Question: How did hackers steal $81 million? Answer: Pretty easily.

One of the peculiar things about computer security is how much the topic is written about and discussed (a huge amount) compared to how much is actually done (always less than you think). But what’s really peculiar is that enterprises, which you’d think would have better security than organizations in, say, the SMB space, often have serious security deficiencies. Case in point: The Bangladesh Central Bank.In February this year, hackers managed to get into the Bangladesh Central Bank’s network and acquired the bank’s SWIFT credentials, codes that authorize interbank transfers. The hackers then used the credentials four times to transfer some $81 million to various accounts in the Philippines and Sri Lanka via the New York Federal Reserve but on the fifth attempt, the hackers misspelled the receiving account’s name (they spelled “Shalika Foundation” as Shalika “Fandation”)(du’oh). To read this article in full or to leave a comment, please click here

SDxCentral Weekly News Roundup — April 22, 2016

sdxcentral-news-roundup-april-22-2016 Here are the top stories SDxCentral wrangled this week related to SDN, NFV, cloud, and virtualization infrastructure: Verizon Publishes an SDN/NFV Reference Architecture — We can’t let AT&T have all the fun. On the heels of Ma Bell’s Ecomp specification, Verizon lays down some SDN/NFV knowledge of its own. A bit of Friday fun from the NFV World Congress. How... Read more →

US no longer requires Apple’s help to crack iPhone in New York case

The U.S. no longer requires Apple’s assistance to unlock an iPhone 5s phone running iOS 7 used by the accused in a drug investigation, stating that an “individual provided the passcode to the iPhone at issue in this case.” The Department of Justice has withdrawn its application in the U.S. District Court for the Eastern District of New York. DOJ  had earlier appealed to District Judge Margo K. Brodie an order from Magistrate Judge James Orenstein, ruling that Apple could not be forced to provide assistance to the government to extract data from the iPhone 5s.To read this article in full or to leave a comment, please click here

US no longer requires Apple’s help to crack iPhone in New York case

The U.S. no longer requires Apple’s assistance to unlock an iPhone 5s phone running iOS 7 used by the accused in a drug investigation, stating that an “individual provided the passcode to the iPhone at issue in this case.” The Department of Justice has withdrawn its application in the U.S. District Court for the Eastern District of New York. DOJ  had earlier appealed to District Judge Margo K. Brodie an order from Magistrate Judge James Orenstein, ruling that Apple could not be forced to provide assistance to the government to extract data from the iPhone 5s.To read this article in full or to leave a comment, please click here

Mininet-WiFi: Software defined network emulator supports WiFi networks

Mininet-WiFi is a fork of the Mininet SDN network emulator. The Mininet-WiFi developers extended the functionality of Mininet by adding virtualized WiFi stations and access points based on the standard Linux wireless drivers and the 80211_hwsim wireless simulation driver. They also added classes to support the addition of these wireless devices in a Mininet network scenario and to emulate the attributes of a mobile station such as position and movement relative to the access points.

mn-wifi-graph-200

The Mininet-WiFi extended the base Mininet code by adding or modifying classes and scripts. So, Mininet-WiFi adds new functionality and still supports all the normal SDN emulation capabilities of the standard Mininet network emulator.

In this post, I describe the unique functions available in the Mininet-WiFi network emulator and work through a few tutorials exploring its features.

How to read this post

In this post, I present the basic functionality of Mininet-WiFi by working through a series of tutorials, each of which works through Mininet-WiFi features, while building on the knowledge presented in the previous tutorial. I suggest new users work through each tutorial in order.

I do not attempt to cover every feature in Mininet-WiFi. Once you work through the tutorials in this post, Continue reading

Facebook bug hunter stumbles on backdoor left by… another bug hunter

When Orange Tsai set out to participate in Facebook's bug bounty program in February, he successfully managed to gain access to one of Facebook's corporate servers. But once in, he realized other hackers had beaten him to it.Tsai thought he had stumbled on some malicious activity in Facebook's network. But, according to a statement from Facebook on Friday, what he found was something else.Tsai, a consultant with Taiwanese penetration testing outfit Devcore, had started by mapping Facebook's online properties, which extend beyond user-facing services like facebook.com or instagram.com.One server that caught his attention was files.fb.com, which hosted a secure file transfer application made by enterprise software vendor Accellion and was presumably used by Facebook employees for file sharing and collaboration.To read this article in full or to leave a comment, please click here

