Don’t run JS email attachments: ​they​ can carry potent ransomware

Attackers are infecting computers with a new ransomware program called RAA that's written entirely in JavaScript and locks users' files by using strong encryption.Most malware programs for Windows are written in compiled programming languages like C or C++ and take the form of portable executable files such as .exe or .dll. Others use command-line scripting such as Windows batch or PowerShell.It's rare to see client-side malware written in Web-based languages such as JavaScript, which are primarily intended to be interpreted by browsers. Yet the Windows Script Host, a service built into Windows, can natively execute .js and other scripting files out of the box.To read this article in full or to leave a comment, please click here

Don’t run JS email attachments: ​they​ can carry potent ransomware

Attackers are infecting computers with a new ransomware program called RAA that's written entirely in JavaScript and locks users' files by using strong encryption.Most malware programs for Windows are written in compiled programming languages like C or C++ and take the form of portable executable files such as .exe or .dll. Others use command-line scripting such as Windows batch or PowerShell.It's rare to see client-side malware written in Web-based languages such as JavaScript, which are primarily intended to be interpreted by browsers. Yet the Windows Script Host, a service built into Windows, can natively execute .js and other scripting files out of the box.To read this article in full or to leave a comment, please click here

Gartner: How to make a digital risk plan and sell it to the board

It’s not enough for security pros to figure out how to protect digital enterprises from risks that can ruin the business, they must effectively sell it to corporate boards whose blessing is needed to authorize the plan, Gartner analysts told attendees at their Security and Risk Management Summit.With that in mind, three Gartner security specialists walked the roughly 3,400-person audience through how to create a plan to manage risk and minimize damage when – not if – an attack succeeds, and the strategy for buy-in from the board of directors.“One hundred percent protection should not be the goal,” Gartner analyst Peter Firstbrook told the gathering. “The goal should be resilience.”To read this article in full or to leave a comment, please click here

Gartner: How to make a digital risk plan and sell it to the board

It’s not enough for security pros to figure out how to protect digital enterprises from risks that can ruin the business, they must effectively sell it to corporate boards whose blessing is needed to authorize the plan, Gartner analysts told attendees at their Security and Risk Management Summit.With that in mind, three Gartner security specialists walked the roughly 3,400-person audience through how to create a plan to manage risk and minimize damage when – not if – an attack succeeds, and the strategy for buy-in from the board of directors.“One hundred percent protection should not be the goal,” Gartner analyst Peter Firstbrook told the gathering. “The goal should be resilience.”To read this article in full or to leave a comment, please click here

Secure and fast GitHub Pages with CloudFlare

Secure and fast GitHub Pages with CloudFlare

GitHub offers a web hosting service whereby you can serve a static website from a GitHub repository. This platform, GitHub Pages, can be used with CloudFlare whilst using a custom domain name.

In this tutorial, I will show you how to use CloudFlare and GitHub together. By taking advantage of CloudFlare’s global network, you can utilise our CDN service to improve your site's performance and security.

Whilst GitHub Pages doesn't ordinarily support SSL on custom domains, CloudFlare's Universal SSL allows your users to access your site over SSL, thus opening up the performance advantages of HTTP/2.

Secure and fast GitHub Pages with CloudFlare

GitHub Pages is designed to host sites that only serve static HTML. The ability to only host static content isn’t as big of a restriction as you might think.

Static site generators avoid repetitive update tasks of updating “latest posts” feeds, pagination or sitemaps; whilst generating static HTML that can be uploaded to any web hosting service without a scripting engine. Unlike ancient desktop tools like FrontPage and Dreamweaver which lacked a content model, modern static site generators have the design decisively separate from content.

Typically, CMS-based sites must query a database for content, then render the HTML to be served to the end Continue reading

10 questions about Apple’s WWDC announcements

Apple’s highly anticipated World Wide Developers Conference (WWDC) always delivers a strong shot of adrenaline to the company’s software and products. And those upgrades were present in abundance at the 2016 conference.In the past, though, Apple has sometimes used WWDC to introduce dramatic new products and services and address the biggest problems on users’ minds. I didn’t see much of that this time around.Don’t get me wrong. Apple did what it had to do at WWDC. The company addressed many of its competitive shortcomings and product lapses, upgrading key components across virtually its entire product line.+ More on Network World: FIRST LOOK: What happened at Apple’s WWDC +To read this article in full or to leave a comment, please click here

IDG Contributor Network: FedRAMP: A challenging path to operational excellence for cloud providers

“The Federal Risk and Authorization Management Program, or FedRAMP, is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.”—FedRamp websiteThat sounds positive, but getting approved for the FedRAMP certification is far tougher than most cloud providers anticipated. In fact, few organizations are truly capable of making it through the process. As shared by an article in GCN:“Of more than 80 cloud providers who have applied to go through the FedRAMP certification, more than half are not yet ready to go through the process, according to Kathy Conrad, principal deputy associate administrator with the General Services Administration’s Office of Citizen Services and Innovative Technologies.”To read this article in full or to leave a comment, please click here

CCDE July 2016 Onsite Bootcamp in Las Vegas

I am glad to announce that next bootcamp of this year will be on July 2016 in Las Vegas , right after Cisco Live. Last day of Cisco Live will be the first day of my CCDE class. Extend your vacation 5 more days, inform your company by now, get approval and meet me there […]

