Cisco has an SDN for you

SAN DIEGO -- Cisco is out to prove it has an SDN for everyone.At its Cisco Live conference, the company unveiled offerings to drive programmability across its product line to address the requirements of enterprises, service providers and mega-scale data centers.The additions are to Cisco Application Centric Infrastructure (ACI), Border Gateway Protocol (BGP) EVPN and NX-OS programmable network options. ACI is targeted at the mass market – commercial, enterprise and public sector customers – while BGP EVPN is aimed at service providers and programmable NX-OS at mega-scale data centers.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Wednesday, June 10

SpaceX working on satellite network to provide InternetSpaceX is working on a network of micro-satellites to provide Internet access, the company’s founder and CEO Elon Musk confirmed via Twitter. The project is in the early stages and will be announced in two to three months, and its aim is to provide Internet access at a low cost, he said.Do Apple’s deals with music labels break antitrust laws?There were murmurs in advance of the Apple Music debut this week that Apple was using the industry power it wields via iTunes to pressure music labels not to permit any free tier streaming through rivals like Spotify. Now it’s been confirmed that the attorneys general of New York and Connecticut are looking into just that issue, and whether Apple may have run afoul of antitrust law in hammering out its deals.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Wednesday, June 10

Do Apple’s deals with music labels break antitrust laws? There were murmurs in advance of the Apple Music debut this week that Apple was using the industry power it wields via iTunes to pressure music labels not to permit any free tier streaming through rivals like Spotify. Now it’s been confirmed that the attorneys general of New York and Connecticut are looking into just that issue, and whether Apple may have run afoul of antitrust law in hammering out its deals. North Korea threatens U.S. with cyberattacksTo read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Wednesday, June 10

Do Apple’s deals with music labels break antitrust laws? There were murmurs in advance of the Apple Music debut this week that Apple was using the industry power it wields via iTunes to pressure music labels not to permit any free tier streaming through rivals like Spotify. Now it’s been confirmed that the attorneys general of New York and Connecticut are looking into just that issue, and whether Apple may have run afoul of antitrust law in hammering out its deals. North Korea threatens U.S. with cyberattacksTo read this article in full or to leave a comment, please click here

Show 240 – Software Defined WAN – Night of Nerdery – Live From New York – Sponsored

A live show recorded with a panel of customers who are well advanced into projects to deploy SD-WAN in their Enterprise networks. The Packet Pushers were pleased to be invited to host and record a live recording in New York in partnership with Viptela.

Author information

Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus.

The post Show 240 – Software Defined WAN – Night of Nerdery – Live From New York – Sponsored appeared first on Packet Pushers Podcast and was written by Greg Ferro.

Top techie Father’s Day gifts

Happy Father’s Day!Even if you’re a huge disappointment of an offspring, you might be able to crack Dad’s stony façade with the right Father’s Day gift. After all, if you give a good enough present, he’ll at least have to pretend that he’s not ashamed of you, right? Or hey, maybe your dad is actually just the best and you want to get him something out of the sheer goodness of your heart, you terrific kid, you. Read on for our top 10 ideas.To read this article in full or to leave a comment, please click here

SweetCAPTCHA users complain of advertising pop-ups

Website owners are complaining that a free security tool started displaying unwanted advertising pop-ups to their visitors.The tool is made by SweetCAPTCHA. It requires users to correctly pick out and match images before they’re allowed to do some action on a website. CAPTCHAs are intended to prevent abuse by spammers and automated registrations by web bots.SweetCAPTCHA was busy Tuesday fielding complaints on Twitter from some who noticed a script that was injecting the pop-up ads. Sucuri, a security company, said the pop-ups promote tech support schemes and bogus dating sites.To read this article in full or to leave a comment, please click here

US House votes to ban Internet access taxes permanently

The U.S. House of Representatives has passed a bill to permanently extend a 17-year moratorium on taxing Internet access and other online services.By voice vote on Tuesday, the House agreed to pass the Permanent Internet Tax Freedom Act, which would prohibit states from taxing Internet access and from levying any new taxes that target Internet services but have no offline equivalent. The bill would prohibit taxes on bandwidth or email, for example.Congress has passed temporary moratoriums since 1998, and the current moratorium is set to expire Oct. 1.The House action sends the bill to the Senate. Some senators have resisted calls for a permanent tax moratorium in recent years.To read this article in full or to leave a comment, please click here

Mozilla doubles maximum bounty for Firefox flaws to $7,500

Mozilla is giving a raise to security researchers who spot Firefox browser vulnerabilities, more than doubling its maximum reward for information on the most high-risk flaws.The change comes as many major companies have launched lucrative bug bounty programs, which benefit software developers by attracting a more diverse set of eyes on their code.“The amount awarded was increased to $3,000 five years ago, and it is definitely time for this to be increased again,” wrote Raymond Forbes, an application security engineer at Mozilla.To read this article in full or to leave a comment, please click here

Instagram cleans up its desktop site, enlarging photos

Instagram is changing the look of its photo-sharing site on the desktop, streamlining the display of people’s photos while also enlarging them.The redesign essentially mirrors the look of profile pages in Instagram’s mobile app. Previously, on the desktop, users’ photos were laid out in rows of five under their bio, with an additional collage of photos above the bio. With the changes, the collage is removed and photos on profile pages are laid out in rows of three, just like in the app, and the photos are bigger.In addition, some of the borders and shading on the desktop site have also been removed. And users’ profile pics, as well as their posts, followers and following counts, appear in the same style as on mobile.To read this article in full or to leave a comment, please click here

DevOps Meets the Internet of Things

When I initially heard about the Internet of Things (IoT) sometime in the past few years, my initial reaction was okay here we go, we have another buzz word that means absolutely nothing. Add in Internet of Everything (IoE), it seemed even worse. After spending some time participating in an IoT Hackathon this past weekend in the DevNet Zone at Cisco Live, I can honestly say that my opinion has changed. Here’s why.

