Faux phishing scheme shows how hacks unfold

Many CIOs have implemented software that dupes employees into clicking on links and attachments that simulate phishing scams, an increasingly common educational tool to warn workers about the dangers of suspicious email messages. Security software maker Bitglass has reversed the shenanigans by leaking faked Google Apps credentials on the Dark Web, a hacker's playground for trafficking in stolen data. Then it tracked the activity, watching the many ways in which hackers wreaked havoc with supposed stolen online identities. Rich Campagna, vice president of products and marketing at Bitglass,To read this article in full or to leave a comment, please click here

Emerging Networking Technologies You Must Know

In this episode of Network Matters with Ethan Banks, learn about the two major trends happening in network technology that are bound to affect your business. Ethan discusses network disaggregation and converged technology stacks, what they are, and why you need to know about them.

Ethan is the co-host of the Future of Networking Summit at Interop Las Vegas. Learn more about the conference program or register for Interop, May 2-6 in Las Vegas.

Yahoo heads in new research direction

The latest move in the topsy-turvy world of Yahoo is to ditch its Labs organization and squeeze its researchers into its product teams to help bring new ideas to market more quickly.Yahoo VP of Research Yoelle Maarek spun the development this way in a blog post this week: Recently we announced our efforts to make Yahoo a more focused company. This focus will let us accelerate the pace of innovation to make our products even better. We saw these changes as an opportunity to better align our research efforts, while preserving Yahoo’s culture of exploration and inquiry. As a result, we are reorganizing Yahoo Labs and moving forward with a new approach to research at Yahoo.To read this article in full or to leave a comment, please click here

Hard-coded password exposes up to 46,000 video surveillance DVRs to hacking

Up to 46,000 Internet-accessible digital video recorders (DVRs) that are used to monitor and record video streams from surveillance cameras in homes and businesses can easily be taken over by hackers.According to security researchers from vulnerability intelligence firm Risk Based Security (RBS), all the devices share the same basic vulnerability: They accept a hard-coded, unchangeable password for the highest-privileged user in their software -- the root account.Using hard-coded passwords and hidden support accounts was a common practice a decade ago, when security did not play a large role in product design and development. That mentality has changed in recent years and many vendors, including large networking and security appliance makers, are frequently issuing firmware updates to fix such basic flaws when they are discovered by internal and external security audits.To read this article in full or to leave a comment, please click here

Hard-coded password exposes up to 46,000 video surveillance DVRs to hacking

Up to 46,000 Internet-accessible digital video recorders (DVRs) that are used to monitor and record video streams from surveillance cameras in homes and businesses can easily be taken over by hackers.According to security researchers from vulnerability intelligence firm Risk Based Security (RBS), all the devices share the same basic vulnerability: They accept a hard-coded, unchangeable password for the highest-privileged user in their software -- the root account.Using hard-coded passwords and hidden support accounts was a common practice a decade ago, when security did not play a large role in product design and development. That mentality has changed in recent years and many vendors, including large networking and security appliance makers, are frequently issuing firmware updates to fix such basic flaws when they are discovered by internal and external security audits.To read this article in full or to leave a comment, please click here

Building nginx and Tarantool based services

Are you familiar with this architecture? A bunch of daemons are dancing between a web-server, cache and storage.

What are the cons of such architecture? While working with it we come across a number of questions: which language (-s) should we use? Which I/O framework to choose? How to synchronize cache and storage? Lots of infrastructure issues. And why should we solve the infrastructure issues when we need to solve a task? Sure, we can say that we like some X and Y technologies and treat these cons as ideological. But we can’t ignore the fact that the data is located some distance away from the code (see the picture above), which adds latency that could decrease RPS.

The main idea of this article is to describe an alternative, built on nginx as a web-server, load balancer and Tarantool as app server, cache, storage.

