Symantec: Well-heeled hacking group Black Vine behind Anthem breach

A group has been singled out as the attacker behind the recently disclosed hack against Anthem, believed to be the largest waged against a health care company.It was Black Vine that broke into the health insurer's systems and stole more than 80 million patients records, Symantec said Tuesday in a report.For Black Vine, it was the latest in a long line of hacks that began in 2012. Black Vine has gone after other businesses that deal with sensitive and critical data, including organizations in the aerospace, technology and finance industries, according to Symantec. The majority of the attacks (82 percent) were waged against U.S. businesses.To read this article in full or to leave a comment, please click here

Houston, we have a bug: 9 famous software glitches in space

Image by NASA Goddard Space Flight Center CC BY 2.0There’s never a good time to run into software bugs, but some times are worse than others - like during a mission to space. Spacecraft of all shapes and sizes rely heavily on software to complete their objectives. But those missions can be quickly ended by the simplest of human errors when writing code. The omission of an overbar here or overflow error checking code there can mean the difference between success or failure, not to mention the loss of hundreds of millions of dollars, years of work and, on manned missions, human life. Use the arrows above to read about 9 examples that show that, despite the care with which these systems are built, bugs have occurred in spacecraft software since we started to fling rockets into space - and will, no doubt, continue to crop up.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Thursday, July 30

Obama wants to boost U.S. supercomputing powerWith China currently sitting at the top of the supercomputing heap—its Tianhe-2 computer has been considered the world’s most powerful for the last two years—U.S. President Barack Obama is looking to step up American efforts via the new National Strategic Computing Initiative. Set up by an executive order signed Wednesday, NSCI will coordinate government agencies, academia and the private sector with the objective of delivering a system with about 100 times the performance of current 10 petaflop systems.To read this article in full or to leave a comment, please click here

A quick review of the BIND9 code

BIND9 is the oldest and most popular DNS server. Today, they announced a DoS vulnerability was announced that would crash the server with a simply crafted query.  I could use my "masscan" tool to blanket the Internet with those packets and crash all publicly facing BIND9 DNS servers in about an hour. A single vuln doesn't mean much, but if you look at the recent BIND9 vulns, you see a pattern forming. BIND9 has lots of problems -- problems that critical infrastructure software should not have.


Its biggest problem is that it has too many feature. It attempts to implement every possible DNS feature known to man, few of which are needed on publicly facing servers. Today's bug was in the rarely used "TKEY" feature, for example. DNS servers exposed to the public should have the minimum number of features -- the server priding itself on having the maximum number of features is automatically disqualified.

Another problem is that DNS itself has some outdated design issues. The control-plane and data-plane need to be separate. This bug is in the control-plane code, but it's exploited from the data-plane. (Data-plane is queries from the Internet looking up names, control-plane is zones updates, Continue reading

OPM, Anthem hackers reportedly also breached United Airlines

The cyberespionage group that stole the personal records of millions of Americans from U.S. health insurer Anthem and the U.S. Office of Personnel Management (OPM) has also reportedly breached United Airlines.The data stolen from United includes flight manifests, which contain information on passengers, their travel origins and destinations, Bloomberg reported Wednesday citing unnamed people familiar with the investigation.The breach may have been discovered with the help of investigators in the OPM case who built a list of other potential victims after analyzing the domain names, phishing emails and attack infrastructure used by the group, the media organization reported.To read this article in full or to leave a comment, please click here

Risky Business #376 — Sniper rifles, bank safes and Android all pwned

This week we're checking in with Josh Drake of Zimperium. With exploitation of Stagefright via Josh's sweet, sweet exploit you'd think the mother of all worms is coming. Well, probably not. Later versions of Android are tricky to exploit, and the diversity of hardware in earlier versions means coming up with one exploit to rule them all isn't really feasible. We'll drill down into that with Josh in a little while.

read more

Obama rolls out initiative to boost US supercomputer capability

US President Barack Obama has signed an executive order setting up the National Strategic Computing Initiative that will adopt a coordinated strategy involving multiple government agencies, academia and the private sector for the development of high-performance computing systems.Adopting a “whole-of-government” approach, involving all departments and agencies with expertise and interests in HPC, one of the objectives of the NSCI will be to speed up the delivery of “a capable exascale computing system that integrates hardware and software capability to deliver approximately 100 times the performance of current 10 petaflop systems across a range of applications representing government needs.”To read this article in full or to leave a comment, please click here

