Damballa finds tools related to the malware that hit Sony

Security company Damaballa said it has found two utilities that are closely related to capabilities seen in the destructive malware that hit Sony Pictures Entertainment last year. The utilities were discovered as Damballa was investigating a new version of the "Destover" malware, which rendered thousands of computers unusable at Sony after attackers stole gigabytes of sensitive company information. One key question in the Sony breach is how the attackers were able to evade security systems. What Damaballa found are two utilities that help mask new files introduced to a system.  "Both utilities would be used during an attack to evade detection while moving laterally through a network to broaden the attack surface," wrote senior threat researchers Willis McDonald and Loucif Kharouni, in a blog post on Wednesday.To read this article in full or to leave a comment, please click here

CCIE Data Center v2.0 Blueprint Announced

Cisco has just announced CCIE Data Center Written and Lab Exam Content Updates.Important dates for the changes are:

  • Last day to test for the v1.0 written – July 22, 2016
  • First day to test for the v2.0 written – July 25, 2016
  • Last day to test for the v1.0 lab – July 22, 2016
  • First day to test for the v2.0 lab – July 25, 2016

Key hardware changes in the v2.0 blueprint are:

  • APIC Cluster
  • Nexus 9300
  • Nexus 7000 w/ F3 Module
  • Nexus 5600
  • Nexus 2300 Fabric Extender
  • UCS 4300 M-Series Servers

Key technical topic changes in the v2.0 blueprint are:

  • VXLAN
  • EVPN
  • LISP
  • Policy Driven Fabric (ACI)

More details to come!

Network virtualization visibility demo

New OVS instrumentation features aimed at real-time monitoring of virtual networks, Open vSwitch 2015 Fall Conference, included a demonstration of real-time visibility into the logical network overlays created by network virtualization, virtual switches, and the leaf and spine underlay carrying the tunneled traffic between hosts.

The diagram above shows the demonstration testbed. It consists of a leaf and spine network connecting two hosts, each of which is running a pair of Docker containers connected to Open vSwitch (OVS). The vSwitches are controlled by Open Virtual Network (OVN), which has been configured to create two logical switches, the first connecting the left most containers on each host and the second connecting the right most containers. The testbed is described in more detail in Open Virtual Network (OVN) and is built from free components and can easily be replicated.


The dashboard in the video illustrates the end to end visibility that is possible by combining standard sFlow instrumentation in the physical switches with sFlow instrumentation in Open vSwitch and Host sFlow agents on the servers.

The diagram on the left of the dashboard shows a logical map of the elements in the testbed. The top panel shows the two logical switches Continue reading

IDG Contributor Network: This company’s name isn’t a joke: Secret Double Octopus goes beyond encryption

The process of naming a startup is fraught with peril - founders need to find a name which is catchy, ideally short, and one for which the URL is still available. Seemingly throwing most of the rules (at least about brevity or sense) out the window, Secret Double Octopus, a new company just emerging from stealth, has at least ensured one thing - no one will forget its name.Beyond quirky names, however, this company is doing something interesting. Yet another cybersecurity company that originated in Israel, Secret Double Octopus (we'll call it SDO to avoid the risks of overuse injury from repeatedly typing the name) is all about securing networking traffic and authentication beyond the traditional approaches of PKI, SSL and VPN. SDO aims to help secure data in transit, whether it's between sites, between a website and the cloud, or within mobile or IoT use cases. SDO's approach employs secret sharing, thereby eliminating the need for cryptographic keys.To read this article in full or to leave a comment, please click here

TOWER 2.4 NOW AVAILABLE

We’re happy to announce the release of Ansible Tower 2.4. In this release, we’ve focused on some core improvements for our customers operating in spaces like government and security who have specific needs around authentication and tracking, but we expect these features will be useful to much of our general user base as well.

OAUTH, VIA GITHUB AND GOOGLE

No one wants to manage their users in multiple places, and many groups today use external providers for handling their identity and authentication. We’ve added support for pulling users and teams from either GitHub or Google Apps, using OAuth2. With this, you don’t need to add users directly to Tower - they can use the accounts they already have and are using in your organization.

ADDITIONAL ENTERPRISE AUTHENTICATION

Previously, for Enterprise users who have a standard corporate infrastructure Tower has included support for connecting to an LDAP or Active Directory server for user and team information. But not everyone exposes their LDAP for use with all internal services. With Tower 2.4, we’ve extended that enterprise authentication support to also include support for authenticating to a SAML 2.0 identity provider, and to authenticate against a RADIUS server. With this, Continue reading

CCIE DC v2 Silently Announced!

So as with most things, a student just pointed out to me that the CCIE DC v2 has silently been pushed out into the Cisco Learning portal! See here:

http://www.cisco.com/web/learning/certifications/expert/ccie_dc/index.html

There is a PDF in there now showing the differential changes in the v1 and v2 blueprints:

http://www.cisco.com/web/learning/certifications/shared/docs/ccie-datacenter-comparison.pdf

Lab Structure

Well here is the rundown folks:

  1. 1 hour diagnostic section added
    1. Tests diagnostics around network issues, and the analyzing of the network without access to actual devices
    2. Independent tickets garnered from multiple sources (diagrams, emails, logs, etc…)
    3. Multiple Choice, Drag-n-drop, point-and-click item types (similar to the written examination)
  2. Troubleshoot and Configuration will be the remaining 7 hours

You have to pass both of these sections individually (achieve the minimum), and as well have a combined score above the combined minimum for both modules.