Improving cache and storage

Worth Reading: Leave Your Gas Can at Home

There seems to be a trend in IT, where everyone likes to play follow the leader. Everyone uses the same vendor for the same things, and they try to use the same cookie cutter pattern. If you have any decent exposure to various organizations, you’ll know that’s just not the case. Trying to shove a square peg in a round hole, never works out well. -via Packet Pushers

The post Worth Reading: Leave Your Gas Can at Home appeared first on 'net work.

Want to sell your brand to a developer? Laptop stickers could be yet another way!

© Arun Sriraman
A sign of pride and fun for some but chaos for others; laptop stickers as I recently figured out is yet another way of marketing and branding. I'm sure a lot of people have wondered why a company gives away goodies in conferences and exhibitions. It's for direct+indirect marketing. When you see people walking around wearing a company printed T-Shirt or a cap, that company reaches people it never spoke to directly. It can be thought about as "flooding" in networking terms.

If its known that stickers are a marketing technique, why would someone want to mutilate their laptop with them?

Good question indeed.  I have seen people fret at the sight of my laptop and come at me with the expression of - "Oh my god! What has he done to the poor laptop".. The picture you see above is my work laptop. I like stickers and I put them on my laptop because I agree with a product or the company that makes a product and would want to share this with others (i.m.o. it also makes it look cool).

Laptop stickers though a smaller marketing channel, are nevertheless effective. Continue reading

A case for cloud privacy brokerage

There is Software-as-a-Service, Disaster Recover-as-a-Service, SECurity-as-a-Service. What's currently missing, and the crux of much cloud-profiting malaise, is PRiVacy-as-a-Service.Cloud Access Security Broker (CASB) software, something that's in the lab right now, does a great job of things like infiltration/exfiltration (read: filtration) of organizational data from SaaS applications. Some do some wicked things as proxies for user apps. The idea is to help keep users honest and prevent organizational assets from jeopardy.But when we-as-civilians do everyday surfing, answering emails and going about our business on the Internet, we're protected at the firewall level as users. Perhaps it's Malwarebytes, or a myiad of client-side security packages. And we admonish people to NEVER open spam, as spam often delivers unbelievably nasty systems attack code, disguised as benign attachments.To read this article in full or to leave a comment, please click here

Will Cisco Shine On?

Digital Lights

Cisco announced their new Digital Ceiling initiative today at Cisco Live Berlin. Here’s the marketing part:

And here’s the breakdown of protocols and stuff:

Funny enough, here’s a presentation from just three weeks ago at Networking Field Day 11 on a very similar subject:

Cisco is moving into Internet of Things (IoT) big time. They have at least learned that the consumer side of IoT isn’t a fun space to play in. With the growth of cloud connectivity and other things on that side of the market, Cisco knows that is an uphill battle not worth fighting. Seems they’ve learned from Linksys and Flip Video. Instead, they are tracking the industrial side of the house. That means trying to break into some networks that are very well put together today, even if they aren’t exactly Internet-enabled.

Digital Ceiling isn’t just about the PoE lighting that was announced today. It’s a framework that allows all other kinds of dumb devices to be configured and attached to networks that have intelligence built in. The Constrained Application Protocol (CoaP) is designed in such a way as to provide data about a great number of devices, not just lights. Yet lights are the launch Continue reading

Junos Conditional Route Advertisement

University network borders tend to be more complicated than those in similarly sized corporate organizations. I recently helped a peer from another university transition from IOS to Junos for border routing. While most of the configuration was straightforward, he required a unique  conditional routing policy. Since I’ve been working with Junos for many years (starting […]

The post Junos Conditional Route Advertisement appeared first on Packet Pushers.

Junos Conditional Route Advertisement

University network borders tend to be more complicated than those in similarly sized corporate organizations. I recently helped a peer from another university transition from IOS to Junos for border routing. While most of the configuration was straightforward, he required a unique  conditional routing policy. Since I’ve been working with Junos for many years (starting […]

The post Junos Conditional Route Advertisement appeared first on Packet Pushers.

1 3,133 3,134 3,135 3,136 3,137 3,840