Dridex banking malware adds a new trick

Dridex, the banking malware that won't go away, has been improved upon once again.IBM's X-Force researchers have found that the latest version of Dridex uses a DNS (Domain Name System) trick to direct victims to fake banking websites.The technique, known as DNS cache poisoning, involves changing DNS settings to direct someone asking for a legitimate banking website to a fake site.DNS cache poisoning is a powerful attack. Even if a person types in the correct domain name for a bank, the fake website is still shown in the browser."By keeping the victim away from the bank’s site, the fraudster can deceive them into divulging critical authentication codes without the bank knowing that the customer’s session has been compromised," wrote Limor Kessem, a cybersecurity expert with IBM's Trusteer division, in a blog post on Tuesday.To read this article in full or to leave a comment, please click here

Enter the ring: Engineering Deathmatch!!

  What happens when you combine the old celebrity deathmatch meets Cisco networking? Well, you get Engineering Deathmatch! Two engineers enter the console and only one gets out! (You’ve seen Tron right!!?) Well….. it’s almost that dramatic. Have you ever wanted to go head to head against a fellow engineer, put your wits to the […]

We’re Hosting a Go Hackathon!

CloudFlare is excited to partner with Women Who Go to host Gopher Gala—the first distributed Go(lang) hackathon—in our San Francisco office!

Go CloudFlare!

Gopher Gala is a chance to showcase your skills and compete against the best Go developers from around the world.

While the hackathon is distributed globally, CloudFlare is welcoming teams to use our new office space in SOMA this Saturday and Sunday from 9am-5pm. There will be food, drinks, and plenty of space to spread out and work with your teammates. Some of CloudFlare’s top Go developers will be participating as well.

If you’d like to sign up for the event, you can do so here: http://www.meetup.com/Women-Who-Go/events/227017435/

So, come join Women Who Go and CloudFlare and build something in a weekend:

When January 23rd: 9am-5pm
January 24th: 9am-5pm

Where CloudFlare Headquarters
101 Townsend Street
San Francisco, CA 94107

(Registration is required)

Oracle issues record number of patches

Oracle admins will be busy: The company issued 248 patches on Tuesday, its largest-ever release, according to one security vendor.Five of the vulnerabilities have the highest severity rating according to the Common Vulnerability Scoring System (CVSS), wrote ERPScan, a security company that specializes in SAP and Oracle systems.Most of those vulnerabilities related to Java SE, Oracles's platform for running Java applications on servers and desktops.In a long advisory, Oracle recommended that admins patch immediately.To read this article in full or to leave a comment, please click here

British voice encryption protocol has massive weakness, researcher says

A protocol designed and promoted by the British government for encrypting voice calls has a by-design weakness built into it that could allow for mass surveillance, according to a University College London researcher.Steven Murdoch, who works in the university's Information Security Research Group, analyzed a protocol developed by CESG, which is part of the spy agency GCHQ.The MIKEY-SAKKE (Multimedia Internet KEYing-Sakai-KasaharaKey Encryption) protocol calls for a master decryption key to be held by a service provider, he wrote in an analysis published Tuesday.To read this article in full or to leave a comment, please click here

Advocacy group calls on health-care industry to adopt medical device security principles

Advocacy group I Am the Cavalry is urging organizations that manufacture and distribute medical devices to adopt a cybersecurity version of the Hippocratic Oath.The group, which advocates for better security in life-impacting computers like those used in modern cars, medical devices or critical infrastructure, has published an open letter to the health-care industry, calling for a commitment to five principles when creating, using and maintaining medical devices.Those principles are security by design, collaboration with security researchers, ensuring that evidence of potential failures is captured and preserved for later analysis, safeguarding critical elements under the assumption that they'll operate in adverse conditions and providing easy-to-install security updates.To read this article in full or to leave a comment, please click here

The 4 kinds of cybersecurity customers

Depending upon whom you believe, there are roughly 800 to 1200 companies selling cybersecurity products and services to end customers. Yes, the cybersecurity market is forecast to be around $70 billion this year, but that’s still a lot of vendors.Now, there are point product specialists, managed services firms, and enterprise security vendors all competing for the same dollars. So how can any company stand out from the crowd? In my opinion, each security vendor must determine where its products and service fit among four distinct buyer types: Security-centric buyers. This traditional security buyer evaluates and purchases security products and services based upon discrete needs and budgets. As such, security-centric buyers tend to look for best-of-breed products from vendors with strong cybersecurity experience. Startups with strong cybersecurity chops are welcome to this club but purchasers also maintain a “rip-and-replace” mentality rather than any type of long-term allegiance. Vendors like Bit9 + Carbon Black, Cylance, Check Point, FireEye, Fortinet, Palo Alto Networks, Symantec, and Trend Micro come to mind here. Note that security-centric buyers will have some role to play in EVERY cybersecurity product and services deal. IT infrastructure-centric buyer. In most cases, IT infrastructure vendors extend their reach into security Continue reading

IDG Contributor Network: First light-based chip could signal revolution for fiber networks

