Java-based Trojan was used to attack over 400,000 systems

A cross-platform remote access Trojan that's being openly sold as a service to all types of attackers, from opportunistic cybercriminals to cyberespionage groups, has been used to attack more than 400,000 systems over the past three years.The RAT (Remote Access Tool/Trojan), which depending on the variant is known as Adwind, AlienSpy, Frutas, Unrecom, Sockrat, jRat or JSocket, is evidence of how successful the malware-as-a-service model can be for malware creators.Adwind is written in Java, so it can run on any OS that has a Java runtime installed including Windows, Mac OS X, Linux and Android. The Trojan has been continuously developed since at least 2012 and is being sold out in the open via a public website.To read this article in full or to leave a comment, please click here

Technology ‘net 0x1339ED1: Cloudy Business Cycles

The cloud is definitely having an impact on business cycles, but how much? There are at least two sides to this story; let’s take a look at both. First there is the continued growth of Amazon Web Services (AWS). According to the Next Platform, this chart represents the various options for the growth of AWS over the next decade or so:

It looks like, based on this projection, that AWS can keep growing at a fairly strong pace for a while yet longer. Of course, there are many factors that might impact this growth. For instance, one thing the original post points out is that recessions slow down spending in fixed IT and drive up spending in flexible IT. A recession, then, might improve the bottom line for AWS. The opposite of this, however, is that when companies can afford to build infrastructure, they tend to. There are, believe it or not, still justifications for building your own data center, especially if you can afford it.

There are other points to consider, however, as well, in the relationship between the network and business cycles. For instance, if open source and white box start bleeding out of the largest networks into Continue reading

Current p2p trends threatening enterprise security

Security threats from peer to peer (p2p) communication are nothing new, but they are becoming more sophisticated. From ransomware and botnets, these threats are a global threat that continue to evolve in more sophisticated ways. If security teams aren’t looking for them, they may go undetected, which could be costly for the enterprise.The TrendLabs Security Intelligence blog has been talking about ransomware and CryptoLocker threats for the better part of this and the last decade. In his August 2015 post, Macro Threats and Ransomware Make Their Mark: A Midyear Look at the Email Landscape, Maydalene Salvador, noted that the number of spammed messages in 2014 was nearly 200 billion emails.To read this article in full or to leave a comment, please click here

E-Rate Dollars Can Now Be Used To Take Advantage of SDN with VMware NSX

The need for substantive network security in schools has never been greater. According to ID Analytics, more than 140,000 minors are victims of identity fraud per year—and when their data is exposed, it is misused more frequently. One reason for this is that minors’ clean credit reports can make them extra attractive to identity thieves.

“The educational space is extremely concerned about ensuring [that] Personally Identifiable Information (PII) about students, and their respective data, is kept safe, secure, and only used for the learning environment,” says Jason Radford, head of operations for IlliniCloud. Continue reading

7 Ways IoT Will Impact Your Data Center

Overcoming Cloud Storage Challenges

5 Questions Your IT Vendors Should Ask You

US government wants to sharply increase spending on cybersecurity

President Barack Obama on Tuesday will propose a sharp increase in cybersecurity spending for next year's budget, to improve outdated government software and promote better online security for consumers.The plan calls for a $3.1 billion fund to replace outdated IT infrastructure; a new position of federal chief information security officer; a commission to study cybersecurity problems, and a program to recruit cybersecurity experts into government roles.The U.S has been working since 2009 to improve the nation's cyber defenses, most recently with the Cybersecurity Act of 2015, which promotes better information sharing between private industry and government, said Michael Daniel, special assistant to the President and cybersecurity coordinator, in a phone briefing with reporters Monday.To read this article in full or to leave a comment, please click here

US government wants to sharply increase spending on cybersecurity

President Barack Obama on Tuesday will propose a sharp increase in cybersecurity spending for next year's budget, to improve outdated government software and promote better online security for consumers.The plan calls for a $3.1 billion fund to replace outdated IT infrastructure; a new position of federal chief information security officer; a commission to study cybersecurity problems, and a program to recruit cybersecurity experts into government roles.The U.S has been working since 2009 to improve the nation's cyber defenses, most recently with the Cybersecurity Act of 2015, which promotes better information sharing between private industry and government, said Michael Daniel, special assistant to the President and cybersecurity coordinator, in a phone briefing with reporters Monday.To read this article in full or to leave a comment, please click here

Cato Targets Mid-Sized Businesses with Cloud Security

Location-based security has a hard time with cloud applications.

Using BGP in Data Center Fabrics

While the large data centers increasingly use BGP as the routing protocol within their fabrics, the enterprise engineers tend to shy away from that idea because they think BGP is too complex/scary/hard-to-configure/obsolete/unknown/whatever.

It’s time to fix that.

