0

What did we learn about cybersecurity in 2015?

A data breach can be the biggest kind of crisis an IT leader will have to face. And when an incident occurs, it’s an emergency situation – typically an all-hands-on-deck moment.After the dust settles, however, it’s time to determine what lessons were learned from the experience. Your organization may have escaped 2015 without a data breach. But that’s no guarantee that hackers, cybercriminals and others won’t turn their attention to your business soon.2015 by the numbers According to the Identity Theft Resource Center (ITRC), organizations around the world suffered over 700 data breaches in 2015. The attacks covered every sector and records were lost in many sectors. For 2015, the ITRC reports the following findings:To read this article in full or to leave a comment, please click here

0

Cable Management: Tackling Tangles

0

Compose 1.6: New Compose file for defining networks and volumes

In the previous version of Docker Engine we added a completely new system for managing networks and volumes, and we’re pleased to announce full support for these features in Docker Compose. Compose files used to describe just one thing: the … Continued

0

The End Of The High-End Storage Array Era

0

Upcoming Event: Network Automation Workshop

I spent most of last year developing SDN-related content, resulting in pretty successful 2-day workshop and 20+ hours of online content. However, I fully agree with Matt Oswalt that network automation matters even more than lofty centralized ideas, so it was time to focus on that area.

As always, the easiest way to push yourself is to commit to a deadline, so I agreed to do a network automation workshop during the Troopers 16 event. Here’s what it will cover:

Read more ...

0

Study of another IP camera reveals serious problems

An in-depth analysis of yet another Internet-connected security camera has revealed a host of software problems.Alex Farrant and Neil Biggs, both of the research team for Context Information Security in the U.K, analyzed Motorola's Focus 73, an outdoor security camera. Images and video taken by the camera can be delivered to a mobile phone app.They found they could take control of the camera remotely and control its movement, redirect the video feed and figure out the password for the wireless network the device is connected to.One attack exploits a cross-site request forgery problem. It was possible to scan for camera connected to the Internet and then get a reverse root shell.To read this article in full or to leave a comment, please click here

0

Lawfare thinks it can redefine π, and backdoors

There is gulf between how people believe law to work (from watching TV shows like Law and Order) and how law actually works. You lawyer people know what I'm talking about. It's laughable.

The same is true of cyber: there's a gulf between how people think it works and how it actually works.

This Lawfare blogpost thinks it's come up with a clever method to get their way in the crypto-backdoor debate, by making carriers like AT&T responsible only for the what ("deliver interpretable signal in response to lawful wiretap order") without defining the how (crypto backdoors, etc.). This pressure would come in the form of removing current liability protections they now enjoy for not being responsible for what customers transmit across their network. Or as the post paraphrases the proposal:

Don’t expect us to protect you from liability for third-party conduct if you actively design your systems to frustrate government efforts to monitor that third-party conduct.

The post is proud of its own smarts, as if they've figured out how to outwit mathematicians and redefine pi (π). But their solution is nonsense, based on a hopelessly naive understanding of how the Internet works. It appears all Continue reading

0

Cisco-Jasper deal should make enterprise IoT safer

Cisco Systems' planned US$1.4 billion acquisition of Jasper Technologies could make it easier for enterprises to build businesses around services instead of products. While the Internet of Things includes sensors and devices that enterprises can use to better run their operations and cut costs, it can also give them whole new business models. Much of Jasper's business is connecting the products companies make to mobile networks. It sits between enterprises and mobile operators, doing the complicated work of tying IoT applications to network connections. Cisco builds a lot of the gear on the network side of that equation, plus higher-level smarts like analytics on the other end that can make IoT more effective and profitable. Bringing their capabilities together will simplify deployments that currently involve lots of different companies and pieces of software, the companies say.To read this article in full or to leave a comment, please click here

0

Comodo to fix major flaw in knock-off Chrome browser

Comodo will release an update Wednesday to fix a serious vulnerability in its web browser, which it markets as a way for users to enhance their security.Google engineer Tavis Ormandy found that the company's Chromodo browser disables the "same origin policy," one of the most basic tenets of web security, according to a writeup.To read this article in full or to leave a comment, please click here

0

Cisco Buys IoT Startup for $1.4B

Jasper Technologies brings big-name customers.

0

Ericsson De-Centralizes the RAN

Elastic RAN is like cloud RAN, but with fewer limits, Ericsson says.

