FBI says supposed ISIS sympathizers exploiting WordPress plugins

The Federal Bureau of Investigation warned Tuesday that attackers claiming to be sympathetic to the extremist group ISIS are targeting websites that have vulnerable WordPress plugins.The content management system has a thriving community of third-party developers who have created some 37,000 plugins, but occasionally security vulnerabilities in one can put a large number of websites at risk.The vulnerabilities can allow the hackers to gain unauthorized access, inject scripts or install malware on the affected sites, according to an advisory published by the FBI’s Internet Crime Complaint Center. The attackers have hit news organizations, religious institutions, commercial and government websites.To read this article in full or to leave a comment, please click here

No, 75% are not vulnerable to Heartbleed

A little-known company "Venafi" is suddenly in the news implying 75% of major systems are still vulnerable to Heartbleed. This deserves a rating of "liar liar pants on fire".

The issue isn't patches but certificates. Systems are patched, but while they were still vulnerable to Heartbleed, hackers may have stole the certificates. Therefore, the certificates need to be replaced. Not everyone has replaced their certificates, and those that have may have done so incorrectly (using the same keys, not revoking previous).

Thus, what the report is saying is that 75% haven't properly updated their certificates correctly. Naturally, they sell a solution for that problem.

However, even this claim isn't accurate. Only a small percentage of systems were vulnerable to Heartbleed in the first place, and it's hard to say which certificates actually needed to be replaced.

That's why you have the weasely marketing language above. It's not saying 3 out of 4 of all systems, but only those that were vulnerable to begin with (a minority). They aren't saying they are still vulnerable to Heartbleed itself, but only that they are vulnerable to breach -- due to the certificates having been stolen.

The entire report is so full of this Continue reading

SingTel acquires TrustWave for managed security services

SingTel will acquire TrustWave Holdings, the largest U.S. independent provider of managed security services, for $810 million, the companies said on Tuesday.SingTel, a large operator based in Singapore, owns stakes in mobile companies in Indonesia, the Philippines, Thailand, Bangladesh, India, Sri Lanka and countries in Africa. In Australia, SingTel runs Optus, one of the country’s major operators.Chicago-based TrustWave specializes in managed security services, an increasingly popular option for businesses. They allow customers turn over to a third party their network security, vulnerability management and data breach responsibilities, so they don’t have to develop those capabilities in house. As computer security has become increasingly complicated, managed security services are often are cheaper, and can allow companies to respond to security breaches faster.To read this article in full or to leave a comment, please click here

SingTel acquires TrustWave for managed security services

SingTel will acquire TrustWave Holdings, the largest U.S. independent provider of managed security services, for $810 million, the companies said on Tuesday.SingTel, a large operator based in Singapore, owns stakes in mobile companies in Indonesia, the Philippines, Thailand, Bangladesh, India, Sri Lanka and countries in Africa. In Australia, SingTel runs Optus, one of the country’s major operators.Chicago-based TrustWave specializes in managed security services, an increasingly popular option for businesses. They allow customers turn over to a third party their network security, vulnerability management and data breach responsibilities, so they don’t have to develop those capabilities in house. As computer security has become increasingly complicated, managed security services are often are cheaper, and can allow companies to respond to security breaches faster.To read this article in full or to leave a comment, please click here

Russian hackers accessed White House email, report says

Hackers working for the Russian government were able to access President Obama’s email system inside the White House, CNN reported Tuesday, indicating that an earlier breach may have been more serious than previously thought.The State Department and the White House said late last year they had seen suspicious activity in their networks, though the White House said at the time only unclassified systems were affected. That may have been true, but it understated the sensitivity of the information accessed, CNN reported Tuesday, citing unnamed U.S. officials briefed on the investigation.To read this article in full or to leave a comment, please click here

Starting OVSDB and vSwitchd in OpenvSwitch with Debugging Enabled

Here are some quick notes on how I went about debugging OVSDB (ovsdb-server) and OVS vSwitchd (ovs-vsctl). There are lots of ways to debug OVS these are what I used to get debug logs generated. Those logs are helpful troubleshooting for OVSDB transactions and OpenFlow commands when using the ovs-vctl or OVSDB and OpenFlow APIs. Dont do this unless you ... The post Starting OVSDB and vSwitchd in OpenvSwitch with Debugging Enabled appeared first on NetworkStatic | Brent Salisbury's Blog.

...

Apple Watch orders to be limited to one per customer

Apple Watch pre-orders open up this Friday at 12:01 AM Pacific Time. In anticipation of what might very well be staggering demand, Apple has reportedly limited pre-orders of the device to just one per customer as it pertains to in-store pickup. Presumably, users who order the device to their homes can order more than one at a time.MacRumors was the first to relay the news early on Tuesday morning in the form of a message that will purportedly be sent to those who make pre-orders this Friday for in-store pickup on April 24.. Inventory is subject to change. Your reservation is valid for pickup only at the Apple Retail Store that you selected. If you do not pick up your selected item(s) by the designated date and time, your reservation will be cancelled and your item(s) will be returned to stock. There is a maximum of 1 reservation per customer. Number of reservations may be limited. Apple reserves the right to refuse, limit or cancel a reservation if Apple determines that a customer has provided misleading or fraudulent information and/or abused, disrupted or attempted to circumvent the reservation system.To read this article in full or to leave a Continue reading

How to use AnyConnect to “cheat” in the CCIE wireless lab

How would you like to be able to look up the answers to some of the tasks in the wireless lab, and not get in trouble over it? Well, read on, and I’ll give you a fun tip that you may be able to use in the lab to solve parts of certain lab tasks. It’s not actually cheating, but it almost feels like it.

