Personal health information in the wrong hands can be painful

Credit card data isn’t quite the mother lode it once was for cyber thieves. Not only is its useful life generally brief, it also isn’t worth as much as it used to be.But cyber criminals are, among other things, adaptable. As Daniel Berger, CEO of Redspin puts it, "hackers are bad guys but good economists.” So they simply turn to something that provides a bigger bang for the buck.And that, increasingly, is the data you voluntarily turn over to doctors, hospitals and health insurers, known as PHI, or Personal Health Information.MORE ON CSO: How to spot a phishing email The Identity Theft Resource Center reported in January that of reported breaches, the healthcare sector had the most for three years in a row, with 42.5% of the total in 2014.To read this article in full or to leave a comment, please click here

Bucharest, Romania: CloudFlare’s 37th data center

Our global expansion continues in Bucharest, Romania, the 6th largest city in the European Union* following London, Berlin, Madrid, Rome, and Paris (nearly all of which feature a CloudFlare PoP!). From Bucharest, our latest data center will serve all 11 million Romanian Internet users, as well as users throughout the Balkans and Eastern Europe.

In good company

Romania is geographically situated between Bulgaria, Hungary, Moldova, Serbia, and Ukraine, making it an ideal destination to attract additional Internet traffic throughout much of Eastern Europe. Of course, geographic reality is rarely a mirror of Internet reality. Adding a new point of presence doesn't automatically mean that traffic from surrounding areas (or even traffic in the very same country) will route to that particular data center. This entirely depends on the interconnection of International carriers with local Internet service providers (ISPs) and large networks like CloudFlare.

It is for this precise reason that we place even more emphasis on our interconnection within a particular PoP as opposed to the absolute number of dots we add to our network map. Of course, the combination of the two (expanding wide and deep) is even better, and is why CloudFlare is blazing fast Continue reading

ISP argues net neutrality rules violate its right to block content

The U.S. Federal Communications Commission’s net neutrality rules violate the free speech rights of broadband providers because the regulations take away their ability to block Web traffic they disagree with, one ISP has argued.The FCC’s net neutrality rules take away broadband providers’ First Amendment rights to block Web content and services, ISP Alamo Broadband argued to an appeals court this week. While not a new argument for ISPs, it’s a curious one, given that most broadband providers have argued the regulations aren’t needed because they promise never to selectively block or degrade Web traffic.The FCC rules violate the First Amendment because they prohibit broadband providers’ ability to engage in political speech by “refusing to carry content with which they disagree,” wrote lawyers for Alamo Broadband, a small wireless ISP based in Elmendorf, Texas. Broadband providers, by carrying their own and other Web content, have the ability to “exercise editorial discretion,” wrote lawyers with Wiley Rein, a Washington, D.C., law firm.To read this article in full or to leave a comment, please click here

Former Hacking Team developer reportedly in contact with a terrorist group

An individual who did work for Hacking Team was in contact with hackers working for a terrorist organization, and disgruntled employees—who deny the charge—were planning to sell an antidote to the spyware vendor’s surveillance software, an Italian newspaper reported Friday.A general in the Italian foreign intelligence service (AISE), identified as “G” in internal emails published by WikiLeaks three weeks ago, told Hacking Team CEO David Vincenzetti that “an ex-collaborator of Hacking Team is working with foreign hackers who collaborate with terrorist organizations,” according to Il Fatto Quotidiano.Hacking Team, a Milan-based company that sold surveillance software to law enforcement agencies around the world and was criticized for helping oppressive regimes crack down on their political opponents, suffered a disastrous security breach at the beginning of July, with 400 GB of confidential information eventually dumped online.To read this article in full or to leave a comment, please click here

PlexxiPulse—Partnering with Arrow

This week, we announced today an exclusive distribution agreement with one of the largest and most innovative distributors in the industry, Arrow Electronics. Under this agreement, Arrow’s Enterprise Computing Business will become the sole distributor of our next-generation networking products and solutions for scale-out applications, agile datacenters and distributed cloud environments. This agreement represents a joint vision that a new generation of Third Platform applications (IoT, Big Data, social, mobile and distributed apps) demand a new software-defined infrastructure to meet the demands for scale-out, virtualized computing. If you’re interested in learning more about our partnership with Arrow, take a look at the CRN Exclusive article on this announcement.

Below please find a few of our top picks for our favorite news articles of the week. Have a great weekend!

eWEEK: Enterprise Cloud Economy Booming, Driven by Big Data
By Nathan Eddy
The SteelBrick report analyzes how enterprise companies are selling to customers and also examines B2B selling trends compared to this time last year. The market for enterprise technology products is booming, with 72 percent of high-technology providers reporting growth in sales quote volumes, and 42 percent reporting accelerating sales cycles, according to a report from SteelBrick. The report analyzes Continue reading

Italian police shutter Dark Web marketplace

Italian police have shut down a Dark Web marketplace offering illegal goods ranging from child pornography to forged luncheon vouchers, and seized 11,000 bitcoin wallets worth about 1 million euros, authorities said Friday.Officials compared the marketplace discovered by “Operation Babylon” to the Silk Road online black market that was taken down by the U.S. Federal Bureau of Investigation in 2013.More than 14,000 people had signed up to the illegal community, which was allegedly run by an Italian living near Naples. There was evidence of 170,000 transaction messages on the Tor platform, which provided 12 kinds of hidden services, police said. These ranged from pornographic images to arms, drugs, false identity papers, hacker kits and credit card codes.To read this article in full or to leave a comment, please click here

