BleepingComputer under free speech attack as SpyHunter makers sue over bad review

BleepingComputer is a valuable asset to the Internet, in my opinion, as it is often one of the first sites to warn of newly reported ransomware; volunteer security professionals also regularly provide answers to any number of other computer questions. Yet BleepingComputer is seriously under fire for daring to engage in free speech as Enigma Software is suing the site over a negative review of Enigma’s flagship anti-malware program SpyHunter.To read this article in full or to leave a comment, please click here

Google Fiber to be free for select affordable housing residents

Google Fiber on Wednesday announced free gigabit Internet service to residents of selected public housing projects connected to its fiber optic service in U.S. cities.The program was launched at West Bluff, an affordable housing community in Kansas City, Mo., where 100 homes have been connected to Google Fiber. Across the Kansas City area, Google is now working with affordable housing providers to connect as many as nine properties that could reach more than 1,300 local families.Google described the program as an extension of its work with ConnectHome, an initiative of the U.S. Department of Housing and Urban Development (HUD) and the Obama administration.To read this article in full or to leave a comment, please click here

Flaws in smart toy back-end servers puts kids and their families at risk

Over the past two years security researchers have shown that many Internet-connected "smart" devices have not been designed with security in mind. This also seems to be the case for their back-end systems.The latest example are flaws found in the Web services operated by smart-toy makers which could expose children's personal information and location.Researchers from security firm Rapid7 found serious vulnerabilities in the Web application programming interfaces (APIs) used by the Smart Toy line of interactive stuffed animals and the hereO GPS watch for children.In the case of Smart Toy devices, the researchers found that the manufacturer's Web service did not properly validate request senders. Through the exposed APIs, they could enumerate all customers and find their toy ID, name, type and associated child profile; they could access all children's profiles, including their names, birth dates, gender and spoken languages; they could find out when a parent or child is interacting with their toy and could associate someone's toy with a different account, effectively hijacking it.To read this article in full or to leave a comment, please click here

CloudFlare’s Impact On The HTTP/2 “Universe”

CloudFlare released HTTP/2 support for all customers on December 3rd, 2015. Now, two months later, it's time to take a look at the impact of this release on the HTTP/2 "universe" and also at what has changed from a HTTP/2 vs. SPDY vs. HTTP 1.1 traffic ratio perspective.

HTTP/2 Usage

Previously, we showcased browser market share data from our own website. Using these numbers, we predicted the ratio of HTTP/2 traffic that we expected to see once enabled. Now, we can compare this original data set with updated data from the last 48 hours.

Below is the market share of HTTP/2 capable browsers that we saw on our website during a 48 hour period. The first one was before our HTTP/2 launch, the other one was last week. Both data sets were pulled from Google Analytics, and user agents were analyzed for HTTP/2 support.

HTTP/2 capable browser Global Market Share Late Nov 2015 Global Market Share Late Jan 2016
IE 11 on Windows 10 0.14% 0.34%
Edge 12, and 13 0.35% 0.48%
Firefox 36 - 45 5.09% 11.05%
Chrome 41 - 49 15.06% 38.86%
Safari 9 0.91% 2.69%
Opera Continue reading

A Case Study: WordPress Migration for Shift.ms

The case study presented involves a migration from custom database to WordPress. The company with the task is Valet and it has a vast portfolio of previously done jobs that included shifts from database to WordPress, multisite-to-multisite, and multisite to single site among others. The client is Shift.ms.

Problem

The client, Shift.ms, presented a taxing problem to the team. Shift.ms had a custom database that they needed migrated to WordPress. They had installed a WordPress/BuddyPress and wanted their data moved into this new installation. All this may seem rather simple. However, there was one problem; the client had some data in the newly installed WordPress that they intended to keep.

Challenges

The main problem was that the schema for the database and that of WordPress are very different in infrastructure. The following issues arose in an effort to deal with the problem:

IRS Scam: 5,000 victims cheated out of $26.5 million since 2013

The Internal Revenue Service says that aggressive and threatening phone calls by criminals impersonating IRS agents continues to plague taxpayers.The Treasury Inspector General for Tax Administration in January said it has received reports of roughly 896,000 contacts since October 2013 and have become aware of over 5,000 victims who have collectively paid over $26.5 million as a result of the scam.+More on Network World: CIA details agency’s new digital and cyber espionage focus+“The phone fraud scam has become an epidemic, robbing taxpayers of millions of dollars of their money,” said J. Russell George, the Treasury Inspector General for Tax Administration in a statement. “We are making progress in our investigation of this scam, resulting in the successful prosecution of some individuals associated with it over the past year.”To read this article in full or to leave a comment, please click here

Advanced VMware NSX Security Services with Check Point vSEC

VMware NSX provides an integrated Distributed Firewall (DFW), which offers L2-L4 security at the vNIC level and protects East-West traffic, and an Edge Firewall provided by the Edge Services Gateway (ESG), which offers L2-L4 security at the edge and protects North-South traffic in and out of the Software Defined Data Center (SDDC).

