New attacks suggest leeway for patching Flash Player is shrinking

Cybercriminals are exploiting newly patched vulnerabilities faster, a sign that users and companies need to improve their software updating habits.Researchers from both Malwarebytes and FireEye reported Thursday that drive-by download attacks using the Nuclear Exploit Kit target a vulnerability that was patched last week in Flash Player.The flaw, which is tracked as CVE-2015-0336, was fixed by Adobe on March 12. It affects all Flash Player versions older than 17.0.0.134 on Windows and Mac, 11.2.202.451 on Linux and 13.0.0.277 ESR (extended support release).To read this article in full or to leave a comment, please click here

Wireless router from Huawei hints at new ways to speed up LTE

In the hunt for more spectrum to offer higher wireless broadband speeds, mobile operators and equipment vendors are showing a growing interest in a new candidate.Huawei Technologies has laid the groundwork for speeds up to 220Mbps using LTE-Advanced at 3.5GHz. On Friday, the company said it has launched the world’s first device, a wireless router, that combines the speedy network technology with that frequency band.The amount of spectrum is one of the things that determines what speeds a network can offer. The 3.5GHz band is an ideal candidate for offering high speeds because it has a lot of spectrum available, according to Huawei. What the vendor does not mention is that using the higher band also means worse coverage than what mobile operators can offer with current networks.To read this article in full or to leave a comment, please click here

Cisco NAT Cheat Sheet

I’ve always had a difficult time when attempting to remember how to implement the different types of NAT available on ASA and IOS devices. It doesn’t help that between the two device families, there are three different syntax versions used in the configurations. I created the PDF linked below as a quick reference sheet. It […]

Author information

John W Kerns

John is a network and systems engineer based in the Los Angeles/San Diego area. His background is in two traditionally stovepiped skill sets; systems administration and switching/routing/security. Most of his time is spent as an implementation engineer for a medium sized SoCal VAR. You can visit his blog at blog.packetsar.com or follow him on twitter @PackeTsar
Twitter

The post Cisco NAT Cheat Sheet appeared first on Packet Pushers Podcast and was written by John W Kerns.

Orange Money deal with Airtel in West Africa part of expansion plan

Orange’s move to work with Airtel to offer mobile money transfer between the Ivory Coast and Burkina Faso is just one step in an effort to expand its services throughout Africa.Orange Money customers in the Ivory Coast can now send and receive money to or from Airtel customers in Burkina Faso. Orange Money has over 13 million customers in 12 African countries, including Jordan. The partnership with Airtel, which runs its Airtel Money service in 16 African countries, is likely to trigger more internetwork and mobile money transfers.In West Africa, Orange Money International Transfer already serves users in Senegal, Ivory Coast and Mali, but the pact with Airtel fills a gap in the region.To read this article in full or to leave a comment, please click here

Yahoo’s reported willingness to pay $11M for ‘insurance’ was the real March Madness

You may recall that last year around this time Yahoo, Warren Buffett and Quicken Loans teamed up to offer this challenge: If anyone could pick the winner of every single game in the NCAA’s 64-team, six-round March Madness basketball tournament, he or she would win a billion dollars.No one met the challenge, or came close. In fact, the tournament wasn’t even half over before the final perfect bracket sheet was no longer perfect. This came as no surprise to anyone, in large part because the odds against completing the challenge successfully were one in 9 quintillion or one in 128 billion, depending on who’s doing the math, according to this explanation in Slate.To read this article in full or to leave a comment, please click here

Remote port-mirroring in Junos

Information on remote port mirroring on Junos routers doesn’t seem to be very easy to come by for some reason – there is quite a lot of information about doing this on EX switches (a bit like RSPAN in Cisco’s IOS), which wasn’t what I needed.  Various other sources of information (such as Cluepon) say this can be done using a GRE tunnel, but that the capturing device needs to be a server that terminates the GRE tunnel – which all seemed a bit complicated.

I needed to remotely mirror a port on an MX to a second MX where a windows-based Wireshark was connected, so getting GRE working to a Windows host sounded like a non starter.

So I had to work it out myself – and hopefully this write-up will prove useful to someone else in the future.

An additional requirement for the customer was that the captured interface should be in a VRF, so the test-bed I set up below has production traffic flowing through a VRF, and the mirrored traffic in a GRE tunnel which is running in the global routing table.