0

Cisco Puts Storage into ‘Beast’ Mode

Cisco this week says it fortified its SAN switching lineup for the next 10 years. The company launched the MDS 9718 – or “the beast” as it was referred to internally -- a high port density, programmable director that’s ready for 32G.The switch supports 10G, 16G, 40G today, and with future support for 32G Cisco claims it should be around for the next decade. FibreChannel tops out at 16G today.It scales to 768 line rate 16G FibreChannel or 10G FibreChannel-over-Ethernet (FCoE) ports, or 384 40G FCoE. Brocade's DCX 8510, by contrast, supports up to 512 16G FC.To read this article in full or to leave a comment, please click here

0

As 5G approaches, 3G and 4G are still getting faster

Most of the excitement at Mobile World Congress this month will be about 5G, which won't officially exist until 2020. But vendors will also be showing off new ways to speed up the networks people are using now.That means more than 4G, because while LTE gets a lot of press, older services are more common than you might think. Just over half of the world's mobile subscriptions (51 percent) are for 2G service only, according to Tolaga Research analyst Phil Marshall. Almost one-third are limited to 3G, while only 15 percent are 4G. Even in 2020, only 48 percent of subscriptions will be for 4G.Some users are stuck on a slower network because they haven't upgraded to a faster phone, and some of those 2G-only subscriptions are for connected machines that don't need any more speed. But there are a lot of mobile users who could use a performance bump even before 5G comes along.To read this article in full or to leave a comment, please click here

0

What Is Social Engineering?

CSO presents an animated explainer on how data criminals exploit human psychology to gain access to a company's data, rather than by hacking or technical measures.

0

BleepingComputer under free speech attack as SpyHunter makers sue over bad review

BleepingComputer is a valuable asset to the Internet, in my opinion, as it is often one of the first sites to warn of newly reported ransomware; volunteer security professionals also regularly provide answers to any number of other computer questions. Yet BleepingComputer is seriously under fire for daring to engage in free speech as Enigma Software is suing the site over a negative review of Enigma’s flagship anti-malware program SpyHunter.To read this article in full or to leave a comment, please click here

0

Google Fiber to be free for select affordable housing residents

Google Fiber on Wednesday announced free gigabit Internet service to residents of selected public housing projects connected to its fiber optic service in U.S. cities.The program was launched at West Bluff, an affordable housing community in Kansas City, Mo., where 100 homes have been connected to Google Fiber. Across the Kansas City area, Google is now working with affordable housing providers to connect as many as nine properties that could reach more than 1,300 local families.Google described the program as an extension of its work with ConnectHome, an initiative of the U.S. Department of Housing and Urban Development (HUD) and the Obama administration.To read this article in full or to leave a comment, please click here

0

Flaws in smart toy back-end servers puts kids and their families at risk

Over the past two years security researchers have shown that many Internet-connected "smart" devices have not been designed with security in mind. This also seems to be the case for their back-end systems.The latest example are flaws found in the Web services operated by smart-toy makers which could expose children's personal information and location.Researchers from security firm Rapid7 found serious vulnerabilities in the Web application programming interfaces (APIs) used by the Smart Toy line of interactive stuffed animals and the hereO GPS watch for children.In the case of Smart Toy devices, the researchers found that the manufacturer's Web service did not properly validate request senders. Through the exposed APIs, they could enumerate all customers and find their toy ID, name, type and associated child profile; they could access all children's profiles, including their names, birth dates, gender and spoken languages; they could find out when a parent or child is interacting with their toy and could associate someone's toy with a different account, effectively hijacking it.To read this article in full or to leave a comment, please click here

0

Huawei Begins Methodically Tapping Open Source Groups

A new open source team will work with ONOS, OpenDaylight, and the ONF.

0

CloudFlare’s Impact On The HTTP/2 “Universe”

CloudFlare released HTTP/2 support for all customers on December 3rd, 2015. Now, two months later, it's time to take a look at the impact of this release on the HTTP/2 "universe" and also at what has changed from a HTTP/2 vs. SPDY vs. HTTP 1.1 traffic ratio perspective.

HTTP/2 Usage

Previously, we showcased browser market share data from our own website. Using these numbers, we predicted the ratio of HTTP/2 traffic that we expected to see once enabled. Now, we can compare this original data set with updated data from the last 48 hours.

Below is the market share of HTTP/2 capable browsers that we saw on our website during a 48 hour period. The first one was before our HTTP/2 launch, the other one was last week. Both data sets were pulled from Google Analytics, and user agents were analyzed for HTTP/2 support.

HTTP/2 capable browser	Global Market Share Late Nov 2015	Global Market Share Late Jan 2016
IE 11 on Windows 10	0.14%	0.34%
Edge 12, and 13	0.35%	0.48%
Firefox 36 - 45	5.09%	11.05%
Chrome 41 - 49	15.06%	38.86%
Safari 9	0.91%	2.69%
Opera Continue reading

0

A Case Study: WordPress Migration for Shift.ms

The case study presented involves a migration from custom database to WordPress. The company with the task is Valet and it has a vast portfolio of previously done jobs that included shifts from database to WordPress, multisite-to-multisite, and multisite to single site among others. The client is Shift.ms.

Problem

The client, Shift.ms, presented a taxing problem to the team. Shift.ms had a custom database that they needed migrated to WordPress. They had installed a WordPress/BuddyPress and wanted their data moved into this new installation. All this may seem rather simple. However, there was one problem; the client had some data in the newly installed WordPress that they intended to keep.

Challenges

The main problem was that the schema for the database and that of WordPress are very different in infrastructure. The following issues arose in an effort to deal with the problem: