0

Newest RIG exploit kit driven by malicious advertising

LAS VEGAS - Earlier this year, a disgruntled reseller leaked the source code for version 2.0 of the RIG exploit kit.Since then, the RIG's author has released version 3.0, which was recently discovered by researchers from Trustwave. The latest version uses malvertising in order to deliver a majority of its traffic, infecting some 1.25 million systems to date.There have been a few notable changes made to RIG between versions, including a cleaner control panel that's easier to navigate, changes to the URL structure used by the kit that helps it avoid detection, and a security structure that prevents unauthenticated users from accessing internal files – clearly implemented to avoid leaks such as the one that exposed the source code for the previous version.To read this article in full or to leave a comment, please click here

0

Software-Defined Perimeter Remains Undefeated in Hackathon

'We don't have to be vulnerable.'

0

Harvard CISO shares 5 pearls of IT security wisdom

Chief Information Security Officer Christian Hamer, who is responsible for policy and awareness across Harvard University and whose team handles security operations and incident response, took part on a panel last week at the Campus Technology conference in Boston (Campus Technology’s Rhea Kelly moderated; ESET researcher Lysa Myers was also an expert panelist). Here’s a selection of Hamer’s more notable observations:  Most important steps for protecting your network: We think all too often about IT security or information security [as being] about the bits and bytes, and what kind of widget we put on the network or somebody’s computer to protect it… But in general we have populations that want to do the right thing. They’re a lot more aware of the threats now because a lot of them have been in the media quite a bit recently. But they’re just not sure what to do or how to do it. And that’s probably the No. 1 thing that people could double down on. Does your community know what to do? Do they know how to do it? And do they know who to ask if they have trouble understanding that? Mobile security: “There’s a great industry around mobile Continue reading

0

Patch halt looms for half of all IE users

With just over four months left before Microsoft stops serving security updates to most versions of Internet Explorer (IE) other than IE11, nearly half of all IE users are still running a soon-to-be-retired edition, new data released Saturday showed.In August 2014, Microsoft abruptly told virtually all IE users that they needed to be running IE11 by Jan. 12, 2016, or face a shut-off of security updates. After that date, Microsoft will support IE9 only on Windows Vista and Windows Server 2008; IE10 only on Windows Server 2012; and only IE11 on Windows 7, Windows 8, Windows 8.1, Windows 10, Windows Server 2008 R2 and Windows Server 2012 R2.To read this article in full or to leave a comment, please click here

0

What the Cisco XNC Controller Tells Us About OpenDaylight

A key OpenDaylight decision led to short-term product changes, but for long-term benefits.

0

Small Cells Getting Big Attention

The LTE small cell market has generated a great deal of interest from MNOs and RAN vendors over the past few years. The goals of this effort are to greatly increase cellular capacity in high traffic locations and to improve...

0

Cumulus Offers Free Open Networking Tool

The SDN startup's virtual appliance is designed to give networking pros an easy way to test its software for white-box switches.

0

Cumulus Networks Goes Virtual With Cumulus VX

Cumulus VX looks to accelerate open networking.

0

Hello Windows 10. Hello Criminals.

It’s not really surprising that scammers are taking advantage of Microsoft’s consumer release of Windows 10. According to security firm KnowBe4:  Major Operating System upgrades are usually causing confusion among end-users and the current Windows 10 upgrade is no exception. The bad guys exploit these confusions in several ways, mostly through massive phishing campaigns and with criminal call-center operations which claim to be Microsoft tech support. Some campaigns will try to worry the user that their PC has changed somehow, causing access issues. Other phishing emails will try to lure the user with links where they can get their new no-charge version of Windows 10, or have it "attached" in a zipped file, which makes it our Scam Of The Week, because the attachment is the CBT-Locker ransomware!To read this article in full or to leave a comment, please click here

0

Gigamon Wants To Feed Your Security Devices

Gigamon aims to make it easier to detect intruders by directing internal traffic flows to security and analysis products, including firewalls, IDS/IPS devices, and SIEM systems.

The post Gigamon Wants To Feed Your Security Devices appeared first on Packet Pushers.

0

It’s About Time

I guess I’m semi-famous. Or maybe I’m a moderately sized fish in a rather small bowl. Whatever the reason, a lot of people reach out to me for career advice. Which is okay, of course — I make it a personal policy to answer every email that’s addressed to me, individually, that I receive. It only takes a minute or two, after all, and it drives me nuts when I send an email to someone that seems to go into a black hole. I try not to be the person that drives me nuts.

So a couple of times a week, I open my inbox to find either an email or a message through some social network (the only social networks I actively use, by the way, are Twitter and LinkedIn, so if you friend me on Facebook, or send me an invite to something else, I’m not likely to accept) asking some variation of a couple of questions. The one I want to address in this post is probably the hardest to answer.

How can I become an architect/really good engineer/really good writer/really successful/etc.?

The snark inside me just wants to answer, “just change your title on LinkedIn, that’s Continue reading

0

iPexpert’s Newest “CCIE Wall of Fame” Additions 8/1/2015

Please join us in congratulating the following iPexpert students who have passed their CCIE lab!

