New tool from Cloudmark is designed to defend against spear phishing  

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  The nature of how cyber attacks start is changing. Today's malicious actors are not merely opportunistic, they know what information they want and who to target to get at it. For example, the 2014 breach at JP Morgan reportedly began when an IT employee opened a specially-crafted email and was tricked into providing credentials to a vulnerable internal machine. Attackers used the privileges of that person's credentials to move around the network until they were able to find and exfiltrate 83 million records in one of the largest data breaches of the year.To read this article in full or to leave a comment, please click here

CIA: 10 Tips when investigating a flying saucer

Most people don’t typically associate the Central Intelligence Agency with historical UFO investigations but the agency did have a big role in such investigations many years ago.That’s why I thought it was unusual and kind of interesting that the agency this week issued a release called “How to investigate a flying saucer.” [The release is also a nod to the fact that the science fiction TV series X-Files returns to the screen this weekend]In the article the CIA talks about the Air Force’s Project Blue Book which investigated public reports of UFOs and operated between 1952-1969.   Project Blue Book was based at Wright-Patterson Air Force Base near Dayton, Ohio. Between 1947 and 1969, the Air Force recorded 12,618 sightings of strange phenomena — 701 of which remain "unidentified.”To read this article in full or to leave a comment, please click here

Skype now hides your IP address to protect against attacks from online trolls

Skype is adding a new default security feature primarily to protect gamers from their overheated rivals. The Microsoft-owned service recently announced it would start hiding users’ IP addresses by default in the latest update to Skype. Previously, a Skype user’s IP address was not hidden, meaning hackers who knew what to look for could easily obtain your IP address and thus target your computer. Why this matters: Online gaming is serious business. So serious that people who lose major online battles or matches can sometimes seek revenge. One easy way to do that is to launch a distributed denial of service attack knocking their victorious rival offline. Before launching a DDoS, however, you need your target’s IP address. That was actually pretty easy if you knew your target’s Skype name. You don’t even need to be a capable programmer as many websites called ‘resolvers’ promised to reveal a Skype user’s IP address.To read this article in full or to leave a comment, please click here

Defending against insider security threats hangs on trust

When it comes to security, insider threats are an unfortunate fact of life. But if you're thinking only about combatting malicious insiders, you may be miscalculating the risk."The insider threat is much broader," says Steve Durbin, managing director of the Information Security Forum (ISF), a nonprofit association that assesses security and risk management issues on behalf of its members. "It isn't just about bad apples — people that are deliberately out to steal information or harm organizations."MORE ON NETWORK WORLD: Free security tools you should try The other two types of insider threats, Durbin says, are negligent insiders, who are aware of security policies but find a workaround, probably with the best of intentions, to get work done, and accidental insiders. A negligent insider, faced with the need to get a large file to a colleague, might turn to a non-approved Web-based file hosting service. An accidental insider might be a manager who is emailing employee performance reviews and miskeys an email address. Due to the magic of autocomplete, that email winds up in the wrong hands.To read this article in full or to leave a comment, please click here

PlexxiPulse—GV Invests In Plexxi

On Wednesday, we announced that GV (formerly Google Ventures) has invested in Plexxi. GV’s investment will help us continue to scale our networking product offerings, meet the needs of the emerging cloud builder community and drive adoption of software-defined architecture in data centers. CEO Rich Napolitano’s recent blog post calls attention to the need for transformation of IT being led by Cloud Builders and Cloud Architects. This investment will help us stay at the forefront of this transformation.

This investment follows Plexxi being named to the Dell Founders 50 list and the release of our newest software suite and Switch 3 hardware program in late 2015. We are committed to constant innovation and proud that GV shares our vision to provide a network that meets today’s dynamic business requirements.

Below please find a few of our top picks for our favorite news articles of the week. For a full list of coverage of the investment, visit here.

ZDNet: Google’s venture capital arm GV invests in networking startup Plexxi
By Natalie Gagliordi
Networking startup Plexxi says it has received a funding investment from GV, Google’s venture capital arm formerly known as Google Ventures. Plexxi did not disclose the specific size of Continue reading

Freeradius setup on Ubuntu 14.04

Frustrated with a dilapidated installation of Freeradius 1.x in our lab, and conscious that it is unsupported any more, I decided to install a new Freeradius server.

Ubuntu 14.04.3 LTS is the platform I am installing it on, and this is a relatively fresh installation of Ubuntu server.   It needs to serve access-requests from a Redback and a Juniper router in our lab for both PPP and DHCP clients.

Install freeradius using ‘apt-get install freeradius’.  This pulls down Freeradius 2.1 as can be seen below:

Setting up freeradius (2.1.12+dfsg-1.2ubuntu8.1)

Edit the /etc/freeradius/clients.conf file to permit all hosts on the lab network (192.168.3.0/24) to be ‘clients’ of my new Freeradius server – as long as they use  a shared secret when authenticating.  To do this, include the following section:

client 192.168.3.0/24 {
      secret = testing123
      shortname = labnet-3
}

Copy /etc/freeradius/users to /etc/freeradius/users.originalfile so that we have a backup in case everything goes wrong.

Edit the /etc/freeradius/users file and  create a new user:

andrew Cleartext-Password := "password"
 Reply-Message = "Hello %{User-Name}"

Save the users file.

Test this locally Continue reading

Stuff The Internet Says On Scalability For January 22nd, 2016

Hey, it's HighScalability time:


The Imaginary Kingdom of Aurullia. A completely computer generated fractal. Stunning and unnerving.

