IDG Contributor Network: Spotty indoor cell coverage is on its way out

The days of strolling down a street, smartphone connected to somewhat speedy mobile internet connection, only to have the connection thwarted when you enter a large building, may be numbered.Mobile Network Operators (MNOs) think that scalable "small cells" are the answer to a vexing building-penetration issue.For the end user, asking for a Wi-Fi password at every stop-and-call may become a thing of the past if these small cells take off and work as promised.What are they? Small cells are distinct from an MNO's macrocells, which are mounted on rooftops and other structures, and are served by a cellular base station. Macrocell antennas are the ones you see dotted around your neighborhood.To read this article in full or to leave a comment, please click here

Use of Windows XP makes European ATMs vulnerable to malware attacks

For the first time, a country in Western Europe has reported that malware attacks were used by hackers to steal €1.23 million (US$1.32 million) from ATMs. One major problem is the continued use of Windows XP in ATMs, making them more vulnerable to attacks, a report on ATM fraud said.The report does not specify which country reported the malware attacks, said Lachlan Gunn, executive director the European ATM Security Team (EAST), an organization that aims to provide an oversight of trends in ATM fraud.However, it is the first time these attacks were reported in Western Europe. Malware attacks on ATMs have been used for some time in other parts of the world, including Eastern Europe, the Asia Pacific region and Latin America, Gunn said.To read this article in full or to leave a comment, please click here

Police operation disrupts Beebone botnet used for malware distribution

Europol, in collaboration with Dutch authorities, the U.S. FBI and private security companies, have seized the domain names used to control a botnet called Beebone.The police action Wednesday included a so-called botnet sinkholing operation that involved redirecting domains used by the botnet’s command-and-control servers to a server controlled by security companies.Such an action prevents attackers from controlling the botnet and also gives authorities a chance to identify victims whose computers are now connecting to the sinkhole server.Information about the botnet will be distributed to ISPs and CERTs [computer emergency response teams] from around the world so they can notify victims and help them clean their systems, Europol said Thursday in a press release.To read this article in full or to leave a comment, please click here

Intel to help Chinese vendors churn out more PCs

Last year, Intel convinced small, little-known Chinese tablet makers to use its chips instead of only ARM’s. Now it wants those companies to churn out PCs, potentially upsetting a market that has been dominated by Taiwanese manufacturers.Many PCs are already manufactured in China, but often times in factories owned by Taiwanese companies, partnering with Intel, that have specialized in the trade for decades.Mainland Chinese companies have been feverishly developing tablets and smartphones, on the other hand, and they are flooding the market with low-cost models.Last year, Intel supplied 46 million tablet chips, and many of those went to these little-known manufacturers and vendors in China. Some of these vendors include Hampoo, Ramos and ChipHD, among many others that tend to build cheap mobile devices.To read this article in full or to leave a comment, please click here

Brocade switch extends SDN, campus automation

Brocade this week unveiled a campus switch and other enhancements to better support video and wireless traffic, improve management and extend software defined networking. The new switch is the ICX 7250. It supports up to eight 10G Ethernet ports for uplinks or stacking, and can be stacked 12-high into a virtual chassis supporting 576 Gigabit Ethernet and 96 10G ports. Brocade says this density will enable campus networks to better support bandwidth-intensive video and wireless traffic.To read this article in full or to leave a comment, please click here

Brocade switch extends SDN, campus automation

Brocade this week unveiled a campus switch and other enhancements to better support video and wireless traffic, improve management and extend software defined networking. The new switch is the ICX 7250. It supports up to eight 10G Ethernet ports for uplinks or stacking, and can be stacked 12-high into a virtual chassis supporting 576 Gigabit Ethernet and 96 10G ports. Brocade says this density will enable campus networks to better support bandwidth-intensive video and wireless traffic.To read this article in full or to leave a comment, please click here

Brocade switch extends SDN, campus automation

Brocade this week unveiled a campus switch and other enhancements to better support video and wireless traffic, improve management and extend software defined networking. The new switch is the ICX 7250. It supports up to eight 10G Ethernet ports for uplinks or stacking, and can be stacked 12-high into a virtual chassis supporting 576 Gigabit Ethernet and 96 10G ports. Brocade says this density will enable campus networks to better support bandwidth-intensive video and wireless traffic.To read this article in full or to leave a comment, please click here