One of the realities of the lab is that there will be some pre-configurations on many of the devices. You won’t be configuring every last device from scratch. There’s not enough time, and they’d prefer to test you on more complex things than configuring every VLAN, interface, host name, etc from scratch. Just about anything has the potential to have some level of pre-configuration, and that includes the AnyConnect client. If you find that the AnyConnect client already has some WLAN profiles configured on it, say a silent “thank you” to Cisco because they just gave you a ton of great information.

Another reality of the lab is that they often don’t ask you to do things in the most straightforward and clear way possible. Often they use code words or phrases that need to Continue reading

HP tells cybersecurity customers to focus on people and processes

To protect themselves against cyberattacks, organizations should focus more on training their employees and improving their internal processes instead of buying new technology, according to one tech vendor.Yet, businesses and government agencies often focus on the next “silver bullet” product, unaware that most cybersecurity problems stem from flawed procedures and human error, said Art Gilliland, senior vice president and general manager for Hewlett-Packard’s software enterprise security products.“This is hard for a product guy to say out loud to an audience, but invest in your people and process,” Gilliland said at HP’s Software Government Summit in Washington, D.C. “The first thing that always gets negotiated out of every [security software] contract is the training and the services.”To read this article in full or to leave a comment, please click here

Welcome to the Internet of Things. Please check your privacy at the door.

It knows when you are sleeping and when you are awake. It knows when you're home and when you're away. It knows how how fast you drive, how many steps you took yesterday, and how hard your heart is working right now.It's the Internet of Things (IoT), and it is terrible at keeping secrets.INSIDER: 5 ways to prepare for Internet of Things security threats If the Web resembles the wild west when it comes to personal privacy, then the IoT is a jungle where only the fearless survive. While the privacy threats are similar, the stakes are much higher. Connected devices are collecting vast amounts of deeply personal information from our homes, our cars, and our bodies -- far more than any Web site possibly could. The kind of data that's being collected and what happens to it is governed almost entirely by privacy policies that virtually no one reads and few truly understand. Many IoT devices and apps have no privacy policy at all. And IoT security at this point in time is tissue thin, leaving your personal data at risk from external attack.To read this article in full or to leave a comment, please click here

Git for network engineers

What is Git?

git-logo

Git is a source control manager (SCM), also known as revision control. It manages changes to documents, computer programs and large websites. Arbitrarily it can manage versioning for collections of information.

Why is it important to network engineering? Well, currently we stick the config files in a directory and forget about them. Version control can be very regimented with commit comments and other markers, which helps to identify information. More importantly, as we move towards DevOps with open arms, we have to think about managing what we do in different ways. Just because something has been done a certain way, doesn’t mean it’s good to continue with that modus operandi.

Fear not – just because something is hidden away in a repository, doesn’t mean you can’t diff files etc.

Also you don’t have to have just local git repositories, you can have them on remote servers as well as the likes of github.com.

Before we start, be warned that this is a very simple example. You can use this for managing all sorts of configurations like core routers, firewall access-list entries, hell, even change control data. Be mindful of what you push and commit!!! Ensure that Continue reading

OCP Summit 2015: Open Networking as the Norm

Open Networking Thrives at the 2015 OCP Summit

A few weeks ago I passed my 2 year work anniversary at Cumulus Networks. In this short amount of time we’ve helped change the networking industry as a whole. This statement may seem a bit bold, but I feel it’s justified and we’ve all earned it. I’ll attempt to back this up with a few anecdotes collected along the journey — the men and women of Cumulus Networks, along with our great partners and customers, deserve the credit here.

When I was first hired, our on-boarding process was a bit … unconventional to say the least. The first week included JR (our CEO and cofounder) taking a headshot photo for the website (at that time it was just a Brady Bunch collage of pictures, not much else) and being issued a switch for “jailbreaking.” Now jailbreaking is a bit of an extreme term, but in these dark days before open networking, the software and hardware for networks were tightly coupled together. Items such as debugging headers, a soldering iron, and even a bit of swearing were all part of the installation process on a fresh hardware platform. Fast forward to today, Continue reading

Cisco VIRL Exclude From Launch

One of the few pet-peeves with Cisco’s VIRL has been waiting for a bunch of things to start, when I just needed a couple from that simulation. Not sure if this is a new update though it’s detailed...

[[ Summary content only, you can read everything now, just visit the site for full story ]]

Group fighting ‘Net censorship in China presses on despite DDoS attack

After facing a DDoS attack, an activist group isn’t backing down in its attempts to end China’s Internet censorship.“I think that we are more confident than we were before that our successful execution of our strategy is going to lead us to achieve our mission,” said the group via email on Tuesday.GreatFire.org suffered a distributed denial of service attack last month that threatened to cripple its activities. The anonymous group, which is based out of China, believes the country’s government was behind the attack.To read this article in full or to leave a comment, please click here

1 3,470 3,471 3,472 3,473 3,474 3,762