Attackers go on malware-free diet

To avoid detection, some hackers are ditching malware and living "off the land" -- using whatever tools are already available in the compromised systems, according to a new report from Dell SecureWorks.In fact, this has been the case for nearly all the intrusions analyzed by the Dell SecureWorks’ Incident Response Team last year.The cyber criminals typically start out with compromised credentials, said Phil Burdette, senior security researcher at Atlanta-based Dell SecureWorks, Inc."For example, they might use phishing attacks," he said. "They'll send an email purporting to be from the IT staff, asking users to log in and test their credentials because the IT staff has just created a new email server. Once a user logs in, those same credentials would then be used to access the company's virtual private network solutions."To read this article in full or to leave a comment, please click here

FDA accepts application for micro-chipped pill that tells doc if you took meds

Some people with schizophrenia might be inclined to believe “they” are watching them, that “they” are tracking them, and ironically now “they” really might be via a “digital” pill that contains an ingestible sensor which gives doctors and caregivers the ability to track if and when a patient takes his medicine.According to an announcement by Otsuka Pharmaceutical and Proteus Digital Health: This is the first time an FDA-approved medication (ABILIFY) has been combined and submitted for approval with a sensor within the medication tablet (the Proteus ingestible sensor) to measure actual medication-taking patterns and physiologic response. This objective information is communicated to the patient – and with the consent of the patient – to the patient’s physician and/or caregiver.To read this article in full or to leave a comment, please click here

Expert mocks ‘expert’ who warns Earthlings to avoid infecting alien computers

I don’t know how I missed this story last week, but I did, and through that inattentiveness I may have inadvertently subjected some innocent alien being’s computer to a virus.How, you ask. I don’t know. And neither does genuine human security expert Graham Cluley, who read about the concerns of an Oxford University researcher and addresses them in this video (which is amusing though longer than it needs to be).To read this article in full or to leave a comment, please click here

It’s been 5 years!!

Hard to believe I have been blogging for 5 years! If I didn’t have a record of it I probably wouldn’t believe it! Last year saw another 30 new blogs posts published, and that doesn’t count my 4 posts for the SolarWinds Thwack Ambassador program or my blog post or two for the Cisco Champion […]

Leverage Micro-Segmentation to Build a Zero Trust Network

Applications are a vital component of your business…but are your applications and data safe?  Have you considered implementing a Zero Trust model at your organization to protect your vital resources?  Join this hour-long webcast on Tuesday, September 29, 2015 at 11:00 AM PST / 2:00 PM EST to find out how to leverage micro-segmentation to build a true Zero Trust data center network.

Join our guest speaker, John Kindervag, VP and Principal Analyst at Forrester Research, as he discusses the results of the August 2015 commissioned research study, “Leverage Micro-segmentation To Build A Zero Trust Network”, conducted on behalf of VMware. Kindervag will cover Forrester’s three key findings from the study:

  • Security gaps and disconnects are the unfortunate norm across Enterprises today.
  • Network virtualization helps to reduce risk and supports a higher-level security strategy.
  • Micro-segmentation provided through network virtualization paves the way for implementing a Zero Trust model.

Protecting your data doesn’t have to be difficult! Reserve your spot for this webcast today.

Micro-Segmentation and Security at Tribune Media

And to learn more about how other leading organizations are using micro-segmentation to build a Zero Trust Model, watch the video below from David Giambruno, CIO of Continue reading

Experts to IoT makers: Bake in security

CAMBRIDGE, Mass. -- Makers of Internet of things devices need to incorporate security into them during the design phase to make them less of a threat when connected to networks, according to speakers at an IoT security forum.In addition they need to consider early on what regulations the devices will have to comply with so those requirements can be baked in and not added later when they would be less effective, according to advice delivered at the Security of Things Forum 2015. RSA Conference Josh CormanTo read this article in full or to leave a comment, please click here

Information wants to be protected: Security as a mindset

George-Orwell-house-big-brotherI was teaching a class last week and mentioned something about privacy to the students. One of them shot back, “you’re paranoid.” And again, at a meeting with some folks about missionaries, and how best to protect them when trouble comes to their door, I was again declared paranoid. In fact, I’ve been told I’m paranoid after presentations by complete strangers who were sitting in the audience.

Okay, so I’m paranoid. I admit it.

But what is there to be paranoid about? We’ve supposedly gotten to the point where no-one cares about privacy, where encryption is pointless because everyone can see everything anyway, and all the rest. Everyone except me, that is—I’ve not “gotten over it,” nor do I think I ever will. In fact, I don’t think any engineer should “get over it,” in terms of privacy and security. Even if you think it’s not a big deal in your own life, engineers should learn to treat other people’s information with the utmost care.

In moving from the person to the digital representation of the person, we often forget it’s someone’s life we’re actually playing with. I think it’s time for engineers to take security—and privacy—personally. It’s time Continue reading

Cisco FlexVPN DMVPN, Part 1 – Overview and Design

This post will introduce a new type of DMVPN – FlexVPN, unofficially called “DMVPN phase 4″ .  We will go through the basic building blocks of Cisco FlexVPN DMVPN and some of the design best practices for a typical enterprise WAN network. FlexVPN Introduction FlexVPN is a configuration framework (a collection of CLI/API commands) aimed to […]

The post Cisco FlexVPN DMVPN, Part 1 – Overview and Design appeared first on Packet Pushers.