Firewall – Some Insight into the Cisco ASA Failover Process

I’m currently working on a design and needed to verify some failover behavior of the Cisco ASA firewall.

The ASA can run in active/active or active/standby mode where most deployments I see run in active/standby mode. When in a failover pair the firewalls will share an IP address and MAC address, very similar to HSRP or VRRP but it also synchronizes the state of TCP sessions, IPSec SA’s, routes and so on. The secondary firewall gets its config from the primary firewall so everything is configured exactly the same on both firewalls.

To verify if the other firewalls is reachable and to synchronize state, a failover link is used between the firewalls. The firewalls use a keepalive to verify if the other firewall is still there. This works just like any routing protocol running over a link where you expect to see a hello from your neighbor and if you miss 3 hello’s, the other firewall is gone. This timer can be configured and in my tests I used a hello of 333 ms and a holdtime of 999 ms which means that convergence should happen within one second.

The first scenario I was testing was to manually trigger a Continue reading

Cisco boosts, broadens Catalyst switches

Cisco this week unveiled key enhancements to its enterprise switches, including a 6Tbps supervisor engine expected for some time.The extensions to Cisco’s Catalyst 6800, 4500-E and 3650 lines are intended to address a range of requirements spanning campus backbones, wiring closets, and small office and retail locations. They are designed to boost performance for business applications, support Cisco’s most recent features and accommodate space constrained environments.To read this article in full or to leave a comment, please click here

Flaws in Trane thermostats underscore IoT security risks, Cisco says

Cisco warned on Monday of serious flaws it found in an Internet-connected thermostat control, which it said are typical among products of vendors who aren't well-versed in network security.The flaws were found in the ComfortLink II thermostats made by Trane. The thermostats allow users to control room temperature from a mobile device, display the weather and even act as a digital photo frame.Cisco's Talos unit said the issues have now finally been patched since notifying Trane nearly two years ago, which is why it went public."The unfortunate truth is that securing internet-enabled devices is not always a high priority among vendors and manufacturers," wrote Alex Chiu, a Cisco threat researcher, in a blog post Monday.To read this article in full or to leave a comment, please click here

Infoblox Acquires IID for Threat Intelligence

DDI company acquired IID. Yes they DID.

Snowden leaks furor still spilling over into courts

Nearly three years after former NSA contractor Edward Snowden first leaked details about massive domestic spying, his revelations have prompted a broader discourse, especially among legal scholars, over the potentially invasive nature of big data cybersurveillance tools.Even as intelligence officials, the FBI and Congress worry about the rise of terrorists using encryption to communicate, legal experts are concerned that the enormous volume of data still being collected and stored by the National Security Agency and other intelligence agencies will pose legal concerns based on the Fourth Amendment of the U.S. Constitution. The Fourth Amendment prohibits unreasonable searches and seizures without a judge's warrant supported by probable cause.To read this article in full or to leave a comment, please click here

Kingston buys encrypted flash drive maker IronKey

Kingston Technology today announced it has acquired the USB technology and assets of IronKey from Imation Corp.Imation, which purchased the then privately-held IronKey in 2011, did not disclose the financial details of the sale to Kingston.IronKey is perhaps best known for its highly secure USB flash drives, which use 256-bit AES encryption algorithm to secure data and a stainless steel case with no seams so it cannot be pried open.To read this article in full or to leave a comment, please click here

LinkedIn Built Its ‘Pigeon’ Switch to Peer Into Networking Chips

A buffer overflow problem prompted LinkedIn to build its own switch.

Is it time to give up on WordPress sites?

It’s being reported by Malwarebytes’ CyberheistNews and other sources that a unexpectedly large wave of hacking has been hitting thousands of WordPress sites (described as the “Weird WordPress Hack” just to fit in with the Buzzfeed style of headlines). The attacks are described as: "WordPress sites are injected with huge blurbs of rogue code that perform a silent redirection to domains appearing to be hosting ads," Malwarebytes Senior Security Researcher Jérôme Segura wrote in a blog post published Wednesday. "This is a distraction (and fraud) as the ad is stuffed with more code that sends visitors to the Nuclear Exploit Kit." To read this article in full or to leave a comment, please click here

9 technologies that could cut demand for lawyers, lower legal fees

Lawyers are embracing technology that makes them more efficient and less trapped in 100-hour work weeks but that also reduces the need for them in certain types of cases or turns their counsel into a commodity.These technologies and services include a Web platform that searches patents more quickly than lawyers can, an app to find flaws in contracts, low-cost access to ask legal questions and an arbitration network to keep from having to hire legal representation to go to small-claims court.Attorneys from across the country heard about these at the recent LegalTech conference where some of the attendees indicated that the innovations could save money for law firms and even change their hiring practices by cutting the need for full-timers. One attorney joked that the innovations are disrupting the profession so much that he’ll be retiring early.To read this article in full or to leave a comment, please click here