Five reasons threat intelligence fails today, and how to overcome them

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

As cyber security threats have become increasingly sophisticated and pervasive, it’s become impossible to identify and defend against every probable attack with traditional security budgets. That’s where threat intelligence comes in. Effective use of threat intelligence is a way for businesses to pool their resources and overcome internal technical or resource limitations. Theoretically, it allows companies to “crowd source” security and stay one step ahead of malicious entities.

To read this article in full or to leave a comment, please click here

Alibaba names new CEO as revenue jumps

Though Alibaba Group is succeeding in generating more revenue from mobile, it is nevertheless shuffling executives, elevating its chief operating officer Daniel Zhang to CEO in the face of a stock-based compensation program that has depressed profit.Zhang will take over on May 10, and current CEO Jonathan Lu will step down, remaining on Alibaba’s board of directors as vice chairman.The company made the announcement on Thursday, when it reported its first quarter earnings. Alibaba’s profit fell 49 percent year over year to about 2.9 billion yuan (US$476 million). Profit has been weighed down by continued stock awards given to employees since its IPO last year. Without the share-based compensation, Alibaba said its profit would have risen 14 percent.To read this article in full or to leave a comment, please click here

IT/IT: A GUI and a Wizard

One of the brilliant things about conferences like Interop is the hallways (and if you’re not going to Interop, this is why you should be!). It’s not that I don’t enjoy the sessions, but — like the IETF — I often get much more out of the conversations with folks who know networking, and yet have a completely different view of the problems we face in the networking industry, and hence completely different ideas about the way forward in resolving those problems. One of my major problems in life is I often can’t think of a solid answer when I’m sitting there in the conversation itself (one of the reasons I always converted TAC cases to email, rather than sitting on the phone with a customer).

One such conversation (with @cigoodwi) brought out a phrase I thought I’d never hear in the networking world — “a GUI and a wizard.” The context was this: what most x% (your beliefs about the percentage may vary) companies need is a network they can run with a GUI and a wizard. It’s a startling statement, of course, but — in reality — true in many respects. Given this is our Continue reading

UK gang arrested for exporting $10 million of fake Cisco gear to US

Three men accused of selling and exporting over $10 million worth of fake Cisco networking equipment into the U.S. have been arrested by U.K. police.The men are believed to have imported and exported counterfeit Cisco equipment through a company website and telesales. The arrests, made last week by the U.K. Police Intellectual Property Crime Unit (PIPCU), were announced Thursday.“Last week’s action saw PIPCU dismantle a criminal gang suspected of cheating the computer industry out of millions of pounds,” said PIPCU Detective Inspector Mick Dodge, in a statement. Using counterfeit products could also seriously harm businesses that use them, since company network integrity could be compromised and significant network outages could occur, Dodge said.To read this article in full or to leave a comment, please click here

UK gang arrested for exporting $10 million of fake Cisco gear to US

Three men accused of selling and exporting over $10 million worth of fake Cisco networking equipment into the U.S. have been arrested by U.K. police.The men are believed to have imported and exported counterfeit Cisco equipment through a company website and telesales. The arrests, made last week by the U.K. Police Intellectual Property Crime Unit (PIPCU), were announced Thursday.“Last week’s action saw PIPCU dismantle a criminal gang suspected of cheating the computer industry out of millions of pounds,” said PIPCU Detective Inspector Mick Dodge, in a statement. Using counterfeit products could also seriously harm businesses that use them, since company network integrity could be compromised and significant network outages could occur, Dodge said.To read this article in full or to leave a comment, please click here

Superfish injects ads in one in 25 Google page views

Over five percent of browser visits to Google owned websites, including Google Search, are altered by computer programs that inject ads into pages. One called Superfish is responsible for a majority of those ad injections.The findings are the result of a study by Google and researchers from the University of California at Berkeley and Santa Barbara, who analyzed over 102 million page views to Google sites between June and September last year.Google added code to its websites that detected and reported back when ads were injected into pages by programs or browser extensions. This revealed that locally installed ad injectors interfered with 5,339,913 page views (5.2 percent of the total), impacting tens of millions of users around the world—or 5.5 percent of unique daily Internet Protocol addresses that accessed Google’s sites.To read this article in full or to leave a comment, please click here

Battle over app analytics accelerates with Apple’s entry

With Apple offering its own tool for developers to see how their apps are selling, pressure is on specialist vendors to improve their offerings. On Wednesday, App Annie announced it had acquired mobile measurement company Mobidia to do just that.Last week Apple started sending out invites to test a beta version of its App Analytics tool.Even if Apple isn’t competing directly with paid services and tools from the likes of App Annie, Appsee and Yahoo-owned Flurry, the company’s entry will have an effect on the market.The features Apple offers are pretty basic, covering app installs, retention and in-app revenue, and are only compatible with iOS.However, Apple’s entry shows how the app analytics market is maturing and becoming a more integrated part of smartphone OS developer portals. As products from Apple and Google improve, stand-alone tools have to become increasingly advanced to remain relevant.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Thursday, May 7

AMD is Zen about Intel’s SkylakeAMD’s recent chips haven’t rocked Intel’s PC market dominance, but new chips based on the company’s Zen architecture aim to change that next year. On Wednesday it shared initial details about the new FX and seventh-generation A-series chips, which are the brainchild of Jim Keller, a leading mobile chip designer at Apple until AMD hired him in 2012. The new AMD chips will battle Intel’s highly anticipated Skylake line, which is designed to bring new wireless charging and data transfer features to laptops.To read this article in full or to leave a comment, please click here

Go crypto: bridging the performance gap

It is no secret that we at CloudFlare love Go. We use it, and we use it a LOT. There are many things to love about Go, but what I personally find appealing is the ability to write assembly code!

