Worth Reading: SSL, TLS, and difficult privacy

Securing encrypted Internet traffic transmissions, such as those between web browsers and web servers, is decidedly not simple. Despite the fact that well-established protocols, namely Secure Sockets Layer (SSL) and Transport Layer Security (TLS), have seen use for many years, they still have some complexities and security vulnerabilities. -via CFA

LinkedInTwitterGoogle+FacebookPinterest

The post Worth Reading: SSL, TLS, and difficult privacy appeared first on 'net work.

Attack campaign uses keylogger to hijack key business email accounts

A new email-based attack campaign is targeting key employees from companies in the U.S., Middle East and Asia with the goal of compromising their computers and email accounts.This type of attack is known as business email compromise (BEC) and involves attackers hijacking the email accounts of business executives or accounting employees who typically authorize financial transactions inside organizations.Their hijacked email accounts can then be used to trick other employees, suppliers or business partners to initiate fraudulent payments to accounts controlled by the attackers.Security researchers from antivirus firm Trend Micro recently detected an attack against companies from 18 countries where key employees were targeted with emails that contained a commercial keylogger program called Olympic Vision.To read this article in full or to leave a comment, please click here

Securing Access to and from your Jump Box and VDI with VMware NSX

Companies have struggled for years on how to allow third parties access to specific systems Cyber-Security-King_Blogthat they manage or support? These systems and access requirements range from HVAC and phones systems to full IT outsourcing or development.

The problem has always been twofold; one, how to provide secure access into the datacenter, and two, how do you secure the third party access to only the systems they require access to. Basically, how do you limit the hop to hop once they are inside your datacenter.

In the paper, I show you how leveraging VMware’s NSX and VMware Horizon products, you now have two different deployment modules that will allow you to control third party access and restrict that user’s inter-datacenter hopping abilities.

Here you will find the full paper: https://communities.vmware.com/docs/DOC-31415

Hadar

 

The post Securing Access to and from your Jump Box and VDI with VMware NSX appeared first on The Network Virtualization Blog.

VMware fixes XSS flaws in vRealize for Linux

VMware patched two cross-site scripting issues in several editions of its vRealize cloud software. These flaws could be exploited in stored XSS attacks and could result in the user's workstation being compromised.The input validation error exists in Linux versions of VMware vRealize Automation 6.x prior to 6.2.4 and vRealize Business Advanced and Enterprise 8.x prior to 8.2.5, VMware said in the advisory (VMSA-2016-0003). Linux users running affected versions should update to vRealize Automation 6.2.4 and vRealize Business Advanced and Enterprise 8.2.5 to address the problems. The issues do not affect vRealize Automation 7.x on Linux and 5.x on Windows, and vRealize Business 7.x and 6.x on Linux (vRealize Business Standard).To read this article in full or to leave a comment, please click here

Steve Wozniak chimes in on the Apple/FBI debate

At this point, it seems that there's truly no end in sight for Apple's ongoing legal battle with the FBI. While the FBI and the DOJ have made it clear that they want Apple to create a new version of iOS designed to bypass iOS security mechanisms, Apple has made it clear that it's not even going to entertain the idea. Quite the opposite, Apple CEO Tim Cook even categorized the FBI's request as akin to asking Apple to create the software equivalent of cancer.Over the past few weeks, many tech companies have come out in support of Apple. Indeed, any time a tech figure of any prominence has been interviewed in recent weeks, the topic of discussion invariably turns to mobile encryption.To read this article in full or to leave a comment, please click here

Network and system analytics as a Docker microservice

Microservices describes why the industry standard sFlow instrumentation embedded within cloud infrastructure is uniquely able to provide visibility into microservice deployments.

The sFlow-RT analytics engine is well suited to deployment as a Docker microservice since the application is stateless and presents network and system analytics as a RESTful service.

The following steps demonstrate how to create a containerized deployment of sFlow-RT.

First, create a directory for the project and edit the Dockerfile:
mkdir sflow-rt
cd sflow-rt
vi Dockerfile
Add the following contents to Dockerfile:
FROM   centos:centos6
RUN    yum install -y java-1.7.0-openjdk
RUN    rpm -i http://www.inmon.com/products/sFlow-RT/sflow-rt-2.0-1072.noarch.rpm
EXPOSE 8008 6343/udp
CMD    /etc/init.d/sflow-rt start && tail -f /dev/null
Build the project:
docker build -t sflow-rt .
Run the service:
docker run -p 8008:8008 -p 6343:6343/udp -d sflow-rt
Access the API at http://docker_host:8008/ to verify that the service is running.

Now configure sFlow agents to send data to the docker_host on port 6343:
The following articles provide examples of using the sFlow-RT REST API:
The diagram shows how new and existing cloud based or locally hosted orchestration, operations, and security tools can leverage sFlow-RT's analytics service to gain real-time visibility. The solution is extremely scaleable, a single sFlow-RT instance can monitor thousands of servers and the network devices connecting them.

