NetworkingNexus.net

Spearphishing Attacks Against Hostmonster Customers

I tend to see a lot of phishing emails. The message I received this morning caught my eye. It was fairly well crafted and obviously targeted. After searching the Internet, I found that some GoDaddy customers have received something similar. This seems to be making its way around the internet to website administrators. The most curious thing to me is how someone associated the email address with a Hostmonster account.

Phishing Email Message

As can be seen above, the message read–

Your account contains more than 4035 directories and may pose a potential performance risk to the server. Please reduce the number of directories for your account to prevent possible account deactivation.

In order to prevent your account from being locked out we recommend that you create special temp directory.

The link goes to kct67<dot>ru.

Message headers also suggest a Russian origin–

Received: by 10.140.27.139 with SMTP id 11csp1084546qgx;
        Tue, 17 Nov 2015 20:25:39 -0800 (PST)
X-Received: by 10.25.161.211 with SMTP id k202mr1408853lfe.161.1447820739327;
        Tue, 17 Nov 2015 20:25:39 -0800 (PST)
Return-Path: <[email protected]>
Received: from bmx1.z8.ru (bmx1.z8.ru. [80.93.62.39])
        by mx.google.com with ESMTPS  Continue reading

Carrier Grade NAT and the DoS Consequences

Republished from Corero DDoS Blog:

The Internet has a very long history of utilizing mechanisms that may breathe new life into older technologies, stretching it out so that newer technologies may be delayed or obviated altogether. IPv4 addressing, and the well known depletion associated with it, is one such area that has seen a plethora of mechanisms employed in order to give it more shelf life.

In the early 90s, the IETF gave us Classless Inter-Domain Routing (CIDR), which dramatically slowed the growth of global Internet routing tables and delayed the inevitable IPv4 address depletion. Later came DHCP, another protocol which assisted via the use of short term allocation of addresses which would be given back to the provider's pool after use. In 1996, the IETF was back at it again, creating RFC 1918 private addressing, so that networks could utilize private addresses that didn't come from the global pool. Utilizing private address space gave network operators a much larger pool to use internally than would otherwise have been available if utilizing globally assigned address space -- but if they wanted to connect to the global Internet, they needed something to translate those addresses. This is what necessitated the development of Network Address Translation (NAT).

NAT Continue reading

Ethernet on Demand is AT&T’s First SDN User Case

Internet on Demand is next, AT&T says at the GEN15 conference.

DockerCon EU 2015: Watch the Day 1 General Session

Day 1 of DockerCon EU 2015 was awesome! The day started with an action-packed general session including exciting Docker announcements with live demos (the demo gods were pleased!) and attendees hacking hardware using Docker and littleBits. Watch the video of the … Continued

SentinelOne adds feature to restore files hit by ransomware

SentinelOne has added a feature to its endpoint detection products that can restore files encrypted by cybercriminals, a common type of attack known as ransomware. The "rollback" feature will be available in the 1.6 versions of its Endpoint Protection Platform (EPP) and the Endpoint Detection and Response (EDR) products at no charge, said Dal Gemmell, director of product management. SentinelOne is among several vendors that are trying to displace traditional antivirus vendors with products that detect malware using deep analysis rather than signature-based detection. The company's products use a lightweight agent on endpoints such as laptops and desktops, which looks at the core of the operating system -- the kernel -- as well the the user space, trying to spot changes that might be linked to malware.To read this article in full or to leave a comment, please click here

IP over Ultrasound

One of my readers read the Ars Technica article on ads communicating with other devices via ultrasound and wondered whether something similar could be done for IP.

Not surprisingly, someone already did it. A quick google search found this tutorial which explains how to run IP stack over Gnuradio (at speeds that were last experienced with dial-up modems 30 years ago).

In wake of Paris attacks, legislation aims to extend NSA program

A U.S. senator plans to introduce legislation that would delay the end of the bulk collection of phone metadata by the National Security Agency to Jan. 31, 2017, in the wake of security concerns after the terror attacks last Friday in Paris.Senator Tom Cotton, a Republican from Arkansas, believes that the termination of the program, scheduled for month-end under the USA Freedom Act, "takes us from a constitutional, legal, and proven NSA collection architecture to an untested, hypothetical one that will be less effective."The transition will happen in less than two weeks, at a time when the threat level for the U.S. is "incredibly high," he said Tuesday.To read this article in full or to leave a comment, please click here

How Cisco is trying to keep NSA spies out of its gear

Cisco is working to build the confidence of prospective customers in its products, two years after disclosures of spying by the U.S. National Security Agency seeded doubt, particularly in China. It is increasingly putting more stringent security requirements on its suppliers and has launched a beta program that allows customers to analyze its products in a highly secure environment before buying. The efforts are intended to introduce more transparency to allay growing concerns over how supply chains could be opportunistically used by spies and cybercriminals. "I worry about manipulation, espionage and disruption," said Edna Conway, chief security officer of Cisco's global value chain, in a recent interview. "We worry about tainted solutions, counterfeit solutions and the misuse of intellectual property."To read this article in full or to leave a comment, please click here

Fun in the Lab: Troubleshooting DMVPN Per-Tunnel QoS

In Playing in the Lab: DMVPN and Per-Tunnel QoS we looked at DMVPN per-tunnel QoS. We looked at how to configure it…. how the vendor private extensions in RFC2332 are used in the NHRP registration request… and how to see,... Read More ›

The post Fun in the Lab: Troubleshooting DMVPN Per-Tunnel QoS appeared first on Networking with FISH.

