Car hacking: Thieves armed with laptops are stealing cars

Thieves armed with laptops are hacking into electronic ignitions of late-model cars to steal the vehicles. Police and insurers sounded the warning to raise awareness about the latest car-theft trend.The Houston Police Department pointed at surveillance footage that shows two suspects, one of whom used a laptop, before stealing a 2010 Jeep Wrangler Unlimited. The first suspect opened the Jeep’s hood to reportedly cut the alarm. The footage below took place about 10 minutes later when a second suspect jimmied the door open, climbed inside and then did something with a laptop before stealing the Jeep. “If you are going to hot-wire a car, you don’t bring along a laptop,” Houston Police Department Officer James Woods told the Wall Street Journal. “We don’t know what he is exactly doing with the laptop, but my guess is he is tapping into the car’s computer and marrying it with a key he may already have with him so he can start the car.”To read this article in full or to leave a comment, please click here

Car hacking: Thieves armed with laptops are stealing cars

Thieves armed with laptops are hacking into electronic ignitions of late-model cars to steal the vehicles. Police and insurers sounded the warning to raise awareness about the latest car-theft trend.The Houston Police Department pointed at surveillance footage that shows two suspects, one of whom used a laptop, before stealing a 2010 Jeep Wrangler Unlimited. The first suspect opened the Jeep’s hood to reportedly cut the alarm. The footage below took place about 10 minutes later when a second suspect jimmied the door open, climbed inside and then did something with a laptop before stealing the Jeep. “If you are going to hot-wire a car, you don’t bring along a laptop,” Houston Police Department Officer James Woods told the Wall Street Journal. “We don’t know what he is exactly doing with the laptop, but my guess is he is tapping into the car’s computer and marrying it with a key he may already have with him so he can start the car.”To read this article in full or to leave a comment, please click here

New Mac backdoor program steals keychain contents

Researchers have identified a new Mac backdoor program that's designed to steal credentials stored in the OS-encrypted keychain and give attackers control over the system. Dubbed OSX/Keydnap by researchers from antivirus vendor ESET, this is the second backdoor program targeting Macs found by antivirus firms in the past few days. It's not clear how Keydnap is distributed, but it arrives on computers in the form of a zip archive. Inside there's an executable file with an apparently benign extension such as .txt or .jpg that actually has a space character at the end. The file also has an icon indicating an image or text file.To read this article in full or to leave a comment, please click here

New Mac backdoor program steals keychain contents

Researchers have identified a new Mac backdoor program that's designed to steal credentials stored in the OS-encrypted keychain and give attackers control over the system. Dubbed OSX/Keydnap by researchers from antivirus vendor ESET, this is the second backdoor program targeting Macs found by antivirus firms in the past few days. It's not clear how Keydnap is distributed, but it arrives on computers in the form of a zip archive. Inside there's an executable file with an apparently benign extension such as .txt or .jpg that actually has a space character at the end. The file also has an icon indicating an image or text file.To read this article in full or to leave a comment, please click here

Microsoft COO Kevin Turner leaves to head a financial trading company

Microsoft COO Kevin Turner is leaving after 11 years in the role. He won't be replaced.Employees learned of the move Thursday in an email message from CEO Satya Nadella, in which he outlined his plans for reorganizing the company's senior leadership team.Nadella highlighted the importance of having "one feedback loop" across the company to reinforce customer value and satisfaction. To achieve this, he said, he will more deeply integrate the sales, marketing and services group with the rest of the company, under a single senior leadership team.To read this article in full or to leave a comment, please click here

IDG Contributor Network: We touch our phones 2,617 times a day, says study

We’re obsessed with our phones, a new study has found. The heaviest smartphone users click, tap or swipe on their phone 5,427 times a day, according to researcher Dscout.That’s the top 10 percent of phone users, so one would expect it to be excessive. However, the rest of us still touch the addictive things 2,617 times a day on average. No small number.+ Also on Network World: Time for digital detox? Searching for Wi-Fi becomes normal vacation behavior +To read this article in full or to leave a comment, please click here

The Complexity Conundrum

Complexity is the enemy of understanding. Think about how much time you spend in your day trying to simplify things. Complexity is the reason why things like Reddit’s Explain Like I’m Five exist. We strive in our daily lives to find ways to simplify the way things are done. Well, except in networking.