CC BY 2.0 image by Jon Curnow

That is probably not the first thing that pops to your mind when you think of Go, but yes, it does allow you to write code "close to the metal" if you need the performance!

Another thing we do a lot in CloudFlare is... cryptography. To keep your data safe we encrypt everything. And everything in CloudFlare is a LOT.

Unfortunately the built-in cryptography libraries in Go do not perform nearly as well as state-of-the-art implementations such as OpenSSL. That is not acceptable at CloudFlare's scale, therefore we created assembly implementations of Elliptic Curves and AES-GCM for Go on the amd64 architecture, supporting the AES and CLMUL NI to bring performance up to par with the OpenSSL implementation we use for Universal SSL.

We have been using those improved implementations for a while, and attempting to make them part of the official Go build for the good of the community. For now Continue reading

ARP Processing in Layer-3-Only Networks

John Jackson wrote an interesting comment on my Rearchitecting L3-Only Networks blog post:

What the host has configured for its default gateway doesn't really matter, correct? Because the default gateway in traditional L2 access networks really isn't about the gateway's IP address, but the gateway's MAC address. The destination IP address in the packet header is always the end destination IP address, never the default gateway.

He totally got the idea, however there are a few minor details to consider.

Read more ...

Another Uber office in China faces government scrutiny

Chinese authorities visited an Uber office in the country on Wednesday, just a week after another company office faced a local police raid over its ride-hailing service.Local authorities came to Uber’s office in the Chinese city of Chengdu, Uber confirmed in en email. But the visit was “routine,” it added.“There are no disruptions to the Uber platform, and it’s business as usual,” the company said.Chengdu authorities have opened an investigation against Uber, but its office has not been closed, according to local media. Uber did not elaborate, and Chengdu’s Transportation Committee could not be immediately reached for comment.The visit follows a police raid of an Uber office in the Chinese city of Guangzhou, reportedly for letting private drivers use the ride-hailing service without proper qualifications.To read this article in full or to leave a comment, please click here

Another Uber office in China faces government scrutiny

Chinese authorities visited an Uber office in the country on Wednesday, just a week after another company office faced a local police raid over its ride-hailing service.Local authorities came to Uber’s office in the Chinese city of Chengdu, Uber confirmed in en email. But the visit was “routine,” it added.“There are no disruptions to the Uber platform, and it’s business as usual,” the company said.Chengdu authorities have opened an investigation against Uber, but its office has not been closed, according to local media. Uber did not elaborate, and Chengdu’s Transportation Committee could not be immediately reached for comment.The visit follows a police raid of an Uber office in the Chinese city of Guangzhou, reportedly for letting private drivers use the ride-hailing service without proper qualifications.To read this article in full or to leave a comment, please click here

Companies are falling behind on securing their SAP environments

More than 95 percent of SAP systems deployed in enterprises are exposed to vulnerabilities that could lead to a full compromise of business data, a security firm claims.Onapsis, a Boston-based company that specializes in SAP security audits, also found that the average time-to-patch for SAP vulnerabilities is more than 18 months—12 months for SAP to issue fixes and 6 months for companies to deploy them.This suggests that many companies are falling behind on SAP security, even though these systems hold some of their most critical and confidential information.To read this article in full or to leave a comment, please click here

Attackers exploit vulnerabilities in two WordPress plugins

A vulnerability within two widely used WordPress plugins is already being exploited by hackers, putting millions of WordPress sites at risk, according to a computer security firm.The plugins are JetPack, a customization and performance tool, and Twenty Fifteen, used for infinite scrolling, wrote David Dede, a malware researcher with Sucuri. WordPress installs Twenty Fifteen by default, which increases the number of vulnerable sites.Both plugins use a package called genericons, which contains vector icons embedded in a font. In the package, there is an insecure file called “example.html” which makes the package vulnerable, Dede wrote.To read this article in full or to leave a comment, please click here

NETCONF and the ncclient

NETCONF is an industry standard (IETF) network management protocol. It’s actually been around for quite awhile and supported by numerous vendors. While NETCONF is not always compatible across network switch platforms, it’s the closest thing I can see that could be a unified multi-vendor API. Of course, there are also vendor extensions for those device-specific features too.

I’m not going to get too much into what NETCONF is because Matt Oswalt has already done that. Check out his post if you haven’t already done so. There are also plenty of other good resources on NETCONF out there.

What I am going to focus on in this post is using Python to interact with NETCONF-enabled network switches.

Let’s get to it.

First, you’ll want to install the ncclient. It is pretty much the de facto Python library to use when you need a NETCONF client to communicate with a NETCONF server, i.e. a network device.

sudo pip install ncclient

This will also install a few other required dependencies such as paramiko and lxml along with the client itself.

The next thing you are going to need is at least one switch (or device) that supports NETCONF. In this post, I’m Continue reading

Intel increases its hiring among women, minorities

Intel is becoming a little more diverse, just several months after announcing an ambitious plan to add more women and minority workers to its ranks.Since January, roughly 17 percent of Intel’s senior hires were historically under-represented minorities—about double the rate last year. Intel also doubled its senior hiring among women to 33 percent, CEO Brian Krzanich said on Wednesday.More broadly, roughly 41 percent of Intel’s hires for the year so far have been “diverse,” he said, without specifying further. That’s up from about 30 percent a year ago, Krzanich said. He gave the figures during a talk at the Push Tech 2020 Summit in San Francisco, an event focused on diversity issues in the technology industry.To read this article in full or to leave a comment, please click here

1 3,516 3,517 3,518 3,519 3,520 3,857