Microsoft Edge browser gets critical patches

Released a little over a month ago, Microsoft's new Edge browser has gotten a set of critical security patches.As part of its monthly round of security fixes, colloquially known as Patch Tuesday, Microsoft released a critical bulletin, MS15-095, with four patches covering vulnerabilities in the Windows 10-only Edge browser.Overall this month, Microsoft issued 12 bulletins covering 56 vulnerabilities. Five bulletins were deemed as critical, meaning they should be addressed as soon as possible.In addition to Edge, this month's patches cover issues in Internet Explorer, Windows, Office, Exchange, the .Net framework, the Hyper-V virtual machine, Active Directory, and Skype for Business.To read this article in full or to leave a comment, please click here

Cisco adds sFlow support to Nexus 9K series

Cisco adds support for the sFlow standard in the Cisco Nexus 9000 Series 7.0(3)I2(1) NX-OS Release. Combined with the Nexus 3000/3100 series, which have included sFlow support since NX-OS 5.0(3)U4(1),  Cisco now offers cost effective, built-in, visibility across the full spectrum of data center switches.
Cisco network engineers might not be familiar with the multi-vendor sFlow technology since it is a relatively new addition to Cisco products. The article, Cisco adds sFlow support, describes some of the key features of sFlow and contrasts them to Cisco NetFlow.
Nexus 9000 switches can be operated in NX-OS mode or ACI mode:
  • NX-OS mode includes a number of open features such as sFlow, Python, NX-API, and Bash that integrate with an open ecosystem of orchestration tools such as Puppet, Chef, CFEngine, and Ansible. "By embracing the open culture of development and operations (DevOps) and creating a more Linux-like environment in the Cisco Nexus 9000 Series, Cisco enables IT departments with strong Linux skill sets to meet business needs efficiently," Cisco Nexus 9000 Series Switches: Integrate Programmability into Your Data Center. Open APIs are becoming increasingly popular, preventing vendor lock-in, and allowing organizations to benefit from the rapidly increasing range of open hardware Continue reading

Africa’s effort to tackle cybercrime gains momentum

Africa’s efforts to tackle cybercrime are gaining momentum as Tanzania joins African countries including Zambia, Nigeria, South Africa and Kenya in coming up with a law that includes penalties of up 10 years in prison.The law comes amid claims that Tanzania has one of the highest rates of cybercrime and social media abuse in Africa. Tanzanian President Jakaya Kikwete has already approved the Cyber Crimes Act of 2015, which becomes operational this week.The Tanzania Communications Regulatory Authority (TCRA) is already warning of tough actions against cybercriminals in the East African country as a result of the new law.Critics have said however, that the Tanzanian law targets social media with the aim of regulating its use in order to silence divergent views and critics of the government.To read this article in full or to leave a comment, please click here

Microsoft released 12 patches, 5 rated critical, 1 being exploited in the wild

Microsoft released 12 security updates for September 2015 Patch Tuesday, five of which are rated critical and one is currently being exploited in the wild.Microsoft patches rated criticalMS15-097 contains a fix for a flaw currently being exploited in the wild, so it should be your top priority. It patches 11 vulnerabilities in Microsoft Graphics Component which could allow remote code execution.Qualys CTO Wolfgang Kandek wrote, “The bulletin is rated critical on Windows Vista and Server 2008, plus Microsoft Office 2007 and 2010, plus Lync 2007, 2010, 2013. In addition one of the vulnerabilities, rated as only as important in the bulletin is under attack in the wild: CVE-2015-2546 allows for an escalation of privilege once on the machines, allowing the attacker to become administrator of the targeted machine. CVE-2015-2546 affects all versions of Windows including Windows 10.”To read this article in full or to leave a comment, please click here

Blackmail rising from Ashley Madison breach

Cybercriminals are maddeningly adaptable.If a Dark Web illicit marketplace gets shut down, others spring up almost immediately to take its place. If credit cards get tougher to hack, there is always spear phishing, poorly protected electronic health records or the unending variety of devices that make up the Internet of Things (IoT), most of which have little to no security built in.To read this article in full or to leave a comment, please click here

Blurred lines: Cyberespionage group caught borrowing banking malware code

A group of hackers that target military and government organizations has recently borrowed code from an old online banking Trojan called Carberp, further blurring the line between cybercrime and cyberespionage.The hacker group is known by various names in the security industry, including Pawn Storm and APT28. Its primary malware tool is a backdoor program called Sednit or Sofacy.The group has been active since at least 2007 and has targeted governmental, security and military organizations from NATO member countries, as well as defense contractors and media organizations, Ukrainian political activists and Kremlin critics.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Light-based networks could replace wires for hospital patients