 

If you like this Stuff then please consider supporting me on Patreon.
  • 42,000: drones from China securing the South China Sea; 1 billion: WhatsApp active users; 2⁻¹²²: odds of a two GUIDs with 122 random bits colliding; 25,000 to 70,000: memory chip errors per billion hours per megabit; 81,500: calories in a human body; 62: people as wealthy as half of world's population; 1.66 million: App Economy jobs in the US; 521 years: half-life of DNA; 0.000012%: air passenger fatalities; $1B: Microsoft free cloud resources for nonprofits; 4000-7000+: BBC stats collected per second; $1 billion: Google's cost to taste Apple's pie;

  • Quotable Quotes:
    • @mcclure111: 1995: Every object in your home has a clock & it is blinking 12:00 / 2025: Every object in your home has a IP address & the password is Admin
    • @notch: Coming soon to npm: tirefire.js, an asynchronous framework for implementing helper classes for reinventing the wheel. Based on promises.
    • @ayetempleton: Fun fact: You are MORE likely to win a million or Continue reading

Worth Reading: Net Neutrality

The world is watching and taking note of the FCC’s blatant competition double standard that totally favors America’s dominant edge platforms above most everyone and everything else. Consider an apt and illuminating comparison between the competition U.S. wireless broadband providers face versus the competition Silicon Valley’s edge platforms face. -via somewhat reasonable

The post Worth Reading: Net Neutrality appeared first on 'net work.

FortiGuard SSH backdoor found in more Fortinet security appliances

Network security vendor Fortinet has identified an authentication issue that could give remote attackers administrative control over some of its products.The issue, which was described as a FortiGuard SSH (Secure Shell) backdoor, was originally disclosed earlier this month by an anonymous researcher, who also published exploit code for it.Last week, Fortinet said that the problem was not an intentional backdoor, but the result of a management feature which relied on an undocumented account with a hard-coded password. Additionally the company noted that the issue was fixed in FortiOS back in July 2014, after being identified as a security risk by the company's own product security team.To read this article in full or to leave a comment, please click here

FortiGuard SSH backdoor found in more Fortinet security appliances

Network security vendor Fortinet has identified an authentication issue that could give remote attackers administrative control over some of its products.The issue, which was described as a FortiGuard SSH (Secure Shell) backdoor, was originally disclosed earlier this month by an anonymous researcher, who also published exploit code for it.Last week, Fortinet said that the problem was not an intentional backdoor, but the result of a management feature which relied on an undocumented account with a hard-coded password. Additionally the company noted that the issue was fixed in FortiOS back in July 2014, after being identified as a security risk by the company's own product security team.To read this article in full or to leave a comment, please click here

IPv6 Microsegmentation in Data Center Environments

The proponents of microsegmentation solutions would love you to believe that it takes no more than somewhat-stateful packet filters sitting in front of the VMs to get rid of traditional subnets. As I explained in my IPv6 Microsegmentation talk (links below), you need more if you want to have machines from multiple security domains sitting in the same subnet – from RA guard to DHCPv6 and ND inspection.

Read more ...

CloudFlare launches new data centers in Oslo and Minneapolis

CloudFlare launches new data centers in Oslo and Minneapolis

Four thousand miles (6,400 kilometers) separate CloudFlare’s latest two data centers: Oslo (#75) and Minneapolis (#76).

Oslo

In Oslo, we have now built our third data center in Scandinavia. This joins our existing facilities in Stockholm and Copenhagen. With a data center in Norway, we recognize an important country that stands above others with a staggering 95.05% of the population having Internet connectivity. This Internet penetration rate is the fourth best in the world. For reference, the Internet penetration rate in the US is 84%, the UK is 90% and Egypt, where we deployed our last data center it is only 50%

At 59.9500° N, Oslo is also the “northernmost” CloudFlare data center on our network map.

Oslo, according to the Norwegian Sagas is over 1,000 years old. CloudFlare has built itself into a facility just a handful of years old and while we respect all the wonderful history and tradition associated with Norway, we hope the locals appreciate our 21st century choice.

Norway has a very important position within the history of the Internet (well the ARPANET actually). In June 1973, the Royal Radar Establishment in Norway became one of the first international connections to Continue reading

Aircraft part manufacturer says cybercrime incident cost it $54 million

An Austrian airplane component maker for Boeing and Airbus said earlier this week a cybercrime-related fraud has caused €50 million (US$54 million) in damages.FACC AG said in its third quarter results report that the accounting department of its FACC Operations unit was targeted.While many businesses have had brushes with cybercrime in the last few years, FACC's large damages figure stands out."The management board has taken immediate structural measures and is evaluating damages and insurance claims," the document said.It characterized the incident as an "outflow" of €50 million of "liquid funds." The loss does not pose an economic threat to the company, it said.To read this article in full or to leave a comment, please click here

Backdoor account replaced by another backdoor in vendor stumble

A company that makes video conferencing products replaced one serious security vulnerability with another, despite being warned of the dangers. AMX Harman, which makes a variety of audio-visual and building control equipment, has patched the problem. But on Thursday SEC Consult, an information security firm in Vienna, revealed what it says is the back story.  Last March, SEC Consult warned AMX that it had found a secret account in certain versions of the NX-1200, an appliance for controlling audio-visual systems.To read this article in full or to leave a comment, please click here

1 3,185 3,186 3,187 3,188 3,189 3,855