EQGRP tools are post-exploitation

A recent leak exposed hackings tools from the "Equation Group", a group likely related to the NSA TAO (the NSA/DoD hacking group). I thought I'd write up some comments.

Despite the existence of 0days, these tools seem to be overwhelmingly post-exploitation. They aren't the sorts of tools you use to break into a network -- but the sorts of tools you use afterwards.

The focus of the tools appear to be about hacking into network equipment, installing implants, achievement permanence, and using the equipment to sniff network traffic.

Different pentesters have different ways of doing things once they've gotten inside a network, and this is reflected in their toolkits. Some focus on Windows and getting domain admin control, and have tools like mimikatz. Other's focus on webapps, and how to install hostile PHP scripts. In this case, these tools reflect a methodology that goes after network equipment.

It's a good strategy. Finding equipment is easy, and undetectable, just do a traceroute. As long as network equipment isn't causing problems, sysadmins ignore it, so your implants are unlikely to be detected. Internal network equipment is rarely patched, so old exploits are still likely to work. Some tools appear to target Continue reading

Intel’s new Atom chips bring 4K video to VR headsets, robots

In 2009, Apple CEO Tim Cook memorably trashed Atom-based netbooks for being "junky" hardware that underperformed. Intel's Atom chips have come a long way since, with the latest generation code-named Broxton boasting the most impressive improvements.The new Atom T5500 and 5700 chips have features found in low-end PC processors, but the chips are instead targeted at robots, drones, wearables, and smart home devices.A standout feature is 4K decoding and encoding capabilities, which could allow the chips to be used in virtual reality and augmented reality headsets.Intel showed smart glasses, a bartending robot, and a smart motorcycle helmet with the Broxton chips at the Intel Developer Forum this week. Intel also said the chips could be used be in storage or media servers.To read this article in full or to leave a comment, please click here

VMware NSX Breakout Session Guide – Introductory, Intermediate, Advanced #VMworld 2016

The VMware NSX network virtualization platform is bringing game-changing capabilities and benefits to businesses and organizations across a wide spectrum of industries. We have sessions covering strategic initiatives like security, automation, and application continuity, as well as more tactical use cases like micro-segmentation, IT automating IT, disaster recovery, and more. On top of that, there are sessions covering the NSX platform and operationalizing NSX.  These sessions are offered in a variety of formats and range from introductory sessions perfect for those new to NSX or network virtualization, to intermediate sessions that dive into the deeper technical aspects of NSX, to advanced sessions for NSX veterans and networking experts.

And I know you’ve heard me say this before…but take a look at the list of the breakout sessions below, and then check out the schedule builder on VMworld.com to organize your week.

We’re looking forward to seeing you at VMworld US 2016.

Monday, August 29

Time Level Session ID Session Title
12:30 PM – 1:30 PM Introductory NET7834 Introduction to VMware NSX
12:30 PM – 1:30 PM Introductory NET8675 The Practical Path to NSX
2:00 PM – 3:00 PM Introductory SEC7836 Introduction to Security with VMware NSX
3:30 PM Continue reading

A new algorithm can hide messages in your favorite dance music

It's long been known that secret messages can be included in music through techniques such as backmasking, but now a Polish researcher has developed an entirely new approach. By subtly varying the tempo of a particular type of dance music, he's managed to encode information in a way that's completely inaudible to human listeners.StegIbiza is an algorithm for hiding information in a type of dance music known as Ibiza, which originates on the island by the same name in the western Mediterranean Sea. Ibiza music is characterized by its trance-like beat, and that's what Krzysztof Szczypiorski, a professor at Poland's Warsaw University of Technology, made use of.To read this article in full or to leave a comment, please click here

A new algorithm can hide messages in your favorite dance music

It's long been known that secret messages can be included in music through techniques such as backmasking, but now a Polish researcher has developed an entirely new approach. By subtly varying the tempo of a particular type of dance music, he's managed to encode information in a way that's completely inaudible to human listeners.StegIbiza is an algorithm for hiding information in a type of dance music known as Ibiza, which originates on the island by the same name in the western Mediterranean Sea. Ibiza music is characterized by its trance-like beat, and that's what Krzysztof Szczypiorski, a professor at Poland's Warsaw University of Technology, made use of.To read this article in full or to leave a comment, please click here