Lab Topics and Hardware

They have changed quite a bit in regards to topics, though they haven’t removed very much from the existing lab exam. A lot of what I put in parenthesis below is me, making an educated guess as to what they mean by those line items. With an already pretty full 8-hour exam, cramming some, or even all Continue reading

The US government wants in on the public cloud, but needs more transparency

The U.S. federal government is trying to move more into the cloud, but service providers' lack of transparency is harming adoption, according to Arlette Hart, the FBI's chief information security officer. "There's a big piece of cloud that's the 'trust me' model of cloud computing," she said during an on-stage interview at the Structure conference in San Francisco Wednesday. That's a tough sell for organizations like the federal government that have to worry about protecting important data. While Hart said that the federal government wants to get at the "enormous value" in public cloud infrastructure, its interest in moving to public cloud infrastructure is also tied to a need for greater security. To read this article in full or to leave a comment, please click here

U.S. may be financing encryption apps to stay ahead of terrorists

The U.S. government's financial support for the development of smartphone encryption apps doesn't surprise security experts.U.S. intelligence agencies are probably involved in funding commercial encryption apps through the government's Open Technology Fund to stay on top of terrorists and organized criminals that use encryption to cloak their communications, several security experts said Wednesday.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers "It would not surprise me if federal agencies were funding encryption apps because it is possibly the only option available to monitor terrorism and organized crime," said Darren Hayes, assistant professor and director of cybersecurity at Pace University. "ISIS members have been actively pushing potential recruits to move to encrypted communications."To read this article in full or to leave a comment, please click here

FTC loses: Judge dismisses FTC data security case against LabMD

Cancer-screening laboratory LabMD won its case against the FTC. LabMD was accused of two data breaches, one in 2012 and one in 2008, when a company spreadsheet that contained sensitive personal information of 9,000 consumers was found on a peer-to-peer network. Seven years of litigation later, FTC Chief Administrative Law Judge Chappell’s issued an initial ruling (pdf) dismissing the FTC’s complaint against LabMD since the FTC had failed to prove that LabMD’s “alleged failure to employ ‘reasonable and appropriate’ data security ‘caused, or is likely to cause, substantial injury to consumers’.”To read this article in full or to leave a comment, please click here

Google-owned VirusTotal starts analyzing Mac malware in a sandbox

VirusTotal, the most widely used online file-scanning service, is now executing suspicious Mac apps submitted by users inside a sandbox to generate information that could improve the analysis and detection of Mac malware.This comes at a time when, according to security vendors, the number of potentially unwanted Mac OS X applications, especially adware programs, is at an all time high.VirusTotal, a Google-owned service, allows users to upload suspicious files and scan them with 54 different antivirus products. However, its scan results are not perfect and should not be taken as guarantees that files are safe.To read this article in full or to leave a comment, please click here

Supersonic passenger jet service by 2023?

There could be supersonic private passenger flights buy 2023 if Airbus and Aerion have their way.The two companies this week expanded their existing partnership and detailed the results of their research – the AS2, a 170-ft. long needle-shaped, three-engine jet capable of hitting speeds over 1,200MPH – about Mach 1.5. The idea is to test fly the jet by 2021 -- which can handle about 12 passengers -- and have it in service by 2023. Airbus/Aerion AS2To read this article in full or to leave a comment, please click here

Free Book: Practical Scalablility Analysis with the Universal Scalability Law

If you are very comfortable with math and modeling Dr. Neil Gunther'Universal Scalability Law is a powerful way of predicting system performance and whittling down those bottlenecks. If not, the USL can be hard to wrap your head around.

There's a free eBook for that. Performance and scalability expert Baron Schwartz, founder of VividCortex, has written a wonderful exploration of scalability truths using the USL as a lens: Practical Scalablility Analysis with the Universal Scalability Law

As a sample of what you'll learn, here are some of the key takeaways from the book:

  • Scalability is a formal concept that is best defined as a mathematical function.
  • Linear scalability means equal return on investment. Double down on workers and you’ll get twice as much work done; add twice as many nodes and you’ll increase the maximum capacity twofold. Linear scalability is oft claimed but seldom delivered.
  • Systems scale sublinearly because of contention, which adds queueing delay, and crosstalk, which inflates service times. The penalty for contention grows linearly and the crosstalk penalty grows quadratically. (An alternative to the crosstalk theory is that longer queues are more costly to manage.)
  • Contention causes throughput to asymptotically approach the reciprocal of Continue reading

The Next Horizon for Cloud Networking & Security

VMware NSX has been around for more than two years now, and in that time software-defined networking and network virtualization have become VMware Networking Expert Guido Appenzellerinextricably integrated into modern data center architecture. It seems like an inconceivable amount of progress has been made. But the reality is that we’re only at the beginning of this journey.

The transformation of networking from a hardware industry into a software industry is having a profound impact on services, security, and IT organizations around the world, according to VMware’s Chief Technology Strategy Officer for Networking, Guido Appenzeller.

“I’ve never seen growth like what we’ve found with NSX,” he says. “Networking is going through a huge transition.” Continue reading

Arista steps outside the data center with Cloud Connect solution

The rise of virtualization has had a profound impact on the technology industry. In the networking industry, perhaps no vendor has ridden the wave of cloud more than Arista Networks. The company was founded a little over a decade ago, and today it is a publicly traded company with a market capitalization of over $4.6 billion. However, almost all of Arista's revenues today come from selling products inside the data center. The company was one of the most aggressive vendors in pushing the concept of a spine/leaf architecture as a replacement for a traditional multi-tier network. This week, Arista announced its first solution that is outside the data center. The Arista Cloud Connect solution connects public and private cloud data centers. Moving into the data center interconnect market is a logical extension for Arista and highlights just how far merchant silicon has come over the past decade.To read this article in full or to leave a comment, please click here

1 3,272 3,273 3,274 3,275 3,276 3,873