Figure 1: VMware NSX DFW and Edge Firewall Logical Design Example

Figure 1: VMware NSX DFW and Edge Firewall Logical Design Example

The DFW is a kernel-level module and allows for enhanced segmentation and security across a virtualized environment. DFW enables a distributed security architecture allowing for micro-segmentation.

In addition to the DFW and ESG Firewall, there are many third party integrations with well-known security partners such as Check Point and Palo Alto Networks. In this blog, we’ll focus on the Check Point vSEC solution for NSX. For a complete list of security partner solutions and more information, see the supported NSX third party security products on the VMware NSX Technical Partners Webpage.

For this blog, the following VMware and Check Point components and corresponding versions are used:

  • VMware vSphere 5.5
  • VMware vCenter 5.5
  • VMware NSX 6.1.4
  • Check Point Management Server R77.30
  • Check Point SmartConsole R77.30
  • Check Point vSEC Controller R77.30
  • Check Point Continue reading

Netanyahu: “I want Israel to become a cyber power”

EDITOR’S NOTE: Israel has a long tradition of delivering security products for enterprise IT, dating back to Check Point introducing the first firewall 20 years ago. Today, Israel exports $6 billion in cyber technology and accounts for a fifth of the world’s private investment in cyber. Network World’s David Strom attended last week’s CyberTech 2016 conference in Tel Aviv and filed this report.TEL AVIV, ISRAEL -- It isn’t often that a speech from a head of state at a tech conference is relevant to IT security managers, but Prime Minister Benjamin Netanyahu’s address at last week’s third annual CyberTech 2016 focused on where the Israeli government and its IT security industry are heading.To read this article in full or to leave a comment, please click here(Insider Story)

Worth Reading: The Challenges of IPv6 and DNSSEC

The purpose of this post is to share feedback, in the form of an analogical exercise, on the respective careers of IPv6 and DNSSEC and the challenges facing both technologies. I have decided to focus on the similitudes between IPv6 and DNSSEC rather than dwell on what separates them, especially as both technologies are derived from functional / protocol layers that are fundamentally different. -via circleid

The post Worth Reading: The Challenges of IPv6 and DNSSEC appeared first on 'net work.

Announcing Docker Birthday #3

Back in March 2013, Docker’s CTO and Founder, Solomon Hykes introduced Docker publicly for the first time during a lightning talk at PyCon. Three years later the Docker project has significantly matured to become the open platform of choice for building, shipping and running distributed applications in … Continued

Socat vulnerability shows that crypto backdoors can be hard to spot

Developers of the Socat networking tool have fixed a cryptographic flaw that left communications open to eavesdropping for over a year. The error is so serious that members of the security community believe it could be an intentional backdoor.Socat is a more complex and feature-rich reimplementation of netcat, a cross-platform networking service that can establish outbound and inbound connections on different ports and protocols. It is also a popular tool for network debugging.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords Socat can create encrypted connections using the Diffie-Hellman (DH) key exchange mechanism, which fundamentally relies on a prime number to derive the shared secrets for key exchanges. It turns out that the 1024-bit DH parameter used by Socat was not actually a prime number.To read this article in full or to leave a comment, please click here

Security ‘net 0x1339ECB: Who let the malware out?

According to ScadaFence, as quoted by Computer Weekly, industrial control systems are up next on hacker’s lists as a prime malware target. Apparently, they’ve grown tired of just defacing web sites and the like, and are moving to hard targets in meat space. What kind of damage could they do? Well, consider this attack, by way of Bruce Schneier:

We’re heading toward a world where driverless cars will automatically communicate with each other and the roads, automatically taking us where we need to go safely and efficiently. The confidentiality threats are real: Someone who can eavesdrop on those communications can learn where the cars are going and maybe who is inside them. But the integrity threats are much worse. Someone who can feed the cars false information can potentially cause them to crash into each other or nearby walls. Someone could also disable your car so it can’t start. Or worse, disable the entire system so that no one’s car can start.

Bruce Schneier moves the needle a little farther, discussing the current security model of confidentiality, integrity, and availability, and how it won’t work in the world that we’re building. Instead, he argues that it’s time to rethink our Continue reading

Arista just lost a patent round against Cisco and could face an import ban

Cisco Systems has won the latest round against Arista Networks at a U.S. trade agency that could block importation of Arista products. Arista violated three Cisco patents on networking technologies, Administrative Law Judge David Shaw of the U.S. International Trade Commission ruled on Tuesday. If the full Commission confirms that finding, the ruling could be bad news for Arista, a growing player in data-center networking.MORE ON NETWORK WORLD: 15 more useful Cisco sites Cisco sued Arista in December 2014, alleging the Silicon Valley startup violated 14 patents in its Arista EOS operating system. The legal battle continues, heading toward two possible trials in federal court as well as continuing activity at the ITC. In a blog post Tuesday, Cisco General Counsel Mark Chandler said a ruling in a second ITC investigation is expected in April.To read this article in full or to leave a comment, please click here

1 3,121 3,122 3,123 3,124 3,125 3,808