Tim Cook to Time: ‘I feel like I’m in this bad dream’

Tim Cook gave a long interview to Time magazine about Apple’s fight with the FBI over its refusal to create “GovtOS,” a more crackable version of iOS to side-load onto the seized iPhone 5c used by San Bernardino shooter Syed Rizwan Farook. The edited version is here, and Time also published the full transcript.+ MORE: Apple cites iPhone, Mac security problems in rebuttal to FBI demands +To read this article in full or to leave a comment, please click here

NASA’s IG tells space agency to bolster space network security

The network NASA uses to deliver telemetry ground-based tracking, data and communications services to a wide range of current and future spacecraft needs a serious bump in security technology.That was the conclusion of the space agency’s Office of Inspector General which stated: “We found that NASA, [NASA’s Goddard Space Flight Center in Greenbelt, MD, which manages the network] failed to comply with fundamental elements of security risk management reflected in Federal and Agency policies. We believe that these deficiencies resulted from inadequate Agency oversight of the network and insufficient coordination between stakeholders. These deficiencies unnecessarily increase the network’s susceptibility to compromise.”To read this article in full or to leave a comment, please click here

NASA’s IG tells space agency to bolster space network security

The network NASA uses to deliver telemetry ground-based tracking, data and communications services to a wide range of current and future spacecraft needs a serious bump in security technology.That was the conclusion of the space agency’s Office of Inspector General which stated: “We found that NASA, [NASA’s Goddard Space Flight Center in Greenbelt, MD, which manages the network] failed to comply with fundamental elements of security risk management reflected in Federal and Agency policies. We believe that these deficiencies resulted from inadequate Agency oversight of the network and insufficient coordination between stakeholders. These deficiencies unnecessarily increase the network’s susceptibility to compromise.”To read this article in full or to leave a comment, please click here

Worth Reading: SSL, TLS, and difficult privacy

Securing encrypted Internet traffic transmissions, such as those between web browsers and web servers, is decidedly not simple. Despite the fact that well-established protocols, namely Secure Sockets Layer (SSL) and Transport Layer Security (TLS), have seen use for many years, they still have some complexities and security vulnerabilities. -via CFA

LinkedInTwitterGoogle+FacebookPinterest

The post Worth Reading: SSL, TLS, and difficult privacy appeared first on 'net work.

Attack campaign uses keylogger to hijack key business email accounts

A new email-based attack campaign is targeting key employees from companies in the U.S., Middle East and Asia with the goal of compromising their computers and email accounts.This type of attack is known as business email compromise (BEC) and involves attackers hijacking the email accounts of business executives or accounting employees who typically authorize financial transactions inside organizations.Their hijacked email accounts can then be used to trick other employees, suppliers or business partners to initiate fraudulent payments to accounts controlled by the attackers.Security researchers from antivirus firm Trend Micro recently detected an attack against companies from 18 countries where key employees were targeted with emails that contained a commercial keylogger program called Olympic Vision.To read this article in full or to leave a comment, please click here

Securing Access to and from your Jump Box and VDI with VMware NSX

Companies have struggled for years on how to allow third parties access to specific systems Cyber-Security-King_Blogthat they manage or support? These systems and access requirements range from HVAC and phones systems to full IT outsourcing or development.

The problem has always been twofold; one, how to provide secure access into the datacenter, and two, how do you secure the third party access to only the systems they require access to. Basically, how do you limit the hop to hop once they are inside your datacenter.

In the paper, I show you how leveraging VMware’s NSX and VMware Horizon products, you now have two different deployment modules that will allow you to control third party access and restrict that user’s inter-datacenter hopping abilities.

Here you will find the full paper: https://communities.vmware.com/docs/DOC-31415

Hadar

 

The post Securing Access to and from your Jump Box and VDI with VMware NSX appeared first on The Network Virtualization Blog.