Bet you’ve never heard Beethoven on a Tefifon

Unless you are German or collect vintage audio equipment, chances are you have never even heard of the Tefifon. That doesn’t mean it doesn’t have a Wikipedia page, since virtually everything has a Wikipedia page. The Tefifon was a German-developed and manufactured audio playback format that utilized cartridges loaded with an endlessly looped reel of plastic tape (much like the later 4-track and 8-track magnetic audio tape cartridges) with grooves embossed on it, similar to the ones on a phonograph record. Born in the 1950s, it never really caught on, but it’s a fascinating contraption. For a better sense of the Tefifon and how it works, I recommend this 11-minute video from a blog called Techmoan.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Thursday, April 9

Facebook’s cred is still intact with teens, survey saysA Pew Research survey has found that Facebook is the most popular social network among teens, debunking the notion that it was losing ground among the younger generation. While 71 percent of all teens surveyed use Facebook, 41 percent said they use it the most often compared to other sites. Snapchat and Instagram aren’t far behind, though.Oz launches subscription video platform Thursday, aims at creatorsIcelandic startup Oz is launching a new video platform and mobile app on Thursday that aims to give artists, small businesses and even journalists a platform to publish videos online and get subscription revenue from viewers. Oz videos will be accessible on the Web as well as on iOS and Android. The company suggests that most content creators charge around $5 per month; the platform supports payments in 120 different currencies, with Oz taking a 30 percent cut of producers’ revenue.To read this article in full or to leave a comment, please click here

Islamist hackers take French broadcaster TV5Monde off air

French-language TV network TV5Monde was hit by a crippling cyberattack Wednesday that disrupted broadcasting across its channels and also involved the hijacking of its website and social media accounts.The attack happened at around 10 p.m. Central European Time and given its scale, probably took serious planning by the attackers—a group that calls itself the Cyber Caliphate. The same group, which claims affiliation to extremist organization ISIS, also hijacked the Twitter accounts of Newsweek, the International Business Times and the U.S. Central Command earlier this year.To read this article in full or to leave a comment, please click here

Response: Your Software Needs Hardware to Deliver

The hardware makes the software possible but disappears quickly from view.

The post Response: Your Software Needs Hardware to Deliver appeared first on EtherealMind.

More Layer-2 Misconceptions

My “What Is Layer-2 and Why Do You Need It?” blog post generated numerous replies, including this one:

Pretend you are a device receiving a stream of bits. After you receive some inter-frame spacing bits, whatever comes next is the 2nd layer; whether that is Ethernet, native IP, CLNS/CLNP, whatever.

Not exactly. IP (or CLNS or CLNP) is always a layer-3 protocol regardless of where in the frame it happens to be, and some layer-2 protocols have no header (apart from inter-frame spacing and start-of-frame indicator).

Neverquest: A global threat targeting Financials

By: ASERT Research Team

On March 31^st, Arbor’s Security Engineering & Response Team (ASERT) published a detailed threat brief on the Neverquest malware for Arbor customers. Along with thousands of IOC’s (indicators of compromise), the brief details Neverquest’s current inner workings and describes some reversing techniques ASERT uses to unravel and monitor this stealthy and quickly evolving malware. Applying this research at scale to malware and data acquired by our global ATLAS initiative allows us to develop targeted defenses and security context that enables customers to mitigate advanced threats and enhance their security posture over time [1].

This blog post provides excerpts from the Neverquest threat brief along with some new data that was not available at the time the brief was released to customers. In doing so, it also highlights the results of ASERT research activities that feed Arbor products.

Historical Threat Context and Prior Research

Originally, a malware family known as Ursniff was used to build newer malware called Gozi. After some success and a time of inactivity, Gozi was revitalized as Gozi Prinimalka, which has evolved into the modern Vawtrak/Neverquest (referred to as ‘Neverquest’ herein). Foundational threat analysis work has been performed for years on Continue reading

Bringing Enterprise Class Automation to Open Networking

Today Puppet Labs announced that Cumulus Networks has joined its Puppet Supported Program. We’re very excited about this and, if you’re implementing a software-defined data center, you should be excited too.

