SLP: a new DDoS amplification vector in the wild

Earlier today, April 25, 2023, researchers Pedro Umbelino at Bitsight and Marco Lux at Curesec published their discovery of CVE-2023-29552, a new DDoS reflection/amplification attack vector leveraging the SLP protocol. If you are a Cloudflare customer, your services are already protected from this new attack vector.

Service Location Protocol (SLP) is a “service discovery” protocol invented by Sun Microsystems in 1997. Like other service discovery protocols, it was designed to allow devices in a local area network to interact without prior knowledge of each other. SLP is a relatively obsolete protocol and has mostly been supplanted by more modern alternatives like UPnP, mDNS/Zeroconf, and WS-Discovery. Nevertheless, many commercial products still offer support for SLP.

Since SLP has no method for authentication, it should never be exposed to the public Internet. However, Umbelino and Lux have discovered that upwards of 35,000 Internet endpoints have their devices’ SLP service exposed and accessible to anyone. Additionally, they have discovered that the UDP version of this protocol has an amplification factor of up to 2,200x, which is the third largest discovered to-date.

Cloudflare expects the prevalence of SLP-based DDoS attacks to rise significantly in the coming weeks as malicious actors learn how to exploit Continue reading

Outburst: Dune in the Style of H.R. Giger #midjourney – YouTube

If you are into Dune, then this AI Art should fill an emotional void

IPv6 Security in Layer-2 Firewalls

You can configure many firewalls to act as a router (layer-3 firewall) or as a ~~switch~~ bridge (layer-2 firewall). The oft-ignored detail: how does a layer-2 firewall handle ARP (or any layer-2 protocol)?

Unless you want to use static ARP tables it’s pretty obvious that a layer-2 firewall MUST propagate ARP. It would be ideal if the firewall would also enforce layer-2 security (ARP/DHCP inspection and IPv6 RA guard), but it looks like at least PAN-OS version 11.0 disagrees with that sentiment.

Straight from Layer 2 and Layer 3 Packets over a Virtual Wire:

IPv6 Security in Layer-2 Firewalls

Straight from Layer 2 and Layer 3 Packets over a Virtual Wire:

Arista streamlines network access control via SaaS

Arista Networks has rolled out a SaaS-based service aimed at helping enterprises more network access control (NAC) more easily.The service, called CloudVision Guardian for Network Identity (CV-AGNI) uses real-time telemetry from Arista’s network products, combines it with data from its CloudVision management platform, and uses artificial intelligence to evaluate the information and implement security policies. The service can also onboard new devices, authenticate existing users, segment devices on the network, or help troubleshoot problems from a cloud-based system, according to Pramod Badjate, group vice president and general manager, of Arista’s Cognitive Campus group. To read this article in full, please click here

Arista streamlines network access control via SaaS

Who is selling NaaS, and what do you get?

Vendors of all stripes—network hardware vendors, telcos, hyperscalers, and a new generation of cloud-based upstarts—are jumping on the network-as-a-service (NaaS) bandwagon, so it can be confusing to sort out who is offering what.Even the definition of NaaS is somewhat fluid. Is NaaS simply procuring networking gear on a pay-as-you go, subscription basis rather than buying it? Is NaaS just a different way of describing a managed service?Or is NaaS something fundamentally different that addresses a growing challenge for network execs: how to provide network connectivity, resiliency, security, and scalability in a multicloud world?To read this article in full, please click here

Zscaler Report: Phishing Continues to Be the Scourge of the Security Industry

Zscaler’s 2023 Phishing Report details the latest trends in phishing attacks, and how organizations can protect themselves from these cyber threats.

Arm reportedly set to make prototype chip ahead of IPO

UK-based chipmaker Arm is reportedly set to work with a manufacturing partner to make a prototype, advanced chip as it prepares for an IPO.

Bridging The Gap Between ‘Default Yes’ And ‘Default No’

I’ve encountered two basic philosophies for responding to requests to join a project. One philosophy I’ll describe as “Default Yes”. The argument goes, “If someone brings you a request, say yes! You only grow with challenges and if you say no too much, people will stop asking.” The second philosophy could be called “Default No.” […]

The post Bridging The Gap Between ‘Default Yes’ And ‘Default No’ appeared first on Packet Pushers.

