shows and movies:To read this article in full or to leave a comment, please click here

IDG Contributor Network: Five ways cybersecurity is nothing like the way Hollywood portrays it

According to pop culture’s portrayal of cybersecurity, the industry is hot property. Hacks and breaches not only dominate the real-world media, but they can be seen everywhere in TV and movies today.Granted, there have been some early examples of security issues playing a role in pop culture plot lines, such as the 1980s cult-classic Tron. But in recent years, Hollywood seems to have really picked up the mantle when it comes to cybersecurity. If the bright lights of TV and movies are to be believed, hackers are simultaneously the coolest and scariest people on the planet.Let’s take a look at five of the most common cybersecurity misperceptions as portrayed in TV shows and movies:To read this article in full or to leave a comment, please click here

Worth Reading: The new security normal

Today, the industry average time for finding an active attacker is about five months, reflecting the colossal failure of conventional security. The state of the union for federal security is that few if any non-defense agencies can find an active attacker on their network. Most cannot find a network intruder or a malicious insider, such as a rogue employee or contractor, working to steal or damage information or assets. Consider that the National Security Agency, the Office of Personnel Management and the FBI were breached along top security vendors and agencies. —MarketWatch

LinkedInTwitterGoogle+Facebook

The post Worth Reading: The new security normal appeared first on 'net work.

Ransomware fighting coalition adds new members and decryption tools

The No More Ransom project, a coalition of law enforcement and security companies, has expanded with 30 new members and added 32 new decryption tools for various ransomware variants.The project, which consists of a website dedicated to fighting ransomware, was originally launched by Europol’s European Cybercrime Centre in partnership with the National High Tech Crime Unit of the Netherlands police, Kaspersky Lab, and Intel Security.The website has a tool that allows users to determine which type of ransomware has affected their files but also contains general information about ransomware, prevention advice, and instruction on reporting incidents to law enforcement.To read this article in full or to leave a comment, please click here

Ransomware fighting coalition adds new members and decryption tools

The No More Ransom project, a coalition of law enforcement and security companies, has expanded with 30 new members and added 32 new decryption tools for various ransomware variants.The project, which consists of a website dedicated to fighting ransomware, was originally launched by Europol’s European Cybercrime Centre in partnership with the National High Tech Crime Unit of the Netherlands police, Kaspersky Lab, and Intel Security.The website has a tool that allows users to determine which type of ransomware has affected their files but also contains general information about ransomware, prevention advice, and instruction on reporting incidents to law enforcement.To read this article in full or to leave a comment, please click here

Monitoring Linux services

Mainstream Linux distributions have moved to systemd to manage daemons (e.g. httpd, sshd, etc.). The diagram illustrates how systemd runs each daemon within its own container so that it can maintain tight control of the daemon's resources.

This article describes how to use the open source Host sFlow agent to gather telemetry from daemons running under systemd.

Host sFlow systemd monitoring exports a standard set of metrics for each systemd service - the sFlow Host Structures extension defines metrics for Virtual Nodes (virtual machines, containers, etc.) that are used to export Xen, KVM, Docker, and Java resource usage. Exporting the standard metrics for systemd services provides interoperability with sFlow analyzers, allowing them to report on Linux services using existing virtual node monitoring capabilities.

While running daemons within containers helps systemd maintain control of the resources, it also provides a very useful abstraction for monitoring. For example, a single service (like the Apache web server) may consist of dozens of processes. Reporting on container level metrics abstracts away the per-process details and gives a view of the total resources consumed by the service. In addition, service metadata (like the service name) provides a useful way of identifying and grouping Continue reading
1 2,449 2,450 2,451 2,452 2,453 3,843