Researchers have combined transistors and photonics in a fabricated chip for the first time. The photonics act as inputs and outputs (I/O) and let the microprocessor talk to other chips. That light-based technology could be faster and more bandwidth-friendly than wires.The new chip is revolutionary because the photonics I/O have been made into part of the chip for the first time in a manufacturing scenario, scientists from the University of California Berkeley and the University of Colorado wrote in a letter published in Nature.Photonics is the technology behind the detection of photons, or particles of light. It's the principal building block for fiber-optic transmission of data.To read this article in full or to leave a comment, please click here

Two network video cameras raise the bar for home security

With the Internet of Things really starting to take off now, especially in the home security / video camera space, I recently had a chance to try out two devices aimed at making your home more secure through motion detection, alerts and audio communications.The scoop: Canary home security video camera, $199 (or a two-pack for $379), by CanaryWhat is it? Here’s another network-connected video camera that you can use to monitor your home for security-related purposes, such as looking for intruders, or non-security purposes, such as watching to see if your dog is jumping on the furniture, or a “babycam” to see if your child is sleeping or awake. The cylindrical device connects via wired ethernet to a home router, or you can use a Wi-Fi network (802.11a/b/g/n). Monitoring of the camera is done via mobile app (Android or iOS supported).To read this article in full or to leave a comment, please click here

IDG Contributor Network: First light-based chip could signal revolution for fiber networks

Researchers have combined transistors and photonics in a fabricated chip for the first time. The photonics act as inputs and outputs (I/O) and let the microprocessor talk to other chips. That light-based technology could be faster and more bandwidth-friendly than wires.The new chip is revolutionary because the photonics I/O have been made into part of the chip for the first time in a manufacturing scenario, scientists from the University of California Berkeley and the University of Colorado wrote in a letter published in Nature.Photonics is the technology behind the detection of photons, or particles of light. It's the principal building block for fiber-optic transmission of data.To read this article in full or to leave a comment, please click here

The Internet of Very Cold Things: Sigfox extends its low-power radio network to Antarctica

Sigfox, operator of a low-power, wide-area radio network for the Internet of Things, expects to be connecting objects on every continent by year-end, and has just checked off the most challenging of those: Antarctica.The company's first base station in the southern hemisphere could be a little further south, but not by much: It's at Belgium's Princess Elisabeth Antarctica Research Station, 200 kilometers in from the Antarctic coast, at an altitude of 1,382 meters.In Antarctica, Sigfox is far from offering the coast-to-coast coverage its networks in France, Spain and Portugal provide: The Princess Elisabeth antenna has a range of about 50 kilometers, which means it would take over a hundred similar transmitters to cover the Antarctic coast, and over a thousand of them to cover the entire landmass -- and that's without worrying about how they would all be installed, maintained and powered. To read this article in full or to leave a comment, please click here

Authentication startup brings on ‘Catch Me If You Can’ ID thief as adviser

Authentication/identity-protection startup Trusona has enlisted the help of former identity thief Frank Abagnale -- the subject of the movie “Catch Me if You Can” -- to advise as it prepares to market what it claims to be an unbreakable cloud platform to make sure imposters don’t login. Wikimedia Frank Abagnale Abagnale, now a security consultant, has helped out Trusona’s founder and CEO Ori Eisen before with his previous venture, ad-tracking and fraud prevention firm 41st Parameter, which was bought by Experian in 2013.To read this article in full or to leave a comment, please click here

Yet Another Blog About Segment Routing, Part3: SR-TE

In the last blog we looked at PCE for centralized path-computation and PCEP as a communication protocol between PCE and PCC.We also looked at brief demo of PCE sending ERO’s (IP or SR Node labels) to the PCC(Head end). In this Blog post we will particularly try to focus at Traffic Engineering (SR-TE) aspects of […]

The post Yet Another Blog About Segment Routing, Part3: SR-TE appeared first on Packet Pushers.

Yet Another Blog About Segment Routing, Part3: SR-TE

In the last blog we looked at PCE for centralized path-computation and PCEP as a communication protocol between PCE and PCC.We also looked at brief demo of PCE sending ERO’s (IP or SR Node labels) to the PCC(Head end). In this Blog post we will particularly try to focus at Traffic Engineering (SR-TE) aspects of […]

The post Yet Another Blog About Segment Routing, Part3: SR-TE appeared first on Packet Pushers.

Go coverage with external tests

The Go test coverage implementation is quite ingenious: when asked to, the Go compiler will preprocess the source so that when each code portion is executed a bit is set in a coverage bitmap. This is integrated in the go test tool: go test -cover enables it and -coverprofile= allows you to write a profile to then inspect with go tool cover.

This makes it very easy to get unit test coverage, but there's no simple way to get coverage data for tests that you run against the main version of your program, like end-to-end tests.

The proper fix would involve adding -cover preprocessing support to go build, and exposing the coverage profile maybe as a runtime/pprof.Profile, but as of Go 1.6 there’s no such support. Here instead is a hack we've been using for a while in the test suite of RRDNS, our custom Go DNS server.

We create a dummy test that executes main(), we put it behind a build tag, compile a binary with go test -c -cover and then run only that test instead of running the regular binary.

Here's what the rrdns_test.go file looks like:

// +build  Continue reading
1 3,131 3,132 3,133 3,134 3,135 3,795