New ransomware abuses Windows PowerShell, Word document macros

A new ransomware program written in Windows PowerShell is being used in attacks against enterprises, including health care organizations, researchers warn.PowerShell is a task automation and configuration management framework that's included in Windows and is commonly used by systems administrators. It has its own powerful scripting language that has been used to create sophisticated malware in the past.The new ransomware program, dubbed PowerWare, was discovered by researchers from security firm Carbon Black and is being distributed to victims via phishing emails containing Word documents with malicious macros, an increasingly common attack technique.To read this article in full or to leave a comment, please click here

10 big announcements from Google’s Cloud Conference

In San Francisco this week at Pier 48, overlooking the Giants’ AT&T Ballpark, Google Cloud Platform (GCP) executives are holding a user conference to introduce products and services they hope will help make the case for choosing Google in the cloud.Sam Charrington, a cloud and big data analyst and advisor, summed up Google executives’ pitch best this week on Twitter: “GCP exec team’s operating thesis: ‘Cloud’s not done. The industry’s just beginning the journey.”+MORE AT NETWORK WORLD: Is Google pushing the cloud envelope too far? +To read this article in full or to leave a comment, please click here

Stuff The Internet Says On Scalability For March 25th, 2016


Did you know there's a field called computational aesthetics? Neither did I. It's cool though.

 

If you like this sort of Stuff then please consider offering your support on Patreon.

  • 51%: of billion-dollar startups founded by immigrants; 2.8 billion: Twitter metric ingestion service writes per minute; 1 billion: Urban Airship push notifications a day; 1.5 billion: Slack messages sent per month; 35 million: server nodes in the world; 10: more regions will be added to Google Cloud;  697 million: WeChat active monthly users; 

  • Quotable Quotes:
    • Dark Territory: When officials in the Air Force or the NSA neglected to let Microsoft (or Cisco, Google, Intel, or any number of other firms) know about vulnerabilities in its software, when they left a hole unplugged so they could exploit the vulnerability in a Russian, Chinese, Iranian, or some other adversary’s computer system, they also left American citizens open to the same exploitations—whether by wayward intelligence agencies or by cyber criminals, foreign spies, or terrorists who happened to learn about the unplugged hole, too. 
    • @xaprb: If you adopt a microservices architecture with 1000x more things to monitor, you should not expect your monitoring cost Continue reading

Worth Reading: The IANA transition so far

Since the creation of ICANN in 1998, the community has fervently supported this transition. For more than 10 years, APNIC and the RIR communities have actively advocated for the end of a special role by a single government. Here are some historical highlights of the last 10 years of the IANA stewardship transition from an APNIC and number community perspective. -via APNIC

LinkedInTwitterGoogle+FacebookPinterest

The post Worth Reading: The IANA transition so far appeared first on 'net work.

Brussels attacks reinforce that security is everybody’s problem

I’ve had some rather unusual security training over the years. One of my earliest jobs was in security and law enforcement, and my course of study in graduate and undergraduate school included covering some of the largest security disasters in corporate history. Oh, and I was an internal auditor leader for a time when we had a tight emphasis on security. And, I’ve actually been a body guard.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers One of the things I’ve learned is that security is as much a mindset as anything else. Whether you are talking about personal security or securing your firm or country it is a heads-up game. The most successful are those that are constantly looking for abnormalities and are willing to do what is necessary when they see one to discover if there is a problem. Those that simply depend on tools or others to keep them secure likely aren’t. While these folks may lead far less stressful lives, their sense of security is a sham.  To read this article in full or to leave a comment, please click here

Malware authors quickly adopt SHA-2 through stolen code-signing certificates

As the IT industry is working to phase out the aging SHA-1 hashing algorithm it's not just website owners and software developers who are scrambling to replace their digital certificates: Cybercriminals are following suit too.Researchers from Symantec have recently found new samples of the Carberp.B online banking Trojan that were digitally signed with not one, but two stolen certificates: one using a SHA-1 signature and one using a SHA-2 signature."It can be safely surmised that the malware author used certificates containing differing algorithms with the hope of thwarting detection," the Symantec researchers said in a blog post.To read this article in full or to leave a comment, please click here

France fines Google for not being forgetful enough

The French data protection authority has fined Google for failing to implement the so-called right to be forgotten as ordered.Last year, the French National Commission on Computing and Liberty (CNIL) decided that requests to have personal information delisted from search results should apply to all Google properties, not just those in European domains.Google had been removing results from searches performed on domains including google.co.uk and google.fr, but not from its main site, google.com, even though it is accessible from within the EU.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers The CNIL could have fined Google up to €300,000 (US$336,000) for failing to comply with its ruling, but in the end ordered the company to pay just €100,000.To read this article in full or to leave a comment, please click here

