Antivirus software could make your company more vulnerable

Imagine getting a call from your company's IT department telling you your workstation has been compromised and you should stop what you're doing immediately. You're stumped: You went through the company's security training and you're sure you didn't open any suspicious email attachments or click on any bad links; you know that your company has a solid patching policy and the software on your computer is up to date; you're also not the type of employee who visits non-work-related websites while on the job. So, how did this happen? A few days later, an unexpected answer comes down from the security firm that your company hired to investigate the incident: Hackers got in by exploiting a flaw in the corporate antivirus program installed on your computer, the same program that's supposed to protect it from attacks. And all it took was for attackers to send you an email message that you didn't even open.To read this article in full or to leave a comment, please click here

OSPF Forwarding Address Part III: The perfect recipe for chaos

After getting familiar with the FA, when it’s set and when not, we’re ready to cook the recipe for chaos: NSSAs, Default Route injection and Forwarding Address.

Probably a good disclaimer for this article is – I agree, usually there are other, more simple and straightforward solutions to doing what I did, but in cases where you know 3 solutions to a problem, and none can be applied, it’s good to have the 4th one a click away.

Network Design

To begin with, the network design we’re going to be experimenting on today is not extremely common, but has a practical application though.

ospf-p3-1

Configuration

I will start by not sharing the configuration files for this design, with a simple reason – Please lab it yourselves! You will have all sorts of things to gain from this, from typing rapidity, thinking the addressing scheme to troubleshooting your own mistakes. It’s not that big of a deal and it should not take you more than half an hour.

On a high level overview, everything you need to know is on the scheme. Nevertheless, here are the configuration principles:

  • Each router has a loopback configured, to ease things when it comes to Continue reading

Stuff The Internet Says On Scalability For January 8th, 2016

Hey, it's HighScalability time:


Finally, a clear diagram of Amazon's industry impact. (MARK A. GARLICK)

 

If you like this Stuff then please consider supporting me on Patreon.
  • 150: # of globular clusters in the Milky Way; 800 million: Facebook Messenger users; 180,000: high-res images of the past; 1 exaflops: 1 million trillion floating-point operations per second; 10%: of Google's traffic is now IPv6; 100 milliseconds: time it takes to remember; 35: percent of all US Internet traffic used by Netflix; 125 million: hours of content delivered each day by Netflix's CDN;

  • Quotable Quotes:
    • Erik DeBenedictis: We could build an exascale computer today, but we might need a nuclear reactor to power it
    • wstrange: What I really wish the cloud providers would do is reduce network egress costs. They seem insanely expensive when compared to dedicated servers.
    • rachellaw: What's fascinating is the bot-bandwagon is mirroring the early app market.
      With apps, you downloaded things to do things. With bots, you integrate them into things, so they'll do it for you. 
    • erichocean: The situation we're in today with RAM is pretty much the identical situation with the disks of Continue reading

Worth Reading: Micro Routers

Today, Weaveworks, via the release of Weave Net 1.4, is announcing that it is using that API to simplify connecting Docker containers together using “micro routers.” Rather than relying on a central database to keep track of which Docker containers are associated with one another, Weaveworks has created what amounts to a couple of megabytes of code, using the Go programming language, that can be embedded inside a container. -via it business edge

The post Worth Reading: Micro Routers appeared first on 'net work.

The “Cloud Builder” Awakens

I have traveled extensively over the final quarter of 2015, meeting with customers, prospects and partners. There is something about being on the road that gives clarity to business and as a result, it is clear in my mind that Information Technology is witnessing its greatest period of change. The Internet of Things, Cloud and Big Data are driving the massive growth of new applications and data. Rapid rates of application and data growth are forcing organizations to move away from legacy scale-up approaches to ones that provide seamless scale-out. Siloed and monolithic approaches to delivering storage, compute and network resources must be replaced by integrated and elastic infrastructure and services consumption models.

In support of these new consumption models, IT is being delivered as services delivered on-demand, leveraging cloud architectures. I am seeing the emergence of a new customer, whom I call the Cloud Builder or Cloud Architect. Due to the rapid growth and importance of this new role, I somewhat jokingly say, “the Cloud Builder has awoken.” This new role takes a different IT approach to meeting the needs of the business. The Cloud Builder looks at applications and data requirements from the perspective of business goals, Continue reading

IDG Contributor Network: Experts predict more cyber attacks on universities

Attacks on major state universities will continue in 2016, according to a non-profit cybersecurity readiness organization that specializes in the public sector. And the problem is exacerbated because some state or small governments don’t have ‘mature’ cybersecurity plans in place, so they can’t mitigate it. The vulnerability has been tagged by a cybersecurity readiness organization The Center for Internet Security (CIS). The prediction was quoted in Fedscoop, a government-oriented IT website.Intellectual property “The universities are home to an awful lot of valuable intellectual property, so a lot of the major research universities are prime targets for attackers,” said Thomas Duffy, chair of the Multi-State Information Sharing and Analysis Center (MS-ISAC) that's operated by CIS. He was quoted by Fedscoop, writing about threats for states and localities.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Experts predict more attacks on universities

Attacks on major state universities will continue in 2016, according to a non-profit cybersecurity readiness organization that specializes in the public sector. And the problem is exacerbated because some state or small governments don’t have ‘mature’ cybersecurity plans in place, so they can’t mitigate it. The vulnerability has been tagged by a cybersecurity readiness organization The Center for Internet Security (CIS). The prediction was quoted in Fedscoop, a government-oriented IT website.Intellectual property “The universities are home to an awful lot of valuable intellectual property, so a lot of the major research universities are prime targets for attackers,” said Thomas Duffy, chair of the Multi-State Information Sharing and Analysis Center (MS-ISAC) that's operated by CIS. He was quoted by Fedscoop, writing about threats for states and localities.To read this article in full or to leave a comment, please click here

A Quick Look Back: Webinars in 2015

As you know I always promise my loyal subscribers at least 6 new webinars per year. Well, 2015 was a bit more fruitful. Let’s start with the easy ones:

However, I spent most of my time developing the SDN and network automation curriculum:

Read more ...

Russian group suspected to be linked to Ukraine power station cyberattack

A cyberattack that knocked out power in the Ukraine last month is believed to have been initiated by a hacking group with strong Russian interests.iSight Partners, a cybersecurity firm headquartered in Dallas, wrote on Thursday that a group called Sandworm was likely involved.The link was made after a study of a malware sample called KillDisk and a related one used by Sandworm in the past called BlackEnergy 3, wrote John Hultquist, director of cyberespionage analysis at iSight Partners.To read this article in full or to leave a comment, please click here

Android-powered smart TVs targeted by malicious apps

Smart TVs running older versions of Android are being targeted by several websites offering apps containing malware, according to Trend Micro.The security vendor wrote on Thursday that it found a handful of app websites targeting people in the U.S. and Canada by offering the malicious apps.The apps are exploiting a flaw in Android that dates to 2014, showing that many smart TVs do not have the latest patches."Most smart TVs today use older versions of Android, which still contain this flaw," wrote Ju Zhu, a mobile threats analyst with Trend. "While most mobile Android devices can easily be upgraded to the latest version, upgrading smart TV sets may be more challenging for users because they are limited by the hardware."To read this article in full or to leave a comment, please click here

1 3,105 3,106 3,107 3,108 3,109 3,754