Background

I was set to arrive at Cisco Live on Saturday to attend a DevOps forum on Sunday, but after booking travel and continuing to browse the Cisco Live website, I found out they were having an Internet of Things hackathon that would be starting on Saturday, go through the night, and finish on Sunday. It seemed intriguing because around the same time a highly valued peer of mine had just been telling me about a Cisco device that is still in beta, codename doublemint (more on this later), that is helping consume and deploy IoT-enabled devices. Now I needed to dig in and try to attend the hackathon. Being that I was set to arrive after the hackathon was to start, I emailed the DevNet team Continue reading

BRKSEC-2010: Emerging Threats – The State of Cyber Security

Presenter: Craig Williams (@security_craig) – Sr Technical Leader / Security Outreach Manager, Cisco TALOS

I’m from Talos. We love to stop bad guys.

 
Talos by the numbers:

  • 1.1 million incoming malware samples per day
  • 1.5 billion Sender Base reputation queries per day

Talos has a serious amount of data. For serious.

Data is key. It allows generation of real threat intel.

We basically have a bottomless pit of data

Talos vuln dev team:

  • Looking for ways to programmatically find 0-days
  • Takes this research and feeds it back into Cisco to a) make Cisco products more secure and b) generate sigs and threat intel to protect customers

With ransomware, you’re basically funding the malware underground.

Malvertizing:

  • Malicious ads which redirect user to malware and then infects them
  • Kyle & Stan campaign dynamically generated a new .exe every time it was downloaded; prevented matching on the file hash; Cisco AMP can stay on the bleeding edge of this
  • blogs.cisco.com/security/talos/kyle-and-stan

Destructive/Wiper Malware:

  • Targets your data
  • Not just file data, but also seen targetting network devices and wiping their configs
  • Cryptolocker 2.0: uses TOR for C&C; encrypted binary to avoid hash fingerprinting; anti-VM check
  • Cryptolocker 3.0: still Continue reading

North Korea threatens cyber attacks on US

North Korea has responded to a report that it was the target of an unsuccessful Stuxnet-style cyber attack by threatening a cyber attack of its own against the U.S.In an article published in the country’s largest daily newspaper on Tuesday, North Korea said it would wage a cyber war against the U.S. to hasten its ruin. Such bellicose threats are fairly common in North Korean media and aren’t always followed by action, but when it comes to cyber attacks, the country has been blamed for several large attacks in the past.Most have been against South Korea, but the country was also publicly accused by the U.S. government of being behind last year’s devastating attack against Sony Pictures.To read this article in full or to leave a comment, please click here

BRKARC-2032 – Designing for Secure Convergence of Enterprise and PCNs

BRKARC-2032 – Designing for Secure Convergence of Enterprise and Process Control Networks

Presenter: Chuck Stickney, Cisco SE

Handful of OT folks in the room; majority IT.

Convergence Benefits

  • Simplification (common protocols)
  • Reduced Cost
  • Pervasive enablement of features and services


PCN vs Enterprise

  • PCN: peer-to-peer, publish/subscribe model; application defines communication parameters; strict time sync
  • Enterprise: three-tier architecture; session oriented; many-to-one (centralized apps)
  • PCN: short, high-volume messages; localized traffic; delay/jitter sensitive; unreliable transmission; no out of order messages, no retransissions; similar to voice/video (these are problems that IT has solved for years)
  • Enterprise: large messages; remote traffic; delay tolerant; reliable, connection oriented; retransmission, re-ordering

“Layer 2, Layer 3″ are not terms that OT folks understand. IT folks: speak a language your OT folks can understand.

PCN Characteristics

  • Proprietary protocols (Modbus, Profibus, DeviceNet)
  • Incompatibility between systems (connectors, cabling, signals) (think: Ethernet vs Token Ring)
  • Industrial Ethernet: a common data link layer using standard 802.3 components (EtherNet/IP, Modbus/TCP, Profinet)
  • Ethernet/IP: Rockwell; uses Common Industrial Protocol (CIP); implicit, real-time (UDP, mcast port 2222); explicit, non-time critical (tcp port 44818)
  • Profinet: Siemens; IO and non-realtime; IO is Layer 2 only where app layer directly interfaces with MAC layer bypassing layers 3 – 6; non-real time Continue reading

Southern African nations team with Ericsson to develop broadband policies

The Communications and Regulators Association of Southern Africa (CRASA) is teaming up with Ericsson to encourage countries in the region to adopt national broadband policies and lay the groundwork for the growth of Internet services.CRASA serves nations in the Southern African Development Community (SADC), which are generally considered to lack the necessary expertise to formulate policies that could foster the growth of broadband services.In addition to accelerating the deployment of Internet services, CRASA’s initiative, if successful, could curb the high cost of broadband in the region, said Edith Mwale, a telecom analyst at Africa Center for ICT Development.To read this article in full or to leave a comment, please click here

Microsoft fixes buggy browser in Patch Tuesday update

Internet Explorer, always heavily scrutinized by both security researchers and online attackers, has once again gotten the majority of patches in this month’s Microsoft’s Patch Tuesday round of monthly bug fixes.For June, Microsoft issued 8 bulletins, which collectively contain 45 patches. The bulletin for IE alone MS15-06 contains 24 patches, including 20 that cover critical flaws, meaning they should be applied as quickly as possible.Other bulletins cover faults in the Windows operating system, the Office suite, Windows Media Player, Active Directory, and the Exchange Server.To read this article in full or to leave a comment, please click here