New products of the week 7.4.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Alight Enterprise CloudKey features: a platform for deploying vertical applications for mortgage banking, mining/energy, telecommunications and high tech that show the financial ripples of potential decisions across the enterprise. More info.To read this article in full or to leave a comment, please click here

New products of the week 7.4.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Alight Enterprise CloudKey features: a platform for deploying vertical applications for mortgage banking, mining/energy, telecommunications and high tech that show the financial ripples of potential decisions across the enterprise. More info.To read this article in full or to leave a comment, please click here

New products of the week 7.4.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Alight Enterprise CloudKey features: a platform for deploying vertical applications for mortgage banking, mining/energy, telecommunications and high tech that show the financial ripples of potential decisions across the enterprise. More info.To read this article in full or to leave a comment, please click here

Second man pleads guilty of hacking entertainment industry celebrities

A second man has pleaded guilty to using a phishing scheme to get access to private and sensitive videos and photographs of people in the entertainment industry in Los Angeles.Edward Majerczyk, 28, a resident of Chicago and Orland Park, Illinois, has admitted in a plea agreement entered in the U.S. District Court for the Central District of California that between Nov. 23, 2013 through August 2014, he had engaged in a phishing scheme to obtain usernames and passwords from his victims, according to the U.S. Attorney’s Office for the Central District of California.Majerczyk gained access to the victims’ usernames and passwords after he sent them emails that appeared to be from security accounts of internet service providers. These mails directed the victims to a website that would collect their usernames and passwords. After illegally accessing the email accounts, he obtained personal information including sensitive and private  photographs and videos, according to his plea agreement.To read this article in full or to leave a comment, please click here

Second man pleads guilty of hacking entertainment industry celebrities

A second man has pleaded guilty to using a phishing scheme to get access to private and sensitive videos and photographs of people in the entertainment industry in Los Angeles.Edward Majerczyk, 28, a resident of Chicago and Orland Park, Illinois, has admitted in a plea agreement entered in the U.S. District Court for the Central District of California that between Nov. 23, 2013 through August 2014, he had engaged in a phishing scheme to obtain usernames and passwords from his victims, according to the U.S. Attorney’s Office for the Central District of California.Majerczyk gained access to the victims’ usernames and passwords after he sent them emails that appeared to be from security accounts of internet service providers. These mails directed the victims to a website that would collect their usernames and passwords. After illegally accessing the email accounts, he obtained personal information including sensitive and private  photographs and videos, according to his plea agreement.To read this article in full or to leave a comment, please click here

Understanding Firepower DNS Policies

One cool feature added with Firepower version 6 is probably best described as DNS-based Security Intelligence, Inspection and Sinkholing. The thought is pretty simple. If a host issues a DNS request for a host that is known to be malicious, that response is manipulated. The manipulated response can be host not found, an alternative IP address or no response at all. This allows an administrator to provide another layer of protection by preventing hosts ready access to the IP addresses of known malicious hosts.

So the first question that might come to mind is how are hosts on the Internet classified as bad. The short answer is that Talos maintains lists of known bad fully qualified domain names (fqdn). These are actually categorized and delivered into the Firepower solution as a feed. Each of the following category can be selected into one or multiple DNS Rules.

DNS Feeds and ListsDNS Rule with Categories

  • DNS Attackers
  • DNS Bogons
  • DNS Bots
  • DNS CnC
  • DNS Dga
  • DNS Exploitkit
  • DNS Malware
  • DNS Open_proxy
  • DNS Open_relay
  • DNS Phishing
  • DNS Response
  • DNS Spam
  • DNS Suspicious
  • DNS Tor_exit_node

In addition to the above, there are two built in lists that can be controlled by the UI.

  • Global-Blacklist-for-DNS
  • Global-Whitelist-for-DNS

The final way Continue reading

Nexar, turning your smartphone into a dash cam with crowdsourced smarts

I’ve tested a few dash cams in the last year (for example the Swann DriveEye and the Papago GOSAFE 520) and I’ve been impressed. Even if you’re not planning to capture the next meteor screaming over your town and shattering windows for miles around, it’s a great hedge against fraudulent insurance claims against you and terrific documentation for any road travel incidents you might have. But as with all technology, while there’s a lot of value in point application, when the point data is aggregated and treated as Big Data, amazing opportunities and insights emerge … which is exactly what comes from turning your iPhone into an ultra-sophisticated dash cam with the Nexar app.To read this article in full or to leave a comment, please click here

ADP + Docker Datacenter Delivers Security and Scale for Both Legacy and Microservices Applications

At DockerCon 2016, the second day’s general session featured products and stories related to Docker running in the enterprise. From product demonstrations of integrated security features, to deployment templates to a session featuring Keith Fulton, CTO of ADP, speaking about their evolution to a tech company and how Docker Datacenter enables them to ship faster, securely at scale across apps big and small.

ADP is the largest global provider of cloud based human capital management (HCM) solutions. ADP has over 630,000 clients that span more than 35 million users in over 100 countries. More than just payroll services, ADP delivers solutions across the entire spectrum of HCM for their customers in each one of these areas with right sized versions for SMBs, mid market and large enterprises.

