Announcing Docker Birthday #3

Back in March 2013, Docker’s CTO and Founder, Solomon Hykes introduced Docker publicly for the first time during a lightning talk at PyCon. Three years later the Docker project has significantly matured to become the open platform of choice for building, shipping and running distributed applications in … Continued

Socat vulnerability shows that crypto backdoors can be hard to spot

Developers of the Socat networking tool have fixed a cryptographic flaw that left communications open to eavesdropping for over a year. The error is so serious that members of the security community believe it could be an intentional backdoor.Socat is a more complex and feature-rich reimplementation of netcat, a cross-platform networking service that can establish outbound and inbound connections on different ports and protocols. It is also a popular tool for network debugging.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords Socat can create encrypted connections using the Diffie-Hellman (DH) key exchange mechanism, which fundamentally relies on a prime number to derive the shared secrets for key exchanges. It turns out that the 1024-bit DH parameter used by Socat was not actually a prime number.To read this article in full or to leave a comment, please click here

Security ‘net 0x1339ECB: Who let the malware out?

According to ScadaFence, as quoted by Computer Weekly, industrial control systems are up next on hacker’s lists as a prime malware target. Apparently, they’ve grown tired of just defacing web sites and the like, and are moving to hard targets in meat space. What kind of damage could they do? Well, consider this attack, by way of Bruce Schneier:

We’re heading toward a world where driverless cars will automatically communicate with each other and the roads, automatically taking us where we need to go safely and efficiently. The confidentiality threats are real: Someone who can eavesdrop on those communications can learn where the cars are going and maybe who is inside them. But the integrity threats are much worse. Someone who can feed the cars false information can potentially cause them to crash into each other or nearby walls. Someone could also disable your car so it can’t start. Or worse, disable the entire system so that no one’s car can start.

Bruce Schneier moves the needle a little farther, discussing the current security model of confidentiality, integrity, and availability, and how it won’t work in the world that we’re building. Instead, he argues that it’s time to rethink our Continue reading

Arista just lost a patent round against Cisco and could face an import ban

Cisco Systems has won the latest round against Arista Networks at a U.S. trade agency that could block importation of Arista products. Arista violated three Cisco patents on networking technologies, Administrative Law Judge David Shaw of the U.S. International Trade Commission ruled on Tuesday. If the full Commission confirms that finding, the ruling could be bad news for Arista, a growing player in data-center networking.MORE ON NETWORK WORLD: 15 more useful Cisco sites Cisco sued Arista in December 2014, alleging the Silicon Valley startup violated 14 patents in its Arista EOS operating system. The legal battle continues, heading toward two possible trials in federal court as well as continuing activity at the ITC. In a blog post Tuesday, Cisco General Counsel Mark Chandler said a ruling in a second ITC investigation is expected in April.To read this article in full or to leave a comment, please click here

Startup mimics security analyst’s decision making, learns from humans

Startup PatternEx with roots in MIT’s artificial intelligence lab is launching a security platform it says employs artificial intelligence by learning from input it gets from human security analysts about data exfiltration and bank fraud incidents that it flags.It monitors firewall logs and traffic in and out of the network and alerts customer analysts of suspicious traffic that might represent malware connecting to command and control servers or transferring data out of the network, says PatternEx CEO Uday Veeramachaneni, a co-founder of the company.The AI engine is fed information about how the analyst responds to each notification and the algorithm running it incorporates that input into refining its predictive model of how the analyst will react. That way, over time, it sends fewer false positives, Veeramachaneni says.To read this article in full or to leave a comment, please click here

CCIE – CCIE SPv4 Review by Nick Russo

Nick Russo is a good friend of mine which just took the CCIE SPv4 exam. As far as I know he’s one of the first to attempt it and this blog may be the first actual review of the lab experience. Here is Nick’s story from the CCIE SPv4 lab.

On 2 Feb 2016, I attempted the CCIE SPv4 lab exam for the first time. I have not seen nor heard of anyone else attempting it; the proctor at RTP mentioned that only “a few” people take it each month and everyone has done poorly. That was both a good and bad thing: good, because after leaving the test I felt confident that I had done respectably. If I failed, it wouldn’t have been by much. It was bad because it choked me up for a minute or so, reminding me that I am crossing into uncharted territory with this exam. Every time I read a question I always had a general idea of how to solve it, even the trick questions with which Cisco hopes to catch you.

As a general comment, there is a ton of IOS XR on this exam. Unlike SPv3, there aren’t a few XR Continue reading

So What Exactly Is SDN?

Five years after the SDN hype exploded, it remains as meaningless as Cloud, and it seems that all we’re left with is a plethora of vendors engaged in SDN-washing their products.

Even when a group of highly intelligent engineers considering these topics on a daily basis gets together they don’t get very far apart from a great question: “what business problem is it supposed to solve?” (or maybe they got distracted by irrelevant hot-air opinions).

Is it still worth trying to find a useful definition of SDN? It seems it’s easier to list what SDN is not like I’ll be doing in the free Introduction to SDN webinar on February 10th. Let’s see:

Read more ...

mixi Taps Juniper Networks to Boost Hybrid Cloud Agility

TOKYO, JAPAN–(Marketwired – February 02, 2016) – Juniper Networks (:), the industry leader in network innovation, today announced that Japan’s leading social networking service and smartphone gaming provider mixi, Inc. (: ) has selected Juniper Networks to implement their data center solution utilizing Juniper Networks® QFX5100 Ethernet Switches to support MPLS/VRF in conjunction with Juniper Networks... Read more →

Custom Web browser from Comodo poses security threat, researcher says

A customized version of Google's Chrome browser developed by security vendor Comodo has a jaw-dropping flaw, according to a researcher.Tavis Ormandy, an information security engineer with Google, analyzed Comodo's "Chromodo," a browser based on the Chromium open-source code.Chromodo is marketed as a browser with enhanced security and privacy controls. But Ormandy found it contains a flaw that violates one of the most basic rules for Web security.To read this article in full or to leave a comment, please click here

What is the Wi-Fi password?

This is one of the most common questions heard in small and mid-sized businesses (SMBs) today. With the shift in technology and consumer expectations of connectivity, SMBs do more than just provide products and services to their customers—they provide Wi-Fi....

Malwarebytes still fixing flaws in antivirus software

Malwarebytes said it could take three of four weeks to fix flaws in its consumer product that were found by a Google security researcher.The company has fixed several server-side vulnerabilities but is still testing a new version of its Anti-Malware product to fix client-side problems, CEO Marcin Kleczynski said in a blog post.In the meantime, customers can implement a workaround: those using the premium version of Anti-Malware "should enable self-protection under settings to mitigate all of the reported vulnerabilities," he wrote.To read this article in full or to leave a comment, please click here

1 3,107 3,108 3,109 3,110 3,111 3,793