Interference has been a major issue when hospitals have tried to replace the cluttered, bulky wiring used to monitor patients’ conditions—those are the wires protruding from a body, along with the associated beeps, as seen in the hospital TV drama procedurals we know and love.Hard-wiring, though, has never been an ideal solution for biomedical signals—it prevents patients from moving around, for one thing. That ties up expensive hospital beds.Interference RF interference can not only interfere with other signals, but it can apparently damage hospital equipment, say some researchers in South Korea.Those researchers, from Pukyong National University in Busan, reckon that they have a better solution. They want to use light instead.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Light-based networks could replace wires for hospital patients

Interference has been a major issue when hospitals have tried to replace the cluttered, bulky wiring used to monitor patients’ conditions—those are the wires protruding from a body, along with the associated beeps, as seen in the hospital TV drama procedurals we know and love.Hard-wiring, though, has never been an ideal solution for biomedical signals—it prevents patients from moving around, for one thing. That ties up expensive hospital beds.Interference RF interference can not only interfere with other signals, but it can apparently damage hospital equipment, say some researchers in South Korea.Those researchers, from Pukyong National University in Busan, reckon that they have a better solution. They want to use light instead.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Will the Ashley Madison hack really bring about any change in corporate IT security?

That sultry, sexy, "shh." We've all seen it over and over and over again during the past month. That "shh" promised sex and security. It looks like Ashley Madison didn't deliver much of either. Except for the sordid stories that keep Ashley Madison in the news, there is really nothing notable about the Ashley Madison breach. We are swimming in a sea of data breaches. They've become so routine it takes sex and scandal for anyone to notice. With so many data breaches over the past several years, you would expect companies (and governments) to do something about them.To read this article in full or to leave a comment, please click here

CCIE at 50k: Software Defined? Or Hardware Driven?

50kSticker

Congratulations to Ryan Booth (@That1Guy_15) on becoming CCIE #50117. It’s a huge accomplishment for him and the networking community. Ryan has put in a lot of study time so this is just the payoff for hard work and a job well done. Ryan has done something many dream of and few can achieve. But where is the CCIE program today? And where will it be in the future?

Who Wants To Be A CCIE?

A lot of virtual ink has been committed to opinions in the past couple of years about how the CCIE is become increasingly irrelevant in a world of software defined DevOps focused non-traditional networking teams. It has been said that the CCIE doesn’t teach modern networking concepts like programming or building networks in a world with no CLI access. While this is all true, I don’t think it diminishes the value of getting a CCIE.

The CCIE has never been about building a modern network. It has never been focused on creating anything other than a medium-sized enterprise network in the case of the routing and switching exam. It is not a test of best practices or of greenfield deployment scenarios. Instead, it has Continue reading

Evaluating my own books…

This is a bit of a slow week in the US, and I’ve been deeply imbibing philosophy and theology this weekend (getting ready for the first two PhD classes), so I’m going to do something a little different this week. A lot of folks email me asking about which of my books are worth buying, or asking me if they should buy this or that specific book I’ve written across the years. So, herewith, an honest appraisal of my own books.

Advanced IP Network Design

This book is based on single question—what have we learned from working on failed networks from the perspective of TAC and Escalation in terms of good network design? It’s hard to believe, but this was (AFAIK) the second book published by Cisco Press, in 1999 (that’s 16 years, 10 books, and two degrees ago!). While I have a fond place in my heart for this book, all the material here is generally updated and improved in Optimal Routing Design, below.

EIGRP for IP

This started life as the EIGRP white paper, written based on a thorough reading of the EIGRP code base as it existing in 2000, along with many hours spent with GDB, Continue reading

4 new cybercrime trends threaten your business

The more things change, the more things stay the same -- at least for hackers. That's one of the finding in Proofpoint's mid-year threat report on the attacks of choice for the first half of 2015. In addition to the return of an old friend, the cybersecurity company also found more targeted attacks towards businesses, heightened activity around social media and a shift in the volume and accuracy of the bad stuff that ends up in your inbox, looking to take your money. Click the attachment They're baaaaaack – email attachments that infect a computer once clicked upon, that is. To read this article in full or to leave a comment, please click here

Credentials stored in Ashley Madison’s source code might have helped attackers

If you're a company that makes its own websites and applications, make sure your developers don't do what the Ashley Madison coders did: store sensitive credentials like database passwords, API secrets, authentication tokens or SSL private keys in source code repositories.Judging by the massive amount of data leaked last month by Impact Team from AshleyMadison.com's owner Avid Life Media (ALM), the hackers gained extensive access to the Canadian company's IT infrastructure.The ALM data dumps contained customer records and transaction details from the Ashley Madison infidelity website, but also the email database of the company's now-former CEO and the source code for the company's other online dating websites including CougarLife.com and EstablishedMen.com.To read this article in full or to leave a comment, please click here

1 3,323 3,324 3,325 3,326 3,327 3,835