Want to secure a Windows PC? Turn off Administrator rights

A new report from the security firm Avecto said the vast majority of critical flaws affecting Windows, Office, and Internet Explorer could be stopped and prevented from spreading just by removing Administrator's rights from the PC's user.The default setting for Windows users on a single-user system is Administrator, which simplifies things for all involved. But just as Administrator rights make it easy to install new software, it also makes it easy for critical vulnerabilities and malware to spread.The report found: 86% of Critical vulnerabilities affecting Windows could be mitigated by removing admin rights. 99.5% of all vulnerabilities in Internet Explorer could be mitigated by removing admin rights. 82% of vulnerabilities affecting Microsoft Office could be mitigated by removing admin rights. 85% of Remote Code Execution vulnerabilities could be mitigated by removing admin rights. 82% of Critical vulnerabilities affecting Windows 10 could be mitigated by removing admin rights. 63% of all Microsoft vulnerabilities reported in 2015 could be mitigated by removing admin rights. The good news for business users is that your IT department has likely set your machine with a lower level of access that limits what can be done, including the installation of software with or Continue reading

Internet Archive’s malware museum takes you back to the days of cheeky viruses

Before there were botnets, the MyDoom worm, and Stuxnet, malware that hit your DOS personal computer was of a completely different breed. Some were simply annoying, some would corrupt files or mess with your system, but they all did it with style.+ ALSO: All hail: Inside the museum of nonsense +Now you can relive the magic of malware from the 1980s and 1990s courtesy of the Internet Archive’s brand new Malware Museum. Here, through the safety of an in-browser DOS simulator, you can relive some of the highlights of malware from yesteryear. This initial collection was created by Jason Scott, archivist and software curator for the Internet Archive, and Mikko Hypponen, chief research officer of F-Secure.To read this article in full or to leave a comment, please click here

Apple confirms iPhone-killing “Error 53,” says it’s about security

For months, some iPhone users have been running into a mysterious bug called “Error 53,” which can render some newer handsets unusable. Now, Apple has chimed in with an explanation.With Error 53, some iPhone 6 and 6s users have found that their handsets no longer work after an iOS update. Stranger still, Apple’s support site barely documents the problem, lumping it in with other error codes that appear to be more easily resolved. As reported last year by The Daily Dot’s Mike Wehner, the only fix for Error 53 is to send the phone back to Apple and get a replacement.To read this article in full or to leave a comment, please click here

Ten Tactics to Win Project Funding

Have you ever been frustrated or wondered why the solution you championed wasn’t funded? During our podcast interview with C-level IT Executives we identified ten tactics to improve your success at getting funding approval for your project. 1. Account for the time value of money. Will the same amount have to be spent every year? What is the life […]

The post Ten Tactics to Win Project Funding appeared first on Packet Pushers.

Ten Tactics to Win Project Funding

The post Ten Tactics to Win Project Funding appeared first on Packet Pushers.

Stuff The Internet Says On Scalability For February 5th, 2016

We have an early entry for the best vacation photo of the century.

If you like this sort of Stuff then please consider offering your support on Patreon.

1 billion: WhatsApp users; 3.5 billion: Facebook users in 2030; $3.5 billion: art sold online; $150 billion: China's budget for making chips; 37.5MB: DNA information in a single sperm;

Quotable Quotes:
- @jeffiel: "But seriously developers, trust us next time your needs temporarily overlap our strategic interests. And here's a t-shirt."
- @feross: Modern websites are the epitome of inefficiency. Using giant multi-MB javascript files to do what static HTML could do in 1999.
- Rob Joyce (NSA): We put the time in …to know [that network] better than the people who designed it and the people who are securing it,' he said. 'You know the technologies you intended to use in that network. We know the technologies that are actually in use in that network. Subtle difference. You'd be surprised about the things that are running on a network vs. the things that you think are supposed to be there.
- @MikeIsaac: i just realized how awkward Facebook's f8 conference is Continue reading

Worth Reading: Don’t Do Anything Twice

Automation is also a great labor multiplier, just like IT as a broader spectrum. Automation takes the time you would have spent doing the tasks and frees you up to do other things. Like more automation, which gives you more time, which lets you do more automation, etc, etc. Eventually, you’ll free up enough time in your day to spend your focus on enhancing your environment. Maybe you’ll finally get the time to tinker with Puppet or Docker. If you’re really lucky, you may even get the time to try out NSX in that lab you built a year ago and never got to use! -va packet pushers

The post Worth Reading: Don’t Do Anything Twice appeared first on 'net work.

iPexpert’s Newest “CCIE Wall of Fame” Additions 2/5/2016

Please join us in congratulating the following iPexpert students who have passed their CCIE lab!

This Week’s CCIE Success Stories

Lucas Handybiantoro, CCIE #51350 (Routing and Switching)
Yuri Meca, CCIE #49668 (Wireless)
Ferenc Kuris, CCIE #46451 (Routing and Switching)
Vidhyadhar Rapolu, CCIE #38175 (Collaboration)
Robert Loeffler, CCIE #49780 (Routing and Switching)
Diego Martin, CCIE #51740 (Collaboration)
Sanaullah Khan, CCIE #47771 (Routing and Switching)
Tim Roth, CCIE #51451 (Routing and Switching)
Feras Nemri, CCIE #51388 (Collaboration)
Yasmin Hushki, CCIE #50093 (Collaboration)
Ferenc Kuris, CCIE #46451 (Routing and Switching)

We Want to Hear From You!

Have you passed your CCIE lab exam and used any of iPexpert’s self-study products, or attended a CCIE Bootcamp? If so, we’d like to add you to our CCIE Wall of Fame!

