NetworkingNexus.net

Malvertising attack silently infects old Android devices with ransomware

Attackers are using two known exploits to silently install ransomware on older Android devices when their owners browse to websites that load malicious advertisements.Web-based attacks that exploit vulnerabilities in browsers or their plug-ins to install malware are common on Windows computers, but not on Android, where the application security model is stronger.But researchers from Blue Coat Systems detected the new Android drive-by download attack recently when one of their test devices -- a Samsung tablet running CyanogenMod 10.1 based on Android 4.2.2 -- became infected with ransomware after visiting a Web page that displayed a malicious ad.To read this article in full or to leave a comment, please click here

Malvertising attack silently infects old Android devices with ransomware

Network visibility with Docker

Microservices describes the critical role that network visibility provides as a common point of reference for monitoring, managing and securing the interactions between the numerous and diverse distributed service instances in a microservices deployment.

Industry standard sFlow is well placed to give network visibility into the Docker infrastructure used to support microservices. The sFlow standard is widely supported by data center switch vendors (Cisco, Arista, Juniper, Dell, HPE, Brocade, Cumulus, etc.) providing a cost effective and scaleable method of monitoring the physical network infrastructure. In addition, Linux bridge, macvlan, ipvlan, adapters described how sFlow is also an efficient means of leveraging instrumentation built into the Linux kernel to extend visibility into Docker host networking.

The following commands build the Host sFlow binary package from sources on an Ubuntu 14.04 system:

sudo apt-get update
sudo apt-get install build-essential
sudo apt-get install libpcap-dev
sudo apt-get install wget
wget https://github.com/sflow/host-sflow/archive/v1.29.1.tar.gz
tar -xvzf v1.29.1.tar.gz
cd host-sflow-1.29.1
make DOCKER=yes PCAP=yes deb

This resulting hsflowd_1.29.1-1_amd64.deb package can be copied and installed on all the hosts in the Docker cluster using configuration management tools such as Puppet, Chef, Ansible, etc.

This Continue reading

May 4th – Get Ready for Next-Generation Cloud Security with NSX and Armor

Shopping for cloud solutions used to mean choosing between performance, elasticity and security — you could get one, maybe two, but never all three. With the help of VMware NSX, Armor Active Cyber Defense has proven that you can achieve the highest level of cloud security while maintaining the high performance and elasticity you demand.

Join our webcast, Next-Generation Cloud Security with VMware NSX and Armor, on May 4 to explore how NSX enhances automation and flexibility.

Learn more about VMware NSX and the key components of the Armor Virtual Private Cloud, including Server, Network and Security Virtualization. VMware and Armor Experts will demonstrate how to architect an environment with fully integrated security that provides the performance and efficiency customers demand from the cloud.

As threat actors display more proficiency, speed and diligence, cloud security is more important than ever. Here’s your chance to explore how VMware NSX can deliver secure cloud environments to you and your customers.

The post May 4th – Get Ready for Next-Generation Cloud Security with NSX and Armor appeared first on The Network Virtualization Blog.

The Joy of Deploying Apache Storm on Docker Swarm

This is a guest repost from Baqend Tech on deploying and redeploying an Apache Storm cluster on top of Docker Swarm instead of deploying on VMs. It's an interesting topic because of the experience Wolfram Wingerath called it "a real joy", which is not a phrase you hear often in tech. Curious, I asked what made using containers such a good experience over using VMs? Here's his reply:

Being pretty new to Docker and Docker Swarm, I'm sure there are many good and bad sides I am not aware of, yet. From my point of view, however, the thing that makes deployment (and operation in general) on top of Docker way more fun than on VMs or even on bare metal is that Docker abstracts from heterogeneity and many issues. Once you have Docker running, you can start something like a MongoDB or a Redis server with a single-line statement. If you have a Docker Swarm cluster, you can do the same, but Docker takes care of distributing the thing you just started to some server in your cluster. Docker even takes care of downloading the correct image in case you don't have it on your machine right now. You also Continue reading

IDG Contributor Network: Fight corporate data loss with secure, easy-to-use collaboration tools

