Belgian government phishing test goes off-track

An IT security drill went off the tracks in Belgium, prompting a regional government office to apologize to European high-speed train operator Thalys for involving it without warning.Belgium’s Flemish regional government sent a mock phishing email to about 20,000 of its employees to see how they would react.SLAPPED! Tech industry's biggest FINE$ of 2015The email purported to be a booking confirmation from Thalys for a trip from Brussels to Paris, including a stay in a fancy hotel. The cost—almost €20,000 (about US$22,000)—would be charged to the recipient’s credit card unless the person cancelled within three days, the email said. To cancel the trip, the email instructed recipients to send their credit card information to Thalys, Belgian media reported.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Druva aims to deliver complete data protection and compliance for the enterprise

With a product announcement this week, data protection company Druva aims to give enterprises assistance with managing the sometimes-conflicting aims of leveraging new technology for greater efficiency, while still remaining safe and secure in terms of data protection. So what has Druva got in the pipeline now?Utilized by more than 3,000 organizations around the world and protecting data on a reported 3 million devices, Druva is all about data protection for the mobile workforce. What that means is that Druva takes care of backup and availability of data, alongside broad governance. Druva's product aims to ensure that specific data remains within the confines of your organization, while other data can be shared externally. Druva then sits in two camps - both the data backup and recovery space and the endpoint security space. These two worlds are increasingly coming together, and Druva is an example of this trend.To read this article in full or to leave a comment, please click here

Plexxi Named A CRN 2015 Emerging Vendor

This week, Plexxi has been named to CRN’s 2015 Emerging Vendors List. The annual list features up-and-coming technology vendors that have introduced innovative new products that generate opportunities for their channel partners to create high-margin, cutting-edge solutions for their customers. This year’s vendors recognized have demonstrated a commitment to developing new technologies to satisfy the shifting IT market and to meet growing industry demands.

Plexxi partners like CloudGov Technologies have been a huge part of the company’s growth and success. Why? Because we have a simple formula: great products, aimed at a game changing opportunity brought to market by partners that are looking to carve a new path in the market.

In addition to today’s Emerging Vendors list, CRN reporter Mark Haranas recently included Plexxi in his list of the “The 10 Coolest Networking Startups Of 2015” on the heels of the launch of our new network switch series. Our CEO, Rich Napolitano spoke exclusively with Haranas just last week about the new Switch 2 Series and his predictions for the next era of IT.

“We are entering the next great era of IT which will transform the datacenter as we know it. We envision an entirely Continue reading

Bug exposes OpenSSH servers to brute-force password guessing attacks

A bug in OpenSSH, the most popular software for secure remote access to UNIX-based systems, could allow attackers to bypass authentication retry restrictions and execute many password guesses.A security researcher who uses the online alias Kingcope disclosed the issue on his blog last week, but he only requested a public vulnerability ID to be assigned Tuesday.By default, OpenSSH servers allow six authentication retries before closing a connection and the OpenSSH client allows three incorrect password entries, Kingcope said.To read this article in full or to leave a comment, please click here

The Importance of BGP NEXT_HOP in L3VPNs

In an MPLS network with L3VPNs, it’s very easy for the NEXT_HOP attribute of a VPN route to look absolutely correct but be very wrong at the same time. In a vanilla IP network, the NEXT_HOP can point to any IP address that gets the packets moving in the right direction towards the ultimate destination. In an MPLS network, the NEXT_HOP must get the packets moving in the right direction but it must also point to the exact right address in order for traffic to successfully reach the destination.

The reason it has to be exact is because IOS only assigns MPLS labels to the next hop address and not to each individual VPN route. So when an ingress PE needs to forward a packet from a CE across the MPLS network, the PE finds the label associated with the NEXT_HOP address and uses that as the outer label to get the packet to the egress PE.

Since each NEXT_HOP has a different label, that means each NEXT_HOP is reachable through a different Label Switched Path (LSP). Different LSPs can, and likely will, forward traffic differently through the network.

An MPLS label identifies a Forwarding Equivalence Class (FEC). A FEC is Continue reading

EFF: Modify DMCA to protect independent research into car hacking

Car owners – in other words, almost everyone – were buzzing in a bad way yesterday about a report in Wired that showed two security experts demonstrating the ability to remotely commandeer and control a Jeep that was traveling on a highway.It was harrowing just to read about this sophisticated hack, never mind imagining the reality of finding oneself in such a situation.Whether coincidental or not, lawmakers are responding with calls to hold the auto industry to task.To read this article in full or to leave a comment, please click here

Saving the Web, Saving Community (Heavy Topic Warning)

Is the ‘web losing it’s populist (and/or democratic) spirit? Hossein Derakhshan, at least, thinks so. he argues that the ‘web is dying because the hyperlink is dying —

The hyperlink was my currency six years ago. Stemming from the idea of the hypertext, the hyperlink provided a diversity and decentralisation that the real world lacked. The hyperlink represented the open, interconnected spirit of the world wide web… Blogs gave form to that spirit of decentralization: They were windows into lives you’d rarely know much about; bridges that connected different lives to each other and thereby changed them. Blogs were cafes where people exchanged diverse ideas on any and every topic you could possibly be interested in. … Since I got out of jail, though, I’ve realized how much the hyperlink has been devalued, almost made obsolete.