Is it finally possible to manage the data center instead of just managing stacks?

Because Cumulus Linux is Linux, our customers are able to use the same tools they know and love for managing Linux servers to manage their networks. The joint integration work we’ve done means it’s easier than ever for anyone that wants to automate their data center to extend their change management procedures across both servers and switches, unifying data center and network infrastructure under a single dashboard.

Beyond the streamlining of management consoles, this integration brings a host of business benefits to any organization. For example:

• Businesses can more quickly deploy applications with integrated, end-to-end application deployment from provisioning the VM to the full-stack (see the diagram below)
• Unified management and automation significantly reduces human error, meaning more uptime for services and applications
• Support for multiple Puppet masters across dev, test and production assures full visibility of change management
• Integration gives networking teams the ability to contribute to the Puppet code that manages infrastructure configuration

Continue reading

Facebook still king of social media among teens

The findings of a new survey debunks theories that Facebook is losing its “cool factor” among teenagers.Facebook is the most popular social network among teens, according to the results of the survey published Wednesday night by the Pew Research Center. The researchers found that 71 percent of all teens use it. And 41 percent of teens said they use Facebook the most often compared to other sites.The findings are a victory for Facebook, which has had to address claims in recent years that its site is losing popularity among teens. In 2013, Facebook’s chief financial officer admitted to a decline in the number of daily users among U.S. teens.To read this article in full or to leave a comment, please click here

Scaling out PostgreSQL for CloudFlare Analytics using CitusDB

When I joined CloudFlare about 18 months ago, we had just started to build out our new Data Platform. At that point, the log processing and analytics pipeline built in the early days of the company had reached its limits. This was due to the rapidly increasing log volume from our Edge Platform where we’ve had to deal with traffic growth in excess of 400% annually.

Our log processing pipeline started out like most everybody else’s: compressed log files shipped to a central location for aggregation by a motley collection of Perl scripts and C++ programs with a single PostgreSQL instance to store the aggregated data. Since then, CloudFlare has grown to serve millions of requests per second for millions of sites. Apart from the hundreds of terabytes of log data that has to be aggregated every day, we also face some unique challenges in providing detailed analytics for each of the millions of sites on CloudFlare.

For the next iteration of our Customer Analytics application, we wanted to get something up and running quickly, try out Kafka, write the aggregation application in Go, and see what could be done to scale out our trusty go-to database, PostgreSQL, from a Continue reading

Cloud computing brings changes for IT security workers

Watch out, computer security professionals: Cloud computing vendors are coming for your jobs.It may be inevitable, or you may be able to take back control by rigorously studying how your organization uses technology. But either way, life is changing for IT security experts.Companies like Google and Amazon have figured out configuration management while enterprises avoid the process, said Marcus Ranum, chief security officer of Tenable.“That’s the reason why Amazon is going to have your jobs in 10 years. We are failing as an industry,” said Ranum, who spoke Wednesday at a meeting of the Information Systems Security Association, New England chapter.To read this article in full or to leave a comment, please click here

Microsoft Creates Hyper-V Containers

More love for Linux containers (but with less 'Linux')

Cloud Security Alliance: $10K Prize to Hack Our Gibson

Could Zero Cool crack a software-defined perimeter?

In a mock cyberattack, Deloitte teaches the whole business how to respond

A security breach or big data loss can trigger an emergency for the entire business, not just for the IT or security teams, so staffers from multiple departments must know how to react quickly and effectively in such situations.This was one of the main lessons taught in a cyber incident war-gaming exercise held for the media on Tuesday in New York by consulting firm Deloitte.Deloitte typically conducts such exercises on behalf of large organizations that want to prepare for when they are hit by a major computer breach. In Tuesday’s event, the participants were executives from various companies, many of whom had participated in such an exercise before.To read this article in full or to leave a comment, please click here