Cisco to launch an extended detection and response SaaS package

Cisco is taking its first major step into Extended Detection and Response (XDR) with a SaaS-delivered integrated system of endpoint, network, firewall, email and identity software aimed at protecting enterprise resources.Cisco’s XDR service, which will be available July, brings together myriad Cisco and third-party security products to control network access, analyze incidents, remediate threats, and automate response all from a single cloud-based interface. The offering gathers six telemetry sources that Security Operations Center (SOC) operators say are critical for an XDR solution: endpoint, network, firewall, email, identity, and DNS, Cisco stated.To read this article in full, please click here

Cisco to launch an extended detection and response SaaS package

Network Break 427: Prosimo Launches Cloud-Native Networking Suite; Broadcom Stitches New Jericho ASIC For AI-Friendly Network Fabrics

Take a Network Break! This week we cover new cloud networking capabilities from Prosimo, discuss Broadcom's latest version of the Jericho ASIC which is being positioned for network fabrics for AI workloads, and explore the latest version of the open-source Dent network OS. We also cover financial results from F5, Starlink price cuts, and more tech news.

Network Break 427: Prosimo Launches Cloud-Native Networking Suite; Broadcom Stitches New Jericho ASIC For AI-Friendly Network Fabrics

The post Network Break 427: Prosimo Launches Cloud-Native Networking Suite; Broadcom Stitches New Jericho ASIC For AI-Friendly Network Fabrics appeared first on Packet Pushers.

Introducing VMware Secure App IX

Today, we are thrilled to announce VMware Secure App IX, a new offering designed to help cloud IT and Cloud Center of Excellence (CCoE) teams achieve borderless governance and compliance by securely connecting applications in multi-cloud environments and application teams and lines of business (LOB) by accelerating their digital transformation initiatives.

Enterprises are increasingly running applications in the cloud to drive innovation, agility, and growth. As organizations adopt multi-cloud strategies to leverage the strengths of different cloud providers, they face new challenges with ensuring secure and compliant application connectivity across clouds and platforms.

In their drive to innovate and compete, enterprises have embraced multiple cloud environments. Multi-cloud adoption has increased the need for seamless and secure application connectivity across disparate clouds, app workloads, data services, and application architectures.

Needs of Cloud IT & CCoE Teams

Cloud IT and Cloud Center of Excellence (CCoE) teams must address many complex requirements when providing secure connectivity for applications running in the cloud. Let’s look at some of these requirements in more detail.

Any-to-Any Secure Connectivity

Enterprise application modernization is an ongoing process rather than a one-time event. As new technologies emerge and business needs evolve, enterprises must continually update and modernize their Continue reading

Understanding Linux file system types

You may not spend much time contemplating the characteristics of the file systems on your Linux system, but the differences between the various file system types can be both interesting and highly relevant. This article explains commands that you can use to verify your file system types and describes their differences.Commands that report file system types There are a number of Linux commands that will display file system types along with the file system names, mount points and such. Some will also display sizes and available disk space.Using df -Th The df command with the "T" (show file system type) and "h" (use human-friendly sizes) options provides a very useful look at the file systems on a Linux system. Here's an example:To read this article in full, please click here

Understanding Linux file system types

Network Identity Redefined for Zero Trust Enterprises

The perimeter of networks is changing and collapsing. In a zero trust network, no one and no thing is trusted from inside or outside of the enterprise network without verification or network access control (NAC). However, for years, organizations have been saddled with bolt-on NAC technologies that deliver cost complexity while failing to be effective. Instead, security-conscious organizations are shifting to a “microperimeter” enterprise that embeds security into the network infrastructure as the proactive way to defend today’s wider attack surface.

Intel seeks momentum two years into Gelsinger’s turnaround effort

When Pat Gelsinger returned to Intel as its CEO in February 2021, he took over a company that had been battered by mismanagement and weakened by competition.Intel had lost significant ground in process-node development to Taiwanese chipmaker TSMC. While TSMC was making transistors at 7nm, Intel was struggling to get 10nm. AMD was besting Intel in both client and server performance and taking more market share with each passing quarter. Nvidia was on its steady march of domination in the GPU market and gaining mindshare as the ultimate AI processing vendor.To read this article in full, please click here

Intel seeks momentum two years into Gelsinger’s turnaround effort

« Previous 1 … 321 322 323 324 325 … 3,855 Next »