Facebook bug hunter stumbles on backdoor left by… another bug hunter

When Orange Tsai set out to participate in Facebook's bug bounty program in February, he successfully managed to gain access to one of Facebook's corporate servers. But once in, he realized other hackers had beaten him to it.Tsai thought he had stumbled on some malicious activity in Facebook's network. But, according to a statement from Facebook on Friday, what he found was something else.Tsai, a consultant with Taiwanese penetration testing outfit Devcore, had started by mapping Facebook's online properties, which extend beyond user-facing services like facebook.com or instagram.com.One server that caught his attention was files.fb.com, which hosted a secure file transfer application made by enterprise software vendor Accellion and was presumably used by Facebook employees for file sharing and collaboration.To read this article in full or to leave a comment, please click here

The Ethernet community is working to introduce six new rates in the next 3 years

In its first 27 years of existence we saw the introduction of six Ethernet rates – 10Mbps, 100Mbps, 1Gbps, 10Gbps 40Gbps and 100Gbps.  And the Ethernet community is now working feverously to introduce six new rates -- 2.5Gbps, 5Gbps, 25Gbps 50Gbps, 200Gbps and 400Gbps-- in the next three years. Higher Ethernet rates used to be introduced when industry bandwidth requirements drove the need for speed.  Butwith Ethernet’s success, it soon became apparent that one new advance could satisfy the requirements of each Ethernet application space.  This was clearly illustrated nearly 10 years ago when it was recognized that computing and networking were growing at different rates.   This led to 40Gbps being selected as the next rate for servers beyond 10Gbps, while 100Gbps was selected as the next networking rate.   To read this article in full or to leave a comment, please click here

The Ethernet community is working to introduce six new rates in the next 3 years

In its first 27 years of existence we saw the introduction of six Ethernet rates – 10Mbps, 100Mbps, 1Gbps, 10Gbps 40Gbps and 100Gbps.  And the Ethernet community is now working feverously to introduce six new rates -- 2.5Gbps, 5Gbps, 25Gbps 50Gbps, 200Gbps and 400Gbps-- in the next three years. Higher Ethernet rates used to be introduced when industry bandwidth requirements drove the need for speed.  Butwith Ethernet’s success, it soon became apparent that one new advance could satisfy the requirements of each Ethernet application space.  This was clearly illustrated nearly 10 years ago when it was recognized that computing and networking were growing at different rates.   This led to 40Gbps being selected as the next rate for servers beyond 10Gbps, while 100Gbps was selected as the next networking rate.   To read this article in full or to leave a comment, please click here

The Ethernet community is working to introduce six new rates in the next 3 years

In its first 27 years of existence we saw the introduction of six Ethernet rates – 10Mbps, 100Mbps, 1Gbps, 10Gbps 40Gbps and 100Gbps.  And the Ethernet community is now working feverously to introduce six new rates -- 2.5Gbps, 5Gbps, 25Gbps 50Gbps, 200Gbps and 400Gbps-- in the next three years. 

Higher Ethernet rates used to be introduced when industry bandwidth requirements drove the need for speed.  Butwith Ethernet’s success, it soon became apparent that one new advance could satisfy the requirements of each Ethernet application space.  This was clearly illustrated nearly 10 years ago when it was recognized that computing and networking were growing at different rates.   This led to 40Gbps being selected as the next rate for servers beyond 10Gbps, while 100Gbps was selected as the next networking rate.   

To read this article in full or to leave a comment, please click here

Flagship HTC 10 to debut on Verizon Wireless

The HTC 10 announcement left the impression that HTC built another desirable unlocked phone like the HTC One A9 that Verizon Wireless customers were locked out of buying. But today, without a formal announcement the HTC 10 appeared on Verizon’s website. The Verizon version of the HTC 10 isn’t available on HTC’s website.Preorders begin on April 29 2016. There was no mention of price and availability. It should be priced at $699 unless HTC diverges from its usual policy of pricing the same models at the same prices; though promotions can be different between carriers for the same models. Looking at the hardware, the same model that supports AT&T and T-Mobile also has the frequency bands for Verizon, indicating that the early May availability could be the same for all three models.To read this article in full or to leave a comment, please click here

