Trojanized Android apps flood third-party stores, compromise phones

Attackers are creating rogue versions of popular Android applications that compromise the security of devices and are extremely hard to remove.Researchers from mobile security firm Lookout have found more than 20,000 samples of such trojanized apps. They're typically fully functional copies of top Android applications like Candy Crush, Facebook, Google Now, NYTimes, Okta, SnapChat, Twitter or WhatsApp, but with malicious code added to them.The goal of these rogue apps is to aggressively display advertisements on devices. A scary development though is that, unlike traditional adware, they root the devices where they get installed in order to prevent users from removing them.To read this article in full or to leave a comment, please click here

Strategy: Avoid Lots of Little Files

I've been bitten by this one. It happens when you quite naturally use the file system as a quick and dirty database. A directory is a lot like a table and a file name looks a lot like a key. You can store many-to-one relationships via subdirectories. And the path to a file makes a handy quick lookup key. 

The problem is a file system isn't a database. That realization doesn't hit until you reach a threshold where there are actually lots of files. Everything works perfectly until then.

When the threshold is hit iterating a directory becomes very slow because most file system directory data structures are not optimized for the lots of small files case. And even opening a file becomes slow.

According to Steve Gibson on Security Now (@16:10) LastPass ran into this problem. LastPass stored every item in their vault in an individual file. This allowed standard file syncing technology to be used to update only the changed files. Updating a password changes just one file so only that file is synced.

Steve thinks this is a design mistake, but this approach makes perfect sense. It's simple and robust, which is good design given, what I assume, Continue reading

The International Space Station: Reveling at 15

Hailing 15Image by NASANASA and the world cosmos community this month celebrate the International Space Station’s 15th consecutive year of humans living in its celestial lab. In those 15 years, 45 crewed expeditions -- more than 220 people from 17 countries -- have visited the station, constructed over more than 115 space flights conducted on five different types of launch vehicles. The station now measures 357 feet end-to-end and provides more livable room than a conventional six-bedroom house, NASA says. Here we take a look at life onboard and what the ISS has meant to space exploration.To read this article in full or to leave a comment, please click here

VBulletin resets patches and issues emergency patches following breach

VBulletin Solutions has reset the passwords for over 300,000 accounts on its website following a security breach, and also released emergency security patches. The company's Internet forum software is used on tens of thousands of websites.It's not clear if the patches were prompted by the security breach, but the hacker who claimed to have compromised the vBulletin.com database put a zero-day vBulletin exploit -- an exploit for an unpatched vulnerability -- up for sale on Monday.VBulletin Solutions did not immediately respond to an inquiry seeking more details about the patches and their relationship to the breach.To read this article in full or to leave a comment, please click here

VBulletin resets passwords, issues emergency patches following breach

VBulletin Solutions has reset the passwords for over 300,000 accounts on its website following a security breach, and also released emergency security patches. The company's Internet forum software is used on tens of thousands of websites. It's not clear if the patches were prompted by the security breach, but the hacker who claimed to have compromised the vBulletin.com database put a zero-day vBulletin exploit -- an exploit for an unpatched vulnerability -- up for sale on Monday. VBulletin Solutions did not immediately respond to an inquiry seeking more details about the patches and their relationship to the breach.To read this article in full or to leave a comment, please click here

TalkTalk breach investigation leads to fourth arrest

Police investigating the data breach at U.K. telecommunications operator TalkTalk made their fourth arrest late Tuesday, as lawmakers launched their own inquiry into the case.The Metropolitan Police Cyber Crime Unit and the National Crime Agency arrested a 16-year-old boy at an address in Norwich, England, after visiting it with a search warrant.Police had previously arrested a 15-year-old boy from County Antrim, Northern Ireland, on Oct. 26, a 16-year-old boy in Feltham, England, on Oct. 29, and a 20-year-old man in Staffordshire on Oct. 31.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers All four were arrested on suspicion of offenses under the Computer Misuse Act, and all have now been released on bail without charge while police continue their investigation.To read this article in full or to leave a comment, please click here

How to push security earlier into the dev process

A new crop of products is emerging that aim to implant security best practices and compliance checks as early and often as possible when new infrastructure is spun up in the cloud or when new applications are launched in a rapid development environment.The idea behind these products is that security should be incorporated into the entire life cycle of resources being used or applications being developed. Some vendors contend that too often security assessments are either not performed, or they’re done too late in the process of managing resources and apps. Tools from companies like Amazon Web Services, Microsoft and Chef are all aiming to ensure security best practices are automatically enforced as early on in the process as possible.To read this article in full or to leave a comment, please click here

How to test and fix IPv6 fragmentation issues

In an earlier blog post, I discussed the issues associated with IPv6 packet fragmentation. Of particular significance, IPv6 fragmentation relies extensively on the computer sourcing packets being able to receive ICMPv6 “packet too big” message type 2 sent from any intermediate device in the route to the packet’s destination. The capability to confirm that an […]

How to test and fix IPv6 fragmentation issues

In an earlier blog post, I discussed the issues associated with IPv6 packet fragmentation. Of particular significance, IPv6 fragmentation relies extensively on the computer sourcing packets being able to receive ICMPv6 “packet too big” message type 2 sent from any intermediate device in the route to the packet’s destination.

The capability to confirm that an end user in a network will correctly receive the packet-too-big ICMPv6 message has been added to the test-ipv6 mirrors, including http://test-ipv6.arbor.net. This new capability allows a user to identify if the packet-too-big message is being discarded between the user’s computer and the web site.

In the “Tests Run” tab of the main test-ipv6 mirror page, the “Test IPv6 large packet” test documents the IPv6 fragmentation behavior. If further information is desired, one can click on the “Technical Info” link.

If the “Test IPv6 large packet” test is failing, the packet-too-big ICMPv6 message is likely being dropped. This indicates issues within the user’s computer, enterprise network or elsewhere along the path to the test-ipv6 mirror.  The problematic device may be a router or firewall device, although it may even be the “firewall” software configured on the user’s computer.

Any device in the Continue reading

It’s a Switch! It’s a Router! It’s a Server! It’s a new product platform – NFX250

Today marks a very special day for me at Juniper. A brand new product line that I’ve managed from the very beginning has been announced. The NFX250 is a unique platform that actualizes the concepts of Network Functions Virtualization we’ve all heard so much about, but hardly see encompassed in an end-to-end solution. The NFX250 is a Distributed … Continue reading It’s a Switch! It’s a Router! It’s a Server! It’s a new product platform – NFX250

CCIE Recertification + Certification News 2015

The last time I re-certified, it took me three times to pass the CCIE R&S written exam. While that exam is a challenge that many people fail to pass the first time out, I felt like I was getting rusty on some fundamentals. Three times was not the end of the world, but the effort felt forced. I wanted a refresher.
1 3,273 3,274 3,275 3,276 3,277 3,855