US, UK disrupt Dridex botnet, which targeted online banking

A cybercriminal network that caused at least US$10 million in losses has been disrupted by U.S. and U.K. law enforcement, with the U.S. seeking a Moldovan man's extradition, the Department of Justice said Tuesday.Andrey Ghinkul, 30, is accused of being the administrator of the Dridex botnet, also known as Cridex and Bugat.A nine-count indictment was unsealed on Tuesday in the U.S. District Court for the Western District of Pennsylvania,  DOJ said. Ghinkul was arrested on Aug. 28 in Cyprus.Dridex has been a real headache for a number of years. It collects online banking credentials from infected computers, which prosecutors said were then used to initiate large wire transfers.To read this article in full or to leave a comment, please click here

Phishing websites look more legit with SSL certs from major companies

The Web is full of deception, and it's sometimes still hard for people to figure out if the website they're viewing really is what it says it is.This type of cyberattack, known as phishing, is designed to elicit sensitive details from victims by creating websites that look nearly identical to services like PayPal or Bank of America.Despite improvements in quickly detecting and taking such sites offline, it's still a huge problem.A U.K.-based network monitoring company, Netcraft, says fraudsters are exploiting weaknesses in technology companies in order to make more convincing looking phishing sites.Many websites use SSL/TLS (Secure Sockets Layer/Transport Layer Security) certificates to verify their domain name and encrypt communications with users.To read this article in full or to leave a comment, please click here

Juniper Certifications now good for 3 years!

It is finally official, Juniper has extended their certification expiration from two years to three years. Originally Juniper certifications where active for 2 years, and then you had 1 year after that to renew.  If you did not re-certify prior to the 2–year anniversary, you went into an inactive status for a year with your […]

The post Juniper Certifications now good for 3 years! appeared first on Fryguy's Blog.

Get Digital Content with the SDN Workshop

Last week I ran two SDN workshops, and in both of them the participants were busy taking notes as I explained the intricacies of concepts like SDN, NFV and network automation, and tools like OpenFlow or BGP.

However, how often did you revisit notes taken at a presentation and kept wondering “what exactly was he trying to say?” … or felt like the training you attended was like drinking from a fire hose and you missed most of the good stuff?

You won’t have that problem during the Miami SDN/NFV/SDDC retreat.

Containers Make Ciena’s Blue Planet More User-Friendly

Customers get the freedom to make programming changes to their network orchestration software.

FBI, DoJ take out $10 Million “Bugat” banking botnet

The FBI and US Department of Justice today said they disrupted the activities and arrested the administrator of the botnet known as “Bugat,”  “Cridex” or “Dridex,” which authorities said pilfered over $10 million.More on Network World: Gartner: Risk, relentless data center demand, open source and other tech trends IT needs to knowThe FBI called Bugat a sophisticated malware package designed to steal banking and other credentials from infected computers and is generally distributed through phishing. The software typically can upload files from an infected computer and download executable files to the victim’s system. Collected information id sent to the criminal’s system. Bugat is specifically designed to defeat antivirus and other protective measures employed by victims.To read this article in full or to leave a comment, please click here

Why you want a bare metal hypervisor and how to choose

Once upon a time, there was nothing but native, or bare metal, hypervisors (a.k.a. virtual machine managers). In the 1980s, I cut my teeth on IBM System/370 mainframes running VM/CMS, but bare metal's history goes all the way back to the 1960s. With bare metal hypervisors, the hypervisor runs directly on the hardware. There is no intervening operating system.To read this article in full or to leave a comment, please click here(Insider Story)

Cisco dedicates security project to ‘pissing off the bad guys’

Following its disruption of a major distributor of Angler ransomware, Cisco is offering up free security consulting for hosting providers that’s aimed at wiping out persistent attacks that abuse providers’ services and threaten the rest of the Internet.Cisco’s Talos security intelligence and research group has launched Project Aspis, which hosting providers can sign up for to work with Talos and in return receive help including systems forensics, reverse engineering, threat intelligence sharing and, in the right circumstances, dedicated research engineers to work with, according to Cisco’s security blog.To read this article in full or to leave a comment, please click here

CCNA – Operation of IP Data Networks 1.2

The next topic for CCNA is:

1.2 Select the components required to meet a given network specification

I wish the blueprint would have been a bit clearer on what they mean with this topic but it’s reasonable to think that it’s about picking routers and switches depending on the networking requirements.

Picking a router or switch will depend on what kind of circuit is bought from the ISP, if the service is managed, the number of users on the network, the number of subnets needed and if there are requirements for NAT and/or firewalling among many decision points. Since this is the CCNA RS we will pretend that devices such as the Cisco ASA does not exist which can be used for small offices to do both firewalling and routing.

I’ll give different examples and we’ll look at which devices make sense and why to pick one device over another.

MPLS VPN circuit
10 users
One subnet (data)
No need to NAT
No need for firewall

The MPLS VPN circuit is a managed service, meaning that the ISP will have a Customer Premises Equipment (CPE) at the customer. In other words, the ISP will put a router at the Continue reading

Which NoSQL database is right for you?