How AMD is ressurecting itself as a formidable rival to Intel

The rivalry between AMD and Intel peaked during the first decade of the 2000s, when the companies consistently challenged each other with a stream of chip innovations.Since then, AMD lost its way, and today it barely registers as a threat to Intel. But the competitive landscape could start changing as early as next year.Intel's x86 chips are installed in most PCs and servers, and AMD has been losing market share for years. AMD's chip technology has fallen behind Intel's after some ill-advised architectural changes, acquisitions, and manufacturing problems.Intel's x86 processor market share was 87.7 percent the fourth quarter of 2015, growing from 86.3 percent a year earlier. AMD held just a 12.1 percent share, falling from 13.6 percent, according to Mercury Research.To read this article in full or to leave a comment, please click here

Worth Reading: The IETF as a model

Imagine a world where you would be judged by the power of your ideas and not by your title, your origin, your age, your sex or even your academic credentials. Imagine a world where ideas can be debated with great openness and where it is still possible to make decisions by consensus. Imagine a world where competitors work together for the future of humanity.

LinkedInTwitterGoogle+FacebookPinterest

The post Worth Reading: The IETF as a model appeared first on 'net work.

In the Software Defined Data Center, application response time trumps infrastructure capacity management

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.The adoption of software-defined data center (SDDC) technologies is driven by tremendous potential for dynamic scalability and business agility, but the transition is fraught with complexities that need to be considered.This ecosystem relies on the abstraction or pooling of physical resources (primarily compute, network and storage) by means of virtualization. With software orchestrating new or updated services, the promise is these resources can be provisioned in real-time, without human intervention. In essence, this is the technology response to the agility demands of the modern digital business.To read this article in full or to leave a comment, please click here

Baidu Eyes Deep Learning Strategy in Wake of New GPU Options

This month Nvidia bolstered its GPU strategy to stretch further into deep learning, high performance computing, and other markets, and while there are new options to consider, particularly for the machine learning set, it is useful to understand what these new arrays of chips and capabilities mean for users at scale. As one of the companies directly in the lens for Nvidia with its recent wave of deep learning libraries and GPUs, Baidu has keen insight into what might tip the architectural scales—and what might still stay the same, at least for now.

Back in December, when we talked to

Baidu Eyes Deep Learning Strategy in Wake of New GPU Options was written by Nicole Hemsoth at The Next Platform.

Large hijack affects reachability of high traffic destinations

Starting today at 17:09 UTC our systems detected a large scale routing incident affecting hundreds of Autonomous systems. Many BGPmon users have received an email informing them of this change.

Our initial investigation shows that the scope of this incident is widespread and affected 576 Autonomous systems and 3431 prefixes. Amongst the networks affected are high traffic prefixes including those of Google, Amazon, Twitter, Apple, Akamai, Time Warner Cable Internet and more.

All these events have either AS200759 “innofield AG” or private AS 65021 as the origin AS. In the cases where AS65021 appears as the origin AS, AS200759 is again the next-hop AS.

AS200759 “innofield AG”  is a provider based out of Switzerland and normally only announces one IPv4 and one IPv6 prefix.

These are 2 example events:

Prefix  66.220.152.0/21 Is normally announced by Facebook AS32934 and during this event was announced by AS200759 as a more specific /22

Detected prefix: 66.220.152.0/22
Example aspath: 4608 24130 7545 6939 200759

And AS origin: 65021 behind AS 200759

Detected prefix: 66.220.152.0/22
Example aspath: 133812 23948 4788 6939 200759 65021

We saw the announcements via the following peers and providers of  AS200759 “innofield Continue reading

Doom will be AI’s next big gaming challenge

AI may have trounced humanity in the ancient game of Go, but it remains untested in countless other gaming arenas. Case in point: Doom, which, it turns out, will be the technology's next big challenge.Launched in 1993, Doom is widely considered a landmark title in the video-game industry for popularizing the first-person shooter genre. Now, artificial-intelligence researchers will have a chance to pit their creations against others in a contest based on the game at the IEEE Computational Intelligence and Games conference in September.To read this article in full or to leave a comment, please click here

1 3,023 3,024 3,025 3,026 3,027 3,845