The post CCDE July 2016 Onsite Bootcamp in Las Vegas appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

iPhones are about to get plugged into enterprises with Cisco’s help

Apple and Cisco Systems have fleshed out their plans to make iOS devices work better in enterprises and said the new capabilities will arrive in the fall.Voice calls on Cisco’s Spark collaboration app will act like regular phone calls, IT departments will be able to give Cisco apps priority on iOS devices, and iPhone calls will run over corporate networks. These are some of the ways the two companies’ technologies will mesh in enterprises.Cisco announced the coming features on Monday after Apple’s Worldwide Developer Conference keynote. They’ll ship in a version of Cisco Spark updated for iOS 10. Apple also touched on the news at WWDC as one of very few enterprise announcements at the show.To read this article in full or to leave a comment, please click here

iPhones are about to get plugged into enterprises with Cisco’s help

Apple and Cisco Systems have fleshed out their plans to make iOS devices work better in enterprises and said the new capabilities will arrive in the fall.Voice calls on Cisco’s Spark collaboration app will act like regular phone calls, IT departments will be able to give Cisco apps priority on iOS devices, and iPhone calls will run over corporate networks. These are some of the ways the two companies’ technologies will mesh in enterprises.Cisco announced the coming features on Monday after Apple’s Worldwide Developer Conference keynote. They’ll ship in a version of Cisco Spark updated for iOS 10. Apple also touched on the news at WWDC as one of very few enterprise announcements at the show.To read this article in full or to leave a comment, please click here

Automation, not cheap labor, is reshaping outsourcing

The offshore outsourcing of IT grew because of the cost of offshore labor. A software engineer in India is paid but a fraction of what a U.S. worker earns. Payscale puts the median salary for a senior software engineer in India at $10,000.When IT services firms bring in H-1B visa workers, these workers earn substantially more than their overseas counterparts, but often significantly less than American IT employees.This labor cost advantage has been a powerful lure for U.S. customers, but analysts see labor costs diminishing in importance. Customers want more automation, whether it's infrastructure management or business process outsourcing. IT services firms can no longer complete exclusively on lower cost labor.To read this article in full or to leave a comment, please click here

20 reasons to get excited about iOS 10

iOS 10: Major changes with every swipeImage by AppleApple’s latest iOS 10 is packed with new features, hidden functionalities, and third-party app integrations. Here are our favorite bells and whistles so far.Photos recognizes faces without being creepyImage by AppleTo read this article in full or to leave a comment, please click here

How to make security analytics work for your organization

Falling into the analytics trapImage by ThinkstockAs the latest buzzword in IT, analytics are increasingly spanning various components of IT systems. With use cases to gather analytics around data, networks and user behaviors, there are endless possibilities for utilizing this information. But, when looking to drill down this data to inform security decisions, is a massive amount of information, which could include fall positives, really that useful? To avoid falling into an analytics trap, security professionals provide suggestions for how to best configure security analytics so they drive meaningful and actionable insights for your organization.To read this article in full or to leave a comment, please click here

Skylake Xeon E3s Serve Up Cheap Flops

AMD gets a lot of credit for creating Accelerated Processing Units that merge CPUs and GPUs on a single package or on a single die, but Intel also has a line of chips Core and Xeon processors that do the same thing for workstation and server workloads. The “Skylake-H” Xeon E3-1500 v5 chips that Intel recently announced with its new Iris Pro Graphics P580 GPUs pack quite a wallop. Enough in fact that for certain kinds of floating point math on hybrid workloads that system architects should probably give them consideration as they are building out clusters to do various

Skylake Xeon E3s Serve Up Cheap Flops was written by Timothy Prickett Morgan at The Next Platform.

IDG Contributor Network: 5 InfoSec concerns for colleges and universities

No industry or sector is immune to data breaches, but some are targeted more often than others. Education came ahead of government, retail and financial sectors, and it was second only to healthcare on Trend Micro’s list of the most-breached industries.With more than 500 security breaches across 320 higher education institutions since 2005, higher ed accounts for 35 percent of all breaches, according to an enlightening infographic from SysCloud.To read this article in full or to leave a comment, please click here

Is OVSDB a Control- or Management-Plane Protocol?

A while ago I discussed whether XMPP is a control- or management-plane protocol (spoiler: it depends). How about OVSDB? Here’s another question from one of my readers:

Why is Openflow considered as control plane protocol and OVSDB management plane protocol if both are relying on SDN controller? Is it because Openflow can directly modify the dataplane?

SDN controllers can use control- or management-plane protocols to get the job done.

Read more ...

Scanning for ClamAV 0day

Last week an 0day was released for ClamAV. Well, not really an 0day so much as somebody noticed idiotic features in ClamAV. So I scanned the Internet for the problem.

The feature is that the daemon listens for commands that tell it to do things like scan files. Normally, it listens only locally for such commands, but can be reconfigured to listen remotely on TCP port 3310. Some packages that include ClamAV sometimes default to this.

It's a simple protocol that consists of sending a command in clear text, like "PING", "VERSION", "SHUTDOWN", or "SCAN
So I ran masscan with the following command:

masscan 0.0.0.0/0 -p3310 --banners --hello-string[3310] VkVSU0lPTg==
Normally when you scan and address range (/0) and port (3310), you'd just see which ports are open/closed. That's not useful in this case, because it finds 2.7 million machines. Instead, you want to establish a full TCP connection. That's what the --banners option does, giving us only 38 thousand machines that successfully establish a connection. The remaining machines are large ranges on the Internet where firewalls are configured to respond with SYN-ACK, with the express purpose of frustrating port scanners.

But of those 38k machines, most are actually Continue reading
1 2,890 2,891 2,892 2,893 2,894 3,836