Much could be made of the argument that Hossein is just feeling the effects of being disconnected for six years. After being put in prison as a political dissident six years ago, he reappears on the scene only to find out the world has moved on without him. There are several points in his article that might indicate this — that he felt like Continue reading

Senators propose bill to tighten vehicle security, privacy standards

Two U.S. senators today filed a bill that would require the federal government to establish standards to ensure automakers secure a driver against vehicle cyber attacks. The Security and Privacy in Your Car (SPY Car) Act, filed by Sens. Edward Markey (D-Mass.) and Richard Blumenthal (D-Conn.), also establishes a rating system — or "cyber dashboard"— that informs consumers about how well the vehicle protects drivers' security and privacy beyond the proposed federal minimum standards. "Drivers shouldn't have to choose between being connected and being protected," Sen. Markey said in a statement. "We need clear rules of the road that protect cars from hackers and American families from data trackers. This legislation will set minimum standards and transparency rules to protect the data, security and privacy of drivers in the modern age of increasingly connected vehicles."To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Wednesday, July 22

Carmakers emerge winners in the bidding for Nokia HereNokia’s much-sought-after mapping assets, called Here, have apparently been won by a coalition of carmakers. Audi, BMW and Daimler will jointly purchase Nokia’s Here digital mapping service for roughly $2.7 billion, and they plan to invite other auto makers to take a stake in the company as well, multiple reports said on Tuesday. Uber reportedly dropped out of the bidding several weeks ago.Senators propose bill to establish cyber security standard for carsTo read this article in full or to leave a comment, please click here

Online ad industry tries to stamp out click fraud

The online advertising industry is marshaling a fresh effort to fight click fraud, which steals money from advertisers and undermines faith in online campaigns.The latest effort is focused on automated traffic caused by bots from within data centers that is intended to trigger ad impressions, according to the Trustworthy Accountability Group (TAG), an industry body.TAG is going to initially use a blacklist maintained by Google that lists suspicious IP addresses of computers in data centers that may be trying to replicate human clicks on advertisements. Ad-focused technology companies, including Facebook and Yahoo, will also contribute.To read this article in full or to leave a comment, please click here

White box Internet router PoC

SDN router using merchant silicon top of rack switch describes how the performance of a software Internet router could be accelerated using the hardware routing capabilities of a commodity switch. This article describes a proof of concept demonstration using Linux virtual machines and a bare metal switch running Cumulus Linux.
The diagram shows the demo setup, providing inter-domain routing between Peer 1 and Peer 2. The Peers are directly connected to the Hardware Switch and ingress packets are routed by the default (0.0.0.0/0) route to the Software Router. The Software Router learns the full set of routes from the Peers using BGP and forwards the packet to the correct next hop router. The packet is then switched to the selected peer router via bridge br_xen.

The following traceroute run on Peer 1 shows the set of router hops from 192.168.250.1 to 192.168.251.1
[root@peer1 ~]# traceroute -s 192.168.250.1 192.168.251.1
traceroute to 192.168.251.1 (192.168.251.1), 30 hops max, 40 byte packets
 1  192.168.152.2 (192.168.152.2)  3.090 ms  3.014 ms  2.927 ms
 2  192.168. Continue reading

AT&T’s acquisition of DirecTV appears headed for approval with conditions

AT&T’s acquisition of DirecTV appears headed for approval, with Tom Wheeler, chairman of the Federal Communications Commission circulating to commissioners an order recommending approval, although with some conditions.The Department of Justice’s Antitrust Division also announced Tuesday that it will close its investigation into the around US$48 billion deal.Assistant Attorney General Bill Baer of the Antitrust Division said in a statement that the division had concluded that the combination of AT&T’s land-based Internet and video business with DirecTV’s satellite-based video business does not pose a significant risk to competition.To read this article in full or to leave a comment, please click here

AT&T’s acquisition of DirecTV appears headed for approval with conditions

AT&T’s acquisition of DirecTV appears headed for approval, with Tom Wheeler, chairman of the Federal Communications Commission circulating to commissioners an order recommending approval, although with some conditions.The Department of Justice’s Antitrust Division also announced Tuesday that it will close its investigation into the around US$48 billion deal.Assistant Attorney General Bill Baer of the Antitrust Division said in a statement that the division had concluded that the combination of AT&T’s land-based Internet and video business with DirecTV’s satellite-based video business does not pose a significant risk to competition.To read this article in full or to leave a comment, please click here

New York judge rules against Facebook in search warrant case

A New York judge ruled Tuesday that Facebook has no legal standing to challenge the constitutionality of search warrants served on its users, highlighting the limits to online companies’ abilities to protect user privacy.Last year, Facebook appealed a court decision requiring it to hand over data, including photos and private messages, relating to 381 user accounts. The data was sought as part of an investigation by the New York County District Attorney’s office into a disability fraud case.Other companies including Google and Microsoft filed briefs supporting Facebook’s move, as well as the American Civil Liberties Union.To read this article in full or to leave a comment, please click here

The Importance of BGP NEXT_HOP in L3VPNs

In an MPLS network with L3VPNs, it's very easy for the NEXT_HOP attribute of a VPN route to look absolutely correct but be very wrong at the same time. In a vanilla IP network, the NEXT_HOP can point to any IP address that gets the packets moving in the right direction towards the ultimate destination. In an MPLS network, the NEXT_HOP must get the packets moving in the right direction but it must also point to the exact right address in order for traffic to successfully reach the destination.

Five arrested in JPMorgan hacking case

U.S law enforcement officials have arrested five individuals who reportedly were involved in the high-profile 2014 computer hacking of JPMorgan.Three of the individuals were arrested for stock manipulation while the other two were arrested for running an illegal Bitcoin exchange, according to the FBI.To read this article in full or to leave a comment, please click here

1 3,160 3,161 3,162 3,163 3,164 3,613