TeslaCrypt ransomware now impossible to crack, researchers say

The latest version of the TeslaCrypt ransomware has tidied up a weakness in previous versions that in some cases allowed victims to recover their files without paying a ransom. Cisco's Talos research group found that TeslaCrypt 3.0.1 has improved its implementation of a cryptographic algorithm making it impossible now to decrypt files.  "We can not say it loud and often enough, ransomware has become the black plague of the internet," wrote Andrea Allievi and Holger Unterbrink, both security researchers with Cisco, in a blog post on Wednesday. "The adversaries are modifying and improving it in every version."To read this article in full or to leave a comment, please click here

On the Topic of Lock-In

While talking with customers over the past couple of weeks during a multi-country/multi-continent trip, one phrase that kept coming up is “lock-in”, as in “we’re trying to avoid lock-in” or “this approach doesn’t have any lock-in”. While I’m not a huge fan of memes, this phrase always brings to mind The Princess Bride, Vizzini’s use of the word “inconceivable,” and Inigo Montoya’s famous response. C’mon, you know you want to say it: “You keep using that word. I do not think it means what you think it means.” I feel the same way about lock-in, and here’s why.

Lock-in, as I understand how it’s viewed, is an inability to migrate from your current solution to some other solution. For example, you might feel “locked in” to Microsoft (via Office or Windows) or “locked in” to Oracle (via their database platform or applications), or even “locked in” to VMware through vCenter and vSphere. Although these solutions/platforms/products might be the right fit for your particular problem/need, the fact that you can’t migrate is a problem. Here you are, running a product or solution or platform that is the right fit for your needs, but because you may not be able Continue reading

Network Automation @Interop Vegas 2015

I’m happy to be given the opportunity to speak once more at Interop Vegas in 2016. No workshop for me this year, but I will be putting on three individual talks, all focusing on topics that have been very near and dear to me over the past year.

Last year I was very focused on putting the theory behind network automation into practical terms, and making it “real”. Over the past year I’ve seen rapid growth in adoption of these ideas, and I was happy to be just one very small part of helping to make that happen.

Since the last Interop, my career has steered me towards a more direct approach to network automation, specifically through software development. So I’d like to spend some time providing an overview of my sessions at the upcoming Interop Vegas 2016, which are all inspired by the last year of my career.

Test-Driven Network Automation

The Network Revolution Is A Lie

http://info.interop.com/lasvegas/scheduler/session/the-network-revolution-is-a-lie

DevOps-Centric Networking at eBay

I am running the other two talks as an independent - just happy to participate

In case you are planning on attending Interop in Las Vegas this year, I’d like to let you know about my Continue reading

Air Force faces challenges managing drone force

As unmanned aircraft become a larger part of the Air Force a number of challenges have surfaced that could impact drone squadron efficiency.A Government Accountability Office report out this week stated that while the Air Force has made efforts to manage its unmanned aircraftpilots but has not fully addressed issues related to: “identifying personnel requirements, recruiting and retention difficulties, the potential use of Department of Defense civilians as pilots, pilots completing their required training and moving pilots through the training pipeline.”+More on Network World: What’s hot at the monster CeBit show?+To read this article in full or to leave a comment, please click here

This new discovery could put quantum computers within closer reach

One of the obstacles that have kept quantum computers on the distant horizon is the fact that quantum bits -- the building blocks with which they're made -- are prone to magnetic disturbances. Such "noise" can interfere with the work qubits do, but on Wednesday, scientists announced a new discovery that could help solve the problem.Specifically, by tapping the same principle that allows atomic clocks to stay accurate, researchers at Florida State University’s National High Magnetic Field Laboratory (MagLab) have found a way to give qubits the equivalent of a pair of noise-canceling headphones.The approach relies on what are known as atomic clock transitions. Working with carefully designed tungsten oxide molecules that contained a single magnetic holmium ion, the MagLab team was able to keep a holmium qubit working coherently for 8.4 microseconds -– potentially long enough for it to perform useful computational tasks.To read this article in full or to leave a comment, please click here

Attackers exploit Apple DRM weakness to infect non-jailbroken iOS devices

Attackers are exploiting a weakness in Apple's digital rights management technology to install malicious apps on supposedly protected, non-jailbroken iOS devices.In late February, security researchers from Palo Alto Networks found three malicious applications on the official App Store. An analysis revealed the malicious apps were part of a scheme to steal Apple IDs and passwords from Chinese users under the guise of an alternative app store.The more interesting aspect of the apps: In addition to being published on the official app store, they were also silently installed through software running on users' Windows PCs.An iOS device that hasn't been jailbroken, and hasn't had its security restrictions removed, should only be able to run apps downloaded from the App Store or installed through the iTunes software from users' PCs.To read this article in full or to leave a comment, please click here

1 2,947 2,948 2,949 2,950 2,951 3,696