Building On Shifting Sands

Networking hasn’t always been a super complex thing. Back when bridges tied together two sections of Ethernet, networking was fairly simple. We’ve spent years trying to make the network do bigger and better things faster with less input. Routing protocols have become more complicated. Network topologies grow and become harder to understand. Protocols do magical things with very little documentation beyond “Pure Freaking Magic”.

Part of this comes from applications. I’ve made my feelings on application development clear. Ivan Pepelnjak had some great comments on this post as well from Steve Chalmers and Derick Winkworth (@CloudToad). I especially like this one:

Derick is right. The application Continue reading

Avi Networks Webinar Demonstrates How To Supercharge your Application Services with Software-Defined Load Balancers

The Avi Vantage Platform uses a single point of service orchestration and other software-defined approaches to deliver application agility, scaling without complexity.

Code reuse exposes over 120 D-Link devices models to hacking

A recently discovered vulnerability in a D-Link network camera that allows attackers to remotely take over the device also exists in more than 120 other D-Link products.The vulnerability was initially discovered a month ago by researchers from security start-up firm Senrio in D-Link DCS-930L, a Wi-Fi enabled camera that can be controlled remotely through a smartphone app.The flaw, a stack overflow, is located in a firmware service called dcp, which listens to commands on port 5978. Attackers can trigger the overflow by sending specifically crafted commands and then can execute rogue code on the system.To read this article in full or to leave a comment, please click here

Code reuse exposes over 120 D-Link devices models to hacking

A recently discovered vulnerability in a D-Link network camera that allows attackers to remotely take over the device also exists in more than 120 other D-Link products.The vulnerability was initially discovered a month ago by researchers from security start-up firm Senrio in D-Link DCS-930L, a Wi-Fi enabled camera that can be controlled remotely through a smartphone app.The flaw, a stack overflow, is located in a firmware service called dcp, which listens to commands on port 5978. Attackers can trigger the overflow by sending specifically crafted commands and then can execute rogue code on the system.To read this article in full or to leave a comment, please click here

Code reuse exposes over 120 D-Link devices models to hacking

A recently discovered vulnerability in a D-Link network camera that allows attackers to remotely take over the device also exists in more than 120 other D-Link products.The vulnerability was initially discovered a month ago by researchers from security start-up firm Senrio in D-Link DCS-930L, a Wi-Fi enabled camera that can be controlled remotely through a smartphone app.The flaw, a stack overflow, is located in a firmware service called dcp, which listens to commands on port 5978. Attackers can trigger the overflow by sending specifically crafted commands and then can execute rogue code on the system.To read this article in full or to leave a comment, please click here

PQ Show 85: FD.IO & VPP Open Virtual Switch

Todays Priority Queue episode dives into the FD.IO project and the VPP open virtual switch/router. FD.IO is a Linux Foundation project, with VPP code contributed by Cisco. Ciscos Dave Ward, Dave Barach, and Macek Constantovich join us to get into the all the details. The post PQ Show 85: FD.IO & VPP Open Virtual Switch appeared first on Packet Pushers.

IDG Contributor Network: LoRa-based IoT service helps farm co-ops cultivate more land

Farming is difficult. Farming outside the power grid is close to impossible.For many electric utilities, it’s hard to justify the investment needed to extend the power grid to remote farms. Cellular providers also prefer to build cell towers where there are many customers. On top of that, farmers have little purchasing power individually, making it hard for them to negotiate power and coverage from large utilities and cellular providers.The power of cooperatives Farmers strengthen their bargaining power by forming cooperatives. This enables them to negotiate for more services and better prices. Cooperatives are businesses-owned and controlled by the people who use them—not shareholders. There are nearly 3,000 farmer cooperatives in the U.S. owned by a million farmers and ranchers.To read this article in full or to leave a comment, please click here

IDG Contributor Network: LoRa-based IoT service helps farm co-ops cultivate more land

Farming is difficult. Farming outside the power grid is close to impossible.For many electric utilities, it’s hard to justify the investment needed to extend the power grid to remote farms. Cellular providers also prefer to build cell towers where there are many customers. On top of that, farmers have little purchasing power individually, making it hard for them to negotiate power and coverage from large utilities and cellular providers.The power of cooperatives Farmers strengthen their bargaining power by forming cooperatives. This enables them to negotiate for more services and better prices. Cooperatives are businesses-owned and controlled by the people who use them—not shareholders. There are nearly 3,000 farmer cooperatives in the U.S. owned by a million farmers and ranchers.To read this article in full or to leave a comment, please click here

New Open-Source IPAM + DCIM Tool

My friend Jeremy Stretch wrote an IPAM+DCIM tool for Digital Ocean and open-sourced it. As the tool was designed by networking engineers to manage data center networks (more in Jeremy’s blog post), it might be a better fit than other tools out there. In any case, check it out and let me know how it works.

