Website hackers hijack Google webmaster tools to prolong infections

Hackers who compromise websites are also increasingly verifying themselves as the owners of those properties in Google's Search Console. Under certain circumstances this could allow them to remain undetected longer than they otherwise would be, researchers warn.The Google Search Console, formerly known as the Google Webmaster Tools, is a very useful service for administrators to understand how their websites perform in search results.In addition to providing analytics about search queries and traffic, it also allows webmasters to submit new content for crawling and to receive alerts when Google detects malware or spam issues on their websites.To read this article in full or to leave a comment, please click here

Stuff The Internet Says On Scalability For September 11th, 2015

Hey, it's HighScalability time:


Need a challenge? Solve the code on this 17.5 feet tall 11,000 year old wooden statue!

  • $100 million: amount Popcorn could have made from criminal business offers; 3.2-gigapixel: World’s Most Powerful Digital Camera; $17.3 trillion: US GDP in 2014;  700 million: Facebook time series database data points added per minute; 300PB: Facebook data stored in Hive; 5,000: Airbnb EC2 instances.

  • Quotable Quotes:
    • @jimmydivvy: NASA: Decade long flight across the solar system. Arrives within 72 seconds of predicted. No errors. Me: undefined is not a function
    • Packet Pushers~ Everyone has IOPS now. We are heading towards invisible consumption being the big deal going forward. 
    • Randy Medlin: Gonna drop $1000+ on a giant iPad, $100 on a stylus, then whine endlessly about $4.99 drawing apps.
    • Anonymous: Circuit Breaker + Real-time Monitoring + Recovery = Resiliency
    • Astrid Atkinson: I used to get paged awake at two in the morning. You go from zero to Google is down. That’s a lot to wake up to.
    • Todd Waters~ In 1979, 200MB weighed 30 lbs and took up the space of a washing machine
    • Todd Waters~ CERN spends more compute Continue reading

‘Unidentified adapter in my lab’

Spoiler alert: We’re pretty sure we know what this is pictured above – entirely thanks to Reddit – and you will, too, if you don’t stop reading this.A user of the Reddit forum dedicated to networking, r/networking, asks: “We found an adapter and we aren’t sure what type of connection the male end is. Can any of you identify this for me?” Here are a couple more close-up views: Imgur Imgur It didn’t take long for a consensus to emerge: “My guess is (it’s) a PCMCIA Ethernet card adapter.”To read this article in full or to leave a comment, please click here

Kuala Lumpur, Malaysia: CloudFlare’s 45th data center

Kuala Lumpur joins the CloudFlare network as our 45th global point of presence (PoP). While this latest deployment comes only a day after the announcement of our expansion in Berlin (back-to-back!), it's been a long three years since we last crossed a new border in Asia. Kuala Lumpur expands our presence in the Asia-Pacific region to nine PoPs: Kuala Lumpur, Seoul, Tokyo, Osaka, Hong Kong, Singapore, Sydney, Melbourne and Auckland.

No boomerangs allowed

One of the difficulties of delivering content locally in certain parts of Asia (and in many other parts of the world for that matter) is that certain ISPs only connect with other ISPs in the same local Internet ecosystem outside of their national borders. In the absence of domestic interconnection, a request (e.g. an e-mail or web request) from one local ISP to another "boomerangs" outside of the national border before it is ultimately delivered to another local ISP. If you live or travel in certain parts of Asia, this is one of the leading culprits for why the web feels slow. The lack of a domestic and central interconnection point also makes it challenging for networks like CloudFlare, both Continue reading

PCAP or it didn’t happen…. The t-shirt!

front
Some days I don’t know why I do things… But last night I was playing around with creating a PCAP meme when my friend Josh Kittle said he’d be interested in a t-shirt like that. I got to thinking about it and realized some network engineers out there also might enjoy something like this, so I fired up a campaign on teespring!

Let me know what you think, I may do other shirts in the future as this was fun to work on. If you have any ideas you don’t plan on using, let me know and I might work on developing them.

Oh, and since Jay Franklin had to have an IPv6 shirt… I also launched another version with an IPv6 packet capture, and the #IPv6 hashtag on the back.

ipv6-shirt

Click one of the shirts to see them on teespring…

The post PCAP or it didn’t happen…. The t-shirt! appeared first on Router Jockey.

Challenges around Operationalizing Threat Intelligence

When it comes to threat intelligence, there seem to be two primary focus areas in play:  The threat intelligence data itself and the legislative rhetoric around threat intelligence sharing (i.e. CISA, CISPA, etc.).  What’s missing?  The answer to a basic question:  How do organizations get actual value out of threat intelligence data and threat intelligence sharing in a meaningful way?As it turns out, the answer to this question isn’t obvious and many enterprises continue to struggle as they seek to “operationalize” threat intelligence.  In a recently published ESG research report titled, Threat Intelligence and Its Role Within Enterprise Cybersecurity Practices, ESG surveyed 304 cybersecurity professionals working at enterprise organizations (i.e. more than 1,000 employees), and asked them to rate themselves in terms of their ability to operationalize threat intelligence (note: I am an ESG employee).  The data indicates that:To read this article in full or to leave a comment, please click here

QOTW: Outsourcing Memory

Culture is more than the aggregate of what Google describes as “the world’s information.” It’s more than what can be reduced to binary code and uploaded onto the Net. To remain vital, culture must be renewed in the minds of the members of every generation. Outsource memory, and culture withers.Nicolas Carr, The Shallows

LinkedInTwitterGoogle+FacebookPinterest

The post QOTW: Outsourcing Memory appeared first on 'net work.

