Cisco disrupts another exploit kit

Cisco has disrupted another exploit kit that was emanating from Russian service providers. The company’s Talos security operation said it blacklisted several Class C subnets from provider Eurobyte that were serving the RIG exploit kit or scored negatively in web reputation. RIG is an exploit kit that delivers malicious payloads to unsuspecting users. It redirects users to a landing page and the delivers the exploit payload – in this case, spambot variants -- via a GET request, according to this Talos blog post.To read this article in full or to leave a comment, please click here

Sample Internet usage policy

This Internet usage policy from a manufacturing company with fewer than 50 employees establishes the company's ownership of data transmitted over its computer systems, establishes the right to monitor, and ofifers examples of activities that violate the policy.You are free to use or adapt this sample policy, which was contributed by the security community, for use in your own organization (but not for re-publication or for-profit use).Want to provide a policy or checklist? Contributions are welcome, as is expert commentary. Send your thoughts to Amy Bennett ([email protected]). Internet Usage Policy COMPANY may provide you with Internet access to help you do your job. This policy explains our guidelines for using the Internet.To read this article in full or to leave a comment, please click here(Insider Story)

Sample password protection policy

This password policy from a large financial services institution with more than 5,000 employees covers standards for creation of strong passwords, the protection of those passwords, and the frequency of change. You are free to use or adapt this sample policy, which was contributed by the security community, for use in your own organization (but not for re-publication or for-profit use). Want to provide a policy or checklist? Contributions are welcome, as is expert commentary. Send your thoughts to Amy Bennett ([email protected]). Overview Passwords are an integral aspect of our computer security program. Passwords are the front line of protection for user accounts. A poorly chosen password may result in the compromise of critical (organization) resources. As such, all (organization) staff and outside contractors and vendors with access to our systems are responsible for taking the appropriate steps, as outlined below, to select and secure their passwords.To read this article in full or to leave a comment, please click here(Insider Story)

Unlike Mozilla, Google anticipated SHA-1 errors caused by HTTPS traffic inspection systems

Earlier this week, Mozilla was forced to backpedal on banning new SHA-1 digital certificates because the move completely cut off some Firefox users from the encrypted Web. It appears that Google saw the problem coming.Instead of banning all digital certificates signed with SHA-1 and issued after Jan. 1, Google plans to only "untrust" those that originate from public certificate authorities.This decision takes into account that some companies might still use self-generated SHA-1 certificates internally on their networks, or that some antivirus programs and security devices will continue to generate such certificates when inspecting HTTPS traffic.To read this article in full or to leave a comment, please click here

Intelligence agency wants computer scientists to develop brain-like computers

If you are a computer scientist and have any thoughts on developing human brain-like functions into a new wave of computers, the researchers at the Intelligence Advanced Research Projects Activity want to hear from you.IARPA, the radical research arm of the of the Office of the Director of National Intelligence this week said it was looking at two groups to help develop this new generation of computers: computer scientists with experience in designing or building computing systems that rely on the same or similar principles as those employed by the brain and neuroscientists who have credible ideas for how neural computing can offer practical benefits for next-generation computers.To read this article in full or to leave a comment, please click here

DDoS attack on BBC may have been biggest in history

Last week's distributed denial of service attack against the BBC website may have been the largest in history.A group calling itself New World Hacking said that the attack reached 602Gbps. If accurate, that would put it at almost twice the size of the previous record of 334Gbps, recorded by Arbor Networks last year."Some of this information still needs to be confirmed," said Paul Nicholson, director of product marketing at A10 Networks, a security vendor that helps protect companies against DDoS attacks."If it's proven, it would be the largest attack on record. But it depends on whether it's actually confirmed, because it's still a relatively recent attack."To read this article in full or to leave a comment, please click here

Privacy, mobile broadband top tech priorities for FTC, FCC

The nation's top technology regulators provided a glimpse of the year to come this week at the Consumer Electronics Show in Las Vegas, offering a warning about privacy and an ambitious projection for a spectrum auction to boost mobile broadband capacity.Tom Wheeler and Edith Ramirez, the respective chairs of the Federal Communications Commission and Federal Trade Commission, sat for an on-stage interview with Gary Shapiro, head of the Consumer Technology Association, which puts on the annual tech gala.Privacy and consumer protection top FTC’s priority list Privacy and consumer-protection considerations remain at the forefront at the FTC, which has been probing the consumer implications of a variety of emerging technologies, including big data and the Internet of things.To read this article in full or to leave a comment, please click here