Researcher finds serious flaw in Chromium-based Avast SafeZone browser

Several antivirus vendors have taken the open-source Chromium browser and created derivatives that they claim are more privacy-friendly and secure. Yet, at least two of them were recently found to have serious flaws that don't exist in Chromium.The latest example is the Avast SafeZone browser, internally known as Avastium, which is installed with the paid versions of Avast's antivirus and security suites. Google Project Zero researcher Tavis Ormandy found a vulnerability that could allow an attacker to take control of Avastium when opening an attacker-controlled URL in any other locally installed browser.By exploiting the flaw, an attacker could remotely read "files, cookies, passwords, everything," Ormandy said in a report that he sent to Avast in December and which he made public Wednesday. "He can even take control of authenticated sessions and read email, interact with online banking, etc."To read this article in full or to leave a comment, please click here

NFV: Where Do We Stand Today?

It was the NFV Year of the Storm.

Buenas Aires Penguins

null

The post Buenas Aires Penguins appeared first on 'net work.

Show 274: Packet Pushers Live! Viptela & Three Real-World SD-WAN Deployments (Sponsored)

The Packet Pushers are recorded live in New York in a podcast sponsored by Viptela. Greg and Ethan talk to 3 Viptela SD-WAN customers about their experiences deploying and running SD-WANs. They dive into speed of deployment, operational wins, security, and more.

The post Show 274: Packet Pushers Live! Viptela & Three Real-World SD-WAN Deployments (Sponsored) appeared first on Packet Pushers.

Show 274: Packet Pushers Live! Viptela & Three Real-World SD-WAN Deployments (Sponsored)

The post Show 274: Packet Pushers Live! Viptela & Three Real-World SD-WAN Deployments (Sponsored) appeared first on Packet Pushers.

The 8 Worst Data Breaches Of All Time

Corporate security breaches are common, yet disastrous. Learn from the most severe breaches so far.

How to secure Amazon Web Services

As cloud IT has proliferated, security concerns have diminished as a barrier to adoption. But that doesn't mean you can ignore security in the cloud, since a major attack can have expensive -- and potentially business-ending -- consequences.More and more sensitive data is heading to the cloud. Genomic informatics company GenomeNext, for example, feeds raw genome sequencing data into high-speed computational algorithms running entirely on AWS. Pharmaceutical giant Bristol-Myers Squibb reduced the duration of its clinical trials by using AWS. Electronic exchange Nasdaq OMX developed FinQloud on AWS to provide clients with tools for storing and managing financial data.To read this article in full or to leave a comment, please click here

Man turns tables on scammers

Seth was weary of the calls from bogus Windows support technicians, and decided to, if not get even, at least give them a taste of their own medicine."I was really tired [of the calls], and I really hate computer scammers," said Seth, whose last name Computerworld withheld for privacy reasons. "I got fed up."Like millions of others, Seth had been on the receiving end of scammers' phone calls, who rang up and told him that they were with "Microsoft support" or "Windows support," then proceeded to claim that they had detected malware on his machine.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords "I would get these calls three or four times a year," said Seth in an interview, adding that the calls would continue for a week or more, then end, only to resume months later. He would hang up on the callers or tell them he had no computer or was running a Mac.To read this article in full or to leave a comment, please click here

Storage Spending On The Rise

451 Research finds that companies plan to spend more on public cloud storage as they prioritize disaster recovery and backup.

Dridex banking malware mysteriously hijacked to distribute antivirus program

Users tricked by spam messages to open malicious Word documents that distribute the Dridex online banking Trojan might have a surprise: they'll get a free anitivirus program instead.That's because an unknown person -- possibly a white hat hacker -- gained access to some of the servers that cybercriminals use to distribute the Dridex Trojan and replaced it with an installer for Avira Free Antivirus.Dridex is one of the three most widely used computer Trojans that target online banking users. Last year, law enforcement authorities from the U.S. and U.K. attempted to disrupt the botnet and indicted a man from Moldova who is believed to be responsible for some of the attacks.To read this article in full or to leave a comment, please click here

Configure the Brocade NOS REST API to use HTTPS

Brocade VDX switches have REST and NETCONF interfaces. The REST API uses the built-in HTTP server. By default, this uses plain-text HTTP. As of NOS 6.0, you can (and should!) use HTTPS. If NOS has a certificate configured, it will automatically use HTTPS. Here’s how to configure it.

Pre-Change Tests

Let’s just do a couple of quick checks before we begin. Check that the switch is only listening on port 80, and that it responds to simple API queries:

Lindsays-MacBook:~ lhill$ nmap -p80,443 10.254.4.125

Starting Nmap 7.00 ( https://nmap.org ) at 2016-02-05 18:56 NZDT
Nmap scan report for 10.254.4.125
Host is up (0.14s latency).
PORT STATE SERVICE
80/tcp open http
443/tcp closed https

Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds

Lindsays-MacBook:~ lhill$ curl -u admin:password -d "<activate-status></activate-status>" http://10.254.4.125/rest/operational-state/activate-status
<output xmlns='urn:brocade.com:mgmt:brocade-firmware'>
<overall-status>0</overall-status>
<activate-entries>
<rbridge-id>1</rbridge-id>
<status>0</status>
</activate-entries>
</output>

Lindsays-MacBook:~ lhill$ ssh [email protected]
[email protected]'s password:
Welcome to the Brocade Network Operating System Software
admin connected from 10.252.131.4 using ssh on Leaf-203025
Leaf-203025# show http server status
rbridge-id 1: Status: HTTP Enabled and HTTPS  Continue reading

Introduction to BGP-LS and PCEP

Julian Lucek did a fantastic job describing how NorthStar controller uses BGP-LS and PCEP, so I asked him whether he’d be willing to do a deep dive on these two topics. He gracefully agreed, and the results are already online.