Cyber insurance rejects claim after BitPay lost $1.8 million in phishing attack

If you bought cyber insurance so you’d be covered if you were hacked, and then had $1.8 million stolen after being hacked, wouldn’t you expect your insurance claim to be paid? If so, then think again as the claim can be denied due to the wording of the risk insurance contract.BitPay, a Bitcoin payment processor, had purchased cyber insurance from Massachusetts Bay Insurance Company (MBIC), but BitPay was in for a rude awakening.In December 2014, an unknown hacker pulled off a social engineering attack; he spearphished BitPay’s Chief Financial Officer, managed to capture corporate credentials, then used the hacked email account to spoof emails to the CEO; the hacker tricked BitPay into making three separate transfer transactions over two days to the tune of 5,000 bitcoins, which were valued at $1,850,000. Well at least the company had cyber insurance, right? No; the insurance company denied the claim due to the wording in the contract; BitPay then sued the insurance company.To read this article in full or to leave a comment, please click here

Uber Goes Unconventional: Using Driver Phones as a Backup Datacenter

In How Uber Scales Their Real-Time Market Platform one of the most intriguing hints was how Uber handles datacenter failovers using driver phones as an external distributed storage system for recovery.

Now we know a lot more about how that system works from Uber's Nikunj Aggarwal and Joshua Corbin, who gave a very interesting talk at the @Scale conference: How Uber Uses your Phone as a Backup Datacenter.

Rather than use a traditional backend replication scheme where databases sync state between datacenters to achieve a measure of k-safety, Uber did something different, what they do is store enough state on driver phones so that if a datacenter failover occurs trip information can not be lost on the failover.

Why choose this approach? The traditional approach would be much simpler. I think it is to make sure the customer always has a good customer experience and losing trip information for an active trip would make for a horrible customer experience. 

By building their syncing strategy around the phone, even thought it's complicated and takes a lot work, Uber is able to preserve trip data and make for a seamless customer experience even on datacenter failures. And making the customer Continue reading

Ansible + AWS, Red Hat Enterprise Linux, and JBOSS

Many of the questions we frequently get are related to deploying applications and stacks into Amazon Web Services. Back in July, Ansible Government teamed up with partner DLT Solutions to host a webcast demonstrating the creation of a Red Hat stack in AWS entirely managed with Ansible. Watch it now and continue reading below for more information.

IT organizations look toward AWS for a number of reasons, but according to IDC, deploying applications in AWS results in a 64% lower TCO and 82% less downtime. Now let’s be honest. Who doesn’t like less downtime?

Red Hat is the leading Open Source provider for infrastructure and middleware solutions. Their industry-standard Red Hat Enterprise Linux and JBoss middleware are widely deployed in on-prem physical and virtual environments, and are the benchmark for stability, security, and performance.

But how can you leverage that power in AWS? With Ansible, it’s easy.

In the webcast, we demonstrate the deployment of a complete JAVA-based web application, including RHEL, JBOSS, and a load balancer. Once installed, we demonstrated how to use the same playbook that deployed the application to update the application. Better yet, these examples are available for you to start using and experimenting with today.

Here’s Continue reading

Out with the old: Make removing old technology part of your culture

Friday afternoon, late, and the new system is finally up. Users are logged in, getting their work done, and you’ve just received an email from the CTO (your boss’ boss’ boss’ boss, probably), saying what a good job the team did in getting things up and running so quickly. For once, in fact, the system went in perfectly. There was no close to team breakups over which technology or vendor to use; there were very few unexpected items that crept into the budget, the delays were minimal, and you even learned a couple of new skills to top it all off.

Wonderful, right? The perfect unicorn project.

But before you break open that bottle of bubbly (or whatever cold beverage is your choice), or maybe pop up a bowl of popcorn and sit down to a long deserved break binge watching the shows you missed pulling this thing together, you need to ask one more question:

Did you strip and sand first? Or did you just paint right on top?

Or don’t you remember the time you tried to paint that old trailer that had been sitting in your back yard for ages? Sure, it was covered in rust, dirt, Continue reading

Malware implants on Cisco routers revealed to be more widespread

Attackers have installed malicious firmware on nearly 200 Cisco routers used by businesses from over 30 countries, according to Internet scans performed by cybercrime fighters at the Shadowserver Foundation. Last Tuesday, FireEye subsidiary Mandiant warned about new attacks that replace the firmware on integrated services routers from Cisco Systems. The rogue firmware provides attackers with persistent backdoor access and the ability to install custom malware modules. At the time Mandiant said that it had found 14 routers infected with the backdoor, dubbed SYNful Knock, in four countries: Mexico, Ukraine, India and the Philippines. The affected models were Cisco 1841, 2811 and 3825, which are no longer being sold by the networking vendor.To read this article in full or to leave a comment, please click here

iOS 9 breaks VPNs and prevents server access for many

Apple's iOS 9 has several features meant to increase its strong enterprise-grade security. But it also breaks a key security method: VPN connections to some corporate servers. As a result, users won't be able to access some servers over some VPN connections -- but they'll be able to access other servers with no problem. The bug appeared in iOS 9's beta. It was not fixed in the final version of iOS 9, and it is not fixed in the current beta of iOS 9.1.[ InfoWorld's Mobile Security Deep Dive. Download it today in your choice of PDF or ePub editions! | Keep up on key mobile developments and insights with the Mobile Tech Report newsletter. ] Here's what Cisco has reported about the bug:To read this article in full or to leave a comment, please click here