Blackhole exploit kit makes a surprising encore appearance

The Blackhole exploit kit has made a surprising reappearance two years after cybercriminals stopped using it, according to security vendor Malwarebytes.Exploit kits are frameworks planted on Web pages that try to find software flaws on the computers in order to silently install malware.Blackhole was one of most popular exploit kits, but it faded from prominence after its alleged creator, who went by the nickname Paunch, was arrested in Russia. The kit was sold or rented to other cybercriminals in the underground economy for hacking tools.To read this article in full or to leave a comment, please click here

Citrix to Cut 1,000 Jobs & Spin Off GoTo

Another notch for Elliott Management, as Citrix vows to refocus on application delivery.

New Plexxi Software Targets the ‘Cloud Builders’

CEO Napolitano says his company is defining its customer base as 'cloud architects.'

HL: On Losing

The post HL: On Losing appeared first on 'net work.

Music cyberlocker downloads 36 months of jailtime

In the first criminal copyright infringement sentence imposed for a cyberlocker operator in the United States, the owner of the RockDizMusic.com got 36 months in prison and ordered to forfeit $50,851.05 and pay $48,288.62 in restitution.The US Department of Justice said Rocky Ouprasith, 23, of Charlotte, North Carolina operated RockDizMusic.com, a website originally hosted on servers in France and later in Canada, from which Internet users could find and download infringing digital copies of popular, copyrighted songs and albums.+More on Network World: 17 Real Big Sci/Tech projects+To read this article in full or to leave a comment, please click here

Join Me For An SD-WAN Webinar with Silver Peak 19-Nov-2015

I'm leading an SD-WAN related webinar as a guest of Silver Peak on November 19, 2015 at 12pm PT / 3pm ET. If you'd like to attend, register via http://bit.ly/1MqVD6S.

Network security primer: What is access control?

During its testimony on security weaknesses among federal agencies this week, the Government Accountability Office detailed a number of critical elements that make up effective protection systems.Among the systems the watchdog agency detailed was the key components in access control which is typically the technology an enterprise uses to regulate who has access to what resources.+ More on Network World: Watchdogs detail Federal security tribulations +To read this article in full or to leave a comment, please click here

Network security primer: What is access control?

Plexxi Unveils A New Cloud Builder Software Suite and New Switch 3 (100GbE) Hardware Platform: Simply a Better Solution for Cloud Builders

We said that the next era of IT would shake things up, and it is. And so is Plexxi.

Today, Plexxi announced two new products that combine to deliver cloud builders unprecedented capabilities to bring public cloud flexibility and efficiency to the private cloud through a focus on agility, ease-of-use, security, scale and cost-effectiveness. The first product, Plexxi 2.2 Software Suite for cloud builders, is available immediately and includes the Plexxi Network OS, the Plexxi Control application-defined fabric controller, and Plexxi Connect workflow orchestration and automation tool set. The second product, the Plexxi Switch 3 (available in January) is a powerful next-generation switch capable of delivering 10/25/40/50/100 GbE connectivity. Together, these new products expand Plexxi’s go-to-market opportunities in content distribution, high frequency trading, enterprise and government market segments.

The cloud enables rapid scaling; both up and down, of compute and storage capacity and facilitates speedy introduction of new services and applications. Early adopters have leveraged public cloud to achieve increased agility and scalability. In times when internal IT teams are challenged to respond quickly to requests, business department heads often turn to public cloud providers to implement new services quickly. This offers competitive advantage from a time-to-market perspective. It Continue reading

Hard-coded credentials make it simple to steal millions of sensitive records from apps

During a Black Hat Europe talk about (In)Security of Backend-as-a-Service, researchers warned that thousands of popular mobile apps have hard-coded backend credentials which could allow anyone to access millions of sensitive records. “Attacks are free, effortless, and simple,” they warned.Siegfried Rasthofer and Steven Arzt, PhD students at TU Darmstadt in Germany, focused on apps that use Backend-as-a-Service (BaaS) frameworks from the providers Amazon Web Services, CloudMine and Parse.com, which is owned by Facebook. This is the “first comprehensive security evaluation of several popular BaaS providers and APIs as well as their use in real-world Android and iOS applications.”To read this article in full or to leave a comment, please click here

Organizations sloppy about securing privileged accounts

Companies' haphazard processes for managing administrative or other privileged accounts are putting them at risk of security breaches, according to a new global security survey.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords The survey, conducted by Dimensional Research and sponsored by Dell, found that 83 percent of respondents face numerous challenges with managed privileged accounts and administrative passwords. That's not to say they lack procedure for securing them — nearly 80 percent say they have a defined process for managing them — but they're not diligent about it.To read this article in full or to leave a comment, please click here

« Previous 1 … 3,242 3,243 3,244 3,245 3,246 … 3,841 Next »