Boston is nation’s top tech-talent exporter

The San Francisco Bay Area added 120,500 tech jobs in the last five years, for a growth rate of 61.5% percent. Major U.S. cities, generally, all saw double-digit growth in tech employment, according to a new report.There is a fair chance that good number of San Francisco's tech workers came from the Boston area, according this study, 2016 Scoring Tech Talent by CBRE, a real estate services firm.INSIDER 12 habits of successful tech CEO This report puts the nation's tech population at 4.8 million, and says tech employment has grown by about 1 million over the last five years. Of this total, 37% work for tech companies such as Microsoft, Google and Apple. The balance is made up of people employed outside the tech sector, in industries such as banking and healthcare.To read this article in full or to leave a comment, please click here

Antivirus merger: Avast offers $1.3 billion for AVG

Antivirus vendor Avast Software has agreed to buy rival AVG Technologies for US$1.3 billion in cash.The deal will give Avast access to over 400 million "endpoints," or devices running its and AVG's software, 160 million of them phones or tablets, the company said Tuesday.Avast hopes the deal will make the combined company more efficient, as well as allowing it to take advantage of new growth opportunities such as securing the internet of things."This combination is great for our users. We will have over 250 million PC/Mac users enabling us to gather even more threat data to improve the protection to our users," Avast CEO Vincent Stickler wrote on the company blog.To read this article in full or to leave a comment, please click here

Antivirus merger: Avast offers $1.3 billion for AVG

Antivirus vendor Avast Software has agreed to buy rival AVG Technologies for US$1.3 billion in cash.The deal will give Avast access to over 400 million "endpoints," or devices running its and AVG's software, 160 million of them phones or tablets, the company said Tuesday.Avast hopes the deal will make the combined company more efficient, as well as allowing it to take advantage of new growth opportunities such as securing the internet of things."This combination is great for our users. We will have over 250 million PC/Mac users enabling us to gather even more threat data to improve the protection to our users," Avast CEO Vincent Stickler wrote on the company blog.To read this article in full or to leave a comment, please click here

Security Sessions: The state of cloud security

In this episode of Security Sessions, CSO Editor-in-Chief Joan Goodchild chats with Jim Reavis, CEO of the Cloud Security Alliance, about whether enterprises have finally trusted cloud services for their corporate data, and how the Internet of Things could affect cloud security in the future.

The New Strange Behavior for OSPF ‘Redistribute Subnets’

In older IOS Code, there was a specific requirement for redistributing OSPF Subnets. In almost every case, the keyword “subnets” had to be added to the redistribute command.

Older Code Example–

//notice the warning when 'subnets' is omitted
R1(config)#router ospf 1
R1(config-router)#redistribute eigrp 1
% Only classful networks will be redistributed

//and the configuration is stored exactly as it was typed
R1(config-router)#do show run | sec router
router ospf 1
 log-adjacency-changes
 redistribute eigrp 1

//we can change the behavior by adding 'subnets'
R1(config-router)#redistribute eigrp 1 subnets

//after adding, it is stored as one would expect
R1(config-router)#do show run | sec router
router ospf 1
 log-adjacency-changes
 redistribute eigrp 1 subnets

When I tested this in VIRL running 15.6(1S) running inside of IOS XE 3.17, the warning goes away. The question I had is whether it is still relevant or not.

Current Code Example–

//without the 'subnets' keyword
csr1000v-2(config)#router ospf 1
csr1000v-2(config-router)#redistribute eigrp 1
csr1000v-2(config-router)#do show run | sec router
router ospf 1
 redistribute eigrp 1

//with the 'subnets' keyword
csr1000v-2(config-router)#redistribute eigrp 1 subnets
csr1000v-2(config-router)#do show run | sec router
router ospf 1
 redistribute eigrp 1 subnets

I initially spent some time experimenting with this and thought that ‘subnets‘ had Continue reading