Momentum in Motion: $35 Million in Funding, Solid Partnerships, Customer Wins, Switching on New Technology

I can’t believe how fast 2015 is flying by. It seems like we were just making our networking predictions for the year. If you’ve been following the blog or keeping up with us on social media, you may have noticed we’ve been busy here in Nashua in terms of our growth and expansion as well as the products we’re delivering. We are rapidly evolving Plexxi to keep pace with today’s competitive technology landscape.

I’m excited about the prospects for the future. And the reason has to do with three key accomplishments in 2015 (so far): today’s big news —$35 million in funding to accelerate our growth plans and product development; our new strategic partnerships along with our customer growth in targeted vertical markets; and the introduction of our Switch 2 Series. We’re set to make 2015 our best year yet.

1. Financing to Accelerate our Growth. Today, we announced we raised $35 million to continue our rapid growth in the software-defined agile datacenter market. The infusion of capital will help fuel the rapid expansion of our sales, marketing, customer support, and research and development efforts to deliver on our vision of a software-defined architecture in datacenters and service provider networks. Continue reading

REVIEW: Threat Intelligence could turn the tide against cybercriminals

In recent reviews, we looked at the advancements in endpoint security, including new ways companies are employing technology like virtual machines to get a leg up on potential attackers. But despite impressive new defensive technologies, the bad guys still seem to be getting through. According to security engineers we’ve talked with, the problem with network defense these days is two-fold. First, no matter how innovative the defensive technology deployed, it will eventually be breached or circumvented. And because most of the top attackers and groups collaborate, the tools and techniques used to successfully break down defenses are quickly shared.To read this article in full or to leave a comment, please click here(Insider Story)

New products of the week 09.14.15

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.HiveManager NG Virtual AppliancePricing: HiveManager NG Virtual Appliance requires the purchase of a 1-, 3-, or 5-year support contract, the price of a 1-year support contract is $1,000. Additionally, each managed access point requires a perpetual license at $80 per access point and a 1-, 3-, or 5-year support contract per access point.To read this article in full or to leave a comment, please click here

How We Extended CloudFlare’s Performance and Security Into Mainland China

CloudFlare launched five years ago. Within a year of our launch, the biggest surprise was the strong global demand for our service. From nearly the beginning, China was the second largest source of traffic by country to our network, behind only the United States.

In retrospect, that shouldn't have been a surprise. In 2010, the year we launched, 34% of China's population, or 450 million people, were online. Today, nearly half the country is online. To put it another way, with 700 million people online, China represents a quarter of all Internet users. If your mission is to help build a better Internet, like CloudFlare's is, then China is a country you cannot ignore.

Consequently, starting in 2011, we began to investigate how CloudFlare could bring our service to the Chinese Internet. Four years later, we're excited to announce the extension of CloudFlare's performance and security platform across mainland China. This is the story of how we did it.

The Challenges

There are three major challenges to extending a service like CloudFlare's across mainland China: technical, economic, and regulatory.

Technical

From a technical perspective, the Chinese Internet, despite its many similarities, is different than the rest of the world. Unlike Continue reading

IPv6-based Wi-Fi Hotspots

Apple’s 2015 WWDC event included a great session on IPv6 & TCP changes coming with iOS 9. There is a related post to the IETF v6ops mailing list here. The new IPv6 hotspot is very interesting to me. These are my notes on how hotspot functionality can work with IPv6, and no NAT.

Disclaimer: These are my own notes, written to help my understanding. There will be mistakes. Corrections welcome.

IPv4 Hotspot – (aka the simplicity of NAT?)

The current IPv4 hotspots use simple NAT, similar to most home network setups. The mobile network assigns a public IPv4 /32 address to the handset, H. The handset picks a local RFC1918 address space for its connectivity to local clients, and hands that out via DHCP. Hide NAT is used to provide outbound internet connectivity for those clients.

IPv4 Hotspot

What about IPv6? Isn’t NAT verboten?

NAT is evil, right? We can’t use NAT to hide the local clients behind the handset. So how do we provide IPv6 hotspot functionality? One way would be to use DHCPv6 PD. When the hotspot is enabled, the mobile device could request a prefix via DHCPv6 PD. That could then be used for local devices.

Unfortunately the Continue reading

Researcher reveals remotely exploitable flaw in world’s most widely-used real-time OS

A security researcher discovered a serious yet simple flaw in VxWorks, a real-time operating system for the Internet of Things, which an attacker could remotely exploit without needing any interaction with a user. The OS is used in everyday things like network routers to critical infrastructure as well in NASA’s Curiosity Rover on Mars and Boeing 787 Dreamliners.Searching for VxWorks via Shodan reveals about 100,000 internet-connected devices running the OS, but VxWorks supposedly powers “billions of intelligent devices.” The researcher warned that the vulnerability “allows remote code execution on most VxWorks-based devices.”To read this article in full or to leave a comment, please click here

1 3,179 3,180 3,181 3,182 3,183 3,696