Hack to cost UK’s TalkTalk up to $53 million

TalkTalk Telecom Group in the U.K. expects the one-off cost of a recent cyberattack to be up to £35 million (US$53 million) but said the number of customers affected may have been far less than had been earlier expected.The company said, while presenting its half-year results Wednesday, that forensic analysis had found that 4 percent of its  customers have any personal data at risk.Giving a breakdown, TalkTalk disclosed that  the total number of customers whose personal details were accessed were 156,959, and of these customers 15,656 bank account numbers and sort codes were accessed. 28,000 obscured credit and debit card numbers were also accessed by the hackers but cannot be used for financial transactions, as they were were 'orphaned', and cannot be identified by the stolen data, the company said.To read this article in full or to leave a comment, please click here

IPv6 and SSL for Yandy.IO

Thanks to Digitalocean the site is now fully IPv6 capable. Also, thanks to the awesome service at Cloudflare, just because I can, Yandy.IO is also now SSL encrypted. Your browser should redirect to...

[[ Summary content only, you can read everything now, just visit the site for full story ]]

Thoughts on Two Years of Working from Home

I've spent the past two years working from home as a network engineer for two different companies. At first, I wasn't sure how well the remote lifestyle would suit me, but after a short time I settled into a very comfortable routine. And to my surprise, I discovered that I was much more productive working from the serenity of my home office than I ever was in a cubicle. I'd like to share my observations with the hope of convincing others to try ditching the office as well.

Why Work Remote?

No More Commute

This is the most obvious benefit to working remote. No more sitting in rush hour traffic twice a day. Even if you take public transit and are able to play on your laptop for most of the trip, commuting is a major time sink. Most people will instantly gain back at least an hour of time by foregoing the daily drive to and from the office. What could you do with an extra hour each day?

And beyond time, there are ample corollary benefits. You (or your company) are no longer paying for as much fuel or fare. You're greatly reducing your risk of being injured Continue reading

Thoughts on Two Years of Working from Home

I've spent the past two years working from home as a network engineer for two different companies. At first, I wasn't sure how well the remote lifestyle would suit me, but after a short time I settled into a very comfortable routine. And to my surprise, I discovered that I was much more productive working from the serenity of my home office than I ever was in a cubicle. I'd like to share my observations with the hope of convincing others to try ditching the office as well.

Why Work Remote?

No More Commute

This is the most obvious benefit to working remote. No more sitting in rush hour traffic twice a day. Even if you take public transit and are able to play on your laptop for most of the trip, commuting is a major time sink. Most people will instantly gain back at least an hour of time by foregoing the daily drive to and from the office. What could you do with an extra hour each day?

And beyond time, there are ample corollary benefits. You (or your company) are no longer paying for as much fuel or fare. You're greatly reducing your risk of being injured Continue reading

Thoughts on Two Years of Working from Home

I've spent the past two years working from home as a network engineer for two different companies. At first, I wasn't sure how well the remote lifestyle would suit me, but after a short time I settled into a very comfortable routine. And to my surprise, I discovered that I was much more productive working from the serenity of my home office than I ever was in a cubicle. I'd like to share my observations with the hope of convincing others to try ditching the office as well.

Why Work Remote?

No More Commute

This is the most obvious benefit to working remote. No more sitting in rush hour traffic twice a day. Even if you take public transit and are able to play on your laptop for most of the trip, commuting is a major time sink. Most people will instantly gain back at least an hour of time by foregoing the daily drive to and from the office. What could you do with an extra hour each day?

And beyond time, there are ample corollary benefits. You (or your company) are no longer paying for as much fuel or fare. You're greatly reducing your risk of being injured Continue reading

Ransomware for Mac is nothing to worry about — for now

Apple computers haven't been impacted by ransomware, a pervasive and insidious class of malware that encrypts files on a computer in exchange for a ransom.That's not because Apple's operating system is any more secure than Windows; it's more that malware writers haven't gotten around to writing ransomware for OS X since infecting Windows machines has been so profitable.However, a Brazilian security researcher, Rafael Salema Marques, decided to show how easy it would be for malware writers to target OS X in a polished experiment that took him a couple of days.To read this article in full or to leave a comment, please click here

ProtonMail comes back online, shores up DDoS defenses

ProtonMail, the Switzerland-based encrypted email service, has found its footing again after a wild ride over the past week.The free service has said it was hit by two different groups using distributed denial-of-service attacks (DDoS) that took it offline.Now it has partnered with Radware, which offered its DDoS mitigation service for a "reasonable price," allowing service to resume, ProtonMail wrote in a blog post on Tuesday."The attackers hoped to destroy our community, but this attack has only served to bring us all together, united by a common cause and vision for the future," the company wrote.To read this article in full or to leave a comment, please click here

A Handy CLI Tool for Working with JSON

While I was at Kubecon this past week, one of the presenters showed off a handy CLI tool for working with JSON. It’s called jq, and in this post I’m going to show you a few ways to use jq. For the source of JSON output, I’ll use the OpenStack APIs.