This Week’s CCIE Success Stories

• Victor Yin, CCIE #49618 (Collaboration)
• Christopher Bacon, CCIE #49617 (Route/Switch)
• Majed Al-Logman, CCIE #49639 (Wireless)

We Want to Hear From You!

Have you passed your CCIE lab exam and used any of iPexpert’s self-study products, or attended a CCIE Bootcamp? If so, we’d like to add you to our CCIE Wall of Fame!

0

Worth Reading: Access Control with Segmentation

When you couple software-defined segmentation with an intelligent planning and implementation methodology, you get active segmentation. This approach to segmentation allows network operators to effectively cordon off critical network assets and limit access appropriately with minimal disruption to normal business functions. via the Cloud Security Alliance

The post Worth Reading: Access Control with Segmentation appeared first on 'net work.

0

Worth Reading: Outsourcing

And my second point is even more important: know the allegiance of your outsourcer. The key issue with outsourcing IT is this — who does your IT staff work FOR? via Cringley

This is a point that many people don’t get — if all businesses are data businesses (and they are, despite the constant refrain I’ve heard throughout my career that “we don’t make technology, here, so…”), then all the data, and all the analysis you do on that data, is just like the famous Coke recipe.

Know data, know your business. No data, no business.

It’s really that simple. When will we learn — and take this idea seriously? And when will we realize this rule applies to the network as well as the data in many cases?

The post Worth Reading: Outsourcing appeared first on 'net work.

0

Quick and dirty annotations for Go stack traces

CloudFlare’s DNS server, RRDNS, is entirely written in Go and typically runs tens of thousands goroutines. Since goroutines are cheap and Go I/O is blocking we run one goroutine per file descriptor we listen on and queue new packets for processing.

CC BY-SA 2.0 image by wiredforlego

When there are thousands of goroutines running, debug output quickly becomes difficult to interpret. For example, last week I was tracking down a problem with a file descriptor and wanted to know what its listening goroutine was doing. With 40k stack traces, good luck figuring out which one is having trouble.

Go stack traces include parameter values, but most Go types are (or are implemented as) pointers, so what you will see passed to the goroutine function is just a meaningless memory address.

We have a couple options to make sense of the addresses: get a heap dump at the same time as the stack trace and cross-reference the pointers, or have a debug endpoint that prints a goroutine/pointer -> IP map. Neither are seamless.

Underscore to the rescue

However, we know that integers are shown in traces, so what we did is first convert IPv4 addresses to their uint32 Continue reading

0

Quick config: SSL VPN on Cisco IOS via CLI

Platform: CISCO2921 IOS version: 15.3(3)M5 Load the anyconnect package on the flash of the router and configure anyconnect client package: crypto vpn anyconnect flash0:/webvpn/anyconnect-win-4.1.04011-k9.pkg sequence 1 Create a virtual template, that’s the interface the VPN clients will attach to: interface…

0

The Upload: Your tech news briefing for Monday, Aug. 3

Attacked then abandoned in Philadelphia, Hitchbot’s attempt to thumb a lift across the U.S. ends in disasterA robot that counted on the kindness of strangers to help it travel around the world has met a cruel fate in Philadelphia, barely three weeks into an attempt to hitch-hike across the U.S. Hitchbot, developed by robotics researchers at McMaster University in Hamilton, Ontario, had already hitch-hiked successfully across Canada and Germany, but U.S. residents turned out to be less welcoming, AP reports.To read this article in full or to leave a comment, please click here

0

The Upload: Your tech news briefing for Monday, Aug. 3

Attacked then abandoned in Philadelphia, Hitchbot’s attempt to thumb a lift across the U.S. ends in disasterA robot that counted on the kindness of strangers to help it travel around the world has met a cruel fate in Philadelphia, barely three weeks into an attempt to hitch-hike across the U.S. Hitchbot, developed by robotics researchers at McMaster University in Hamilton, Ontario, had already hitch-hiked successfully across Canada and Germany, but U.S. residents turned out to be less welcoming, AP reports.To read this article in full or to leave a comment, please click here

0

A secure employee departure checklist

Employee exitImage by ThinkstockA certain amount of employee turnover is a natural part of any organization’s life cycle. With each departure, whether the employee was entry-level or an executive, every organization should have a comprehensive process in place to facilitate the employee’s exit, while protecting the company’s information and securing the network and computer system accounts. Laura Iwan, Senior Vice President of Programs at the Center for Internet Security, has compiled these tips to help avoid any issues when an employee leaves the company.To read this article in full or to leave a comment, please click here

0

T-Mobile caught in crossfire of injected ad war with Flash Networks

LAS VEGAS - An ongoing conflict between website owners and ad injectors who place unwanted ads on those websites has just flared up into full-blown war, with advertisers and carriers caught in the crossfire.Take, for example, T-Mobile, which is proudly named as a customer by Flash Networks, a company that brags about creating "new monetization opportunities" for mobile operators when it "inserts the most relevant engagement display into the selected webpages."This seems to have been a surprise to T-Mobile. Cynthia Lee, the company's senior digital media manager, adamantly denied that T-Mobile was using Flash Networks to inject ads into webpages it was serving up to mobile customers.To read this article in full or to leave a comment, please click here