October 2015 Patch Tuesday: Microsoft releases 3 critical and 3 important patches

For October 2015 Patch Tuesday, Microsoft released only six security bulletins with three being rated as critical.3 rated CriticalThe three bulletins rated critical deal with remote code execution.MS15-106 is a cumulative fix for Internet Explorer, patching multiple memory corruption, scripting engine memory corruption, elevation of privilege, and information disclosure vulnerabilities as well as a security feature bypass involving VBScript and Jscript ASLR, and a scripting engine information disclosure bug. The most severe flaws could allow for remote code execution if an attacker tricks a user into visiting a maliciously crafted site. If successfully exploited, an attacker could gain the same user rights as the current user.To read this article in full or to leave a comment, please click here

After Dell-EMC deal, will VMware’s Pat Gelsinger need a new laptop?

Here’s to hoping that Pat Gelsinger, CEO of VMware, didn’t get off on the wrong foot with his new boss on Monday.+MORE AT NETWORK WORLD: The Bunch is back - How Dell and EMC could change the IT landscape | How will Dell justify its massive payout for EMC? +Some commenters were quick to point out that Gelsinger was using a Mac during the kick-off conference call to announce Monday’s mega-merger between Dell and EMC. When Michael Dell buys your company, does that mean you have to start using Dell laptops?To read this article in full or to leave a comment, please click here

DARPA wants vanishing drones

It’s a description right out of a James Bond or Mission: Impossible script: Create a flock of unmanned aircraft that can be dropped from a larger mothership to take on a mission, then actually vanish once the mission is carried out. +More on Network World: World’s craziest Halloween coffins+ Engineers at the Defense Advanced Research Projects Agency envision the disappearing drones as ideal for a number of missions, including the delivery of humanitarian or military aid to people or military personnel in rough terrain or hard-to reach-places.To read this article in full or to leave a comment, please click here

My Thoughts on Dell, EMC, and Networking

The IT world is buzzing about the news that Dell is acquiring EMC for $67 billion. Storage analysts are talking about the demise of the 800-lb gorilla of storage. Virtualization people are trying to figure out what will happen to VMware and what exactly a tracking stock is. But very little is going on in the networking space. And I think that’s going to be a place where some interesting things are going to happen.

It’s Not The Network

The appeal of the Dell/EMC deal has very little to do with networking. EMC has never had any form of enterprise networking, even if they were rumored to have been looking at Juniper a few years ago. The real networking pieces come from VMware and NSX. NSX is a pure software networking implementation for overlay networking implemented in virtualized networks.

Dell’s networking team was practically nonexistent until the Force10 acquisition. Since then there has been a lot of work in building a product to support Dell’s data center networking aspirations. Good work has been done on the hardware front. The software on the switches has had some R&D done internally, but the biggest gains have been in partnerships. Dell works closely Continue reading

More concurrency: Improved locking in PostgreSQL

If you want to build a large scale website, scaling out the webserver is not enough. It is also necessary to cleverly manage the database side. a key to high scalability is locking.

In PostgreSQL we got a couple of new cool features to reduce locking and to speed up things due to improved concurrency.

General recommendations: Before attacking locking, however, it makes sense to check what is really going on on your PostgreSQL database server. To do so I recommend to take a look at pg_stat_statements and to carefully track down bottlenecks. Here is how it works:

Google adopts single sign-on for more desktop, mobile apps

Google is expanding its identity service to provide single sign-on for more desktop and mobile applications.With enhanced OpenID Connect Identity Provider support, Google Apps administrators will be able to add single sign-on capabilities to mobile apps and to SaaS (software-as-a-service) apps available through the Google Apps Marketplace, said Shashank Gupta, product manager for Google Apps for Work. Google also added support for SAML (Security Assertion Markup Language) 2.0 for popular SaaS providers and made it easier for administrators to add custom SAML app integrations.[ Simplify your security with six password managers for PCs, Macs, and mobile devices. Find out which one prevails in InfoWorld's review. | Discover how to secure your systems with InfoWorld's Security newsletter. ] Organizations are increasingly adopting single sign-on because it improves corporate application security. Employees don't have to remember complex passwords for each application as they just use their Google Apps credentials to sign in.To read this article in full or to leave a comment, please click here

SANS: 20 critical security controls you need to add

Prioritizing security measures is the first step toward accomplishing them, and the SANS Institute has created a list of the top 20 critical security controls businesses should implement.They include some obvious steps, such as getting a comprehensive inventory of all network devices and software, implementing secure hardware configurations and providing for data recovery, but also gets into areas that are less evident.+More on Network World: Gartner: IT should simplify security to fight inescapable hackers+To read this article in full or to leave a comment, please click here

Cybereason Locks Up a $59 Million Round

Cybersecurity firm partners with SoftBank for joint offering in Japan

Adding a Full API to PicOS

Pica8′s PicOS is a Linux network OS based on Debian. This makes it easy for our customers to integrate their own tools or applications within PicOS. We are compatible with all the leading DevOps tools, such as Puppet, Chef, and Salt; and of course, we support OpenFlow.

But what if you would like to have an application on the switch itself to manipulate its data path? This is beyond the standard DevOps model and is not aligned with the traditional OpenFlow model, which uses a centralized controller.

Typically the requirement for such an application would be:
– A switch using traditional L2/L3, as well as an API to override those L2/L3 forwarding decisions.
– The API could be called on the switch itself while the application is running on the switch (that requirement would forbid a centralized OpenFlow controller).

For this use case, most network equipment vendors have an SDK (Software Development Kit) to program native applications running directly on the switch. A good example would be the Arista EOSSdk.

One big issue with those SDKs is that they are “sticky.” Once you develop your application, it only runs on the SDK provided by your vendor, Continue reading

VMware Refreshes Its Cloud Management Platform

vRealize 7 Automation and vRealize Business 7 complete a full cloud refresh.