Easily provision Windows instances in AWS with Ansible

Untitled_designMYTH: using Ansible to do fully-automated provisioning of Windows instances in AWS is difficult, because WinRM is not enabled by default on Amazon’s Windows AMIs, and the admin password is not known at startup.

I’d like to bust this myth once and for all. As an Ansible Solutions Architect, I often see users going to great lengths to solve both of these problems. The solutions I’ve encountered in the field have ranged from “minor maintenance hassle” to “major code-smell”, and are usually completely unnecessary; an obscure EC2 feature called User Data can replace them all. In a post on my personal blog, I demonstrate a basic use of this feature to manually provision Windows instances that are Ansible-ready on first boot, using unmodified Amazon-provided AMIs. A follow-up post expands that technique into a fully-automated provisioning sample. Try it yourself to see how easy it is to quickly spin up and configure Windows instances for any need, using only Ansible!

New iPhone 6S could let Sprint network shine

LAS VEGAS -- Apple gave Sprint a little gift this week with the new iPhone 6S in the form of faster wireless speeds via a technology called carrier aggregation.The only problem is that Sprint is just at the beginning of rolling out carrier aggregation capability nationwide, a process expected to take place over the next two years. Just this week, Sprint announced the technology's availability in Denver.To read this article in full or to leave a comment, please click here

MIT scores worst in cybersecurity

In a cybersecurity survey of 485 large colleges and universities, the Massachusetts Institute of Technology came in at the bottom of the list.In a report released today, SecurityScorecard analyzed the educational institutions based on web application security, network security, endpoint security, IP reputation, patching, and other security indicators.SecurityScorecard's chief research officer Alex Heid said they have a feeling that MIT's low scores were due in part to its cybersecurity research efforts.MORE ON CSO: What is wrong with this picture? The NEW clean desk test "They do their own malware research," he said. "They run honeypots. They're running TOR exit nodes."To read this article in full or to leave a comment, please click here

5 iPad alternatives for the enterprise

iPad alternatives for the enterpriseImage by ThinkstockApple's iPad -- no matter the generation -- is usually at the top of most "best tablets" lists. That remains true with the latest iPad Air 2 - and will probably be true when the just-announced iPad Pro becomes available. However, while the iPad offers a lot in the way of performance and design, when it comes to productivity, you might find it lacking in some areas. Without the option to use a mouse, split-screen apps and a lack of expandable storage, it may not measure up for your business needs. Or maybe you're just tired of the same old tablet and want to try something new. Whatever your reason, if you want to stray from Apple, here are five iPad alternatives that can easily move your office to your couch.To read this article in full or to leave a comment, please click here

Free speech for computers, and nine other DARPA ideas

If free speech for humans is worth fighting for, is free speech for computers worth fighting against?That's the type of question you might expect from someone who holds a doctor of philosophy degree in computer science and psychology and it's exactly what the audience at DARPA's Wait, What? conference in St. Louis heard on Thursday.Posing the question was Paul Cohen, who joined the Department of Defense-run research organization from the University of Arizona in 2013."Are you attracted or appalled by the idea of machines that have ideas and know how to express them?," he continued. "What if you were lonely? What if they were bigots? What if you could each change the other’s mind?"To read this article in full or to leave a comment, please click here

HTIRW: The Internet Society

In ending this series — which I hope has been useful for Packet Pusher’s readers to get a solid survey of the entire Internet’s operational structure — we’ll talk about one of the “forgotten” groups of people helping to build and maintain the ‘net as we know it. Without this organization the Internet probably simply […]

The post HTIRW: The Internet Society appeared first on Packet Pushers.

FireEye takes security firm to court over vulnerability disclosure

A spat between two security companies shows just how sensitive reporting software vulnerabilities can be, particularly when it involves a popular product.The kerfuffle between FireEye and ERNW, a consultancy in Germany, started after an ERNW researcher found five software flaws in FireEye's Malware Protection System (MPS) earlier this year.One of the flaws, found by researcher Felix Wilhelm, could be exploited to gain access to the host system, according to an advisory published by ERNW. To read this article in full or to leave a comment, please click here

Android ransomware changes a device’s PIN code

Researchers at security company ESET have found a type of malware that changes an Android device's PIN, the first of its kind in an ever-evolving landscape of ransomware attacks. For most users, the only option to get rid of the malware is to reset the phone to its factory settings, which unfortunately also deletes all the data on the device. The malware calls itself "Porn Droid" and bills itself as a viewer for adult content. It has only been seen on third-party Android application marketplaces or forums for pirated software, wrote Lukas Stefanko, an ESET malware analyst. But after it's installed, users see a warning supposedly from the FBI that they've allegedly viewed "prohibited pornography." It asks for a US$500 fine to be paid within three days.To read this article in full or to leave a comment, please click here

1 3,341 3,342 3,343 3,344 3,345 3,858