The StageFright Vulnerability: Maybe the greatest Android vulnerability (so far)

Here’s a nightmare scenario: A simple smartphone exploit that doesn’t require the user to do anything other than receive a text message. If such a thing worries you (and, if you’re an IT manager, in a shop that allows BYOD, it should) then there’s bad news for you: Such an exploit exists for, it estimated, roughly 95% of Android smartphones which runs roughly 82% of the world’s estimated 1.91 billion smartphones.To read this article in full or to leave a comment, please click here

Samsung plots Galaxy S6 price cut, new phones to help business

Lackluster demand for its flagship Galaxy S6 smartphone and higher marketing costs led Samsung Electronics to another quarter of falling sales and profits in the April to June period.Net profit at the company was 5.75 trillion won (US$49 billion), down 8 percent on the same period a year earlier, while sales fell 7 percent to 48.5 trillion won, it said Wednesday. Both figures are in line with expectations published by Samsung earlier this month.In the key smartphone market, an area led by Samsung until recently, the popularity of Apple’s iPhone 6 and 6 Plus handsets and the rise of lower-cost phones from Chinese vendors squeezed Samsung at both the high and low end of the market.To read this article in full or to leave a comment, please click here

Facebook revenue surges 39 percent but costs also soar

Facebook has posted strong sales results for the second quarter, showing continued success in its advertising business, though its costs also rose sharply.Total revenue for the quarter ended June 30 was US$4.04 billion, Facebook reported Wednesday, up 39 percent from the same period last year and just over analysts’ estimates of $3.99 billion, as polled by Thomson Reuters.But the company made less money than it did a year earlier, with net income falling by nearly 10 percent to $719 million. Earnings per share declined from $0.30 to $0.25.To read this article in full or to leave a comment, please click here

Computer fires requiring a 911 call rare

Computer fires severe enough to prompt a 911 call are so unusual that when it does happen, local media sometimes makes note of it. That was the case in Arlington, Va., recently, when firefighters found a computer burning on the balcony of an apartment complex.According to the Arlington County Fire Dept., the resident of the apartment had built his own desktop computer. The computer wasn't in use, but was plugged in -- and the resident was in another room when it caught fire."He was alerted to the fire by the sound of the smoke alarm and then found smoke coming from his hard drive," said department Lt. Sarah-Maria Marchegiani.The resident carried the computer out to the balcony after it caught on fire, according to a local media report on Arlington Now.To read this article in full or to leave a comment, please click here

Americas are just 2 weeks away from running out of IPv4 addresses

John Curran, CEO of the American Registry for Internet Numbers (ARIN), told attendees at the Campus Technology conference in Boston on Wednesday that the IP address authority's pool of IPv4 addresses has dwindled to 90,000 and will be exhausted in about two weeks. "This is a pretty dramatic issue," says Curran, who founded ARIN in 1997 and was once CTO of Internet pioneer BBN. Curran’s revelation came during a talk during which he urged IT pros from educational institutions to upgrade their public facing websites to IPv6 as soon as possible. Not that the IPv4 address pool drying up will result in such websites being cut off from the Internet, but Curran did say moving to IPv6 will provide much more direct access to end users whose mobile and other devices increasingly have IPv6 rather than IPv4 addresses.To read this article in full or to leave a comment, please click here

Using BFD to Track WAN Status and Change HSRP Priority

It’s been five years since I started this blog! Time flies and a lot has happened since. Thanks for being along for the ride. What better way to celebrate than a blog post?

This post is going to be short and to the point.

Many of us run HSRP or VRRP. It is quite common to run it in a topology where you have dual routers and dual exits to the WAN and you don’t want to black hole your traffic.

HSRP-BFD1

One traditional way of achieving this is by tracking the interface that goes towards the WAN. There are a couple of drawbacks to this approach though:

  • You may not get link down on failure (connecting to switch)
  • You may experience an error that does not produce link down event

The next option is to use IP SLA that sends ICMP Echo towards the next-hop of the WAN or some destination further into the network. Ehanced Object Tracking (EOT) can then be used to create a track object that decrements the priority of the HSRP active router when the ICMP Echo probe fails. This works better but there are still some drawbacks to this approach:

1 3,316 3,317 3,318 3,319 3,320 3,779