Upcoming VMUG Events

I’m extremely honored to have the opportunity to help support VMware User Group (VMUG) meetings all over the world. I will be speaking at a few upcoming events; if you’re going to be at one of these events, I’d love to meet you, say hi, and chat for a bit. Here are the details.

Tuesday, February 23, 2016 I’m really excited to be back in Sydney again for an opportunity to speak at the Sydney VMUG UserCon (see the event page for full details).

Thursday, February 25, 2016 Two days after the Sydney event I’ll be in Melbourne to help support the Melbourne VMUG UserCon. (More details here.)

First week in March 2016 The dates for these events are still being finalized (I’ll update this post when I have more details), but I’ll be in South Africa for a series of VMUG events there as well (Johannesburg, Durban, and Cape Town). This will be my first time in South Africa, and I’m really looking forward to meeting and talking with customers there.

Aside from these VMUG events, if you’re in one of these regions, are a current (or potential) customer of VMware, and you’d like to meet to talk Continue reading

Malware alone didn’t cause Ukraine power station outage

A new study of a cyberattack last month against Ukrainian power companies suggests malware didn't directly cause the outages that affected at least 80,000 customers.Instead, the malware provided a foothold for key access to networks that allowed the hackers to then open circuit breakers that cut power, according to information published Saturday by the SANS Industrial Control Systems (ICS) team.Experts have warned for years that industrial control systems used by utilities are vulnerable to cyberattacks. The Dec. 23 attacks in Ukraine are the most prominent example yet of those fears coming to fruition.To read this article in full or to leave a comment, please click here

Gamer blames Nvidia GPU driver bug for showing porn viewed via Chrome incognito mode

Imagine launching a game on your PC and the black loading screen instead shows the porn you had been viewing hours ago via Google’s incognito browser mode. That’s exactly what happened to Evan Andersen, according to his blog post detailing how an Nvidia GPU driver bug breaks Chrome incognito.Andersen said the porn he’d viewed hours previously had been “perfectly preserved” and was “splashed on the screen” while Diablo III was loading. He added: So how did this happen? A bug in Nvidia's GPU drivers. GPU memory is not erased before giving it to an application. This allows the contents of one application to leak into another. When the Chrome incognito window was closed, it’s framebuffer was added to the pool of free GPU memory, but it was not erased. When Diablo requested a framebuffer of its own, Nvidia offered up the one previously used by Chrome. Since it wasn't erased, it still contained the previous contents. Since Diablo doesn't clear the buffer itself (as it should), the old incognito window was put on the screen again.To read this article in full or to leave a comment, please click here

Uptime Funk – Best Sysadmin Parody Video Ever!

 

This is so good! Perfect for your Monday morning jam.

 

Uptime Funk is a music video (parody of Uptown Funk) from SUSECon 2015 in Amsterdam.

 

My favorite: 
I'm all green (hot patch)
Called a Penguin and Chameleon
I'm all green (hot patch)
Call Torvalds and Kroah-Hartman
It’s too hot (hot patch)
Yo, say my name you know who I am
It’s too hot (hot patch)
I ain't no simple code monkey
Nuthin's down

Juniper will repatch its Netscreen operating system

After scrutinizing the two operating systems that run its networking and security products, Juniper Networks gives them both a clean bill of health, but it plans to replace a part of one that was exploited by unknown parties to undermine its Netscreen security gear.Juniper revealed last month that it had found two flaws in its ScreenOS operating system and patched them, but now it plans to patch one of them again to make the security of the operating system stronger, according to a Juniper blog.To read this article in full or to leave a comment, please click here

Piper nv: An ambitious home monitoring and automation system

Home automation has become a Big Thing and with it the surveillance and monitoring systems market has exploded. My focus today, the Icontrol Networks Piper nv, is ostensibly in the monitoring market but it’s an ambitious product that attempts to do a lot more.The Piper nv is a wireless (802.11 b/g/n), ultra-wide angle (180 degrees!) 3.4 megapixel video camera that can deliver 1080p (1,920-by-1,080 pixel) streaming video in h.264 format. It has “night” vision (at much reduced video quality) with built-in infrared illumination. The device has passive infrared motion detection, a microphone, a speaker, temperature and humidity sensors, a 105 dB siren, and a built-in Series 500 Z-Wave Controller. To read this article in full or to leave a comment, please click here

EIGRP vs OSPF

EIGRP vs OSPF  – Below comparison table is your primary resource for the OSPF and EIGRP routing protocols when you compare them from the design point of view. Knowing and understanding these design practices will not only help you for the real life network design but also will help for the any design certification exams. If you […]

The post EIGRP vs OSPF appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

How Do I Protect My Organisation from Exploit Kits?

