Security ‘net 0x1339ECB: Who let the malware out?

According to ScadaFence, as quoted by Computer Weekly, industrial control systems are up next on hacker’s lists as a prime malware target. Apparently, they’ve grown tired of just defacing web sites and the like, and are moving to hard targets in meat space. What kind of damage could they do? Well, consider this attack, by way of Bruce Schneier:

We’re heading toward a world where driverless cars will automatically communicate with each other and the roads, automatically taking us where we need to go safely and efficiently. The confidentiality threats are real: Someone who can eavesdrop on those communications can learn where the cars are going and maybe who is inside them. But the integrity threats are much worse. Someone who can feed the cars false information can potentially cause them to crash into each other or nearby walls. Someone could also disable your car so it can’t start. Or worse, disable the entire system so that no one’s car can start.

Bruce Schneier moves the needle a little farther, discussing the current security model of confidentiality, integrity, and availability, and how it won’t work in the world that we’re building. Instead, he argues that it’s time to rethink our Continue reading

Arista just lost a patent round against Cisco and could face an import ban

Cisco Systems has won the latest round against Arista Networks at a U.S. trade agency that could block importation of Arista products. Arista violated three Cisco patents on networking technologies, Administrative Law Judge David Shaw of the U.S. International Trade Commission ruled on Tuesday. If the full Commission confirms that finding, the ruling could be bad news for Arista, a growing player in data-center networking.MORE ON NETWORK WORLD: 15 more useful Cisco sites Cisco sued Arista in December 2014, alleging the Silicon Valley startup violated 14 patents in its Arista EOS operating system. The legal battle continues, heading toward two possible trials in federal court as well as continuing activity at the ITC. In a blog post Tuesday, Cisco General Counsel Mark Chandler said a ruling in a second ITC investigation is expected in April.To read this article in full or to leave a comment, please click here

Startup mimics security analyst’s decision making, learns from humans

Startup PatternEx with roots in MIT’s artificial intelligence lab is launching a security platform it says employs artificial intelligence by learning from input it gets from human security analysts about data exfiltration and bank fraud incidents that it flags.It monitors firewall logs and traffic in and out of the network and alerts customer analysts of suspicious traffic that might represent malware connecting to command and control servers or transferring data out of the network, says PatternEx CEO Uday Veeramachaneni, a co-founder of the company.The AI engine is fed information about how the analyst responds to each notification and the algorithm running it incorporates that input into refining its predictive model of how the analyst will react. That way, over time, it sends fewer false positives, Veeramachaneni says.To read this article in full or to leave a comment, please click here

CCIE – CCIE SPv4 Review by Nick Russo

Nick Russo is a good friend of mine which just took the CCIE SPv4 exam. As far as I know he’s one of the first to attempt it and this blog may be the first actual review of the lab experience. Here is Nick’s story from the CCIE SPv4 lab.

On 2 Feb 2016, I attempted the CCIE SPv4 lab exam for the first time. I have not seen nor heard of anyone else attempting it; the proctor at RTP mentioned that only “a few” people take it each month and everyone has done poorly. That was both a good and bad thing: good, because after leaving the test I felt confident that I had done respectably. If I failed, it wouldn’t have been by much. It was bad because it choked me up for a minute or so, reminding me that I am crossing into uncharted territory with this exam. Every time I read a question I always had a general idea of how to solve it, even the trick questions with which Cisco hopes to catch you.

As a general comment, there is a ton of IOS XR on this exam. Unlike SPv3, there aren’t a few XR Continue reading

So What Exactly Is SDN?

Five years after the SDN hype exploded, it remains as meaningless as Cloud, and it seems that all we’re left with is a plethora of vendors engaged in SDN-washing their products.

Even when a group of highly intelligent engineers considering these topics on a daily basis gets together they don’t get very far apart from a great question: “what business problem is it supposed to solve?” (or maybe they got distracted by irrelevant hot-air opinions).

Is it still worth trying to find a useful definition of SDN? It seems it’s easier to list what SDN is not like I’ll be doing in the free Introduction to SDN webinar on February 10th. Let’s see:

Read more ...

mixi Taps Juniper Networks to Boost Hybrid Cloud Agility

TOKYO, JAPAN–(Marketwired – February 02, 2016) – Juniper Networks (:), the industry leader in network innovation, today announced that Japan’s leading social networking service and smartphone gaming provider mixi, Inc. (: ) has selected Juniper Networks to implement their data center solution utilizing Juniper Networks® QFX5100 Ethernet Switches to support MPLS/VRF in conjunction with Juniper Networks... Read more →

Custom Web browser from Comodo poses security threat, researcher says

A customized version of Google's Chrome browser developed by security vendor Comodo has a jaw-dropping flaw, according to a researcher.Tavis Ormandy, an information security engineer with Google, analyzed Comodo's "Chromodo," a browser based on the Chromium open-source code.Chromodo is marketed as a browser with enhanced security and privacy controls. But Ormandy found it contains a flaw that violates one of the most basic rules for Web security.To read this article in full or to leave a comment, please click here

What is the Wi-Fi password?

This is one of the most common questions heard in small and mid-sized businesses (SMBs) today. With the shift in technology and consumer expectations of connectivity, SMBs do more than just provide products and services to their customers—they provide Wi-Fi....

Malwarebytes still fixing flaws in antivirus software

Malwarebytes said it could take three of four weeks to fix flaws in its consumer product that were found by a Google security researcher.The company has fixed several server-side vulnerabilities but is still testing a new version of its Anti-Malware product to fix client-side problems, CEO Marcin Kleczynski said in a blog post.In the meantime, customers can implement a workaround: those using the premium version of Anti-Malware "should enable self-protection under settings to mitigate all of the reported vulnerabilities," he wrote.To read this article in full or to leave a comment, please click here

Arista violated 3 Cisco patents: ITC

The International Trade Commission has made an initial determination that Arista Networks infringed on three Cisco patents in its switches, the latest development in a 13-month-old suit.The ITC said Arista violated patents associated with a central database for managing configuration data (SysDB) and private VLANs. As part of its 2014 suit alleging patent and copyright infringement, Cisco sought an injunction on Arista product from the ITC.To read this article in full or to leave a comment, please click here

Protecting IP or Market Share?

Protecting IP or Market Share?

It's tough times on Tasman Drive.  Struggling to apply old technology to the new world of cloud computing, Cisco is potentially facing the largest loss of data center market share in its history.  We can understand why Cisco would take the battle from the marketplace to the courtroom.  What surprises us is the length that Cisco has gone to misrepresent our actions and the nature of the litigation in order to justify their assault.

Q&A: As prices fall, flash memory is eating the world

Western Digital in October announced plans to acquire SanDisk for some $19 billion in a deal that -- once finalized -- will marry leaders in the traditional hard drive and the emerging flash memory markets. Sumit Sadana, SanDisk's chief strategy officer and general manager of its Enterprise Solutions unit, spoke recently with IDG Chief Content Officer John Gallant to share insights on the merger and to explore the evolving role of flash in corporate data centers. What continues to hold enterprise back with flash? Just the price perception issue?Is the cloud a threat to your consumer device business? More and more, consumers use the cloud for photos or other things that they're saving. Is it such that the better the cloud opportunities get, the weaker the consumer opportunity gets?To read this article in full or to leave a comment, please click here(Insider Story)

1 3,068 3,069 3,070 3,071 3,072 3,753