If you’re not familiar with JSON, I suggest having a look at this non-programmer’s introduction to JSON. Also, refer to this article on using cURL to interact with a RESTful API for a bit more background on some of the commands I’m going to use in this post.

Let’s start by getting an authorization token for OpenStack, using the following curl command:

curl -d '{"auth":{"passwordCredentials":
{"username": "admin","password": "secret"},
"tenantName": "customer-A"}}' 
-H "Content-Type: application/json" 
http://192.168.100.100:5000/v2.0/tokens

This will return a pretty fair amount of JSON in the response, and it presents the first opportunity to use jq. Let’s say you only wanted the authorization token, and not all the other output. Simply add the following jq command to the end of your curl request:

curl -d '{"auth":{"passwordCredentials":
{"username": "admin","password": "secret"},
"tenantName": "customer-A"}}' 
-H "Content-Type: application/json" 
http://192.168.100.100:5000/v2.0/tokens | 
 Continue reading

Anycast For DMVPN Hubs

Dynamic assignment of DMVPN spoke tunnel addresses isn't just a matter of convenience. It provided the foundation for a recent design which included the following fun requirements:
  • There are many hub sites.
  • Spokes will be network-near exactly one hub site.
  • Latency between hub sites is high.
  • Bandwidth between hub sites is low.
  • Spoke routers don't know where they are in the network.
  • Spoke routers must connect only to the nearest hub.
The underlay topology in this environment1 made it safe for me to anycast the DMVPN hubs, so that's what I did. This made the "connect to the nearest hub" problem easy to solve, but introduced some new complexity.

Hub Anycast Interface
Each DMVPN router has a loopback interface with address 192.0.2.0/32 assigned to the front-door VRF. It's configured something like this:

 interface loopback 192020
  description DMVPN hub anycast target  
  ip vrf forwarding LTE_TRANSIT  
  ip address 192.0.2.0 255.255.255.255

The 192.0.2.0 /32 prefix was redistributed into the IP backbone. If this device were to fail, then the next-nearest instance of 192.0.2.0 would be selected by the IGP.

Spoke Configuration
Spokes look pretty much exactly like Continue reading

CCIE Three Months Later

A short take on my journey to becoming CCIE #49800. This wouldn't be possible without the so very important people in my life. Thank You!...

[[ Summary content only, you can read everything now, just visit the site for full story ]]

Patch Tuesday November 2015: Microsoft releases 12 fixes, 4 rated critical

For Patch Tuesday November 2015, Microsoft released 12 security bulletins, four rated as critical and the remaining 8 rated as important.Rated CriticalMS15-112 is the cumulative fix for remote code execution flaws in Internet Explorer. Microsoft lists 25 CVEs, most of which are IE memory corruption vulnerabilities. 19 are called Internet Explorer memory corruption vulnerabilities, with three CVEs labeled slightly different as Microsoft browser memory corruption vulnerabilities. Of the remaining CVEs, one involves Microsoft browser ASLR bypass, one is for an IE information disclosure flaw, and one is a scripting engine memory corruption vulnerability. You should deploy this as soon as possible.To read this article in full or to leave a comment, please click here

Three indicted in JPMorgan hacking case

On Tuesday, Manhattan US Attorney Preet Bharara's office unsealed an indictment against three individuals charged with hacking several financial institutions, financial news publishers, and other companies.In a statement to Reuters, JPMorgan confirmed that the recently unsealed indictment is connected to last year's hack, which impacted 83 million households.Monday's indictment focuses on Gery Shalon, Joshua Samuel Aaron, and Ziv Orenstein.In court documents shared with CSO Online, the prosecutors say that between 2012 and 2015, the three pulled off "the largest theft of customer data from a U.S. financial institution in history" by stealing the personal information of more than 100 million people.To read this article in full or to leave a comment, please click here

1 3,022 3,023 3,024 3,025 3,026 3,611