VMware fixes XSS flaws in vRealize for Linux

VMware patched two cross-site scripting issues in several editions of its vRealize cloud software. These flaws could be exploited in stored XSS attacks and could result in the user's workstation being compromised.The input validation error exists in Linux versions of VMware vRealize Automation 6.x prior to 6.2.4 and vRealize Business Advanced and Enterprise 8.x prior to 8.2.5, VMware said in the advisory (VMSA-2016-0003). Linux users running affected versions should update to vRealize Automation 6.2.4 and vRealize Business Advanced and Enterprise 8.2.5 to address the problems. The issues do not affect vRealize Automation 7.x on Linux and 5.x on Windows, and vRealize Business 7.x and 6.x on Linux (vRealize Business Standard).To read this article in full or to leave a comment, please click here

Steve Wozniak chimes in on the Apple/FBI debate

At this point, it seems that there's truly no end in sight for Apple's ongoing legal battle with the FBI. While the FBI and the DOJ have made it clear that they want Apple to create a new version of iOS designed to bypass iOS security mechanisms, Apple has made it clear that it's not even going to entertain the idea. Quite the opposite, Apple CEO Tim Cook even categorized the FBI's request as akin to asking Apple to create the software equivalent of cancer.Over the past few weeks, many tech companies have come out in support of Apple. Indeed, any time a tech figure of any prominence has been interviewed in recent weeks, the topic of discussion invariably turns to mobile encryption.To read this article in full or to leave a comment, please click here

Network and system analytics as a Docker microservice

Microservices describes why the industry standard sFlow instrumentation embedded within cloud infrastructure is uniquely able to provide visibility into microservice deployments.

The sFlow-RT analytics engine is well suited to deployment as a Docker microservice since the application is stateless and presents network and system analytics as a RESTful service.

The following steps demonstrate how to create a containerized deployment of sFlow-RT.

First, create a directory for the project and edit the Dockerfile:
mkdir sflow-rt
cd sflow-rt
vi Dockerfile
Add the following contents to Dockerfile:
FROM   centos:centos6
RUN    yum install -y java-1.7.0-openjdk
RUN    rpm -i http://www.inmon.com/products/sFlow-RT/sflow-rt-2.0-1072.noarch.rpm
EXPOSE 8008 6343/udp
CMD    /etc/init.d/sflow-rt start && tail -f /dev/null
Build the project:
docker build -t sflow-rt .
Run the service:
docker run -p 8008:8008 -p 6343:6343/udp -d sflow-rt
Access the API at http://docker_host:8008/ to verify that the service is running.

Now configure sFlow agents to send data to the docker_host on port 6343:
The following articles provide examples of using the sFlow-RT REST API:
The diagram shows how new and existing cloud based or locally hosted orchestration, operations, and security tools can leverage sFlow-RT's analytics service to gain real-time visibility. The solution is extremely scaleable, a single sFlow-RT instance can monitor thousands of servers and the network devices connecting them.

TeslaCrypt ransomware now impossible to crack, researchers say

The latest version of the TeslaCrypt ransomware has tidied up a weakness in previous versions that in some cases allowed victims to recover their files without paying a ransom. Cisco's Talos research group found that TeslaCrypt 3.0.1 has improved its implementation of a cryptographic algorithm making it impossible now to decrypt files.  "We can not say it loud and often enough, ransomware has become the black plague of the internet," wrote Andrea Allievi and Holger Unterbrink, both security researchers with Cisco, in a blog post on Wednesday. "The adversaries are modifying and improving it in every version."To read this article in full or to leave a comment, please click here

On the Topic of Lock-In

While talking with customers over the past couple of weeks during a multi-country/multi-continent trip, one phrase that kept coming up is “lock-in”, as in “we’re trying to avoid lock-in” or “this approach doesn’t have any lock-in”. While I’m not a huge fan of memes, this phrase always brings to mind The Princess Bride, Vizzini’s use of the word “inconceivable,” and Inigo Montoya’s famous response. C’mon, you know you want to say it: “You keep using that word. I do not think it means what you think it means.” I feel the same way about lock-in, and here’s why.

Lock-in, as I understand how it’s viewed, is an inability to migrate from your current solution to some other solution. For example, you might feel “locked in” to Microsoft (via Office or Windows) or “locked in” to Oracle (via their database platform or applications), or even “locked in” to VMware through vCenter and vSphere. Although these solutions/platforms/products might be the right fit for your particular problem/need, the fact that you can’t migrate is a problem. Here you are, running a product or solution or platform that is the right fit for your needs, but because you may not be able Continue reading

1 3,091 3,092 3,093 3,094 3,095 3,842