Why IT can’t handle data breaches alone

In his keynote address at the CIO Perspectives event in Dallas last month, attorney Matthew Karlyn instructed the crowd about what CIOs and other business leaders need to know about the laws surrounding data breaches and preparing for the worst before a breach happens.Karlyn also addressed some of the myths surrounding security, including the suggestion that companies should “just let the IT department handle it.”“Does human resources have a role to play in information security? Of course they do - they’re storing the most sensitive data on all of your employees," said Karlyn. "Does finance have a role to play in information security? Of course they do - they’re funding the IT infrastructure. If they don’t understand what they’re funding, they’re going to say no… Does legal have a role to play in information security? Of course they do. No, it’s not just an IT department issue.”To read this article in full or to leave a comment, please click here(Insider Story)

Microservices Infrastructure using Mantl

Mantl is an Open source project from Cisco and it provides an integrated solution to deploy distributed Microservices. Any company deploying Microservices has to integrate different components before the solution becomes production ready. Mantl makes it easier by integrating the different components and providing the glue software that integrates the components. In this blog, I … Continue reading Microservices Infrastructure using Mantl

Docker Swarm on AWS using Docker Machine

In this post I’m going to talk about how to use Docker Machine to build a Docker Swarm cluster on Amazon Web Services (AWS). This post is an adaptation of this Docker documentation post that shows how to build a Swarm cluster using VirtualBox.

This post builds on the earlier post I wrote on using Docker Machine with AWS, so feel free to refer back to that post for more information or more details anywhere along the way.

At a high level, the process looks like this:

  1. Obtain a Swarm cluster token.
  2. Provision the Swarm master.
  3. Provision the Swarm nodes.

Let’s take a look at these steps in a bit more detail.

Obtain a Swarm Cluster Token

There’s at least a couple ways to do this, but they pretty much all involve a Linux VM using the Swarm Docker image. It’s up to you exactly how you want to do this—you can use a local VM, or you can use an AWS instance. The Docker documentation tutorial uses a local VM with the VirtualBox driver:

docker-machine create -d virtualbox local
env $(docker-machine env local)
docker run swarm create

The first command above creates a VirtualBox VM (named “local”) and Continue reading

iBGP for PE-CE

I’ve worked on many large-scale MPLS VPN solutions, some with as many as 20k-30k managed CPEs, and as everybody knows – where you run BGP with this sort of setup. It’s almost always eBGP with a single AS across all sites using AS-override, or each site gets a different AS number, to get around the age-old eBGP loop prevention mechanisms which tend to get in the way when we use L3VPNs.

Recently I came across RFC 6368 which describes how iBGP can actually be used as a PE-CE protocol, in order to make the provider network more transparent from a BGP perspective. Usually there’s no problem running eBGP and 99% of networks seem to operate perfectly fine with it, however if the customer CE routers have a large BGP element behind them, the provider’s AS numbers and interactions with the BGP updates can in some cases cause problems.

Recently Cisco added support to run iBGP for PE-CE with the addition of a new command placed under the VRF – “neighbor <x.x.x.x> internal-vpn-client” in JUNOS the command is “independent-domain” which goes under the routing-options for the routing-instance.

For this configuration, consider the following basic topology:

Untitled-2

CE-1 and CE-2 Continue reading

Verizon’s breach experts missed one right under their noses

Verizon Enterprise, a bulwark against cyberattacks at many large organizations, has suffered a security breach itself.A flaw in the company's systems allowed an attacker to steal contact information on Verizon Enterprise customers, the company acknowledged Thursday. Verizon said it has fixed the flaw and is notifying those users, but it hasn't disclosed how many were affected. The intruder couldn't get to any customer proprietary network information, Verizon said, referring to data such as call records and billing information.The breach came to light Thursday in a post on the blog Krebs on Security. Krebs reported the hacker stole contact information for about 1.5 million Verizon Enterprise customers and offered it for sale for US$100,000 on a cybercrime forum. Because the data was offered for sale in the MongoDB format, among others it's likely the attacker forced a MongoDB database at Verizon to dump its contents, the blog said.To read this article in full or to leave a comment, please click here

1 3,097 3,098 3,099 3,100 3,101 3,859