 

 

This breadth and depth of solutions developed over the last 60 years does lead to some complexity in product development. ADP views this as a transition from a services company to a technology company and Docker is the key to future acceleration. Speeding up product development, not just in writing more code faster, but also helping ADP ship the resulting end product faster. Docker enables them to have a common Continue reading

The full-disk encryption protecting your Android can be cracked

If you have an Android device running 5.0 (Lollipop) or later, and powered by a Qualcomm Snapdragon processor, then you should know that a security researcher demonstrated how to crack the full-disk encryption (FDE) with brute-force attacks; the fix is not necessarily as simple as installing new firmware and might require changes to hardware.Full-disk encryption, which is supported on devices running Lollipop on up, is supposed to protect files on the storage drive. Android uses a randomly chosen 128-bit device encryption key which is further encrypted using a user’s PIN, password or swipe pattern. The master key, or Device Encryption Key (DEK), is stored on a user’s device; it is bound to the device’s hardware though Android’s KeyMaster, which runs in the TrustZone. In other words, an attacker should not be able to extract the crypto key for this walled-off and protected section.To read this article in full or to leave a comment, please click here

The full-disk encryption protecting your Android can be cracked

If you have an Android device running 5.0 (Lollipop) or later, and powered by a Qualcomm Snapdragon processor, then you should know that a security researcher demonstrated how to crack the full-disk encryption (FDE) with brute-force attacks; the fix is not necessarily as simple as installing new firmware and might require changes to hardware.Full-disk encryption, which is supported on devices running Lollipop on up, is supposed to protect files on the storage drive. Android uses a randomly chosen 128-bit device encryption key which is further encrypted using a user’s PIN, password or swipe pattern. The master key, or Device Encryption Key (DEK), is stored on a user’s device; it is bound to the device’s hardware though Android’s KeyMaster, which runs in the TrustZone. In other words, an attacker should not be able to extract the crypto key for this walled-off and protected section.To read this article in full or to leave a comment, please click here

Golang: Exercising pointers, interfaces, functions and wrapping

This article is inspired by my somewhat confused learning experience with interfaces, methods and wrapping functions in Golang. Needless to say, there was some serious learning to do here given first of all I was a C junkie then moved swiftly to Python for ease and speed in the networking world. Lots to learn.

Golang

The reason for concentration on Golang? It’s simple, powerful, quick to compile and massively supported with a vibrant community. A little like the film ‘Lock Stock and Two Smoking Barrels’, I take the tenet of ‘guns for show, knives for a pro’ approach with Python and Golang; roughly translating to Python for proof-of-concepts, speed and simple apps, Golang for performance and services. Therefore knowing how interfaces, pointers, types and methods based on types are critical knowledge components!

Show me the code

The code below is an exercise of interfaces, function wrapping, pointers and mixing usage of them all. It does not cover why you might want to do it, so go and learn that yourself. Pointers are great for highly optimised applications and can also save memory if used correctly. With Golang’s garbage collection, worrying about freeing memory is not an issue. Exercise 6 will Continue reading

Automotive cybersecurity; what we don’t hack will probably be used to kill us

Car hacking is not only a “thing” but it's also a thing that’s in its early days and because there’s the potential for exploits with serious and quite possibly life-threatening consequences, automotive cybersecurity is something we should all be very concerned about. Just imagine your own car traveling at speed and having your ability to steer, alter speed, and brake, taken away and then being ransomed to regain control. Charles01 / Wikipedia Chrysler Jeep CherokeeTo read this article in full or to leave a comment, please click here

Automotive cybersecurity; what we don’t hack will probably be used to kill us

Car hacking is not only a “thing” but it's also a thing that’s in its early days and because there’s the potential for exploits with serious and quite possibly life-threatening consequences, automotive cybersecurity is something we should all be very concerned about. Just imagine your own car traveling at speed and having your ability to steer, alter speed, and brake, taken away and then being ransomed to regain control. Charles01 / Wikipedia Chrysler Jeep CherokeeTo read this article in full or to leave a comment, please click here

Meraki MX – URL Filtering

Over the past few days, I’ve spent quite a bit of time looking at some of the advanced capabilities of modern Cisco Firewalls. My most recent testing was done with the Meraki MX 60 cloud managed Firewall product. What I have to say is this is the easiest to configure content filter I’ve ever seen. So I just wanted to take a moment and share what that looks like.Meraki MX Menu

As with all Meraki products, the MX is completely cloud managed. So to manage the device, and administrator must access the Meraki Dashboard. Once authenticated, it is simply necessary to choose Security Appliance then Content Filtering from the menu on the right.

Once on the content filtering page, the policy is self explanatory. The top section is for categories that should be blocked. While the box appears to be a free form entry field, clicking anywhere in the area presents a list of categories to choose from. The bottom section allows for manual whitelisting and blacklisting. To get a better idea on how the match is performed and the format requirements of the block criteria, the “Learn how URL blocking works” link may be selected.

Meraki Content Filtering Page

For those wanting to see the complete category list Continue reading