Most network architects I’ve worked with seem quite familiar with botnets, but exploit kits (EKs) are somewhat of a mystery. I’ve recently come across a couple of good papers explaining the topic, one from CERT-UK titled ‘Demystifying the exploit kit’, available at the following URL: https://www.cert.gov.uk/resources/best-practices/demystifying-the-exploit-kit/ And ‘Evolution of Exploit Kits’ from Trend Micro: https://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-evolution-of-exploit-kits.pdf […]

The post How Do I Protect My Organisation from Exploit Kits? appeared first on Packet Pushers.

How Do I Protect My Organisation from Exploit Kits?

Most network architects I’ve worked with seem quite familiar with botnets, but exploit kits (EKs) are somewhat of a mystery. I’ve recently come across a couple of good papers explaining the topic, one from CERT-UK titled ‘Demystifying the exploit kit’, available at the following URL: https://www.cert.gov.uk/resources/best-practices/demystifying-the-exploit-kit/ And ‘Evolution of Exploit Kits’ from Trend Micro: https://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-evolution-of-exploit-kits.pdf […]

The post How Do I Protect My Organisation from Exploit Kits? appeared first on Packet Pushers.

Book Recommendation: Wasteland Blues

I am a fan of any sort of post-apocalyptic fiction. Movies. Books. Anime. Weird Al songs. You name it. If it posits a future after the world we know is gone, I'll give it a try. Thus it is that I recommend Wasteland Blues to you by Scott Christian Carr and my fellow Packet Pusher Andrew Conry-Murray.

White House hopes for ‘common ground’ in Silicon Valley meeting

The White House hopes a Friday summit between senior government officials and Silicon Valley tech leaders will find common ground on ways to work together to combat extremism and radicalization. Government officials will seek to convince tech executives that they need to heed President Barack Obama's call to action and step up to help the U.S. in its fight against militants. But some tech executives are still wary of assisting the government after former National Security Agency (NSA) contractor Edward Snowden leaked information about U.S. spying back in 2013.To read this article in full or to leave a comment, please click here

White House hopes for ‘common ground’ in Silicon Valley meeting

The White House hopes a Friday summit between senior government officials and Silicon Valley tech leaders will find common ground on ways to work together to combat extremism and radicalization. Government officials will seek to convince tech executives that they need to heed President Barack Obama's call to action and step up to help the U.S. in its fight against militants. But some tech executives are still wary of assisting the government after former National Security Agency (NSA) contractor Edward Snowden leaked information about U.S. spying back in 2013.To read this article in full or to leave a comment, please click here

Cisco disrupts another exploit kit

Cisco has disrupted another exploit kit that was emanating from Russian service providers. The company’s Talos security operation said it blacklisted several Class C subnets from provider Eurobyte that were serving the RIG exploit kit or scored negatively in web reputation. RIG is an exploit kit that delivers malicious payloads to unsuspecting users. It redirects users to a landing page and the delivers the exploit payload – in this case, spambot variants -- via a GET request, according to this Talos blog post.To read this article in full or to leave a comment, please click here

Sample Internet usage policy

This Internet usage policy from a manufacturing company with fewer than 50 employees establishes the company's ownership of data transmitted over its computer systems, establishes the right to monitor, and ofifers examples of activities that violate the policy.You are free to use or adapt this sample policy, which was contributed by the security community, for use in your own organization (but not for re-publication or for-profit use).Want to provide a policy or checklist? Contributions are welcome, as is expert commentary. Send your thoughts to Amy Bennett ([email protected]). Internet Usage Policy COMPANY may provide you with Internet access to help you do your job. This policy explains our guidelines for using the Internet.To read this article in full or to leave a comment, please click here(Insider Story)

1 3,189 3,190 3,191 3,192 3,193 3,841