Skyport Systems and The Zero Trust DC

Skyport Systems offers a trusted computing platform to securely host virtual machines. Big deal? Well, maybe more than it seems at first glance.

Skyport Systems

I was sitting in some Juniper training last week being told about their Zero Trust security capabilities (referred to in VMWare NSX terminology as micro-segmentation), and as I listened I started thinking about zero trust in the wider context of who can be relied upon when it comes to software, and even the hardware on which it runs.

Software Issues

Let’s face it, the events of the the last few years have brought to light for Americans that far from a need to fear what other nation states might be willing to do to get access to our data, the real threat may lie within. Juniper was in the news at the end of last year after the announcement that ScreenOS contained unauthorized code suspected of being planted there by the NSA. And then in January 2016, Juniper announced that ScreenOS would be dropping the NSA-developed Dual_EC_DRBG random number generator which perhaps coincidentally has a known weakness in it, a vulnerability that was made even worse by an implementation change in ScreenOS to use a larger Continue reading

5 things you should know about two-factor authentication

One of the best pieces of security advice any computer expert can give you is to enable two-factor authentication for websites that support it. With password breaches so common nowadays, it could be the one thing that keeps hackers from stealing your identity online. Here are five points to help you understand this technology.Two-factor authentication or two-step verification?A lot of people think they're the same thing, but that's not really accurate.There are three types of authentication factors: something you know, such as a password or PIN; something you have, such as a mobile phone or a special USB key; and something you are, such as your fingerprint or other biometric identifier.To read this article in full or to leave a comment, please click here

Bash, better biometric security, Cortana and a flood of chatbots coming to Windows 10

There’s a lot of things coming out of Microsoft’s BUILD conference, but here are three.Bash coming to Windows 10There are now 270 million monthly active devices running Windows 10 and some of those people behind those machines surely use Linux as well. After Microsoft rolls out the Windows 10 “Anniversary” update this summer, those folks can have the “real” Bash shell in Windows.First you would need to turn on Developer Mode in Windows settings and download the Bash shell from the Windows Store, but then you open the Start menu and type “bash” to open cmd.exe running Ubuntu’s /bin/bash, explained Dustin Kirkland, part of Canonical’s Ubuntu product and strategy team. Then you have “full access to all of Ubuntu user space.”To read this article in full or to leave a comment, please click here

5 dev tools for better code security

5 dev tools for securing your codeImage by geralt via pixabayInformation security is of paramount importance these days, and there is no better place to start securing systems and data than in the software development process itself.To read this article in full or to leave a comment, please click here

Feds tackle open source code quality

Even as the White House is calling on federal agencies to make more use of open source projects, there's also a federal effort under way to reduce the number of vulnerabilities in those products via better code review tools and bug bounties.By the end of September, the Cyber Security Division at the Department of Homeland Security plans to award funding for a project designed to improve the performance of static code analysis tools."We're in the process of approving proposals now from academia and small businesses," said Kevin Greene, the division's software assurance program manager.[ ALSO ON CSO: Romancing development: How to avoid feeling vulnerable with open source ]To read this article in full or to leave a comment, please click here

Introducing CFSSL 1.2

Continuing our commitment to high quality open-source software, we’re happy to announce release 1.2 of CFSSL, our TLS/PKI Swiss Army knife. We haven’t written much about CFSSL here since we originally open sourced the project in 2014, so we thought we’d provide an update. In the last 20 months, we have added a ton of great features, and CFSSL has attracted an active community of users and contributors. Users range from large SaaS providers (Heroku) to game companies (Riot Games) and the newest Certificate Authority (Let’s Encrypt). For them and for CloudFlare, CFSSL has become a core tool for automating certificates and TLS configurations. With added support for configuration scanning, automated provisioning via the transport package, revocation, certificate transparency and PKCS#11, CFSSL is now even more powerful.

We’re also happy to announce CFSSL’s new home: cfssl.org. From there you can try out CFSSL’s user interface, download binaries, and test some of its features.