Black Hat 2015: Cracking just about anything

Researchers at the Black Hat 2015 conference next week will show how to crack Internet routing protocols, malware-detecting honeypots, radio-frequency ID gear that gates building access, and more, but also offer tips on how to avoid becoming victims to their new attacks.A pair of researchers will release a hardware device that exploits weaknesses in RFID access controls and show how to use it to break into buildings. The device exploits the communication protocol used by most access-control systems, according to the team, Eric Evenchick, a freelance developer, and Mark Baseggio, a security consultant for Accuvant.+ ALSO ON NETWORK WORLD: The Black Hat Quiz 2014 +To read this article in full or to leave a comment, please click here

Ad group urges FTC to reject right to be forgotten in US

The U.S. Federal Trade Commission should reject a privacy group’s push to extend the E.U.’s controversial right to be forgotten rules to the U.S. because such regulations would have a “sweeping” negative effect on many U.S. companies, a trade group said.The FTC should dismiss a July 7 complaint from Consumer Watchdog against Google, the Association of National Advertisers [ANA] said Friday, because the privacy group’s request that Google and other Internet firms enforce the right to be forgotten could open the door to more European privacy regulations in the U.S.To read this article in full or to leave a comment, please click here

Ad group urges FTC to reject right to be forgotten in US

The U.S. Federal Trade Commission should reject a privacy group’s push to extend the E.U.’s controversial right to be forgotten rules to the U.S. because such regulations would have a “sweeping” negative effect on many U.S. companies, a trade group said.The FTC should dismiss a July 7 complaint from Consumer Watchdog against Google, the Association of National Advertisers [ANA] said Friday, because the privacy group’s request that Google and other Internet firms enforce the right to be forgotten could open the door to more European privacy regulations in the U.S.To read this article in full or to leave a comment, please click here

QoS Terminology – Comparing Cisco to MEF and RFC Terminology

Have you every thought that you knew a topic pretty well but then someone uses terminology that you aren’t used to? People that use Cisco a lot or live outside the MEF world use another terminology than people that are working on MEF certified networks. Even if we both know the concepts, if we don’t speak a common language it will be difficult to communicate and to the the right end result.

When I took the CCDE written at Cisco Live, some of the QoS related material felt a bit off to me. I feel quite confident with QoS so this took me by surprise. My theory is that some of the material was written by someone coming from another background and uses some wording that just felt a bit off to me. I thought that I would read through some of the MEF material to broaden my QoS horizon and see what other terms are being used. At the very least I will have learned something new.

If we start with the basics, we have flows in our networks and these flows have different needs regarding delay, jitter and packet loss. I will write different terms and I will Continue reading

Why does SQL injection still exist?

After having spent the last two weeks in Asia I find myself sitting in a hotel room in Tokyo pondering something. I delivered a few talks in Singapore and in Manila and was struck by the fact that we’re still talking about SQL injection as a problem.So, what is SQL injection you might ask. This is a method to attack web applications that have a data repository. The attacker would send a specially crafted SQL, or structured query language, statement that is designed to cause some malicious action. These statements are successful too often as many web applications do not sanitize their inputs.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers The OWASP Top Ten is a collection of vulnerabilities that are of particular note. The problem that jumps out at me is that SQL injection has been on this list for the better part of a decade. Why does this continue to be the case? Well, there are contributing factors to be certain. One of which is the time to market issue which will most likely never be dealt with from a security perspective.To read this article in full or Continue reading

Hacker steals Bitdefender customer log-in credentials, attempts blackmail

A hacker extracted customer log-in credentials from a server owned by Bitdefender that hosted the cloud-based management dashboards for its small and medium-size business clients.The antivirus firm confirmed the security breach, but said in an emailed statement that the attack affected less than 1 percent of its SMB customers, whose passwords have since been reset. Consumer and enterprise customers were not affected, the company said.The hacker, who uses the online alias DetoxRansome, first bragged about the breach on Twitter Saturday and later messaged Bitdefender threatening to release the company’s “customer base” unless he was paid US$15,000.To read this article in full or to leave a comment, please click here

Understanding Rowhammer

As I learned in my early days in electronics, every wire is an antenna. This means that a signal in any wire, given enough power, can be transmitted, and that same signal, in an adjacent wire, can be received (and potentially decoded) through electromagnetic induction (Rule 3 may apply). This is a major problem in the carrying of signals through a wire, a phenomenon known as cross talk. How do communications engineers overcome this? By observing that a signal carried along parallel wires at opposite polarities will cancel each other out electromagnetically. The figure below might help out, if you’re not familiar with this.

induction

This canceling effect of two waveforms traveling a pair of wires 180deg out of phase is why the twisted is in twisted pair, and why it’s so crucial not to unbundle too much wire when punching down a jack or connector. The more untwisted the wire there is, the less effective the canceling effect is around the punch down, and the more likely you are to have near end or far end crosstalk.

If you consider one row of memory in a chip one wire, and a second, adjacent row of memory in the Continue reading

FREE COURSE: Learn basic Cisco networking

In partnership with Pluralsight, Network World presents a free course on CCNA routing and VLANs. In this course, the student will learn the fundamental concepts of networking, and then immediately apply this knowledge to the configuration of a router and switch.To read this article in full or to leave a comment, please click here(Insider Story)

1 3,391 3,392 3,393 3,394 3,395 3,857