HipChat beats Slack to the punch with group video calling

It just became easier for HipChat customers to get some face time with each another whenever they want it. The company has launched new group video calling and screen sharing functionality that lets up to 10 other people share a virtual face-to-face meeting. Users can spin up a call in a HipChat channel, or bring additional people into a one-on-one video call. That way, people who work in far-flung teams can get onto the same page face-to-face, using the same software that they count on for text chat during the day. HipChat's announcement Thursday is a move to compete with both consumer services like Skype and Google Hangouts, as well as workplace videoconferencing systems like Lifesize and Skype for Business. The launch is particularly important for HipChat's competition with Slack, which recently added group voice calls and has video calling on its roadmap. To read this article in full or to leave a comment, please click here

New Dockercast episode with Ilan Rabinovitch from Datadog

In case you missed it, we launched Dockercast, the official Docker Podcast earlier this month including all the DockerCon 2016 sessions available as podcast episodes.

In this podcast we talk to Ilan Rabinovitch the Director of Technical Community at Datadog.  I first met Ilan back at SCALE8X (Southern California Linux Expo) 6 years ago.  Ilan has been running SCALE since it’s inception.  Ilan Rabinovitch

As Ilan points out in the podcast, our very own Jérôme Petazzoni packed the house back at SCALE11x (2013).  At Datadog Ilan has been working with the Docker community on monitoring containers and developing what Datadog calls their Monitoring-as-a-Service offering that combines Docker metadata and Docker container monitoring information.  Ilan discusses some of the differences of monitoring containers versus virtual machines. We also talk about Datadog’s adoption surveys highlighting the unprecedented  “wildfire” adoption of technology unseen since Linux and Apache.  Hope you enjoy our conversation.

You can find the latest #Dockercast episodes on the Itunes Store or via the SoundCloud RSS feed.

 


New #dockercast episode w/ host @botchagalupe and @irabinovitch from @datadoghq as a guest!
Click To Tweet

 

The post New Dockercast episode with Ilan Rabinovitch from Datadog appeared first on Docker Blog.

Apple to introduce three new iPad models next year

Apple’s iPad lineup may have lost sales momentum in recent years, but the relatively recent rollout of “Pro” models have helped inject a bit of much-needed life into the device. Now comes word via analyst Ming-Chi Kuo (via MacRumors) that Apple has some interesting changes in store for its tablet lineup.According to Kuo, Apple has plans to unveil a new 10.5-inch iPad Pro model sometime next year. Kuo adds that the new pro model will be a complement to the 12.9-inch iPad Pro model and will sit in between a more affordable 9.7-inch iPad model. That being the case, it remains to be seen how Apple plans to position the 10.5-inch iPad Pro model and how it will stand apart from the slightly smaller and more affordable 9.7-inch model.To read this article in full or to leave a comment, please click here

Worth Reading: Reopening the going dark debate

Just over a week ago, at the BlackHat hacker convention in Las Vegas, Ivan Krstić, Head of Security Engineering and Architecture at Apple gave a talk entitled “Behind the scenes of iOS Security,” the slides of which are available here. It’s a historic talk for a couple of reasons. First, Apple is traditionally very secretive about how it technically does security on its devices. Apple also announced its first bug bounty program. So far, so newsworthy. But something else happened at that talk. Unbeknownst to the presenter or anybody in the audience, Apple just reopened the “Going Dark” dispute between the FBI and the privacy community, and it turned the entire dispute on its head. —Lawfare

LinkedInTwitterGoogle+Facebook

The post Worth Reading: Reopening the going dark debate appeared first on 'net work.

50% off Vimtag VT-361 Pan&Tilt HD WiFi Video Security Camera with Night Vision – Deal Alert

This full-featured camera broadcasts over wifi, allowing you to view live from multiple mobile devices at once. Its footage records to micro SD where it is stored and accessible remotely as well. Remote pan/tilt/zoom, 2-way voice, motion-detection alert, and night vision capabilities are all onboard. This model averages 4 out of 5 stars on Amazon from over 4,100 people (read reviews). Amazon indicates that its typical list price of $200 has been reduced 50% to $100.To read this article in full or to leave a comment, please click here

50% off Vimtag VT-361 Pan&Tilt HD WiFi Video Security Camera with Night Vision – Deal Alert