Motivation

current efforts - google Licensing: Public Domain

This 2013 National Security Agency (NSA) slide describing how data from Google’s internal network was collected by intelligence agencies was eye-opening—and shocking—to many technology companies. The idea that an attacker could read messages passed between services wasn’t technically groundbreaking, but it Continue reading

Your Linux-based home router could succumb to a new Telnet worm, Remaiten

Building botnets made up of routers, modems, wireless access points and other networking devices doesn't require sophisticated exploits. Remaiten, a new worm that infects embedded systems, spreads by taking advantage of weak Telnet passwords. Remaiten is the latest incarnation of distributed denial-of-service Linux bots designed for embedded architectures. Its authors actually call it KTN-Remastered, where KTN most likely stands for a known Linux bot called Kaiten. When scanning for new victims, Remaiten tries to connect to random IP addresses on port 23 (Telnet) and if the connection is successful, it attempts to authenticate using username and password combinations from a list of commonly used credentials, researchers from ESET said in a blog post.To read this article in full or to leave a comment, please click here

Your Linux-based home router could succumb to a new Telnet worm, Remaiten

Building botnets made up of routers, modems, wireless access points and other networking devices doesn't require sophisticated exploits. Remaiten, a new worm that infects embedded systems, spreads by taking advantage of weak Telnet passwords. Remaiten is the latest incarnation of distributed denial-of-service Linux bots designed for embedded architectures. Its authors actually call it KTN-Remastered, where KTN most likely stands for a known Linux bot called Kaiten. When scanning for new victims, Remaiten tries to connect to random IP addresses on port 23 (Telnet) and if the connection is successful, it attempts to authenticate using username and password combinations from a list of commonly used credentials, researchers from ESET said in a blog post.To read this article in full or to leave a comment, please click here

Do You Really Want to Write that Book?

It’s amazing how interesting questions come in batches: within 24 hours two friends asked me what I think about writing books. Here’s a summary of my replies (as always, full of opinions and heavily biased), and if you’re a fellow book author with strong opinions, please leave them in the comments.

Read more ...

FBI already using its iPhone hack to assist other criminal investigations

Apple's widely publicized battle with the FBI came to an unceremonious end this week when the DOJ filed a motion seeking to vacate a previous court order that would have forced Apple to help the FBI hack into the iPhone used by one of the San Bernardino terrorists.The impetus for the DOJ dropping its legal suit against Apple was that the FBI, with the assistance of a third party, finally managed to access the aforementioned iPhone's data without Apple's assistance. While the identity of the third party has never been confirmed, it's believed that an Israeli software forensics company called Cellebrite provided the FBI with a way in.And with not even a week having gone by, the FBI has reportedly begun using its recently acquired iPhone hacking solution in other criminal investigations. According to a report from the Associated Press, the FBI recently agreed to access a locked iPhone and iPod where were subject to a warrant as part of a homicide investigation in Little Rock, Arkansas. Officials involved in the case indicated that they have reason to believe that the devices contain evidence of the duo's pre-meditated murder plans.To read this article in full or Continue reading

MedStar Health partially restores services after suspected ransomware attack

MedStar Health said Wednesday it is restoring computer systems following a cyberattack that reportedly involved file-encrypting malware.The not-for-profit organization, which runs 10 hospitals in the Washington, D.C., area, was hit with ransomware, the Baltimore Sun reported on Wednesday, citing two anonymous sources.MedStar Health officials could not be immediately reached for comment. The organization issued two statements Wednesday, but did not describe what type of malware infected its systems.It said in one statement that its IT team has worked continuously to restore access to three main clinical systems. It said no patient data or associate data was compromised.To read this article in full or to leave a comment, please click here

Docker Machine, OpenStack, and SSH Keys

I wanted to provide readers a quick “heads up” about some unexpected behavior regarding Docker Machine and OpenStack. It’s not a huge deal, but it could catch someone off-guard if they aren’t aware of what’s happening.

This post builds on the earlier post I published on using Docker Machine with OpenStack; specifically, the section about using Docker Machine’s native OpenStack driver to provision instances on an OpenStack cloud. As a quick recap, recall that you can provision instances on an OpenStack cloud (and have Docker Engine installed and configured on those instances) with a command like this:

docker-machine create -d openstack 
--openstack-flavor-id 3 
--openstack-image-name "Ubuntu 14.04.3 LTS x64" 
--openstack-net-name lab-net-5 
--openstack-floatingip-pool ext-net-5 
--openstack-sec-groups docker,basic-services
instance-name

(Note that I didn’t include all of the optional parameters; refer to either my earlier blog post or the Docker Machine OpenStack driver reference for more details).

One of the optional parameters for Docker Machine’s OpenStack driver is the --openstack-keypair-name parameter, which allows you to specify the name of an existing keypair to use with instances created by Docker Machine. If you omit this parameter, as I have above, then Docker Machine will auto-generate a new SSH Continue reading

Perceptions of NFV Hype and Reality

cisco-nfv-hype-vs-reality-article “There are things known and there are things unknown, and in between are the doors of perception," wrote Aldous Huxley. That could be a description of the evolving tension between the perceptions of hype and reality of the NFV market as it enters its important phase of commercialization.

1 3,024 3,025 3,026 3,027 3,028 3,793