New products of the week 09.21.2015

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Live Segments Key features: improves the process for both segmenting large promotional email lists and implementing behavioral data to create personalized communications, while automating the labor intensive processes around segmentation, data analysis and product recommendations. More info.To read this article in full or to leave a comment, please click here

New products of the week 09.21.2015

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Live Segments Key features: improves the process for both segmenting large promotional email lists and implementing behavioral data to create personalized communications, while automating the labor intensive processes around segmentation, data analysis and product recommendations. More info.To read this article in full or to leave a comment, please click here

The Hyperconverged Reality of Tomorrow

For a while now we’ve been hearing a lot of buzz about hyperconverged systems and we’ve been following it closely. We think what’s missing from these conversations is how critical the network is to the sustained success of these systems.

In our quest to build a simply better network, our key focus is on how to truly hyperconverge the network. And we do it by combining the latest in Ethernet switching with optical multiplexing to create a high performance, resilient, low latency and scalable data center network fabric. Unlike traditional leaf/spine approaches, Plexxi Switches are deployed as a single tier, eliminating cost and complexity while vastly reducing operational overhead so the enterprise can build true fabric agility to support the dynamic workload needs of hyperconverged nodes.

At VMWorld, Mat Matthews pointed out in his 5 Key Takeaways blog that hyperconverged solution providers are zoning in on the simplification of the consumption process around infrastructure. The silos are gone. Providers are recognizing that customers want to get new workloads up and running quickly without having to deal with getting storage, compute and networking to work together.

This is good news all around. We are seeing the realization that the network has Continue reading

Indian draft rules on encryption could compromise privacy, security

India's government is trying to ensure that its law enforcement agencies have easy access to encrypted information, but it could be compromising security and privacy in the process. A draft policy on encryption issued by the Indian government aims to keep a check on the use of the technology by specifying the algorithms and the length of the encryption keys used by different categories of people. Consumers will also be required to store the plain texts of encrypted information for 90 days from the date of a transaction and provide the text to agencies when required under the laws of the country.To read this article in full or to leave a comment, please click here

Apple brings down malware-infected apps from store

Apple has brought down a large number of apps from its store after it was found that around 40 iOS apps had been infected by a modified version of the company's software for developers.Christine Monaghan, an Apple spokeswoman, told news outlets that the company removed apps from the App Store that it knows have been created with the counterfeit software, to protect its customers.Palo Alto Networks reported last week that a new malware, called XcodeGhost, modified the Xcode integrated development environment for building apps for the Mac, iPhone and iPad.To read this article in full or to leave a comment, please click here

DHS CISO: Revoke security clearance of feds who keep falling for phishing scams

Numerous federal agencies rely on legacy systems that have security bolted on as an afterthought instead of security “being deeply embedded” in the systems. It is unsurprising that such older hardware, software and operating systems are vulnerable to intrusions. But sometimes security problems have more to do with human vulnerabilities – stupid PEBKAC and ID10T errors committed by the person behind the keyboard – than legacy systems. If the same people who handle sensitive government information also keep falling for phishing scams, should they have their security clearance revoked? Indeed they should, according to DHS chief security officer Paul Beckman.To read this article in full or to leave a comment, please click here

Merchant Processes and CID/CVV2

I recently received a letter from the company that monitors my home alarm. It basically stated that to avoid a $3US surcharge that I must opt out of receiving bill in the mail (which is fine) and that I must set up automatic transactions.  I also found this form attached.

Merchant Form

This is not the first time that I have seen a payment option that includes a requirement for the CVV2  or CID value from my credit card. However with a little knowledge of PCI, I have to ask myself the following question, “What exactly are they going to do with this information?” According to PCI-DSS, this information must not be stored (even in an encrypted format) after authorization.

That raises the following questions for the merchant requiring this information–

  1. Is this truly only for the first transaction authorization and the physical form will be securely destroyed?
  2. In this particular case, this is for a monthly transaction. So their relationship with their provider is such that CID/CVV is optional (and not used) for secondary transactions?
  3. Or is this information being stored, electronically or physically, allowing for the possibility of later transactions?

In this Continue reading

How to map OpenFlow switch TCP ports in Mininet SDN simulations

When testing SDN functions in the Mininet network emulator and viewing captured OpenFlow messages in a packet analyzer such as Wireshark, it is difficult to identify which SDN switch is the source or destination of each captured message.

The only reliable way to identify which SDN switch sent or received an OpenFlow message is to look at the source or destination TCP port of the OpenFlow packets. This is because most OpenFlow messages exchanged between switches and the controller do not contain any other information that helps identify the sending or receiving switch. Neither Mininet nor the Open vSwitch database provides information that might be used to identify the TCP ports used by each switches to communicate with the OpenFlow controller in the network.

This post describes a procedure to map which TCP ports are used on each switch to communicate with the SDN controller in the Mininet network simulation. This procedure will enable researchers or students to study the interactions between SDN controller and switches in a more detailed and accurate way.

Summary of procedure

To map which TCP ports are used on each switch to communicate with the SDN controller in the Mininet network simulation, execute the steps Continue reading