This full-featured camera broadcasts over wifi, allowing you to view live from multiple mobile devices at once. Its footage records to micro SD where it is stored and accessible remotely as well. Remote pan/tilt/zoom, 2-way voice, motion-detection alert, and night vision capabilities are all onboard. This model averages 4 out of 5 stars on Amazon from over 4,100 people (read reviews). Amazon indicates that its typical list price of $200 has been reduced 50% to $100.To read this article in full or to leave a comment, please click here

DRAM will live on as DDR5 memory is slated to reach computers in 2020

Hardware experts believed the last DRAM would be the current DDR4, but that's not the case, with DDR5 memory now under development.Specifications for DDR5 memory will be released this year, and deployment of the DRAM will begin in 2020, according to a slide deck presented at the Intel Developer Forum this week.DDR5 DRAM will have many benefits: Users will be able to cram more memory into PCs, and applications will run faster. DDR5 memory will be denser than earlier DRAM, and also consume less power, which could extend battery life in laptops.To read this article in full or to leave a comment, please click here

Sage data breach highlights the risk of the insider threat

A suspect in a recent data breach at Sage, a U.K. provider of business software, has been arrested. On Wednesday, police in London detained a company employee.The 32-year-old woman was held for alleged fraud against the company, London City Police said. She has since been released on bail.It’s still unclear what information, if any, may have been leaked. However, Sage, a supplier of accounting and payroll software, began notifying customers about the breach last week.Between 200 and 300 business clients in the U.K. may have been affected. At the time, Sage said the breach had come from unauthorized access to internal login data.Security firm the Antisocial Engineer has been in contact with Sage and said a company insider was the prime suspect.To read this article in full or to leave a comment, please click here

Sage data breach highlights the risk of the insider threat

A suspect in a recent data breach at Sage, a U.K. provider of business software, has been arrested. On Wednesday, police in London detained a company employee.The 32-year-old woman was held for alleged fraud against the company, London City Police said. She has since been released on bail.It’s still unclear what information, if any, may have been leaked. However, Sage, a supplier of accounting and payroll software, began notifying customers about the breach last week.Between 200 and 300 business clients in the U.K. may have been affected. At the time, Sage said the breach had come from unauthorized access to internal login data.Security firm the Antisocial Engineer has been in contact with Sage and said a company insider was the prime suspect.To read this article in full or to leave a comment, please click here

50% off Anker Compact Car Jump Starter with USB Power Bank – Deal Alert

This device from Anker is compact enough to fit in your glovebox, and powerful enough to jump start any 3L gas or 2.5L diesel engine many many times over on a single charge (Anker claims around 15 times). Surge protection and an incorrect setup alarm included for peace of mind. Almost 1,000 reviewers on Amazon rate it 4.5 out of 5 stars, reporting many successful jumps of cars, motorcycles, and giant trucks -- many with completely dead batteries (read reviews). Also includes 2 USB charging ports for your portable USB devices, and a built-in flashlight. It's typical list price of $160 has been reduced 50% to $80, making it a good consideration for yourself, or a gift for someone else's glove box/emergency kit. To read this article in full or to leave a comment, please click here

Uber’s self-driving cars will start picking up passengers this month

Uber's rushing to replace its million-plus drivers with robots, and the company's early forays towards that effort start in Pennsylvania later in August. The ride-sharing service plans to roll out self-driving cars in Pittsburgh that will accept real world passengers right from the get-go, according to Bloomberg.The cars, while fully autonomous, won’t be unleashed onto Pittsburgh streets without human supervision. The cars will have a specially-trained engineer ready to take the wheel should something go wrong. There will also be a co-pilot taking notes on how each ride goes.To read this article in full or to leave a comment, please click here

T-Mobile shifts to unlimited plans in the latest bid to stand out from the competition

T-Mobile is hoping to make a another splash by ditching traditional smartphone plans in favor of one, unlimited offer.Called T-Mobile One, the new plan charges $70 per month for the first line, $50 per month for a second, and then $20 for additional lines (stopping with eight). The plan includes unlimited talk, text, and 4G LTE data. Of course, there are caveats buried in the fine print. T-Mobile says video playback is limited to 480p, the same speed as you’d get with Binge On. Tethering is capped at 2G speeds, which makes it essentially worthless for all but emergency connectivity. To get around the video limitation you’ll need to pay $25 per month extra per line. It’ll cost you $15 for any month in which you want to add on 5GB of tethering.To read this article in full or to leave a comment, please click here

1 2,747 2,748 2,749 2,750 2,751 3,856