The Panama Papers should be a wake-up call to every CEO, COO, CTO and CIO in every company.Yes, it’s good that alleged malfeasance by governments and big institutions came to light. However, it’s also clear that many companies simply take for granted that their confidential information will remain confidential. This includes data that’s shared within the company, as well as information that’s shared with trusted external partners, such as law firms, financial advisors and consultants. We’re talking everything from instant messages to emails, from documents to databases, from passwords to billing records.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Fight corporate data loss with secure, easy-to-use collaboration tools

Worth Reading: Delusional Encryption Bill

One reading of the proposed Senate Encryption Bill reveals an abysmal, multidimensional ignorance of math realities and Internet reach. Or perhaps the bill is just a bit of agitprop in an election year. -MondayNote

The post Worth Reading: Delusional Encryption Bill appeared first on 'net work.

Helium goes Green with new IoT environmental sensor

The biggest claim to fame for startup Helium, an Internet of Things company that started in 2013, has been perhaps co-founder Shawn Fanning.Fanning, of course, is the serial entrepreneur who developed Napster and started other companies. But Helium is making a name for itself by expanding from its software beginnings to usher companies into IoT with sensors, software and cloud services. Its goal is to improve company productivity by putting the streams of data collected from sensors to action.Helium is releasing new sensors, applications and development tools as it builds out a comprehensive product line. The company's latest product is a new sensor called Helium Green, which can monitor temperature, humidity, barometric pressure, motion, and light.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Demystifying the Information Centric Network

Information Centric Networking (ICN) is receiving increasing interest in the context of future wireless networks. So, what is ICN? Why is it important and will it have a role in next generation 5G networks? I think it will and for some very good reasons.ICN is a research area that dates back to about 2006 and has been cooking for over a decade. It defines a new way of inter-networking or, as I see it, a very natural next step now for the internet—if it is done right.The principles and essential architecture of today’s internet are rooted in the system that was created for simple file transfers some 40-plus years ago. The internet has, of course, evolved within this restrictive construct, and the media consumption experience you most likely enjoy today is as much a function of carefully choreographed Content Delivery Networks (CDN) as the old internet client-server model. CDNs and the careful management of content (aka information) are essential to the smooth functioning that we perceive today.To read this article in full or to leave a comment, please click here

Control with Ansible Tower, Part 2

This is the second in a series of posts about how Ansible and Ansible Tower enable you to manage your infrastructure simply, securely, and efficiently.

When we talk about Tower, we often talk in terms of Control, Knowledge, and Delegation. But what does that mean? In this series of blog posts, we'll describe some of the ways you can use Ansible and Ansible Tower to manage your infrastructure.

In our first blog post, we described how Ansible Tower makes it easy to control the way your infrastructure is configured via configuration definition and continuous remediation.

But controlling the configuration of your infrastructure is just one step. You also need control of the components of your infrastructure - your inventory. You need to do day-to-day management tasks on demand. And Ansible Tower makes those easy as well.

INVENTORY - THE BASICS

If you’ve used Ansible, you know about the basics of inventory. A static Ansible inventory is just an INI-style file that describes your hosts and groups, and optionally some variables that apply to your hosts and groups. Here's an example from the Ansible documentation.

{% raw %}

[atlanta]
host1
host2

[raleigh]
host2
host3

[southeast:children]
atlanta
raleigh

[southeast:vars]
nameserver=dns.southeast.example. Continue reading

Biogen: Data Science and Docker Swarm

written by Theo Platt, Associate Director, Biogen and Karl Gutwin, Senior Data Architect, Biogen The Data Sciences department at Biogen has been using Docker and watching the (r)evolution for a couple of years. Last year, as our experience with Docker grew and … Continued

When You’re Serious About Wireless Performance

Some companies will take drastic measures to ensure a great WiFi signal. Motivation is everything!

IDG Contributor Network: Was that a tremor?