Court rules Shutterfly may have violated privacy by scanning face photos

A federal judge has has denied a motion to dismiss a civil case against photo-sharing site Shutterfly that claims the company violated users' privacy by collecting and scanning face geometries from uploaded images without consent.The first of its kind ruling could open the door to future class-action lawsuits against Shutterfly and other social networks that use facial recognition technology without an opt-in policy.The civil lawsuit, brought by the law firm Carey Rodriguez Milian Gonya LLP on behalf of Brian Norberg, alleges that Shutterfly violated the Illinois Biometric Privacy Act (BIPA) by collecting and scanning face geometry in photos uploaded on Shutterfly's website without the consent of those featured in the images.To read this article in full or to leave a comment, please click here

NSF puts $30M behind software bug killing, synthetic biology & computational sustainability

The National Science Foundation this week announced it is divvying up $30 million in funding among three multidisciplinary research projects designed to put advanced computing models to work on nixing software bugs, boosting synthetic biology and creating a more sustainable world.Researchers at Princeton University, Boston University and Cornell University will lead the Expeditions in Computing projects, which each get $10 million over 5 years. The NSF's Expeditions program has funded 19 projects to the tune of $190 million to date, with areas of focus ranging from robotics to the mobile Internet.To read this article in full or to leave a comment, please click here

Show 270: Design & Build 9: Automation With Python And Netmiko

This Design & Build episode explores simple network automation using Python and netmiko. These tools make it easy to write scripts that perform basic tasks quickly and gather and present information in an easily consumed format.

The post Show 270: Design & Build 9: Automation With Python And Netmiko appeared first on Packet Pushers.

Show 270: Design & Build 9: Automation With Python And Netmiko

This Design & Build episode explores simple network automation using Python and netmiko. These tools make it easy to write scripts that perform basic tasks quickly and gather and present information in an easily consumed format.

The post Show 270: Design & Build 9: Automation With Python And Netmiko appeared first on Packet Pushers.

Stop Being A Specialist

When I began my IT journey I had a guy that I worked with that had been in IT since the 90s. He told me that I needed to find my niche and stay there. He said if you know everything about one little part of the network, that they wouldn’t be able to get […]

The post Stop Being A Specialist appeared first on Packet Pushers.

Stop Being A Specialist

When I began my IT journey I had a guy that I worked with that had been in IT since the 90s. He told me that I needed to find my niche and stay there. He said if you know everything about one little part of the network, that they wouldn’t be able to get […]

The post Stop Being A Specialist appeared first on Packet Pushers.

Antivirus software could make your company more vulnerable

Imagine getting a call from your company's IT department telling you your workstation has been compromised and you should stop what you're doing immediately. You're stumped: You went through the company's security training and you're sure you didn't open any suspicious email attachments or click on any bad links; you know that your company has a solid patching policy and the software on your computer is up to date; you're also not the type of employee who visits non-work-related websites while on the job. So, how did this happen? A few days later, an unexpected answer comes down from the security firm that your company hired to investigate the incident: Hackers got in by exploiting a flaw in the corporate antivirus program installed on your computer, the same program that's supposed to protect it from attacks. And all it took was for attackers to send you an email message that you didn't even open.To read this article in full or to leave a comment, please click here

OSPF Forwarding Address Part III: The perfect recipe for chaos

After getting familiar with the FA, when it’s set and when not, we’re ready to cook the recipe for chaos: NSSAs, Default Route injection and Forwarding Address.

Probably a good disclaimer for this article is – I agree, usually there are other, more simple and straightforward solutions to doing what I did, but in cases where you know 3 solutions to a problem, and none can be applied, it’s good to have the 4^th one a click away.

Network Design

To begin with, the network design we’re going to be experimenting on today is not extremely common, but has a practical application though.

Configuration

I will start by not sharing the configuration files for this design, with a simple reason – Please lab it yourselves! You will have all sorts of things to gain from this, from typing rapidity, thinking the addressing scheme to troubleshooting your own mistakes. It’s not that big of a deal and it should not take you more than half an hour.