Here’s the write-up I did for the customer:

Remote port-mirroring using GRE Continue reading

Kenya becomes second country in East Africa to enjoy free Wi-Fi

Kenya has become the second country in East Africa after Rwanda to offer free Wi-Fi to the public, thanks to an initiative by Liquid Telecom and the Kenyan government.As in Rwanda, the free Wi-Fi connection will give users open access to the Internet with the exception of unlawful activities such as streaming or downloading offensive content or content that violates copyright.The move is expected to raise the demand for Wi-Fi-enabled handsets in the country. In Southern Africa, only South Africa so far is enjoying free access to public Wi-Fi, also provided by Liquid Telecom.In Kenya, Rwanda and South Africa, Liquid Telecom has put in place outdoor nodes designed to withstand harsh climatic conditions to offer uninterrupted connectivity and stable bandwidth.To read this article in full or to leave a comment, please click here

All major browsers hacked at Pwn2Own contest

Security researchers who participated in the Pwn2Own hacking contest this week demonstrated remote code execution exploits against the top four browsers, and also hacked the widely used Adobe Reader and Flash Player plug-ins.On Thursday, South Korean security researcher and serial browser hacker JungHoon Lee, known online as lokihardt, single-handedly popped Internet Explorer 11 and Google Chrome on Microsoft Windows, as well as Apple Safari on Mac OS X.He walked away with US$225,000 in prize money, not including the value of the brand new laptops on which the exploits are demonstrated and which the winners get to take home.The Pwn2Own contest takes place every year at the CanSecWest security conference in Vancouver, Canada, and is sponsored by Hewlett-Packard’s Zero Day Initiative program. The contest pits researchers against the latest 64-bit versions of the top four browsers in order to demonstrate Web-based attacks that can execute rogue code on underlying systems.To read this article in full or to leave a comment, please click here

Data centers in Iceland? Yes, really!

Companies in search of stable, inexpensive energy to power their data needs are looking beyond the borders of their own countries these days. Those willing to look really far might consider harboring their strategic assets in Iceland.To read this article in full or to leave a comment, please click here(Insider Story)

The Upload: Your tech news briefing for Friday, March 20

Some on FTC wanted antitrust suit against GoogleGoogle came close to having to defend antitrust charges in the U.S.: Staff at the U.S. Federal Trade Commission who monitor competition pushed for an antitrust lawsuit against it in 2012, the Wall Street Journal reported. A staff report that has just come to light concluded that the search giant used “anticompetitive tactics and abused its monopoly power in ways that harmed Internet users and competitors,” the paper said. Another faction at the Commission, the economics bureau, issued a report advising against a lawsuit and no action was taken. Among the most damning findings: there was evidence that Google gamed its system to promote its own services and demote rivals, and scraped content from other sites.To read this article in full or to leave a comment, please click here

HTC replaces CEO with company founder

HTC founder Cher Wang is taking over as company CEO, as the Taiwanese Android smartphone maker fights to revive its struggling business.Peter Chou, the previous CEO, will remain with the company, and lead its “Future Development Lab” to identify new growth opportunities, HTC said Friday.Wang, who was already company chairwoman, had been taking a larger managerial role in the last two years, so that Chou could focus on product development.On Friday, the board of directors and HTC’s executive team agreed to formalize that progression and name Wang as CEO to usher in its next stage of development, the company said.During Chou’s tenure, HTC became a major Android handset maker, but its market share and sales have since declined in the face of fierce competition from Apple, Samsung Electronics, and an emerging crowd of Chinese vendors.To read this article in full or to leave a comment, please click here

HTC replaces CEO with company founder

HTC founder Cher Wang is taking over as company CEO, as the Taiwanese Android smartphone maker fights to revive its struggling business.Peter Chou, the previous CEO, will remain with the company, and lead its “Future Development Lab” to identify new growth opportunities, HTC said Friday.Wang, who was already company chairwoman, had been taking a larger managerial role in the last two years, so that Chou could focus on product development.On Friday, the board of directors and HTC’s executive team agreed to formalize that progression and name Wang as CEO to usher in its next stage of development, the company said.During Chou’s tenure, HTC became a major Android handset maker, but its market share and sales have since declined in the face of fierce competition from Apple, Samsung Electronics, and an emerging crowd of Chinese vendors.To read this article in full or to leave a comment, please click here

To avoid NSA, Cisco gear gets delivered to strange addresses

One of the most successful U.S. National Security Agency spying programs involved intercepting IT equipment en route to customers and modifying it.At secret workshops, backdoor surveillance tools were inserted into routers, servers and networking equipment before the equipment was repackaged and sent to customers outside the U.S.The program, run by the NSA’s Tailored Access Operations (TAO) group, was revealed by documents leaked by former NSA contractor Edward Snowden and reported by Der Spiegel and Glenn Greenwald.To read this article in full or to leave a comment, please click here

Leaked US antitrust report on Google adds weight to rivals’ complaints

A leaked report by staff at the U.S. Federal Trade Commission paints an ugly picture of Google as a bullying monopolist and adds credence to complaints from rivals who have long criticized its business practices.The report, which was mistakenly provided to the Wall Street Journal as part of a public records request, reveals that FTC staff concluded in 2012 that Google’s business tactics had caused “real harm to consumers and to innovation,” and the staff recommended a lawsuit against the company.The FTC’s commissioners ultimately decided not to take action and closed their investigation of Google. But the conduct described in the 160-page critique paints a damaging picture of the company and seems to vindicate rivals such as Yelp that have complained about its tactics.To read this article in full or to leave a comment, please click here

1 3,507 3,508 3,509 3,510 3,511 3,773