There’s a 62 percent chance of an earthquake in the San Francisco Bay Area in the next 30 years, according to the U.S. Geological Service. But no one knows when or where the next big one might be. So, when I heard of startup offering an early-warning service for earthquakes, I wanted to learn more.It’s a tough problem to solve. Thousands of widely dispersed sensors are needed, as an earthquake could originate anywhere. To be effective, an early-warning service also needs a dependable communication network and fast analysis. Take a look at what happened when the last "big one" struck the San Francisco Bay Area.To read this article in full or to leave a comment, please click here

Bangladesh Bank cyber-heist hackers used custom malware to steal $81 million

Hackers behind the Bangladesh bank heist created malware to compromise the SWIFT financial system. Security researchers said the malware allowed attackers to modify a database logging the bank’s activity over the SWIFT network, to delete records of outgoing transfer orders and to intercept incoming transfer confirmation messages, and to manipulate both account balance logs and a printer used to make hard copies of the transfer orders.The Society for Worldwide Interbank Financial Telecommunication (SWIFT) is a cooperative owned by 3,000 financial institutions. SWIFT software is supposed to securely send and receive information about financial transactions; the messaging platform is reportedly used by 11,000 banks worldwide. SWIFT admitted to Reuters that it was aware of malware targeting its client software “Alliance Access,” which is not used by all 11,000 banks.To read this article in full or to leave a comment, please click here

Bangladesh Bank cyber-heist hackers used custom malware to steal $81 million

IDG Contributor Network: Cyberattack prediction to improve drastically

False positives are a scourge in cyberattack detection partly because of the way machine learning detects attacks. It’s done through what’s called anomaly detection where the artificial intelligence (AI) searches for code that isn’t as expected.That “tends to trigger false positives,” says MIT News, writing about a new AI platform that its scientists say will alleviate the trip-ups.The way they want to do it is to simply add humans to the mix. “Distrust of the system” means results have “to be investigated by humans, anyway,” MIT News says.To read this article in full or to leave a comment, please click here

17% off FitBit Aria WiFi Smart Scale – Deal Alert

Fitbit's Aria WiFi smart scale is a great add-on for anyone using a Fitbit to track progress towards their fitness goals. The current 17% discount shaves $22.64 off its regular $129.95 list price, so you can buy it now on Amazon for $107.31 (see this item on Amazon). The Fitbit Aria will accurately track weight, % body fat, and Body Mass Index (BMI) for up to 8 users. Using WiFi, data is automatically uploaded to your Fitbit account, so you can graph and track your progress easily and privately online.The product averages 3.5 out of 5 stars from over 4,500 people on Amazon (see reviews). Click over to Amazon for more information and to review buying options for the discounted Fitbit Aria smart scale.To read this article in full or to leave a comment, please click here

Raspberry Pi beret: An ode to Prince

Confirming that there really are no original ideas left, I had the thought that the Raspberry Pi Foundation might want to come out with Raspberry Pi berets to honor the musician Prince (and his song "Raspberry Beret") in the wake of his recent death. But sure enough, a Google search reveals that someone already came up with this idea a year ago. MORE: RIP Prince, a legendary musician with a complicated Internet history Albeit, the idea was actually a 2015 April Fool's joke on the website Hackaday. "Now, the partnership we’ve all been waiting for: the Raspberry Pi Foundation and [The Artist Formerly Known As... ] are teaming up to produce a line of Pi-based wearable electronics. The first product from this new, fashionable line of electronics is beyond anything you would expect. It’s called the Raspberry Beret, and it’s shaping up to be a Revolution in wearables."To read this article in full or to leave a comment, please click here

Cool products at OpenStack Austin Summit

New productsThe open source cloud computing market descends on Austin, Texas, this week for the OpenStack Summit, the twice a year conference that showcases the platform and plans for its future. Check out some of the coolest products and services from the show.HPE Helion OpenStack 3.0Key features: Helion OpenStack 3.0, HPE’s latest OpenStack platform release, features enhancements designed to deliver improved configurability and tighter controls to maximize operational efficiency, without vendor lock-in, for easier private cloud deployment. More info.To read this article in full or to leave a comment, please click here

« Previous 1 … 2,789 2,790 2,791 2,792 2,793 … 3,612 Next »