On a high level overview, everything you need to know is on the scheme. Nevertheless, here are the configuration principles:

• Each router has a loopback configured, to ease things when it comes to Continue reading

Stuff The Internet Says On Scalability For January 8th, 2016

Hey, it's HighScalability time:

Finally, a clear diagram of Amazon's industry impact. (MARK A. GARLICK)

• 150: # of globular clusters in the Milky Way; 800 million: Facebook Messenger users; 180,000: high-res images of the past; 1 exaflops: 1 million trillion floating-point operations per second; 10%: of Google's traffic is now IPv6; 100 milliseconds: time it takes to remember; 35: percent of all US Internet traffic used by Netflix; 125 million: hours of content delivered each day by Netflix's CDN;


• Quotable Quotes:
  • Erik DeBenedictis: We could build an exascale computer today, but we might need a nuclear reactor to power it
  • wstrange: What I really wish the cloud providers would do is reduce network egress costs. They seem insanely expensive when compared to dedicated servers.
  • rachellaw: What's fascinating is the bot-bandwagon is mirroring the early app market.
    With apps, you downloaded things to do things. With bots, you integrate them into things, so they'll do it for you. 
  • erichocean: The situation we're in today with RAM is pretty much the identical situation with the disks of Continue reading

Worth Reading: Micro Routers

Today, Weaveworks, via the release of Weave Net 1.4, is announcing that it is using that API to simplify connecting Docker containers together using “micro routers.” Rather than relying on a central database to keep track of which Docker containers are associated with one another, Weaveworks has created what amounts to a couple of megabytes of code, using the Go programming language, that can be embedded inside a container. -via it business edge

The post Worth Reading: Micro Routers appeared first on 'net work.

The “Cloud Builder” Awakens

I have traveled extensively over the final quarter of 2015, meeting with customers, prospects and partners. There is something about being on the road that gives clarity to business and as a result, it is clear in my mind that Information Technology is witnessing its greatest period of change. The Internet of Things, Cloud and Big Data are driving the massive growth of new applications and data. Rapid rates of application and data growth are forcing organizations to move away from legacy scale-up approaches to ones that provide seamless scale-out. Siloed and monolithic approaches to delivering storage, compute and network resources must be replaced by integrated and elastic infrastructure and services consumption models.

In support of these new consumption models, IT is being delivered as services delivered on-demand, leveraging cloud architectures. I am seeing the emergence of a new customer, whom I call the Cloud Builder or Cloud Architect. Due to the rapid growth and importance of this new role, I somewhat jokingly say, “the Cloud Builder has awoken.” This new role takes a different IT approach to meeting the needs of the business. The Cloud Builder looks at applications and data requirements from the perspective of business goals, Continue reading

IDG Contributor Network: Experts predict more cyber attacks on universities

Attacks on major state universities will continue in 2016, according to a non-profit cybersecurity readiness organization that specializes in the public sector. And the problem is exacerbated because some state or small governments don’t have ‘mature’ cybersecurity plans in place, so they can’t mitigate it. The vulnerability has been tagged by a cybersecurity readiness organization The Center for Internet Security (CIS). The prediction was quoted in Fedscoop, a government-oriented IT website.Intellectual property “The universities are home to an awful lot of valuable intellectual property, so a lot of the major research universities are prime targets for attackers,” said Thomas Duffy, chair of the Multi-State Information Sharing and Analysis Center (MS-ISAC) that's operated by CIS. He was quoted by Fedscoop, writing about threats for states and localities.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Experts predict more attacks on universities

Attacks on major state universities will continue in 2016, according to a non-profit cybersecurity readiness organization that specializes in the public sector. And the problem is exacerbated because some state or small governments don’t have ‘mature’ cybersecurity plans in place, so they can’t mitigate it. The vulnerability has been tagged by a cybersecurity readiness organization The Center for Internet Security (CIS). The prediction was quoted in Fedscoop, a government-oriented IT website.Intellectual property “The universities are home to an awful lot of valuable intellectual property, so a lot of the major research universities are prime targets for attackers,” said Thomas Duffy, chair of the Multi-State Information Sharing and Analysis Center (MS-ISAC) that's operated by CIS. He was quoted by Fedscoop, writing about threats for states and localities.To read this article in full or to leave a comment, please click here